mOTL logfile created on: 27/03/2014 3:39:46 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User1\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16521) Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy 3.93 Gb Total Physical Memory | 1.49 Gb Available Physical Memory | 37.93% Memory free 7.86 Gb Paging File | 4.76 Gb Available in Paging File | 60.51% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 221.07 Gb Total Space | 170.40 Gb Free Space | 77.08% Space Free | Partition Type: NTFS Drive D: | 1.78 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: JR | User Name: User1 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2014/03/27 15:37:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User1\Downloads\OTL.exe PRC - [2014/03/27 10:38:01 | 007,948,320 | ---- | M] (MicroSmarts LLC.) -- C:\Program Files (x86)\SpeedItup Free\speeditupfree.exe PRC - [2014/03/26 21:23:14 | 000,348,448 | ---- | M] () -- C:\Program Files (x86)\Mega Browse\updateMegaBrowse.exe PRC - [2014/03/26 20:45:49 | 000,348,448 | ---- | M] () -- C:\Program Files (x86)\Mega Browse\bin\utilMegaBrowse.exe PRC - [2014/03/25 17:40:29 | 000,078,624 | ---- | M] () -- C:\Program Files (x86)\Mega Browse\bin\XTLSApp.exe PRC - [2014/03/21 14:29:10 | 000,355,328 | ---- | M] () -- C:\Users\User1\AppData\Roaming\VOPackage\VOsrv.exe PRC - [2014/03/19 21:17:52 | 004,971,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe PRC - [2014/03/17 15:35:04 | 000,807,800 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe PRC - [2014/03/14 20:50:42 | 000,859,976 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2014/03/12 03:47:21 | 000,262,968 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\nav.exe PRC - [2014/03/12 00:22:11 | 001,863,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe PRC - [2014/03/11 16:44:58 | 000,130,104 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\nst.exe PRC - [2014/03/08 19:14:33 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2014/03/03 09:53:02 | 001,363,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe PRC - [2014/03/03 09:52:32 | 001,748,608 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe PRC - [2014/02/23 21:22:30 | 003,782,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe PRC - [2014/02/10 19:33:12 | 000,055,440 | ---- | M] (GenTechnologies Apps, LLC) -- C:\ProgramData\MovieMode\MovieModeService.exe PRC - [2014/02/10 19:32:54 | 000,151,184 | ---- | M] (GenTechnologies Apps, LLC) -- C:\ProgramData\MovieMode\MovieMode.exe PRC - [2014/01/28 16:13:54 | 000,418,808 | ---- | M] (PC Utilities Software Limited) -- C:\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe PRC - [2014/01/28 16:13:52 | 001,177,592 | ---- | M] (PC Utilities Software Limited) -- C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe PRC - [2014/01/25 22:57:26 | 005,761,368 | ---- | M] (SafeApp Software, LLC) -- C:\Program Files (x86)\Registry Helper\RegistryHelper.exe PRC - [2013/11/01 17:26:18 | 000,921,680 | ---- | M] () -- C:\Program Files (x86)\SpeedItup Free\spdfrmon.exe PRC - [2013/09/24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe PRC - [2013/06/18 21:49:35 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe PRC - [2013/04/16 06:07:08 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe PRC - [2013/03/31 17:57:08 | 001,646,216 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe PRC - [2013/03/28 16:58:07 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe PRC - [2013/03/28 16:58:07 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe PRC - [2009/11/20 15:34:08 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe PRC - [2009/11/09 16:20:08 | 001,519,743 | ---- | M] (Suyin) -- C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe PRC - [2009/11/01 19:39:48 | 001,094,736 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2009/08/28 05:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe PRC - [2009/07/03 21:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe PRC - [2009/06/04 19:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2014/03/25 17:40:29 | 000,078,624 | ---- | M] () -- C:\Program Files (x86)\Mega Browse\bin\XTLSApp.exe MOD - [2014/03/14 20:50:40 | 013,637,448 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll MOD - [2014/03/14 20:50:40 | 000,394,568 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppgooglenaclpluginchrome.dll MOD - [2014/03/14 20:50:38 | 004,061,000 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll MOD - [2014/03/14 20:50:35 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll MOD - [2014/03/14 20:50:34 | 000,100,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll MOD - [2014/03/14 20:50:32 | 001,647,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll MOD - [2014/03/14 20:50:30 | 000,051,016 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll MOD - [2014/03/12 00:22:10 | 016,276,872 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll MOD - [2014/03/08 19:14:33 | 003,578,992 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2014/03/05 15:22:42 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\4b1795df6372b251625f958595e08d3d\System.Web.ni.dll MOD - [2014/03/05 15:20:41 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll MOD - [2014/03/05 15:20:33 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll MOD - [2014/03/05 15:20:31 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll MOD - [2014/03/05 15:19:59 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll MOD - [2014/02/10 19:32:54 | 001,152,656 | ---- | M] () -- C:\Windows\SysWOW64\MovieMode.48CA2AEFA22D.dll MOD - [2014/01/23 17:40:18 | 000,268,968 | ---- | M] () -- C:\Windows\SysWOW64\sqlite3.dll MOD - [2012/05/25 05:25:00 | 000,921,600 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll MOD - [2009/11/20 15:34:08 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe MOD - [2009/10/08 18:49:18 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\VideoWebCamera\VWC_ENG.dll MOD - [2009/10/07 12:13:38 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\VideoWebCamera\sy_Utility.dll MOD - [2009/09/23 18:27:04 | 000,626,688 | ---- | M] () -- C:\Program Files (x86)\VideoWebCamera\Image.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2014/03/01 00:33:34 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:[b]64bit:[/b] - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009/09/30 14:44:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe -- (ePowerSvc) SRV:[b]64bit:[/b] - [2009/07/13 21:39:31 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rundll32.exe -- (70e6ca8c) SRV:[b]64bit:[/b] - [2009/07/03 21:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe -- (Updater Service) SRV - [2014/03/26 21:23:14 | 000,348,448 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Mega Browse\updateMegaBrowse.exe -- (Update Mega Browse) SRV - [2014/03/26 20:45:49 | 000,348,448 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Mega Browse\bin\utilMegaBrowse.exe -- (Util Mega Browse) SRV - [2014/03/21 14:29:10 | 000,355,328 | ---- | M] () [Auto | Running] -- C:\Users\User1\AppData\Roaming\VOPackage\VOsrv.exe -- (vosr) SRV - [2014/03/17 15:35:04 | 000,807,800 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater) SRV - [2014/03/12 03:47:21 | 000,262,968 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\NAV.exe -- (NAV) SRV - [2014/03/12 00:22:11 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014/03/11 16:44:58 | 000,130,104 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe -- (NCO) SRV - [2014/03/08 19:14:33 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014/03/04 11:16:02 | 002,503,504 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe -- (SecureUpdateSvc) SRV - [2014/03/03 09:53:02 | 001,363,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc) SRV - [2014/03/03 09:52:32 | 001,748,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc) SRV - [2014/02/23 21:22:30 | 003,782,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent) SRV - [2014/02/10 19:33:12 | 000,055,440 | ---- | M] (GenTechnologies Apps, LLC) [Auto | Running] -- C:\ProgramData\MovieMode\MovieModeService.exe -- (MovieMode) SRV - [2014/01/25 22:57:28 | 000,084,328 | ---- | M] (SafeApp Software, LLC) [Auto | Stopped] -- C:\Program Files (x86)\Registry Helper\RegistryHelperService.exe -- (Registry Helper Service) SRV - [2013/12/03 16:10:24 | 002,151,200 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc) SRV - [2013/11/01 17:26:18 | 000,921,680 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SpeedItup Free\spdfrmon.exe -- (spdfrmon) SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013/09/24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd) SRV - [2013/04/16 06:07:08 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service) SRV - [2013/03/28 16:58:07 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe -- (VideoDownloadConverter_4zService) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/10/28 15:28:58 | 000,332,272 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service) SRV - [2009/08/28 05:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe -- (Greg_Service) SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) SRV - [2009/04/29 15:21:18 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService) SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2014/03/24 23:31:09 | 000,061,120 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wStLibG64.sys -- (wStLibG64) DRV:[b]64bit:[/b] - [2014/03/04 00:18:12 | 001,148,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1502000.026\symefa64.sys -- (SymEFA) DRV:[b]64bit:[/b] - [2014/02/17 21:32:41 | 000,593,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1502000.026\symnets.sys -- (SymNetS) DRV:[b]64bit:[/b] - [2014/02/12 21:59:49 | 000,875,736 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NAVx64\1502000.026\srtsp64.sys -- (SRTSP) DRV:[b]64bit:[/b] - [2013/11/25 21:47:22 | 000,196,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA) DRV:[b]64bit:[/b] - [2013/11/25 21:47:20 | 000,243,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver) DRV:[b]64bit:[/b] - [2013/11/25 21:47:20 | 000,150,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska) DRV:[b]64bit:[/b] - [2013/10/31 23:00:18 | 000,212,280 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64) DRV:[b]64bit:[/b] - [2013/10/31 22:49:46 | 000,294,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga) DRV:[b]64bit:[/b] - [2013/10/01 00:52:08 | 000,123,704 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64) DRV:[b]64bit:[/b] - [2013/09/27 15:23:26 | 000,162,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSTx64\7DE07000.02B\ccsetx64.sys -- (ccSet_NST) DRV:[b]64bit:[/b] - [2013/09/25 22:50:25 | 000,162,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1502000.026\ccsetx64.sys -- (ccSet_NAV) DRV:[b]64bit:[/b] - [2013/09/20 23:16:42 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent) DRV:[b]64bit:[/b] - [2013/09/10 00:43:02 | 000,031,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64) DRV:[b]64bit:[/b] - [2013/08/01 16:07:06 | 000,251,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia) DRV:[b]64bit:[/b] - [2013/07/31 23:19:50 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1502000.026\symds64.sys -- (SymDS) DRV:[b]64bit:[/b] - [2013/07/31 00:13:30 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1502000.026\ironx64.sys -- (SymIRON) DRV:[b]64bit:[/b] - [2013/07/30 23:44:44 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1502000.026\srtspx64.sys -- (SRTSPX) DRV:[b]64bit:[/b] - [2013/02/06 01:06:06 | 000,057,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:[b]64bit:[/b] - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010/08/25 19:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2009/09/21 15:00:44 | 001,537,024 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:[b]64bit:[/b] - [2009/09/18 00:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2009/08/11 16:59:50 | 000,686,080 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService) DRV:[b]64bit:[/b] - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009/07/10 10:45:12 | 000,139,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) DRV:[b]64bit:[/b] - [2009/06/20 07:35:00 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) DRV:[b]64bit:[/b] - [2009/06/19 22:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) DRV:[b]64bit:[/b] - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:[b]64bit:[/b] - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:[b]64bit:[/b] - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:[b]64bit:[/b] - [2009/06/10 16:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) DRV:[b]64bit:[/b] - [2009/06/10 16:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:[b]64bit:[/b] - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009/06/04 22:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2009/06/04 20:46:50 | 000,216,064 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:[b]64bit:[/b] - [2009/04/29 15:21:08 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio) DRV:[b]64bit:[/b] - [2009/02/13 02:24:56 | 001,485,824 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV) DRV:[b]64bit:[/b] - [2009/02/13 02:20:56 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWAZL.sys -- (CAXHWAZL) DRV:[b]64bit:[/b] - [2009/02/13 02:19:34 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf) DRV:[b]64bit:[/b] - [2006/06/18 10:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk) DRV - [2014/03/25 20:26:43 | 000,525,016 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\IPSDefs\20140324.002\IDSviA64.sys -- (IDSVia64) DRV - [2014/03/18 21:24:11 | 001,525,976 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\BASHDefs\20140319.001\BHDrvx64.sys -- (BHDrvx64) DRV - [2014/03/08 12:12:42 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\VirusDefs\20140325.009\ex64.sys -- (NAVEX15) DRV - [2014/03/08 12:12:42 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\VirusDefs\20140325.009\eng64.sys -- (NAVENG) DRV - [2014/01/31 07:08:11 | 000,137,648 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2013/11/20 22:50:13 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2012/11/23 14:49:16 | 000,038,392 | ---- | M] (IObit Information Technology) [File_System | Auto | Running] -- C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys -- (PfFilter) DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=cmi_14_13_ch&cd=2XzuyEtN2Y1L1QzutDtDtByCtB0DyByDtDtC0BtAyCzytByDtN0D0Tzu0SzztCyCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0B0Fzy0A0F0FtAtG0B0CyB0CtG0BtD0ByDtG0FyB0DtCtGyDyCyC0F0EzztAzy0FtAzztB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0CyByD0E0A0AtAtG0EtD0DtAtGyByD0C0BtGyByB0DtDtGyByBtCzyyEyC0BtCyEtAtDyE2Q&cr=155209078&ir= IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=cmi_14_13_ch&cd=2XzuyEtN2Y1L1QzutDtDtByCtB0DyByDtDtC0BtAyCzytByDtN0D0Tzu0SzztCyCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0B0Fzy0A0F0FtAtG0B0CyB0CtG0BtD0ByDtG0FyB0DtCtGyDyCyC0F0EzztAzy0FtAzztB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0CyByD0E0A0AtAtG0EtD0DtAtGyByD0C0BtGyByB0DtDtGyByBtCzyyEyC0BtCyEtAtDyE2Q&cr=155209078&ir= IE - HKLM\..\URLSearchHook: {90a1b331-c2b4-4933-9f63-ba7b84d60d58} - No CLSID value found IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.com/?publisher=AirInstallerND&dpid=AirInstallerND&co=CA&userid=64a2d5c4-23bb-4fe5-85b4-8be409954fc2&searchtype=ds&q={searchTerms}&installDate=18/06/2013 IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=1009&m=nv54_series&r=27360313m3b6l03g0z125a4911u529 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=cmi_14_13_ch&cd=2xzuyetn2y1l1qzutdtdtbyctb0dybydtdtc0btayczytbydtn0d0tzu0szztcyctn1l2xzutbtftczztftbtftdtn1l1czutcyetdtatdyd1v1ttn1l1g1b1v1n2y1l1qzu2sye0b0fzy0a0f0ftatg0b0cyb0ctg0btd0bydtg0fyb0dtctgydycyc0f0ezztazy0ftazztb2qtn1m1f1b2z1v1n2y1l1qzu2sta0cybyd0e0a0atatg0etd0dtatgybyd0c0btgybyb0dtdtgybybtczyyeyc0btcyetatdye2q&cr=155209078&ir= IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com IE - HKCU\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.9\iobitappsToolbarIE.dll (Spigot, Inc.) IE - HKCU\..\SearchScopes,DefaultScope = {829A36F4-5481-4EEF-B541-5D2FE41D32E8} IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.com/?publisher=AirInstallerND&dpid=AirInstallerND&co=CA&userid=64a2d5c4-23bb-4fe5-85b4-8be409954fc2&searchtype=ds&q={searchTerms}&installDate=18/06/2013 IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR IE - HKCU\..\SearchScopes\{50376C7B-CEC8-4CBE-B542-1A5F78DB3DFF}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYCA&apn_uid=83C8D159-7CB8-4DE2-A182-5E7244781777&apn_sauid=16BAE155-79BD-4473-A28E-DFC272282F07 IE - HKCU\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://ca.search.yahoo.com/search?fr=mcafee&type=A011CA0&p={SearchTerms} IE - HKCU\..\SearchScopes\{829A36F4-5481-4EEF-B541-5D2FE41D32E8}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_13_ch&cd=2XzuyEtN2Y1L1QzutDtDtByCtB0DyByDtDtC0BtAyCzytByDtN0D0Tzu0SzztCyDtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyDyDzzyDyB0B0BtAtGtDtBtCtDtGtDtAtAtDtG0B0DtBtDtGtDyCtDzzyDyB0F0A0F0E0ByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0CyByD0E0A0AtAtG0EtD0DtAtGyByD0C0BtGyByB0DtDtGyByBtCzyyEyC0BtCyEtAtDyE2Q&cr=1196453428&ir= IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=IDSSNAV&chn=retail&geo=CA&ver=2014&locale=en_CA&gct=kwd&qsrc=2869 IE - HKCU\..\SearchScopes\{B387A2B6-7004-497A-A06E-A2A981FC3DA8}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_13_ch&cd=2XzuyEtN2Y1L1QzutDtDtByCtB0DyByDtDtC0BtAyCzytByDtN0D0Tzu0SzztCyCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0B0Fzy0A0F0FtAtG0B0CyB0CtG0BtD0ByDtG0FyB0DtCtGyDyCyC0F0EzztAzy0FtAzztB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0CyByD0E0A0AtAtG0EtD0DtAtGyByD0C0BtGyByB0DtDtGyByBtCzyyEyC0BtCyEtAtDyE2Q&cr=155209078&ir= IE - HKCU\..\SearchScopes\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}: "URL" = http://ca.amazon.smart-search.com/gp/bit/amazonserp/ref=bit_bds-y46_serp_ie_ca_display?ie=UTF8&tagbase=bds-y46&tag=bds-y46-serp-ca-ie-20&tbrId=v1_bds-y46_bf574bc294b548ec8cdf0f952ddc3b17_1012_1005_20130920_CA_ie_ds_todownload&query={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:51483;https=127.0.0.1:51483 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..CT3297951.browser.search.defaultthis.engineName: true FF - prefs.js..CT3298580.browser.search.defaultthis.engineName: "true" FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Mysearchdial" FF - prefs.js..browser.search.defaultthis.engineName: "MixiDJ V44 Customized Web Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3298580&CUI=UN83913344243754566&UM=2&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Mysearchdial" FF - prefs.js..browser.search.selectedEngine: "Mysearchdial" FF - prefs.js..browser.search.useDBForOrder: false FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/" FF - prefs.js..extensions.enabledAddons: abb%40amazon.com:3.0.20121130 FF - prefs.js..extensions.enabledAddons: speeddial%40instair.net:1.4.2 FF - prefs.js..extensions.enabledAddons: %7B10ea107a-1e21-48af-be43-9e461589fa89%7D:1.157 FF - prefs.js..extensions.enabledAddons: 0c3e9649-324d-4df0-a61e-7ac31aead042%402612bb82-5f8a-49b2-a299-348e707310fc.com:0.94.192 FF - prefs.js..extensions.enabledAddons: %7B29b136c9-938d-4d3d-8df8-d649d9b74d02%7D:1.0.1 FF - prefs.js..extensions.enabledAddons: ffxtlbr%40mysearchdial.com:1.6.0 FF - prefs.js..extensions.enabledAddons: 46bccaaa-4500-481e-8908-9384802e175a%4089a8fdd1-d807-4096-8025-a41093fce600.com:0.94.20 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1 FF - prefs.js..keyword.URL: "http://ca.search.yahoo.com/search?fr=mcafee&type=A111CA0&p=" FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF - HKLM\Software\MozillaPlugins\@ei.FromDocToPDF_65.com/Plugin: C:\Program Files (x86)\FromDocToPDF_65EI\Installr\1.bin\NP65EISB.dll (FromDocToPDF) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin: C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll (MindSpark) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\User1\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\User1\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4zffxtbr@VideoDownloadConverter_4z.com: C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin [2013/11/03 22:07:33 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\speedanalysis02@SpeedAnalysis.com: C:\Users\User1\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com [2013/05/13 21:24:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/06/18 18:03:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/06/18 18:03:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F04D2D30-776C-4d02-8627-8E4385ECA58D}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\ [2014/03/27 15:19:21 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.0.1.3\IPSFF [2013/10/14 20:19:53 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\speedanalysis02@SpeedAnalysis.com: C:\Users\User1\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com [2013/05/13 21:24:17 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{10ea107a-1e21-48af-be43-9e461589fa89}: C:\Program Files (x86)\Re-markit-soft\157.xpi [2014/03/24 16:16:22 | 000,011,030 | ---- | M] () [2013/05/13 21:24:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User1\AppData\Roaming\mozilla\Extensions [2013/05/13 21:24:17 | 000,000,000 | ---D | M] (Speed Analysis 2) -- C:\Users\User1\AppData\Roaming\mozilla\Extensions\speedanalysis02@SpeedAnalysis.com [2014/03/27 13:21:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User1\AppData\Roaming\mozilla\firefox\Profiles\358d6jl7.default\extensions [2013/12/29 22:43:01 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\User1\AppData\Roaming\mozilla\firefox\Profiles\358d6jl7.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2013/06/18 19:21:47 | 000,000,000 | ---D | M] (DealPly Shopping) -- C:\Users\User1\AppData\Roaming\mozilla\firefox\Profiles\358d6jl7.default\extensions\{d4a5fd5b-2243-4a66-9f96-9e488a2a4147} [2013/12/12 14:46:33 | 000,000,000 | ---D | M] (WiseConvert B2) -- C:\Users\User1\AppData\Roaming\mozilla\firefox\Profiles\358d6jl7.default\extensions\{da7a20cf-bef4-4342-ad78-0240fdf87055} [2014/03/08 22:11:28 | 000,000,000 | ---D | M] ("weDownload Manager") -- C:\Users\User1\AppData\Roaming\mozilla\firefox\Profiles\358d6jl7.default\extensions\0c3e9649-324d-4df0-a61e-7ac31aead042@2612bb82-5f8a-49b2-a299-348e707310fc.com [2014/03/24 16:17:37 | 000,000,000 | ---D | M] ("free ven") -- C:\Users\User1\AppData\Roaming\mozilla\firefox\Profiles\358d6jl7.default\extensions\46bccaaa-4500-481e-8908-9384802e175a@89a8fdd1-d807-4096-8025-a41093fce600.com [2013/09/19 22:25:11 | 000,000,000 | ---D | M] ("Amazon Browser Bar") -- C:\Users\User1\AppData\Roaming\mozilla\firefox\Profiles\358d6jl7.default\extensions\abb@amazon.com [2014/03/26 21:32:31 | 000,000,000 | ---D | M] (mysearchdial.com) -- C:\Users\User1\AppData\Roaming\mozilla\firefox\Profiles\358d6jl7.default\extensions\ffxtlbr@mysearchdial.com [2014/03/26 21:32:26 | 000,000,000 | ---D | M] (WinDealist) -- C:\Users\User1\AppData\Roaming\mozilla\firefox\Profiles\358d6jl7.default\extensions\m4@windealist.com [2014/03/09 14:44:34 | 000,000,000 | ---D | M] (AD Block) -- C:\Users\User1\AppData\Roaming\mozilla\firefox\Profiles\358d6jl7.default\extensions\searchads@instair.net [2014/03/09 14:43:41 | 000,000,000 | ---D | M] (AccelerateTab) -- C:\Users\User1\AppData\Roaming\mozilla\firefox\Profiles\358d6jl7.default\extensions\speeddial@instair.net [2013/06/21 14:32:03 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\User1\AppData\Roaming\mozilla\firefox\Profiles\358d6jl7.default\extensions\toolbar@ask.com [2014/03/24 19:07:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User1\AppData\Roaming\mozilla\firefox\Profiles\358d6jl7.default\extensions\0c3e9649-324d-4df0-a61e-7ac31aead042@2612bb82-5f8a-49b2-a299-348e707310fc.com\extensionData [2014/03/24 19:07:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User1\AppData\Roaming\mozilla\firefox\Profiles\358d6jl7.default\extensions\0c3e9649-324d-4df0-a61e-7ac31aead042@2612bb82-5f8a-49b2-a299-348e707310fc.com\extensionData\plugins [2014/03/24 19:07:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User1\AppData\Roaming\mozilla\firefox\Profiles\358d6jl7.default\extensions\0c3e9649-324d-4df0-a61e-7ac31aead042@2612bb82-5f8a-49b2-a299-348e707310fc.com\extensionData\userCode [2014/03/24 19:07:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User1\AppData\Roaming\mozilla\firefox\Profiles\358d6jl7.default\extensions\46bccaaa-4500-481e-8908-9384802e175a@89a8fdd1-d807-4096-8025-a41093fce600.com\extensionData [2014/03/24 19:07:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User1\AppData\Roaming\mozilla\firefox\Profiles\358d6jl7.default\extensions\46bccaaa-4500-481e-8908-9384802e175a@89a8fdd1-d807-4096-8025-a41093fce600.com\extensionData\plugins [2014/03/24 19:07:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User1\AppData\Roaming\mozilla\firefox\Profiles\358d6jl7.default\extensions\46bccaaa-4500-481e-8908-9384802e175a@89a8fdd1-d807-4096-8025-a41093fce600.com\extensionData\userCode [2014/03/24 23:31:25 | 000,010,776 | ---- | M] () (No name found) -- C:\Users\User1\AppData\Roaming\mozilla\firefox\Profiles\358d6jl7.default\extensions\{29b136c9-938d-4d3d-8df8-d649d9b74d02}.xpi [2014/03/27 13:21:24 | 000,353,958 | ---- | M] () (No name found) -- C:\Users\User1\AppData\Roaming\mozilla\firefox\Profiles\358d6jl7.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}.xpi [2013/09/19 22:25:57 | 000,002,339 | ---- | M] () -- C:\Users\User1\AppData\Roaming\mozilla\firefox\Profiles\358d6jl7.default\searchplugins\amazon.xml [2013/06/21 14:32:03 | 000,002,308 | ---- | M] () -- C:\Users\User1\AppData\Roaming\mozilla\firefox\Profiles\358d6jl7.default\searchplugins\askcom.xml [2014/03/26 21:30:02 | 000,001,233 | ---- | M] () -- C:\Users\User1\AppData\Roaming\mozilla\firefox\Profiles\358d6jl7.default\searchplugins\Mysearchdial.xml [2013/07/19 07:31:22 | 000,002,440 | ---- | M] () -- C:\Users\User1\AppData\Roaming\mozilla\firefox\Profiles\358d6jl7.default\searchplugins\Web Search.xml [2013/09/20 21:54:39 | 000,001,102 | ---- | M] () -- C:\Users\User1\AppData\Roaming\mozilla\firefox\Profiles\358d6jl7.default\searchplugins\wiseconvert-b2-customized-web-search.xml [2014/03/23 19:49:30 | 000,008,061 | ---- | M] () -- C:\Users\User1\AppData\Roaming\mozilla\firefox\Profiles\358d6jl7.default\searchplugins\yahoo_ff.xml [2014/03/23 20:53:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2014/03/08 19:14:33 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2014/03/24 16:16:22 | 000,011,030 | ---- | M] () (No name found) -- C:\PROGRAM FILES (X86)\RE-MARKIT-SOFT\157.XPI [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: http://start.mysearchdial.com/?f=1&a=cmi_14_13_ch&cd=2XzuyEtN2Y1L1QzutDtDtByCtB0DyByDtDtC0BtAyCzytByDtN0D0Tzu0SzztCyCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyE0B0Fzy0A0F0FtAtG0B0CyB0CtG0BtD0ByDtG0FyB0DtCtGyDyCyC0F0EzztAzy0FtAzztB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0CyByD0E0A0AtAtG0EtD0DtAtGyByD0C0BtGyByB0DtDtGyByBtCzyyEyC0BtCyEtAtDyE2Q&cr=155209078&ir= CHR - plugin: Error reading preferences file CHR - Extension: Ask Toolbar = C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo\7.15.23.42079_0\ CHR - Extension: Re-markit = C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel\1.157.0.0_0\ CHR - Extension: Ebay Shopping Assistant by Spigot = C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.1_1\ CHR - Extension: Domain Error Assistant = C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\ CHR - Extension: RealDownloader = C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_1\ CHR - Extension: AccelerateTab = C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgjafhkemfjfgdmjcmhofijphjmaanak\1.2.8_0\ CHR - Extension: free ven = C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpjdjfkkmlgacmnenfhafmkldaogiglb\1.26.20_0\crossrider CHR - Extension: free ven = C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpjdjfkkmlgacmnenfhafmkldaogiglb\1.26.20_0\ CHR - Extension: AD Block = C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfgjbmhakaffflkjecineeaadpidgikb\1.0.0_0\ CHR - Extension: Skype Click to Call = C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.1.15383.6004_0\ CHR - Extension: Slick Savings = C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_1\ CHR - Extension: Google Wallet = C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ CHR - Extension: Norton Identity Protection = C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob\2014.7.0.43_0\ CHR - Extension: Amazon 1Button App for Chrome = C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\4.2014.304.0_0\ CHR - Extension: Amazon Shopping Assistant by Spigot = C:\Users\User1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_1\ O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:[b]64bit:[/b] - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll File not found O2:[b]64bit:[/b] - BHO: (no name) - {11111111-1111-1111-1111-110311431144} - No CLSID value found. O2:[b]64bit:[/b] - BHO: (free ven) - {11111111-1111-1111-1111-110511161178} - C:\Program Files (x86)\free ven\free ven-bho64.dll (freeven) O2:[b]64bit:[/b] - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.) O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:[b]64bit:[/b] - BHO: (Norton Identity Protection) - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.43\coieplg.dll (Symantec Corporation) O2:[b]64bit:[/b] - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation) O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O2 - BHO: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.9\iobitappsToolbarIE.dll (Spigot, Inc.) O2 - BHO: (free ven) - {11111111-1111-1111-1111-110511161178} - C:\Program Files (x86)\free ven\free ven-bho.dll (freeven) O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) O2 - BHO: (Toolbar BHO) - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark) O2 - BHO: (Mega Browse) - {4e6cd411-ce62-4584-97ff-6afbcf6900af} - C:\Program Files (x86)\Mega Browse\MegaBrowseBHO.dll (Mega Browse) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.) O2 - BHO: (no name) - {90a1b331-c2b4-4933-9f63-ba7b84d60d58} - No CLSID value found. O2 - BHO: (Norton Identity Protection) - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coieplg.dll (Symantec Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) O2 - BHO: (WinDealist BHO) - {B8F10001-9552-4F40-8F61-6765CD22DD9E} - C:\Program Files (x86)\windealist\Internet Explorer\windealist.dll () O2 - BHO: (Search Assistant BHO) - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (MindSpark) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (mysearchdial Helper Object) - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll (MySearchDial) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.9\iobitappsToolbarIE64.dll (Spigot, Inc.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.43\coieplg.dll (Symantec Corporation) O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.9\iobitappsToolbarIE.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (mysearchdial Toolbar) - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll (MySearchDial) O3 - HKLM\..\Toolbar: (VideoDownloadConverter) - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark) O3 - HKLM\..\Toolbar: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coieplg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (VideoDownloadConverter) - {48586425-6BB7-4F51-8DC6-38C88E3EBB58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll (MindSpark) O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.43\coieplg.dll (Symantec Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\coieplg.dll (Symantec Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Acer ePower Management] C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe (Acer Incorporated) O4:[b]64bit:[/b] - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [Registry Helper] C:\Program Files (x86)\Registry Helper\RegistryHelper.Exe (SafeApp Software, LLC) O4 - HKLM..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" File not found O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [VideoDownloadConverter Search Scope Monitor] C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrchMn.exe (MindSpark) O4 - HKLM..\Run: [VideoDownloadConverter_4z Browser Plugin Loader] C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe (VER_COMPANY_NAME) O4 - HKLM..\Run: [VideoWebCamera] C:\Program Files (x86)\VideoWebCamera\VideoWebCamera.exe (Suyin) O4 - HKCU..\Run: [ContentExplorer] C:\Users\User1\AppData\Roaming\ContentExplorer\ContentExplorer.exe (ContentExplorer) O4 - HKCU..\Run: [Facebook Update] C:\Users\User1\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKCU..\Run: [fastclean] "C:\Program Files (x86)\FastClean PRO\fastcleanpro.exe" File not found O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) O4 - HKCU..\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe (PC Utilities Software Limited) O4 - HKCU..\Run: [SpeedItupFree] C:\Program Files (x86)\SpeedItup Free\speeditupfree.exe (MicroSmarts LLC.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9:[b]64bit:[/b] - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{90524F76-9EC9-4F2D-ABD9-9AE682CC41E9}: DhcpNameServer = 192.168.0.1 O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007/09/11 17:57:54 | 000,000,000 | ---D | M] - D:\AutoRun -- [ CDFS ] O32 - AutoRun File - [2007/09/11 17:57:21 | 000,000,063 | R--- | M] () - D:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{e0a7669a-8b28-11e2-a46d-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{e0a7669a-8b28-11e2-a46d-806e6f6e6963}\Shell\AutoRun\command - "" = D:\AutoRun/AutoRun.bat -- [2007/09/11 17:57:23 | 000,000,032 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (MACHINE BootExecut) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2014/03/27 14:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee [2014/03/27 11:08:35 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Optimizer Pro [2014/03/27 10:38:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Optimizer Pro [2014/03/27 10:38:26 | 000,000,000 | ---D | C] -- C:\Program Files\PC Optimizer Pro [2014/03/26 21:34:58 | 000,000,000 | ---D | C] -- C:\Users\User1\AppData\Roaming\Optimizer Pro [2014/03/26 21:32:56 | 000,000,000 | ---D | C] -- C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup [2014/03/26 21:32:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\windealist [2014/03/26 21:32:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Registry Helper [2014/03/26 21:32:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Helper [2014/03/26 21:31:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Registry Helper [2014/03/26 21:29:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2 [2014/03/26 21:29:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Optimizer Pro [2014/03/26 21:29:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2014/03/26 21:29:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnyProtectEx [2014/03/26 21:27:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG [2014/03/26 19:47:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedItup Free [2014/03/26 19:46:53 | 000,000,000 | ---D | C] -- C:\Windows\SpeedItup Free [2014/03/26 19:46:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedItup Free [2014/03/26 00:51:24 | 000,000,000 | ---D | C] -- C:\Windows\tasks\ImCleanDisabled [2014/03/25 22:17:42 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData [2014/03/25 22:17:42 | 000,000,000 | ---D | C] -- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} [2014/03/25 21:52:01 | 000,000,000 | ---D | C] -- C:\Quarantine [2014/03/25 21:51:12 | 000,000,000 | ---D | C] -- C:\Program Files\stinger [2014/03/25 15:13:13 | 000,000,000 | ---D | C] -- C:\Users\User1\AppData\Roaming\ContentExplorer [2014/03/24 23:31:09 | 000,061,120 | ---- | C] (StdLib) -- C:\Windows\SysNative\drivers\wStLibG64.sys [2014/03/24 18:39:29 | 000,000,000 | ---D | C] -- C:\Users\User1\AppData\Local\IsolatedStorage [2014/03/24 18:37:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FastClean PRO [2014/03/24 18:36:47 | 000,000,000 | ---D | C] -- C:\Users\User1\AppData\Local\MovieMode [2014/03/24 18:36:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mega Browse [2014/03/24 18:35:47 | 000,000,000 | ---D | C] -- C:\ProgramData\MovieMode [2014/03/24 18:35:24 | 000,000,000 | ---D | C] -- C:\Users\User1\AppData\Roaming\mysearchdial [2014/03/24 18:35:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mysearchdial [2014/03/24 18:35:15 | 001,172,720 | ---- | C] (AnyProtect.com) -- C:\Users\User1\AppData\Local\AnyProtectScannerSetup.exe [2014/03/24 16:18:02 | 000,000,000 | ---D | C] -- C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage [2014/03/24 16:18:00 | 000,000,000 | ---D | C] -- C:\Users\User1\AppData\Roaming\VOPackage [2014/03/24 16:17:50 | 000,000,000 | ---D | C] -- C:\Users\User1\Documents\Optimizer Pro [2014/03/24 16:17:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\free ven [2014/03/24 16:17:15 | 000,000,000 | ---D | C] -- C:\Users\User1\AppData\Roaming\Activeris [2014/03/24 16:16:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Re-markit-soft [2014/03/20 20:41:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit Apps Toolbar [2014/03/18 15:09:09 | 000,000,000 | ---D | C] -- C:\Users\User1\AppData\Local\Skype [2014/03/18 15:08:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2014/03/17 11:23:33 | 000,000,000 | ---D | C] -- C:\Users\User1\AppData\Roaming\Unity [2014/03/17 11:18:28 | 000,000,000 | ---D | C] -- C:\Users\User1\AppData\Local\Unity [2014/03/08 19:14:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2014/03/08 18:38:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco Systems [2014/03/08 18:37:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Cisco Systems [2013/09/19 20:37:37 | 000,656,048 | ---- | C] (WildTangent, Inc.) -- C:\ProgramData\uninstall2257486.exe [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Users\User1\AppData\Local\*.tmp files -> C:\Users\User1\AppData\Local\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2014/03/27 15:47:56 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014/03/27 15:34:06 | 000,000,414 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro64 startups.job [2014/03/27 15:30:00 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\MySearchDial.job [2014/03/27 15:26:59 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014/03/27 15:26:59 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014/03/27 15:22:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014/03/27 15:21:51 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\Re-markit Update.job [2014/03/27 15:21:00 | 000,000,290 | ---- | M] () -- C:\Windows\tasks\Dealply.job [2014/03/27 15:19:52 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_User1.job [2014/03/27 15:18:46 | 000,002,244 | ---- | M] () -- C:\Windows\tasks\free ven-firefoxinstaller.job [2014/03/27 15:18:45 | 000,003,080 | ---- | M] () -- C:\Windows\tasks\free ven-chromeinstaller.job [2014/03/27 15:18:45 | 000,001,490 | ---- | M] () -- C:\Windows\tasks\free ven-updater.job [2014/03/27 15:18:42 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014/03/27 15:18:38 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\Re-markit_wd.job [2014/03/27 15:18:37 | 000,001,344 | ---- | M] () -- C:\Windows\tasks\free ven-enabler.job [2014/03/27 15:18:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014/03/27 15:18:23 | 3165,331,456 | -HS- | M] () -- C:\hiberfil.sys [2014/03/27 15:09:01 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3596653074-3977160660-3817571296-1000UA.job [2014/03/27 13:04:48 | 000,000,438 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro Updates.job [2014/03/27 13:04:48 | 000,000,436 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro Idle.job [2014/03/27 13:04:48 | 000,000,406 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro64 Scan.job [2014/03/27 10:38:35 | 000,000,929 | ---- | M] () -- C:\Users\User1\Application Data\Microsoft\Internet Explorer\Quick Launch\PC Optimizer Pro.lnk [2014/03/27 10:38:35 | 000,000,905 | ---- | M] () -- C:\Users\Public\Desktop\PC Optimizer Pro.lnk [2014/03/26 21:53:00 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\APSnotifierPP1.job [2014/03/26 21:37:51 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\APSnotifierPP3.job [2014/03/26 21:37:51 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\APSnotifierPP2.job [2014/03/26 21:33:40 | 000,001,160 | ---- | M] () -- C:\Users\User1\AppData\Roaming\aps.scan.quick.results [2014/03/26 21:33:40 | 000,000,318 | ---- | M] () -- C:\Users\User1\AppData\Roaming\aps.uninstall.scan.results [2014/03/26 21:33:21 | 000,000,000 | ---- | M] () -- C:\Users\User1\AppData\Roaming\aps.scan.results [2014/03/26 21:33:02 | 000,001,016 | ---- | M] () -- C:\Users\User1\Desktop\AnyProtect.lnk [2014/03/26 21:32:01 | 000,001,019 | ---- | M] () -- C:\Users\Public\Desktop\Registry Helper.lnk [2014/03/26 21:30:45 | 000,000,084 | ---- | M] () -- C:\Users\User1\AppData\Roaming\WB.CFG [2014/03/26 21:29:40 | 000,001,033 | ---- | M] () -- C:\Users\User1\Desktop\Optimizer Pro.lnk [2014/03/26 21:29:13 | 000,000,932 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk [2014/03/26 21:09:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3596653074-3977160660-3817571296-1000Core.job [2014/03/26 19:57:04 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateXML_User1.job [2014/03/26 19:47:13 | 000,001,969 | ---- | M] () -- C:\Users\User1\Application Data\Microsoft\Internet Explorer\Quick Launch\SpeedItup Free.lnk [2014/03/26 19:47:10 | 000,001,945 | ---- | M] () -- C:\Users\Public\Desktop\SpeedItup Free.lnk [2014/03/26 16:42:18 | 001,172,720 | ---- | M] (AnyProtect.com) -- C:\Users\User1\AppData\Local\AnyProtectScannerSetup.exe [2014/03/25 22:59:28 | 000,009,728 | ---- | M] () -- C:\Users\User1\Desktop\Cough Symptom Relief.wps [2014/03/25 22:59:28 | 000,001,054 | ---- | M] () -- C:\Users\User1\AppData\Roaming\wklnhst.dat [2014/03/25 22:39:33 | 001,720,411 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1502000.026\Cat.DB [2014/03/25 22:28:53 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateFiles_User1.job [2014/03/25 13:20:29 | 000,002,364 | ---- | M] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk [2014/03/25 13:18:56 | 000,030,281 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1502000.026\VT20140319.007 [2014/03/24 23:31:09 | 000,061,120 | ---- | M] (StdLib) -- C:\Windows\SysNative\drivers\wStLibG64.sys [2014/03/24 16:16:22 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2014/03/19 23:43:36 | 000,000,721 | ---- | M] () -- C:\Users\User1\Documents\New IR Ad.rtf [2014/03/18 15:08:54 | 000,002,697 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2014/03/15 12:04:06 | 000,002,150 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2014/03/13 10:28:42 | 000,343,552 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2014/03/12 12:45:24 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2014/03/12 12:45:24 | 000,628,460 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2014/03/12 12:45:24 | 000,110,612 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2014/03/12 03:46:27 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1502000.026\isolate.ini [2014/03/11 16:44:49 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NSTx64\7DE07000.02B\isolate.ini [2014/03/04 00:18:12 | 001,148,120 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1502000.026\symefa64.sys [2014/03/04 00:18:12 | 000,030,068 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1502000.026\symvtcer.dat [2014/03/04 00:18:12 | 000,008,194 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1502000.026\symefa64.cat [2014/03/04 00:18:12 | 000,003,433 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1502000.026\symefa.inf [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Users\User1\AppData\Local\*.tmp files -> C:\Users\User1\AppData\Local\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2014/03/27 11:08:40 | 000,000,406 | ---- | C] () -- C:\Windows\tasks\PC Optimizer Pro64 Scan.job [2014/03/27 11:08:36 | 000,000,438 | ---- | C] () -- C:\Windows\tasks\PC Optimizer Pro Updates.job [2014/03/27 11:08:36 | 000,000,436 | ---- | C] () -- C:\Windows\tasks\PC Optimizer Pro Idle.job [2014/03/27 11:08:35 | 000,000,414 | ---- | C] () -- C:\Windows\tasks\PC Optimizer Pro64 startups.job [2014/03/27 10:38:35 | 000,000,929 | ---- | C] () -- C:\Users\User1\Application Data\Microsoft\Internet Explorer\Quick Launch\PC Optimizer Pro.lnk [2014/03/27 10:38:34 | 000,000,905 | ---- | C] () -- C:\Users\Public\Desktop\PC Optimizer Pro.lnk [2014/03/26 21:33:21 | 000,001,160 | ---- | C] () -- C:\Users\User1\AppData\Roaming\aps.scan.quick.results [2014/03/26 21:33:21 | 000,000,000 | ---- | C] () -- C:\Users\User1\AppData\Roaming\aps.scan.results [2014/03/26 21:33:02 | 000,001,016 | ---- | C] () -- C:\Users\User1\Desktop\AnyProtect.lnk [2014/03/26 21:32:01 | 000,001,019 | ---- | C] () -- C:\Users\Public\Desktop\Registry Helper.lnk [2014/03/26 21:29:38 | 000,001,033 | ---- | C] () -- C:\Users\User1\Desktop\Optimizer Pro.lnk [2014/03/26 21:29:13 | 000,000,932 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2014.lnk [2014/03/26 19:47:16 | 000,001,957 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedItup Free.lnk [2014/03/26 19:47:10 | 000,001,969 | ---- | C] () -- C:\Users\User1\Application Data\Microsoft\Internet Explorer\Quick Launch\SpeedItup Free.lnk [2014/03/26 19:47:08 | 000,001,945 | ---- | C] () -- C:\Users\Public\Desktop\SpeedItup Free.lnk [2014/03/25 19:56:53 | 000,000,376 | ---- | C] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_User1.job [2014/03/25 19:56:34 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\APSnotifierPP3.job [2014/03/25 19:56:32 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateFiles_User1.job [2014/03/25 19:56:22 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\APSnotifierPP2.job [2014/03/25 19:56:20 | 000,000,366 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateXML_User1.job [2014/03/24 18:35:46 | 000,000,084 | ---- | C] () -- C:\Users\User1\AppData\Roaming\WB.CFG [2014/03/24 18:35:39 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\MySearchDial.job [2014/03/24 16:19:39 | 000,000,380 | ---- | C] () -- C:\Windows\tasks\APSnotifierPP1.job [2014/03/24 16:19:19 | 000,000,318 | ---- | C] () -- C:\Users\User1\AppData\Roaming\aps.uninstall.scan.results [2014/03/24 16:18:10 | 000,001,490 | ---- | C] () -- C:\Windows\tasks\free ven-updater.job [2014/03/24 16:18:06 | 000,001,344 | ---- | C] () -- C:\Windows\tasks\free ven-enabler.job [2014/03/24 16:17:34 | 000,002,244 | ---- | C] () -- C:\Windows\tasks\free ven-firefoxinstaller.job [2014/03/24 16:17:18 | 000,003,080 | ---- | C] () -- C:\Windows\tasks\free ven-chromeinstaller.job [2014/03/24 16:16:27 | 000,000,392 | ---- | C] () -- C:\Windows\tasks\Re-markit Update.job [2014/03/24 16:16:23 | 000,000,390 | ---- | C] () -- C:\Windows\tasks\Re-markit_wd.job [2014/03/24 16:16:22 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2014/03/19 23:43:36 | 000,000,721 | ---- | C] () -- C:\Users\User1\Documents\New IR Ad.rtf [2014/03/18 15:08:54 | 000,002,697 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2014/03/12 16:58:18 | 000,009,728 | ---- | C] () -- C:\Users\User1\Desktop\Cough Symptom Relief.wps [2014/03/08 18:38:31 | 000,002,046 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Connect.lnk [2014/02/10 19:32:54 | 001,152,656 | ---- | C] () -- C:\Windows\SysWow64\MovieMode.48CA2AEFA22D.dll [2013/09/19 22:26:05 | 000,268,968 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll [2013/03/20 03:52:22 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat [2013/03/18 19:14:08 | 001,332,295 | ---- | C] () -- C:\Users\User1\AppData\Roaming\UserTile.png [2013/03/18 18:52:51 | 000,001,054 | ---- | C] () -- C:\Users\User1\AppData\Roaming\wklnhst.dat [2013/03/12 15:09:18 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin [2013/03/12 15:08:55 | 000,001,590 | ---- | C] () -- C:\Windows\WPatchProgress.ini [2013/03/12 11:40:13 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe [2013/03/12 11:40:13 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini [color=#E56717]========== ZeroAccess Check ==========[/color] [2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 22:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2014/03/25 21:59:11 | 000,000,000 | ---D | M] -- C:\Users\User1\AppData\Roaming\Activeris [2013/09/19 11:18:09 | 000,000,000 | ---D | M] -- C:\Users\User1\AppData\Roaming\AVG2014 [2014/03/25 15:13:15 | 000,000,000 | ---D | M] -- C:\Users\User1\AppData\Roaming\ContentExplorer [2013/09/19 11:02:41 | 000,000,000 | ---D | M] -- C:\Users\User1\AppData\Roaming\DriverCure [2014/03/25 22:12:48 | 000,000,000 | ---D | M] -- C:\Users\User1\AppData\Roaming\IObit [2014/03/24 18:35:38 | 000,000,000 | ---D | M] -- C:\Users\User1\AppData\Roaming\mysearchdial [2014/03/26 21:34:58 | 000,000,000 | ---D | M] -- C:\Users\User1\AppData\Roaming\Optimizer Pro [2013/04/30 02:04:48 | 000,000,000 | ---D | M] -- C:\Users\User1\AppData\Roaming\Paltalk [2013/09/19 11:02:32 | 000,000,000 | ---D | M] -- C:\Users\User1\AppData\Roaming\PC VITALWARE [2013/05/31 09:12:25 | 000,000,000 | ---D | M] -- C:\Users\User1\AppData\Roaming\PerformerSoft [2014/03/26 00:42:30 | 000,000,000 | ---D | M] -- C:\Users\User1\AppData\Roaming\Systweak [2013/03/23 14:29:03 | 000,000,000 | ---D | M] -- C:\Users\User1\AppData\Roaming\Template [2013/06/18 21:52:00 | 000,000,000 | ---D | M] -- C:\Users\User1\AppData\Roaming\TuneUp Software [2014/03/17 11:23:33 | 000,000,000 | ---D | M] -- C:\Users\User1\AppData\Roaming\Unity [2014/03/27 13:51:42 | 000,000,000 | ---D | M] -- C:\Users\User1\AppData\Roaming\VOPackage [2013/09/19 20:38:19 | 000,000,000 | ---D | M] -- C:\Users\User1\AppData\Roaming\WildTangent [2013/07/20 16:51:54 | 000,000,000 | ---D | M] -- C:\Users\User1\AppData\Roaming\WildTangentv1002 [2013/05/24 13:27:47 | 000,000,000 | ---D | M] -- C:\Users\User1\AppData\Roaming\Windows Live Writer [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:373E1720 < End of report >