OTL logfile created on: 3/7/2015 9:37:22 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\tec2\Downloads Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17633) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.05 Gb Available Physical Memory | 52.78% Memory free 4.00 Gb Paging File | 2.74 Gb Available in Paging File | 68.65% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 144.95 Gb Total Space | 59.12 Gb Free Space | 40.78% Space Free | Partition Type: NTFS Drive D: | 4.00 Gb Total Space | 3.89 Gb Free Space | 97.39% Space Free | Partition Type: NTFS Drive E: | 4.19 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF Computer Name: TEC2-PC | User Name: tec2 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2015/03/07 21:36:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\tec2\Downloads\OTL.exe PRC - [2015/03/02 01:38:46 | 000,122,656 | ---- | M] (Glarysoft Ltd) -- C:\Program Files\Glary Utilities 5\memdefrag.exe PRC - [2015/03/02 01:38:30 | 000,848,160 | ---- | M] (Glarysoft Ltd) -- C:\Program Files\Glary Utilities 5\Integrator.exe PRC - [2015/02/04 20:28:24 | 000,960,688 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_16_0_0_305_ActiveX.exe PRC - [2015/02/04 20:22:01 | 000,232,264 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe PRC - [2015/02/01 20:14:34 | 000,056,648 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome Remote Desktop\41.0.2272.41\remoting_host.exe PRC - [2015/01/26 18:50:15 | 005,227,112 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe PRC - [2014/11/24 16:29:19 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2014/09/11 12:00:06 | 000,242,912 | ---- | M] (Foxit Software Inc.) -- C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe PRC - [2014/09/05 03:40:18 | 000,117,280 | ---- | M] () -- C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe PRC - [2014/09/05 03:40:12 | 000,180,768 | ---- | M] () -- C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe PRC - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe PRC - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe PRC - [2014/01/21 03:05:50 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2014/01/20 19:21:12 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files\BlueStacks\HD-LogRotatorService.exe PRC - [2013/11/25 15:33:58 | 000,412,776 | ---- | M] (Data Perceptions / PowerProgrammer) -- C:\Windows\System32\WebUpdateSvc4.exe PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010/11/20 17:29:07 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2015/03/02 01:39:42 | 000,080,160 | ---- | M] () -- C:\Program Files\Glary Utilities 5\zlib1.dll MOD - [2014/11/24 16:29:23 | 038,562,088 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll MOD - [2014/11/14 09:54:49 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\875c35969785fa170d186e7ca546ac9e\System.Runtime.Remoting.ni.dll MOD - [2014/10/15 23:35:09 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\b20319dfb7dd671d2de2f383cd2551ce\WindowsFormsIntegration.ni.dll MOD - [2014/10/15 13:37:02 | 002,297,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\e3641fa3359f37ad12c84183ce765093\System.Core.ni.dll MOD - [2014/10/15 09:18:20 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7b22741531a2850c807656d0298a96bd\PresentationFramework.Aero.ni.dll MOD - [2014/10/15 09:17:25 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\b4001d722e320fa42cd87b04b5249b2d\System.Web.ni.dll MOD - [2014/10/15 09:16:29 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1f539baa94516139240877cb6afd72c2\PresentationFramework.ni.dll MOD - [2014/10/15 09:16:06 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll MOD - [2014/10/15 09:15:55 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll MOD - [2014/10/15 09:15:48 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll MOD - [2014/10/15 09:15:42 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll MOD - [2014/10/15 09:15:40 | 012,236,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\3d4f835b8078dacc8d5da623e2c3f0ee\PresentationCore.ni.dll MOD - [2014/10/15 09:15:20 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d97a5aa0eb7697aca7c6e90ae471af2b\WindowsBase.ni.dll MOD - [2014/10/15 09:15:07 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll MOD - [2014/09/11 19:45:44 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\999c911e76788a9129049c062707dcec\UIAutomationProvider.ni.dll MOD - [2014/09/11 19:44:10 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll MOD - [2011/07/28 16:55:02 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV - [2015/02/04 21:28:32 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2015/02/01 20:14:34 | 000,056,648 | ---- | M] (Google Inc.) [Auto | Running] -- C:\Program Files\Google\Chrome Remote Desktop\41.0.2272.41\remoting_host.exe -- (chromoting) SRV - [2015/01/11 21:55:46 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService) SRV - [2014/12/11 10:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2014/11/24 16:29:19 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2014/09/11 12:00:06 | 000,242,912 | ---- | M] (Foxit Software Inc.) [Auto | Running] -- C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe -- (FoxitCloudUpdateService) SRV - [2014/09/05 03:40:18 | 000,117,280 | ---- | M] () [Auto | Running] -- C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe -- (HiSuiteOuc.exe) SRV - [2014/09/05 03:40:12 | 000,180,768 | ---- | M] () [Auto | Running] -- C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe -- (HuaweiHiSuiteService.exe) SRV - [2014/07/14 18:21:46 | 001,390,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc) SRV - [2014/07/14 18:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc) SRV - [2014/01/20 19:21:12 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc) SRV - [2014/01/20 19:20:50 | 000,402,192 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc) SRV - [2013/11/25 15:33:58 | 000,412,776 | ---- | M] (Data Perceptions / PowerProgrammer) [Auto | Running] -- C:\Windows\System32\WebUpdateSvc4.exe -- (WebUpdate4) SRV - [2013/05/27 00:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2011/07/28 17:35:26 | 000,176,128 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU) DRV - [2015/02/10 16:19:14 | 000,040,104 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd) DRV - [2015/02/10 16:19:01 | 000,022,184 | ---- | M] (Audials AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\RrNetCapFilterDriver.sys -- (RrNetCapFilterDriver) DRV - [2015/01/30 21:33:45 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2015/01/12 21:55:03 | 000,017,344 | ---- | M] (Glarysoft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\GUBootStartup.sys -- (GUBootStartup) DRV - [2014/11/24 16:29:45 | 000,787,800 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsnx.sys -- (aswSnx) DRV - [2014/11/24 16:29:41 | 000,423,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP) DRV - [2014/11/24 16:29:25 | 000,206,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm) DRV - [2014/11/24 16:29:25 | 000,091,496 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswstm.sys -- (aswStm) DRV - [2014/11/24 16:29:25 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2014/11/24 16:29:25 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt) DRV - [2014/11/24 16:29:25 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid) DRV - [2014/11/24 16:29:24 | 000,081,768 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr) DRV - [2014/06/16 02:01:38 | 000,184,192 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm) DRV - [2014/06/16 02:01:38 | 000,089,856 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus) DRV - [2014/01/20 19:20:54 | 000,106,768 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys -- (BstHdDrv) DRV - [2013/10/01 20:42:31 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2012/08/23 10:46:55 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt) DRV - [2012/08/23 10:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2011/09/16 07:25:24 | 000,073,728 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetndis.sys -- (andnetndis) DRV - [2011/09/06 01:19:48 | 000,025,856 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetadb.sys -- (andnetadb) DRV - [2011/09/06 00:55:12 | 000,023,040 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetdiag.sys -- (AndNetDiag) DRV - [2011/09/06 00:55:10 | 000,027,776 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetmodem.sys -- (ANDNetModem) DRV - [2011/07/28 18:22:06 | 008,396,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2011/07/28 16:53:48 | 000,247,296 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2011/07/19 11:28:06 | 000,013,312 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pneteth.sys -- (pneteth) DRV - [2011/06/06 18:06:54 | 000,211,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService) DRV - [2010/11/20 17:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010/11/20 17:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub) DRV - [2010/11/20 17:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc) DRV - [2010/11/20 17:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc) DRV - [2010/11/20 17:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010/11/20 17:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010/11/20 17:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010/11/20 17:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD) DRV - [2010/11/20 17:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010/11/20 17:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2009/09/29 08:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort) DRV - [2009/09/29 08:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM) DRV - [2009/09/29 08:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum) DRV - [2009/07/13 18:02:47 | 000,050,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.search.us.com?guid={632105E2-E4CE-4681-8673-FB8AAE86A0D1} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C1 22 42 85 6C 15 CF 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {72EAE44A-1221-4C9A-B47C-CADE8BA05A4B} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 IE - HKCU\..\SearchScopes\{72EAE44A-1221-4C9A-B47C-CADE8BA05A4B}: "URL" = http://search.us.com/serp?guid={2DD852DA-0566-49FC-8FDD-01808D32FFAD}&action=default_search&serpv=5&k={searchTerms} IE - HKCU\..\SearchScopes\{7D542314-155A-44CA-BA01-1E25551784F3}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} IE - HKCU\..\SearchScopes\{A89F5BC8-BBDD-4101-9434-E7ABEAD4F765}: "URL" = http://search.us.com/serp?guid={632105E2-E4CE-4681-8673-FB8AAE86A0D1}&action=default_search&k={searchTerms} IE - HKCU\..\SearchScopes\{EC8B18AB-8B2F-4B27-98E4-F40BDBD38EBF}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10511 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.31.2: C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2: C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\tec2\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\tec2\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\tec2\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\tec2\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\tec2\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\tec2\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015/01/27 02:39:41 | 000,000,000 | ---D | M] [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: (Enabled) CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - plugin: Error reading preferences file CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak\3.1.3_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.28_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\biaabombifgifobpcdbamlhonlkpjckf\1.0_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdgghbbgmhcpidlmnepkbihehhkmjomc\0.99_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmhccgdbmajoblcbfbgmhnpiecmjiadh\1.0.1_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg\45.0.0_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhapiedbmffnpkahkcjdjpikmodjipmd\28.1_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdfbndkpiciangkkjajfdmohlaapohg\2.1_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\djonnbgfieijldcieafgjcnhmpcfpmgg\1.0.0_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlbemabjbfhjcccahjioenmkgimjbbkd\1.4.6_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnimhgelcnggigekhdjlifjpndgmnglm\1.2_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl\1.2.0_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\epoglnoinfcjfinckcnkfoefdelioadi\1.4_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\41.0.2272.41_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl\0.9.34_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.187_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\1.35_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ickaeddjnhfofihhibhnjemlphjmnchl\1.0.4_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\illbbfoihflomkbpcaaakhijinbnejom\1.2_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgapogebhpiempajpniamcndggdcnfjm\2.3_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jllgofbnhaihnfbokejhcndhoogagdmk\1.0.3_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkaklafnbnpegjnlplfgadnobkgdkinf\1.9_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi\3.1_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\6.5.1_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.3.16540.9015_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcafejemebbngbglfoinpoaannbihjna\1.5.0.0_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkglnnaoklfaaaonafllicfjcpneeekd\0.0.0.3_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\oklhkdfpcaljlnheehfkoloofoebhknp\2.2_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8_0\ CHR - Extension: No name found = C:\Users\tec2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pndblpepikdomdncmoccjdccbfecikae\54.9.2_0\ O1 HOSTS File: ([2009/06/10 17:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (HistoryTriggerBHO Class) - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [AirDroid 3] C:\Program Files\AirDroid\AirDroid.exe (Sand Studio) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd) O4 - HKCU..\Run: [Glary Memory Optimizer] C:\Program Files\Glary Utilities 5\memdefrag.exe (Glarysoft Ltd) O4 - HKCU..\Run: [GUDelayStartup] C:\Program Files\Glary Utilities 5\StartupManager.exe (Glarysoft Ltd) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/nirvana/controls/pcmatic.cab (PCPitstop Utility) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D79771BF-CF4B-45F9-A278-D3F6A63CE110}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) O20 - AppInit_DLLs: (C:\Windows\Jaksta\AC\x86\jaudcap.dll) - C:\Windows\Jaksta\AC\x86\jaudcap.dll (Jaksta Technologies Pty Ltd) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2014/03/18 05:10:08 | 000,000,104 | R--- | M] () - E:\autorun.inf -- [ UDF ] O33 - MountPoints2\{159a4d8e-8570-11e3-ab38-0009dd600bc4}\Shell - "" = AutoRun O33 - MountPoints2\{159a4d8e-8570-11e3-ab38-0009dd600bc4}\Shell\AutoRun\command - "" = F:\LGAutoRun.exe O33 - MountPoints2\{4775f1d2-82a1-11e3-af81-0009dd600bc4}\Shell - "" = AutoRun O33 - MountPoints2\{4775f1d2-82a1-11e3-af81-0009dd600bc4}\Shell\AutoRun\command - "" = E:\setup.exe -- [2014/03/18 05:15:53 | 000,079,976 | R--- | M] (Microsoft Corporation) O33 - MountPoints2\{df57f9dc-a8e4-11e4-9ee2-6cf0498dd00e}\Shell - "" = AutoRun O33 - MountPoints2\{df57f9dc-a8e4-11e4-9ee2-6cf0498dd00e}\Shell\AutoRun\command - "" = E:\setup.exe -- [2014/03/18 05:15:53 | 000,079,976 | R--- | M] (Microsoft Corporation) O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2015/03/07 18:14:55 | 002,744,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll [2015/03/07 08:06:40 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RdpGroupPolicyExtension.dll [2015/03/07 07:42:41 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\terminpt.sys [2015/03/07 07:42:41 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys [2015/03/07 07:42:20 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll [2015/03/07 07:42:19 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp_winip.dll [2015/03/07 07:41:25 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll [2015/03/07 07:41:13 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe [2015/03/07 07:41:07 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys [2015/03/07 07:41:02 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsRdpWebAccess.dll [2015/03/07 07:41:02 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprtPS.dll [2015/03/07 07:41:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll [2015/03/07 07:41:01 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll [2015/03/07 07:41:00 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdvidcrl.dll [2015/03/07 07:41:00 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWbPrxy.exe [2015/03/07 07:40:59 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe [2015/03/03 14:34:23 | 000,000,000 | -H-D | C] -- C:\$WINDOWS.~BT [2015/02/22 18:23:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Google [2015/02/21 21:09:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Wondershare [2015/02/21 21:07:44 | 000,000,000 | ---D | C] -- C:\Users\tec2\AppData\Local\Wondershare [2015/02/21 21:07:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wondershare [2015/02/21 21:07:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare [2015/02/21 21:07:19 | 002,140,712 | ---- | C] (MainConcept GmbH) -- C:\Windows\System32\mcmpgvout.004 [2015/02/21 21:07:19 | 000,531,496 | ---- | C] (MainConcept GmbH) -- C:\Windows\System32\mcmpeg2mux.ax [2015/02/21 21:07:19 | 000,375,848 | ---- | C] (MainConcept GmbH) -- C:\Windows\System32\mcm2ve.ax [2015/02/21 21:07:19 | 000,257,064 | ---- | C] (MainConcept GmbH) -- C:\Windows\System32\mcl2ae.ax [2015/02/21 21:07:19 | 000,244,776 | ---- | C] (MainConcept GmbH) -- C:\Windows\System32\mcmpgaout.dll [2015/02/21 21:07:19 | 000,020,520 | ---- | C] (MainConcept GmbH) -- C:\Windows\System32\mcmpgvout.dll [2015/02/21 21:06:26 | 000,000,000 | ---D | C] -- C:\Users\tec2\Documents\Wondershare Video Editor [2015/02/21 21:06:26 | 000,000,000 | ---D | C] -- C:\Program Files\Wondershare [2015/02/21 21:03:58 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Wondershare [2015/02/18 18:45:27 | 000,000,000 | ---D | C] -- C:\Program Files\Lame For Audacity [2015/02/18 15:15:57 | 000,000,000 | ---D | C] -- C:\Users\tec2\AppData\Local\CrashRpt [2015/02/18 15:13:28 | 000,000,000 | ---D | C] -- C:\ProgramData\RapidSolution [2015/02/18 15:13:28 | 000,000,000 | ---D | C] -- C:\Program Files\Audials [2015/02/18 15:13:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials 12 [2015/02/18 15:10:42 | 000,000,000 | ---D | C] -- C:\Users\tec2\AppData\Local\RapidSolution [2015/02/18 14:07:49 | 000,000,000 | ---D | C] -- C:\Users\tec2\Documents\RadioCatch Web Radio Recorder [2015/02/18 14:07:49 | 000,000,000 | ---D | C] -- C:\Users\tec2\AppData\Roaming\RadioCatch Web Radio Recorder [2015/02/18 14:07:31 | 000,602,112 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTAudioTransform2.dll [2015/02/18 14:07:31 | 000,479,232 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTAudioVisualization2.dll [2015/02/18 14:07:31 | 000,458,752 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTAudioRecord2.dll [2015/02/18 14:07:31 | 000,417,792 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTTextToAudio2.dll [2015/02/18 14:07:31 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTWMAFile2.dll [2015/02/18 14:07:30 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTAudioFile2.dll [2015/02/18 14:07:30 | 001,212,416 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTAudioInformation2.dll [2015/02/18 14:07:30 | 000,458,752 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTAudioPlayer2.dll [2015/02/18 14:07:29 | 000,880,640 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTAudioEditor2.dll [2015/02/18 14:07:29 | 000,835,584 | ---- | C] (NCT) -- C:\Windows\System32\NCTAudioCDGrabber2.dll [2015/02/18 14:07:29 | 000,475,136 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTAudioVisualizationEx2.dll [2015/02/18 14:07:29 | 000,417,792 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTAudioDisplay2.dll [2015/02/18 14:07:28 | 002,084,864 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTAudioDesign2.dll [2015/02/18 14:07:27 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr70.dll [2015/02/13 12:11:22 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powertracker.dll [2015/02/13 12:11:21 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perftrack.dll [2015/02/13 07:47:06 | 004,575,232 | ---- | C] (Google Inc.) -- C:\Windows\System32\GPhotos.scr [2015/02/12 13:20:19 | 000,000,000 | ---D | C] -- C:\Users\tec2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps [2015/02/12 00:52:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3File [2015/02/12 00:52:27 | 000,000,000 | ---D | C] -- C:\Program Files\AC3File [2015/02/11 13:56:13 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll [2015/02/11 13:56:12 | 004,300,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2015/02/10 19:17:12 | 002,380,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2015/02/10 19:17:09 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll [2015/02/10 19:17:09 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe [2015/02/10 19:17:08 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll [2015/02/10 19:17:08 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll [2015/02/10 19:17:08 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll [2015/02/10 19:16:22 | 003,972,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2015/02/10 19:16:21 | 003,917,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2015/02/10 19:15:42 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2015/02/10 19:15:28 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe [2015/02/10 19:15:28 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll [2015/02/10 19:15:28 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll [2015/02/10 19:15:27 | 000,684,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2015/02/10 19:15:27 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2015/02/10 19:15:26 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe [2015/02/10 19:15:26 | 000,342,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2015/02/10 19:15:25 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2015/02/10 19:15:25 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2015/02/10 19:15:25 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2015/02/10 19:15:24 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2015/02/10 19:15:24 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2015/02/10 19:15:24 | 000,688,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2015/02/10 19:15:22 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2015/02/10 19:15:21 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2015/02/10 19:15:21 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2015/02/10 19:15:20 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll [2015/02/10 19:15:18 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2015/02/10 19:15:18 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2015/02/10 19:15:14 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll [2015/02/10 19:15:13 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll [2015/02/10 16:19:14 | 000,040,104 | ---- | C] (RapidSolution Software AG) -- C:\Windows\System32\drivers\tbhsd.sys [2015/02/10 16:19:01 | 000,022,184 | ---- | C] (Audials AG) -- C:\Windows\System32\drivers\RrNetCapFilterDriver.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2015/03/07 21:43:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-704653931-3201538407-232684716-1001UA.job [2015/03/07 21:38:02 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-704653931-3201538407-232684716-1001UA.job [2015/03/07 21:29:28 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize 5.job [2015/03/07 21:28:23 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2015/03/07 21:28:14 | 000,000,470 | ---- | M] () -- C:\Windows\tasks\SDMsgUpdate (TE).job [2015/03/07 21:28:08 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2015/03/07 21:27:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2015/03/07 21:27:36 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys [2015/03/07 20:43:07 | 000,020,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2015/03/07 20:43:07 | 000,020,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2015/03/07 20:27:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2015/03/07 13:07:50 | 000,662,384 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2015/03/07 13:07:50 | 000,122,252 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2015/03/07 12:43:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-704653931-3201538407-232684716-1001Core.job [2015/03/07 12:38:01 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-704653931-3201538407-232684716-1001Core.job [2015/03/07 10:37:00 | 000,000,849 | ---- | M] () -- C:\Users\tec2\Desktop\µTorrent.lnk [2015/03/07 10:37:00 | 000,000,829 | ---- | M] () -- C:\Users\tec2\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [2015/03/04 21:18:43 | 000,003,972 | ---- | M] () -- C:\Users\tec2\AppData\Local\recently-used.xbel [2015/03/03 14:49:44 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml [2015/03/03 14:49:44 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml [2015/03/02 20:02:21 | 000,000,984 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2015/03/02 01:39:45 | 000,004,534 | ---- | M] () -- C:\Users\tec2\AppData\Roaming\CamStudio.cfg [2015/03/02 01:39:44 | 000,000,408 | ---- | M] () -- C:\Users\tec2\AppData\Roaming\CamShapes.ini [2015/03/02 01:39:44 | 000,000,408 | ---- | M] () -- C:\Users\tec2\AppData\Roaming\CamLayout.ini [2015/03/02 01:39:44 | 000,000,124 | ---- | M] () -- C:\Users\tec2\AppData\Roaming\Camdata.ini [2015/03/01 23:07:45 | 000,000,096 | ---- | M] () -- C:\Users\tec2\AppData\Roaming\version2.xml [2015/02/25 15:48:51 | 007,020,544 | ---- | M] () -- C:\Users\tec2\Desktop\VOB - 2015-02-25 15_30_04__595.aac [2015/02/24 21:39:55 | 000,000,406 | ---- | M] () -- C:\Users\tec2\Desktop\Deep Racism The Forgotten History Of Human Zoos PopularResistance.Org.website [2015/02/24 03:23:36 | 000,246,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2015/02/22 18:35:56 | 000,270,568 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2015/02/21 21:07:30 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Wondershare Video Editor.lnk [2015/02/20 13:39:56 | 000,002,089 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2015/02/20 09:53:13 | 000,000,069 | ---- | M] () -- C:\Users\tec2\Desktop\Play 12 Years a Slave (2013) on - #1754530 - SolarMovie.url [2015/02/18 18:41:35 | 000,001,839 | ---- | M] () -- C:\Users\tec2\Desktop\audacity.exe - Shortcut.lnk [2015/02/18 15:14:44 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Audials 12.lnk [2015/02/17 22:31:35 | 000,000,050 | ---- | M] () -- C:\Users\tec2\Desktop\Facebook Stickers _ Chatstickers.url [2015/02/16 05:37:57 | 000,000,084 | ---- | M] () -- C:\Users\tec2\Desktop\Ireland vs West Indies (IRL vs WI) - Watch Live Cricket Online Streaming CricHD.in.url [2015/02/15 11:32:11 | 000,002,185 | ---- | M] () -- C:\Users\tec2\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2015/02/13 07:47:06 | 004,575,232 | ---- | M] (Google Inc.) -- C:\Windows\System32\GPhotos.scr [2015/02/12 13:46:43 | 000,000,047 | ---- | M] () -- C:\Users\tec2\Desktop\Polarr Online Photo Editor 2.0.url [2015/02/12 11:17:49 | 003,371,512 | ---- | M] () -- C:\Users\tec2\Desktop\Terry Connolly.jpg [2015/02/10 16:19:14 | 000,040,104 | ---- | M] (RapidSolution Software AG) -- C:\Windows\System32\drivers\tbhsd.sys [2015/02/10 16:19:01 | 000,022,184 | ---- | M] (Audials AG) -- C:\Windows\System32\drivers\RrNetCapFilterDriver.sys [2015/02/09 23:30:15 | 000,000,074 | ---- | M] () -- C:\Users\tec2\Desktop\Boyz II Men - End Of The Road Live - YouTube.url [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2015/03/07 10:37:00 | 000,000,849 | ---- | C] () -- C:\Users\tec2\Desktop\µTorrent.lnk [2015/03/04 21:18:43 | 000,003,972 | ---- | C] () -- C:\Users\tec2\AppData\Local\recently-used.xbel [2015/02/25 15:58:19 | 007,020,544 | ---- | C] () -- C:\Users\tec2\Desktop\VOB - 2015-02-25 15_30_04__595.aac [2015/02/24 21:39:55 | 000,000,406 | ---- | C] () -- C:\Users\tec2\Desktop\Deep Racism The Forgotten History Of Human Zoos PopularResistance.Org.website [2015/02/21 21:07:30 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Wondershare Video Editor.lnk [2015/02/20 09:53:13 | 000,000,069 | ---- | C] () -- C:\Users\tec2\Desktop\Play 12 Years a Slave (2013) on - #1754530 - SolarMovie.url [2015/02/18 18:41:35 | 000,001,839 | ---- | C] () -- C:\Users\tec2\Desktop\audacity.exe - Shortcut.lnk [2015/02/18 15:14:44 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Audials 12.lnk [2015/02/17 22:31:35 | 000,000,050 | ---- | C] () -- C:\Users\tec2\Desktop\Facebook Stickers _ Chatstickers.url [2015/02/16 05:37:57 | 000,000,084 | ---- | C] () -- C:\Users\tec2\Desktop\Ireland vs West Indies (IRL vs WI) - Watch Live Cricket Online Streaming CricHD.in.url [2015/02/15 11:32:11 | 000,002,089 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2015/02/12 13:46:43 | 000,000,047 | ---- | C] () -- C:\Users\tec2\Desktop\Polarr Online Photo Editor 2.0.url [2015/02/12 13:35:18 | 003,371,512 | ---- | C] () -- C:\Users\tec2\Desktop\Terry Connolly.jpg [2015/02/09 23:30:15 | 000,000,074 | ---- | C] () -- C:\Users\tec2\Desktop\Boyz II Men - End Of The Road Live - YouTube.url [2015/01/23 21:01:47 | 000,007,652 | ---- | C] () -- C:\Users\tec2\AppData\Local\Resmon.ResmonCfg [2014/12/21 17:57:36 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\Lagarith.dll [2014/12/21 17:57:35 | 000,139,264 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2014/12/13 02:21:40 | 000,003,584 | ---- | C] () -- C:\Users\tec2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2014/06/21 20:26:10 | 000,210,085 | ---- | C] () -- C:\Windows\Screen Protractor Uninstaller.exe [2014/06/06 15:13:39 | 000,000,112 | ---- | C] () -- C:\Users\tec2\AppData\Roaming\gmic_faves [2014/06/06 14:29:42 | 000,071,813 | ---- | C] () -- C:\Users\tec2\AppData\Roaming\gmic_grain_orwo_np20.cimgz [2014/06/06 13:13:15 | 003,102,621 | ---- | C] () -- C:\Users\tec2\AppData\Roaming\update1592.gmic [2014/05/04 18:20:56 | 000,161,512 | ---- | C] () -- C:\Windows\DP Animation Maker Uninstaller.exe [2014/05/04 00:12:45 | 000,024,184 | ---- | C] () -- C:\Windows\System32\drivers\aswHwid.sys [2014/04/30 20:39:55 | 000,162,190 | ---- | C] () -- C:\Windows\Animated Screensaver Maker Uninstaller.exe [2014/04/30 19:47:48 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2014/04/30 19:47:48 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2014/04/30 19:47:48 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2014/04/30 19:47:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2014/04/30 19:47:46 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2014/04/30 13:38:25 | 000,164,226 | ---- | C] () -- C:\Windows\Animated Wallpaper Maker Uninstaller.exe [2014/04/30 08:55:03 | 000,000,031 | ---- | C] () -- C:\Windows\WebUpdateSvc4.INI [2014/04/30 08:54:17 | 000,049,165 | ---- | C] () -- C:\Windows\System32\wuwuninst.exe [2014/04/24 11:02:48 | 000,000,021 | ---- | C] () -- C:\Users\tec2\AppData\Roaming\VimeoDownloaderSettings.ini [2014/04/20 20:32:05 | 000,000,408 | ---- | C] () -- C:\Users\tec2\AppData\Roaming\CamShapes.ini [2014/04/20 20:32:05 | 000,000,408 | ---- | C] () -- C:\Users\tec2\AppData\Roaming\CamLayout.ini [2014/04/20 20:32:05 | 000,000,124 | ---- | C] () -- C:\Users\tec2\AppData\Roaming\Camdata.ini [2014/04/20 20:22:21 | 000,004,534 | ---- | C] () -- C:\Users\tec2\AppData\Roaming\CamStudio.cfg [2014/04/20 20:06:21 | 000,001,205 | ---- | C] () -- C:\Users\tec2\AppData\Roaming\CamStudio.Producer.ini [2014/04/20 20:06:21 | 000,000,000 | ---- | C] () -- C:\Users\tec2\AppData\Roaming\CamStudio.Producer.Data.ini [2014/04/20 20:06:19 | 000,000,098 | ---- | C] () -- C:\Users\tec2\AppData\Roaming\CamStudio.Producer.command [2014/04/20 20:03:19 | 000,000,096 | ---- | C] () -- C:\Users\tec2\AppData\Roaming\version2.xml [2014/01/28 12:58:55 | 000,160,707 | ---- | C] () -- C:\Windows\Sqirlz Water Reflections Uninstaller.exe [2014/01/21 09:38:36 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2014/01/21 09:30:45 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2014/01/19 21:42:22 | 000,206,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys [2014/01/19 21:42:21 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys [2013/11/25 15:33:58 | 000,404,584 | ---- | C] () -- C:\Windows\WuWUI.exe [color=#E56717]========== ZeroAccess Check ==========[/color] [2009/07/14 00:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 21:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 17:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 21:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report >