Internet Explorer appears to have been highjacked and keeps diverting to http://holopotoroeodo.epac.to/info.php?avted=1&n=265 (to(epac.to)) whilst Firefox crashes straight after opening. Chrome is still working, thankfully, but seems much slower than normal as does the whole system.
No other programs appear to be affected, though I am prevented from downloading Malawarebytes (and possibly some other applications) and I receive this Error Message when that occurs:
Setup was unable to create the directory
"C:\Users\Colin\AppData\Local\Temp\is-0JVIQ.tmp" (though the last 5 letters before .tmp are different each time.)
Error 5 - Access is denied.
I have run a scan for "All Users" in OTL and have pasted the scan results below. Any help would be greatly appreciated!
Many thanks,
Colin
___________________________________________________________________________________________________________________________-
OTL logfile created on: 02/07/2012 01:40:46 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Colin\Desktop\Downloads\DOWNLOADS FROM JULY 2011
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.87 Gb Total Physical Memory | 1.20 Gb Available Physical Memory | 41.70% Memory free
7.17 Gb Paging File | 5.17 Gb Available in Paging File | 72.05% Paging File free
Paging file location(s): c:\pagefile.sys 4408 4408 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 288.56 Gb Total Space | 110.06 Gb Free Space | 38.14% Space Free | Partition Type: NTFS
Computer Name: COLIN-VAIO | User Name: Colin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Colin\Desktop\Downloads\DOWNLOADS FROM JULY 2011\OTL (1).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe ()
PRC - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe ()
PRC - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe ()
PRC - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
PRC - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.12.57\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe (PC Tools)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Users\Colin\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Colin\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll ()
MOD - C:\Users\Colin\AppData\Local\Google\Chrome\Application\20.0.1132.47\libglesv2.dll ()
MOD - C:\Users\Colin\AppData\Local\Google\Chrome\Application\20.0.1132.47\libegl.dll ()
MOD - C:\Users\Colin\AppData\Local\Google\Chrome\Application\20.0.1132.47\avutil-51.dll ()
MOD - C:\Users\Colin\AppData\Local\Google\Chrome\Application\20.0.1132.47\avformat-54.dll ()
MOD - C:\Users\Colin\AppData\Local\Google\Chrome\Application\20.0.1132.47\avcodec-54.dll ()
========== Win32 Services (SafeList) ==========
SRV:64bit: - (SolutoService) -- C:\Program Files\Soluto\SolutoService.exe (Soluto)
SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (VUAgent) -- C:\Program Files\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation)
SRV:64bit: - (SNMP) -- C:\Windows\SysNative\snmp.exe (Microsoft Corporation)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (VSNService) -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV:64bit: - (FcsNapSha) -- C:\Windows\SysNative\FcsNapSha.exe (Microsoft Corporation)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV:64bit: - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
SRV:64bit: - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV:64bit: - (VcmINSMgr) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
SRV:64bit: - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (TlntSvr) -- C:\Windows\SysNative\tlntsvr.exe (Microsoft Corporation)
SRV:64bit: - (simptcp) -- C:\Windows\SysNative\TCPSVCS.EXE (Microsoft Corporation)
SRV:64bit: - (CISVC) -- C:\Windows\SysNative\CISVC.EXE (Microsoft Corporation)
SRV:64bit: - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV:64bit: - (lxcf_device) -- C:\Windows\SysNative\lxcfcoms.exe ( )
SRV - (vToolbarUpdater11.2.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (HssTrayService) -- C:\Program Files (x86)\Hotspot Shield\bin\HSSTrayService.exe ()
SRV - (hshld) -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe ()
SRV - (HssWd) -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe ()
SRV - (AdvancedSystemCareService5) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe (IObit)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (IMFservice) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (HssSrv) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
SRV - (PCCUJobMgr) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.12.57\ccSvcHst.exe (Symantec Corporation)
SRV - (Norton PC Checkup Application Launcher) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.12.57\SymcPCCULaunchSvc.exe (Symantec Corporation)
SRV - (TomTomHOMEService) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (SNMP) -- C:\Windows\SysWOW64\snmp.exe (Microsoft Corporation)
SRV - (FirebirdGuardianDefaultInstance) -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe (Firebird Project)
SRV - (FirebirdServerDefaultInstance) -- C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe (Firebird Project)
SRV - (VmbService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
SRV - (McSysmon) -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
SRV - (sdCoreService) -- C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe (PC Tools)
SRV - (sdAuxService) -- C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe (PC Tools)
SRV - (SOHPlMgr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (SOHDBSvr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (simptcp) -- C:\Windows\SysWOW64\TCPSVCS.EXE (Microsoft Corporation)
SRV - (Roxio Upnp Server 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions)
SRV - (Roxio UPnP Renderer 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) Intel® -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (lxcf_device) -- C:\Windows\SysWOW64\lxcfcoms.exe ( )
========== Driver Services (SafeList) ==========
DRV:64bit: - (82644766) -- C:\Windows\SysNative\drivers\82644766.sys (Kaspersky Lab ZAO)
DRV:64bit: - (SWDUMon) -- C:\Windows\SysNative\drivers\SWDUMon.sys ()
DRV:64bit: - (Soluto) -- C:\Windows\SysNative\drivers\Soluto.sys (Soluto LTD.)
DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (HssDrv) -- C:\Windows\SysNative\drivers\HssDrv.sys (AnchorFree Inc.)
DRV:64bit: - (taphss) -- C:\Windows\SysNative\drivers\taphss.sys (AnchorFree Inc)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\avgidsfiltera.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)
DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys (Research in Motion Ltd)
DRV:64bit: - (Avgfwfd) -- C:\Windows\SysNative\drivers\avgfwd6a.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (ZTEusbwwan) -- C:\Windows\SysNative\drivers\ZTEusbwwan.sys (ZTE Incorporated)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (SmartDefragDriver) -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys ()
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RMCAST) -- C:\Windows\SysNative\drivers\rmcast.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (ZTEusbvoice) -- C:\Windows\SysNative\drivers\zteusbvoice.sys (ZTE Incorporated)
DRV:64bit: - (ZTEusbser6k) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV:64bit: - (ZTEusbnmea) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV:64bit: - (ZTEusbmdm6k) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV:64bit: - (massfilter) -- C:\Windows\SysNative\drivers\massfilter.sys (MBB Incorporated)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (vodafone_K380x-z_dc_enum) -- C:\Windows\SysNative\drivers\vodafone_K380x-z_dc_enum.sys (Vodafone)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (Btcsrusb) -- C:\Windows\SysNative\drivers\btcusb.sys (IVT Corporation.)
DRV:64bit: - (mfesmfk) -- C:\Windows\SysNative\drivers\mfesmfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdk) -- C:\Windows\SysNative\drivers\mferkdk.sys (McAfee, Inc.)
DRV:64bit: - (CbFs) -- C:\Windows\SysNative\drivers\cbfs.sys (EldoS Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (PCTCore) -- C:\Windows\SysNative\drivers\PCTCore64.sys (PC Tools)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (BthAvrcp) -- C:\Windows\SysNative\drivers\BthAvrcp.sys (CSR, plc)
DRV:64bit: - (IntcHdmiAddService) Intel® -- C:\Windows\SysNative\drivers\IntcHdmi.sys (Intel® Corporation)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (risdptsk) -- C:\Windows\SysNative\drivers\risdsn64.sys (REDC)
DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\drivers\rimssn64.sys (REDC)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (Dot4Scan) -- C:\Windows\SysNative\drivers\Dot4Scan.sys (Microsoft Corporation)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (netw5v64) Intel® -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (KMWDFILTER) -- C:\Windows\SysNative\drivers\KMWDFILTER.sys (Windows ® Codename Longhorn DDK provider)
DRV:64bit: - (MPFP) -- C:\Windows\SysNative\drivers\Mpfp.sys (McAfee, Inc.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (csr_a2dp) -- C:\Windows\SysNative\drivers\bthav.sys (CSR, plc)
DRV:64bit: - (emAudio) -- C:\Windows\SysNative\drivers\emAudio64.sys (eMPIA Technology, Inc.)
DRV:64bit: - (DCamUSBEMPIA) -- C:\Windows\SysNative\drivers\emDevice64.sys (eMPIA Technology, Inc.)
DRV:64bit: - (FiltUSBEMPIA) -- C:\Windows\SysNative\drivers\emFilter64.sys (eMPIA Technology, Inc.)
DRV:64bit: - (ScanUSBEMPIA) -- C:\Windows\SysNative\drivers\emScan64.sys (eMPIA Technology, Inc.)
DRV:64bit: - (MarvinBus) -- C:\Windows\SysNative\drivers\MarvinBus64.sys (Pinnacle Systems GmbH)
DRV - (UrlFilter) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys (IObit.com)
DRV - (RegFilter) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys (IObit.com)
DRV - (FileMonitor) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys (IObit)
DRV - (PfFilter) -- C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys (IObit Information Technology)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://home.microsof...obby/search.asp
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....p://www.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...er=6&ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsof...arch/search.asp
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://home.microsof...obby/search.asp
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{099EF85B-3260-4b87-9239-33355EE6A548}: "URL" = http://results.myway...r={searchTerms}
IE - HKLM\..\SearchScopes\{09BF01E0-CFE9-4104-B0BB-B5724D999A05}: "URL" = http://slirsredirect...hromesbox-en-uk
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2475029
IE - HKLM\..\SearchScopes\{fb72f1bd-a2f1-47eb-8f13-2c6dcd65516f}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mystart.com?pr=photopos2_0
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?rd=1
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4A BE 43 1D 61 5B CB 01 [binary data]
IE - HKU\.DEFAULT\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {3D41F773-C2A2-4541-8F58-DF94FA1311D3}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes\{3D41F773-C2A2-4541-8F58-DF94FA1311D3}: "URL" = http://search.yahoo....q={searchTerms}
IE - HKU\.DEFAULT\..\SearchScopes\{4B8C28A7-A9BC-45F8-990D-21499EED643C}: "URL" = http://www.questscan...s={searchTerms}
IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\.DEFAULT\..\SearchScopes\{fb72f1bd-a2f1-47eb-8f13-2c6dcd65516f}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mystart.com?pr=photopos2_0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?rd=1
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4A BE 43 1D 61 5B CB 01 [binary data]
IE - HKU\S-1-5-18\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {3D41F773-C2A2-4541-8F58-DF94FA1311D3}
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-18\..\SearchScopes\{3D41F773-C2A2-4541-8F58-DF94FA1311D3}: "URL" = http://search.yahoo....q={searchTerms}
IE - HKU\S-1-5-18\..\SearchScopes\{4B8C28A7-A9BC-45F8-990D-21499EED643C}: "URL" = http://www.questscan...s={searchTerms}
IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-18\..\SearchScopes\{fb72f1bd-a2f1-47eb-8f13-2c6dcd65516f}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Colin\Favorites\Downloads\FOOTBALL BETTING SOFTWARE
IE - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.co.uk/
IE - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\..\URLSearchHook: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - No CLSID value found
IE - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...00000ff37ac3727
IE - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\..\SearchScopes\{1FA59C26-EE75-485B-819E-FCF6191B2EB3}: "URL" = http://search.condui...&ctid=CT1561552
IE - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\..\SearchScopes\{2282A0CE-B42D-4BE2-97DF-98322F665385}: "URL" = http://visualsearch....q={searchTerms}
IE - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\..\SearchScopes\{4C8B3851-05E2-4660-B181-72840E5785F3}: "URL" = http://rover.ebay.co...e={searchTerms}
IE - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\..\SearchScopes\{6BC079BB-5474-4CD2-A048-905E648B6E21}: "URL" = http://uk.search.yah...p={searchTerms}
IE - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\..\SearchScopes\{6F8D3DBD-C0AB-4ACE-9E22-6A4CA4EF8E67}: "URL" = http://www.google.co...rchTerms}&meta=
IE - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\..\SearchScopes\{861E8928-6140-4CB5-8DF7-7E7E9FD7EA98}: "URL" = http://websearch.ask...apn_dtid=OSJ000
IE - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...fr&d=2012-06-30 20:58:29&v=11.1.0.12&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...540501721747738
IE - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\..\SearchScopes\{E36AC8FA-77B0-4E67-9AB8-B1F9E88AAF31}: "URL" = http://services.zini...}&rf=sonyslices
IE - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\..\SearchScopes\{fb72f1bd-a2f1-47eb-8f13-2c6dcd65516f}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com Search"
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaultthis.engineName: "MyAshampoo Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "http://search.babylo...0000ff37ac3727"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:1.2.3
FF - prefs.js..extensions.enabledItems: [email protected]:3.0.1
FF - prefs.js..extensions.enabledItems: [email protected]:2.1.3
FF - prefs.js..extensions.enabledItems: {2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}:2.3.1
FF - prefs.js..extensions.enabledItems: {3e0e7d2a-070f-4a47-b019-91fe5385ba79}:3.1.3
FF - prefs.js..extensions.enabledItems: {45e16761-660c-41a4-984f-56986fba2137}:1.0.2
FF - prefs.js..extensions.enabledItems: {5C46D283-ABDE-4dce-B83C-08881401921C}:2.1.6
FF - prefs.js..extensions.enabledItems: {6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}:1.4.14
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.95
FF - prefs.js..extensions.enabledItems: {c95a4e8e-816d-4655-8c79-d736da1adb6d}:3.7.0.6
FF - prefs.js..extensions.enabledItems: {d5ea4520-61a1-11da-8cd6-0800200c9a66}:2009.07.19
FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:6.10.1
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.7.0.6
FF - prefs.js..extensions.enabledItems: {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}:2.0
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.67
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.24
FF - prefs.js..keyword.URL: "http://search.babylo...0ff37ac3727&q="
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.socks_version: 4
FF - prefs.js..network.proxy.type: 2
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@funwebproducts.com/Plugin: C:\Program Files (x86)\FunWebProducts\Installr\1.bin\NPFunWeb.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll File not found
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Colin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Colin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files (x86)\Google\Google Gears\Firefox\ [2011/02/12 13:37:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2010/05/01 01:57:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/12/05 22:00:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2011/12/28 00:25:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/06/30 20:58:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012/06/30 20:54:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.12\ [2012/06/30 20:58:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/19 10:51:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/19 22:40:39 | 000,000,000 | ---D | M]
[2012/07/01 11:44:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Colin\AppData\Roaming\mozilla\Extensions
[2011/11/09 04:27:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Colin\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011/05/22 22:15:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Colin\AppData\Roaming\mozilla\Extensions\[email protected]
[2012/07/01 21:44:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Colin\AppData\Roaming\mozilla\Firefox\Profiles\t98nhymg.default\extensions
[2011/10/13 09:36:52 | 000,000,000 | ---D | M] (Delicious Bookmarks) -- C:\Users\Colin\AppData\Roaming\mozilla\Firefox\Profiles\t98nhymg.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
[2011/10/13 09:36:47 | 000,000,000 | ---D | M] (AddThis) -- C:\Users\Colin\AppData\Roaming\mozilla\Firefox\Profiles\t98nhymg.default\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79}
[2011/03/21 20:57:01 | 000,000,000 | ---D | M] (Fire.fm) -- C:\Users\Colin\AppData\Roaming\mozilla\Firefox\Profiles\t98nhymg.default\extensions\{6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}
[2011/11/09 00:13:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Colin\AppData\Roaming\mozilla\Firefox\Profiles\t98nhymg.default\extensions\{90eee664-34b1-422a-a782-779af65cdf6d}-trash
[2011/10/13 09:36:42 | 000,000,000 | ---D | M] ("BetterPrivacy") -- C:\Users\Colin\AppData\Roaming\mozilla\Firefox\Profiles\t98nhymg.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
[2010/10/09 18:39:00 | 000,000,000 | ---D | M] (QuickProxy) -- C:\Users\Colin\AppData\Roaming\mozilla\Firefox\Profiles\t98nhymg.default\extensions\{d5ea4520-61a1-11da-8cd6-0800200c9a66}
[2012/06/06 22:20:39 | 000,000,000 | ---D | M] (ReImage Helper) -- C:\Users\Colin\AppData\Roaming\mozilla\Firefox\Profiles\t98nhymg.default\extensions\[email protected]
[2011/11/20 12:18:26 | 000,000,000 | ---D | M] (FDislike) -- C:\Users\Colin\AppData\Roaming\mozilla\Firefox\Profiles\t98nhymg.default\extensions\[email protected]
[2011/07/02 21:48:16 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Colin\AppData\Roaming\mozilla\Firefox\Profiles\t98nhymg.default\extensions\[email protected]
[2011/10/13 09:36:58 | 000,000,000 | ---D | M] (Shareaholic) -- C:\Users\Colin\AppData\Roaming\mozilla\Firefox\Profiles\t98nhymg.default\extensions\[email protected]
[2012/06/30 20:09:30 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Colin\AppData\Roaming\mozilla\Firefox\Profiles\t98nhymg.default\extensions\[email protected]
[2011/10/13 09:36:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Colin\AppData\Roaming\mozilla\Firefox\Profiles\t98nhymg.default\extensions\[email protected]\chrome
[2011/10/13 09:36:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Colin\AppData\Roaming\mozilla\Firefox\Profiles\t98nhymg.default\extensions\[email protected]\defaults
[2011/11/17 20:25:44 | 000,002,333 | ---- | M] () -- C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\t98nhymg.default\searchplugins\askcom.xml
[2012/02/27 11:11:29 | 000,002,306 | ---- | M] () -- C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\t98nhymg.default\searchplugins\askcomsearch.xml
[2010/12/15 16:12:32 | 000,000,923 | ---- | M] () -- C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\t98nhymg.default\searchplugins\conduit.xml
[2011/03/20 23:36:33 | 000,002,207 | ---- | M] () -- C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\t98nhymg.default\searchplugins\MyStart Search.xml
[2010/10/11 17:21:08 | 000,010,017 | ---- | M] () -- C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\t98nhymg.default\searchplugins\mywebsearch.xml
[2011/12/22 07:31:34 | 000,002,519 | ---- | M] () -- C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\t98nhymg.default\searchplugins\Search_Results.xml
[2012/07/01 11:44:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/11/19 10:51:00 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/02/27 11:10:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012/04/29 21:00:28 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2012/07/01 11:42:44 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES (X86)\COMMON FILES\SPIGOT\WTXPCOM
[2011/11/25 05:38:18 | 000,623,219 | ---- | M] () (No name found) -- C:\USERS\COLIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T98NHYMG.DEFAULT\EXTENSIONS\[email protected]
[2011/11/05 08:10:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/11/19 10:42:57 | 000,025,560 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browserdirprovider.dll
[2011/11/19 10:42:58 | 000,140,760 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\brwsrcmp.dll
[2010/10/13 23:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2012/02/27 11:09:49 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/11/19 10:43:01 | 000,067,032 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll
[2006/10/27 04:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL
[2012/03/26 16:41:34 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
[2011/12/05 22:00:13 | 000,150,696 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll
[2010/11/01 22:57:26 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll
[2010/11/01 22:57:27 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll
[2010/11/01 22:57:27 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll
[2010/11/01 22:57:27 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll
[2010/11/01 22:57:28 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll
[2010/11/01 22:57:28 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll
[2010/11/01 22:57:29 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll
[2011/12/05 22:02:46 | 000,011,776 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll
[2011/12/05 21:59:05 | 000,107,008 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll
[2011/11/05 04:44:20 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/10/11 18:45:01 | 000,002,193 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml
[2012/06/30 20:58:18 | 000,003,748 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/06/30 20:10:00 | 000,002,352 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2011/11/05 04:32:18 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/05 04:44:20 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/10/11 18:45:01 | 000,001,534 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml
[2011/11/05 04:44:20 | 000,001,180 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/11/05 04:32:18 | 000,002,364 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2011/12/22 07:31:34 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
[2011/11/05 04:32:18 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml
[2011/11/05 04:44:20 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml
[2012/02/14 14:00:04 | 000,000,894 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Colin\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Colin\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Colin\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Colin\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\Windows\system32\TVUAx\npTVUAx.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: The Guardian = C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\amckaikgfcndaokapfcedicfmagoghlg\1.7.2_0\
CHR - Extension: Wunderlist = C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjliknjliaohjgjajlgolhijphojjdkc\1.0.2_0\
CHR - Extension: ReImage Browser Helper = C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmdfpnpdmnjaffhcdbobdjpolhpacaem\1.0.5_0\
CHR - Extension: AVG Safe Search = C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\
CHR - Extension: RoboForm Lite = C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kidhjpmgjfbkmcfpfakmdddddgfbhahj\3.2.0_0\
CHR - Extension: AVG Do Not Track = C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
O1 HOSTS File: ([2012/07/02 01:22:02 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110125133743.dll (McAfee, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (BrowserHelper Class) - {EDF48A39-1442-463F-9F4E-F376A78D034A} - C:\Program Files (x86)\Livedrive\LivedriveExplorerExtensions.dll (Livedrive Internet Ltd)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Reg Error: Value error.) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110125133743.dll (McAfee, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O2 - BHO: (ReImage Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\ReImageCompanion\updatebhoWin32.dll ( )
O2 - BHO: (ReImage Browser Helper) - {a0e8bc7d-6959-40b6-8e05-204d9768ad6e} - C:\Program Files (x86)\ReImageCompanion\jsloader.dll (ReImage)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\..\Toolbar\WebBrowser: (no name) - {0002EE26-8C11-49EB-9CDF-56EEFFEF664F} - No CLSID value found.
O3 - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\.DEFAULT..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKU\S-1-5-18..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-247563849-1891965759-2374117565-1000..\Run: [RIMDeviceManager] C:\Program Files (x86)\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe (Research In Motion Limited)
O4 - HKLM..\RunOnce: [OTM] C:\Users\Colin\Desktop\Downloads\DOWNLOADS FROM JULY 2011\OTM.exe (OldTimer Tools)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Colin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_82644766.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Clear Fields - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComClearFields.html ()
O8:64bit: - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8:64bit: - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8:64bit: - Extra context menu item: Identities Editor - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComEditIdent.html ()
O8:64bit: - Extra context menu item: Logoff - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComLogoff.html ()
O8:64bit: - Extra context menu item: Passcards Editor - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComEditPass.html ()
O8:64bit: - Extra context menu item: Password Generator - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html ()
O8:64bit: - Extra context menu item: Reset Fields - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComResetFields.html ()
O8:64bit: - Extra context menu item: RoboForm Options - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComOptions.html ()
O8:64bit: - Extra context menu item: RoboForm TaskBar Icon - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComTaskBarIcon.html ()
O8:64bit: - Extra context menu item: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8:64bit: - Extra context menu item: Safenotes Editor - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComEditNote.html ()
O8:64bit: - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8:64bit: - Extra context menu item: Set Fields - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSetFields.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Clear Fields - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComClearFields.html ()
O8 - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Identities Editor - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComEditIdent.html ()
O8 - Extra context menu item: Logoff - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComLogoff.html ()
O8 - Extra context menu item: Passcards Editor - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComEditPass.html ()
O8 - Extra context menu item: Password Generator - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html ()
O8 - Extra context menu item: Reset Fields - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComResetFields.html ()
O8 - Extra context menu item: RoboForm Options - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComOptions.html ()
O8 - Extra context menu item: RoboForm TaskBar Icon - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComTaskBarIcon.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Safenotes Editor - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComEditNote.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Set Fields - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSetFields.html ()
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-247563849-1891965759-2374117565-1000\..Trusted Domains: google.com ([mail] https in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onec...s/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Value error.)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupd...40320.363287037 (Update Class)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicr...osoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} http://mobileapps.bl...re/AxLoader.cab (RIM AxLoader)
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} https://plugins.valu...ashax/iefax.cab (Flash Casino Helper Control)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../PCPitStop2.cab (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{37AC3727-0134-4EE1-95FD-A8B4B2A3119B}: NameServer = 10.73.152.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9AD2AAC8-8A36-4590-84E6-260F6CF5030E}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E71868B7-EED6-40BE-9356-C83791F0C615}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\base64 - No CLSID value found
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\chrome - No CLSID value found
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\prox - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\ReImageCompanion\tdataprotocol.dll (reimage)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\ReImageCompanion\tdataprotocol.dll (reimage)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\ReImageCompanion\tdataprotocol.dll (reimage)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll ()
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files\Soluto\soluto.exe /userinit) - C:\Program Files\Soluto\soluto.exe (Soluto)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{58f62c09-600d-11e0-8d10-0024beb0198e}\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/07/02 01:21:58 | 000,000,000 | ---D | C] -- C:\_OTM
[2012/07/02 01:19:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/07/01 22:31:21 | 000,000,000 | ---D | C] -- C:\Users\Colin\Desktop\erunt
[2012/07/01 22:20:01 | 000,000,000 | ---D | C] -- C:\Users\Colin\Desktop\Fix Malware
[2012/07/01 20:52:28 | 000,000,000 | ---D | C] -- C:\Users\Colin\Desktop\GooredFix Backups
[2012/07/01 20:06:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012/07/01 20:04:24 | 000,460,888 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\82644766.sys
[2012/07/01 12:28:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2012/07/01 12:05:45 | 019,551,736 | ---- | C] (IObit ) -- C:\Users\Colin\Desktop\imf-setup.exe
[2012/06/30 21:00:09 | 000,000,000 | ---D | C] -- C:\Users\Colin\AppData\Roaming\AVG2012
[2012/06/30 20:59:21 | 000,000,000 | ---D | C] -- C:\Users\Colin\AppData\Local\AVG Secure Search
[2012/06/30 20:58:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/06/30 20:58:27 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012/06/30 20:58:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2012/06/30 20:58:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2012/06/30 20:57:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/06/30 20:56:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2012/06/30 20:53:36 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/06/30 20:53:35 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2012/06/30 20:13:06 | 000,000,000 | ---D | C] -- C:\Users\Colin\AppData\Local\Macromedia
[2012/06/30 20:12:20 | 000,000,000 | ---D | C] -- C:\ProgramData\hssff
[2012/06/30 20:12:04 | 000,000,000 | ---D | C] -- C:\Users\Colin\AppData\Local\Zoom_Downloader
[2012/06/30 20:09:39 | 000,000,000 | ---D | C] -- C:\Users\Colin\AppData\Roaming\Babylon
[2012/06/30 20:09:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012/06/30 20:09:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yontoo
[2012/06/30 20:09:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012/06/30 19:47:42 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2012/06/30 19:44:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2012/06/30 19:39:16 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/06/28 19:55:00 | 000,000,000 | ---D | C] -- C:\Users\Colin\Desktop\[email protected]
[2012/06/28 14:06:04 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/06/28 14:06:04 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/06/28 01:40:51 | 000,000,000 | --SD | C] -- C:\Users\Colin\Google Drive
[2012/06/28 01:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2012/06/25 17:06:59 | 000,000,000 | ---D | C] -- C:\Users\Colin\Documents\New folder (8)
[2012/06/25 16:48:53 | 000,000,000 | ---D | C] -- C:\Users\Colin\Documents\Usenet.nl
[2012/06/25 16:48:52 | 000,000,000 | ---D | C] -- C:\Users\Colin\AppData\Roaming\Usenet.nl
[2012/06/25 16:48:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Usenet.nl
[2012/06/25 16:48:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Usenet.nl
[2012/06/25 14:13:35 | 000,000,000 | ---D | C] -- C:\Users\Colin\Desktop\LADBROKES GMAIL_files
[2012/06/23 11:13:00 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/23 11:13:00 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/23 11:13:00 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/23 11:12:31 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/06/23 11:12:31 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/06/23 11:12:30 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/06/23 11:11:54 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/23 11:11:54 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/06/13 19:02:38 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/06/13 19:02:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/06/13 19:02:37 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/06/13 19:02:36 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/06/13 19:02:34 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/06/13 19:02:34 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/06/13 19:02:33 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/06/13 19:02:33 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/06/13 19:02:30 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/06/13 19:02:30 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/06/13 19:02:29 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/06/13 19:02:28 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/06/13 19:02:28 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/06/13 17:40:46 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/06/13 17:40:46 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/06/13 17:40:45 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/06/13 17:40:34 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/06/13 17:40:31 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/06/13 17:40:30 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/06/13 17:12:48 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/06/13 17:11:51 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/06/13 17:11:49 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/06/06 23:41:36 | 000,000,000 | ---D | C] -- C:\Users\Colin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BlackBerry
[2012/06/06 22:21:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
[2012/06/06 22:21:26 | 000,000,000 | ---D | C] -- C:\rei
[2012/06/06 22:21:12 | 000,000,000 | ---D | C] -- C:\Program Files\Reimage
[2012/06/06 22:20:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ReImageCompanion
[2012/06/06 21:39:41 | 000,000,000 | ---D | C] -- C:\MATS
[2012/06/06 11:13:44 | 000,000,000 | ---D | C] -- C:\8b96cd66e904b54a5771d097
[2012/06/06 02:13:55 | 000,000,000 | ---D | C] -- C:\BLUETOOTH JUNE 2012
[2012/06/06 02:13:50 | 000,000,000 | ---D | C] -- C:\New folder (2)
[2012/06/06 02:12:55 | 000,000,000 | ---D | C] -- C:\Users\Colin\Documents\Blueooth drivers etc June 2012
[2012/06/06 00:14:10 | 000,000,000 | ---D | C] -- C:\Users\Colin\AppData\Local\SlimWare Utilities Inc
[2012/06/06 00:13:56 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers
[2012/06/05 23:16:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Drivers For Free
[2012/06/05 23:14:19 | 000,000,000 | ---D | C] -- C:\Users\Colin\AppData\Local\Drivers_For_Free
[2012/06/05 23:13:58 | 000,000,000 | ---D | C] -- C:\Users\Colin\AppData\Roaming\Drivers For Free
[2012/06/05 20:29:09 | 000,000,000 | ---D | C] -- C:\VAIO
[2012/06/05 20:23:02 | 000,000,000 | ---D | C] -- C:\New folder
[2012/06/04 15:35:49 | 000,000,000 | ---D | C] -- C:\Users\Colin\Desktop\BLACKBERRY TRANSFERS
[2012/06/04 14:16:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Research In Motion
[2012/06/04 14:15:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\XCPCSync.OEM
[2012/06/04 10:20:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Deployment Toolkit
[2012/06/04 10:20:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Deployment Toolkit
========== Files - Modified Within 30 Days ==========
[2012/07/02 01:59:05 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/02 01:27:03 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-247563849-1891965759-2374117565-1000UA.job
[2012/07/02 01:26:25 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/02 01:24:47 | 000,010,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/02 01:24:47 | 000,010,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/02 01:22:02 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/07/02 01:20:57 | 000,873,490 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/02 01:20:57 | 000,732,570 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/02 01:20:57 | 000,149,348 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/02 01:15:11 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012/07/02 01:12:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/02 01:12:43 | 2311,335,936 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/01 20:47:31 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\82644766.sys
[2012/07/01 20:32:59 | 000,513,320 | ---- | M] () -- C:\Users\Colin\Desktop\erunt.zip
[2012/07/01 20:06:25 | 000,001,008 | ---- | M] () -- C:\Users\Colin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_82644766.lnk
[2012/07/01 18:52:07 | 000,022,740 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/07/01 18:00:00 | 000,000,472 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2012/07/01 12:28:07 | 000,001,133 | ---- | M] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2012/07/01 12:16:49 | 000,001,099 | ---- | M] () -- C:\Users\Colin\Desktop\IObit - Shortcut.lnk
[2012/07/01 12:05:48 | 019,551,736 | ---- | M] (IObit ) -- C:\Users\Colin\Desktop\imf-setup.exe
[2012/07/01 11:48:09 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012/07/01 11:28:37 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-247563849-1891965759-2374117565-1000Core.job
[2012/07/01 11:25:20 | 100,891,471 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/06/30 20:58:45 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/06/30 20:56:44 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012/06/30 20:56:44 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012/06/30 20:10:13 | 000,000,250 | ---- | M] () -- C:\user.js
[2012/06/30 01:11:15 | 000,005,828 | ---- | M] () -- C:\Users\Colin\Desktop\Default_EXE.reg
[2012/06/30 01:08:33 | 000,024,433 | ---- | M] () -- C:\Users\Colin\Desktop\error code 5.JPG
[2012/06/30 01:08:01 | 000,000,235 | ---- | M] () -- C:\Users\Colin\Desktop\is-2CPQ7 tmp file addres.rtf
[2012/06/29 16:44:51 | 000,000,133 | ---- | M] () -- C:\Users\Colin\Desktop\Today's Racecards Sporting Life - Horse Racing News Live Racing Results, Racecards, Live Betting Shows.url
[2012/06/28 19:49:36 | 000,003,727 | ---- | M] () -- C:\Users\Colin\Desktop\[email protected]
[2012/06/28 14:06:04 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/06/28 14:06:04 | 000,366,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/06/28 04:47:00 | 000,000,404 | ---- | M] () -- C:\Windows\tasks\PC Health Advisor Defrag.job
[2012/06/28 03:09:37 | 000,075,387 | ---- | M] () -- C:\Users\Colin\Desktop\Usenet cancellation 2.JPG
[2012/06/28 01:40:52 | 000,001,707 | ---- | M] () -- C:\Users\Colin\Desktop\Google Drive.lnk
[2012/06/25 16:53:34 | 000,001,849 | ---- | M] () -- C:\Users\Colin\Desktop\Usenet.nl.lnk
[2012/06/25 14:13:35 | 000,011,609 | ---- | M] () -- C:\Users\Colin\Desktop\LADBROKES GMAIL.htm
[2012/06/25 14:03:21 | 000,000,202 | ---- | M] () -- C:\Users\Colin\Desktop\EMPLOYEE SURVEY.url
[2012/06/24 15:45:59 | 000,000,236 | ---- | M] () -- C:\Users\Colin\Desktop\Special Audiobook Download Offer Downloadable Audio Books, iPhone, Android and Digital Audio Books Audible Audiobooks Audible.co.uk.url
[2012/06/23 11:59:46 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/06/23 11:59:46 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/06/19 22:40:40 | 000,001,974 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/06/13 19:55:58 | 000,546,544 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/06/11 15:21:11 | 000,001,118 | ---- | M] () -- C:\Users\Colin\Desktop\Ladbrokes - Shortcut.lnk
[2012/06/10 22:19:34 | 000,007,168 | -H-- | M] () -- C:\Users\Colin\Desktop\photothumb.db
[2012/06/10 22:00:00 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\SmartDefrag.job
[2012/06/10 21:43:41 | 000,000,344 | ---- | M] () -- C:\Users\Colin\Desktop\Google Accounts.url
[2012/06/06 23:58:56 | 000,068,527 | ---- | M] () -- C:\Users\Colin\Desktop\BlackBerry Desktop Software readme.rtf
[2012/06/06 23:24:05 | 000,002,865 | ---- | M] () -- C:\Users\Colin\Desktop\BlackBerry - Shortcut (2).lnk
[2012/06/06 22:22:17 | 000,000,286 | ---- | M] () -- C:\Windows\reimage.ini
[2012/06/06 18:18:44 | 000,000,355 | ---- | M] () -- C:\Users\Colin\Computer - Shortcut.lnk
[2012/06/06 10:18:29 | 000,000,123 | ---- | M] () -- C:\Users\Colin\Desktop\Microsoft Fix it.url
[2012/06/06 04:58:11 | 000,015,672 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2012/06/06 00:20:24 | 000,000,162 | -H-- | M] () -- C:\Users\Colin\Desktop\~$IO DRIVERS FOR DISK READER ETC.rtf
[2012/06/05 23:07:03 | 000,004,871 | ---- | M] () -- C:\Users\Colin\Desktop\VAIO DRIVERS FOR DISK READER ETC.rtf
[2012/06/05 17:29:36 | 000,006,936 | ---- | M] () -- C:\Users\Colin\Desktop\cc_20120605_172927.reg
[2012/06/05 15:32:33 | 000,007,621 | ---- | M] () -- C:\Users\Colin\AppData\Local\resmon.resmoncfg
[2012/06/04 18:07:44 | 000,002,191 | ---- | M] () -- C:\Users\Public\Desktop\BlackBerry Desktop Software.lnk
[2012/06/04 01:34:27 | 000,000,218 | ---- | M] () -- C:\Users\Colin\Desktop\Back To The Noose by Jak Paxton Song Free Music, Listen Now.url
[2012/06/02 23:19:46 | 000,038,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/06/02 23:19:42 | 000,057,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/06/02 23:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/06/02 23:19:23 | 000,701,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/06/02 23:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/06/02 23:15:08 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/06/02 15:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/06/02 15:15:12 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
========== Files Created - No Company Name ==========
[2012/07/01 20:33:07 | 000,513,320 | ---- | C] () -- C:\Users\Colin\Desktop\erunt.zip
[2012/07/01 20:06:25 | 000,001,008 | ---- | C] () -- C:\Users\Colin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_82644766.lnk
[2012/07/01 18:52:05 | 000,022,740 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/07/01 12:28:07 | 000,001,133 | ---- | C] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2012/07/01 12:16:49 | 000,001,099 | ---- | C] () -- C:\Users\Colin\Desktop\IObit - Shortcut.lnk
[2012/07/01 11:25:20 | 100,891,471 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/06/30 20:58:45 | 000,000,925 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/06/30 20:56:44 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2012/06/30 20:56:44 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2012/06/30 20:10:11 | 000,000,250 | ---- | C] () -- C:\user.js
[2012/06/30 01:11:33 | 000,005,828 | ---- | C] () -- C:\Users\Colin\Desktop\Default_EXE.reg
[2012/06/30 01:08:32 | 000,024,433 | ---- | C] () -- C:\Users\Colin\Desktop\error code 5.JPG
[2012/06/30 01:08:01 | 000,000,235 | ---- | C] () -- C:\Users\Colin\Desktop\is-2CPQ7 tmp file addres.rtf
[2012/06/29 16:44:51 | 000,000,133 | ---- | C] () -- C:\Users\Colin\Desktop\Today's Racecards Sporting Life - Horse Racing News Live Racing Results, Racecards, Live Betting Shows.url
[2012/06/28 19:49:56 | 000,003,727 | ---- | C] () -- C:\Users\Colin\Desktop\[email protected]
[2012/06/28 03:09:37 | 000,075,387 | ---- | C] () -- C:\Users\Colin\Desktop\Usenet cancellation 2.JPG
[2012/06/28 01:40:52 | 000,001,707 | ---- | C] () -- C:\Users\Colin\Desktop\Google Drive.lnk
[2012/06/25 16:48:44 | 000,001,849 | ---- | C] () -- C:\Users\Colin\Desktop\Usenet.nl.lnk
[2012/06/25 14:13:33 | 000,011,609 | ---- | C] () -- C:\Users\Colin\Desktop\LADBROKES GMAIL.htm
[2012/06/25 14:01:48 | 000,000,202 | ---- | C] () -- C:\Users\Colin\Desktop\EMPLOYEE SURVEY.url
[2012/06/24 15:45:59 | 000,000,236 | ---- | C] () -- C:\Users\Colin\Desktop\Special Audiobook Download Offer Downloadable Audio Books, iPhone, Android and Digital Audio Books Audible Audiobooks Audible.co.uk.url
[2012/06/19 22:40:40 | 000,001,974 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/06/10 21:43:41 | 000,000,344 | ---- | C] () -- C:\Users\Colin\Desktop\Google Accounts.url
[2012/06/10 14:55:06 | 000,007,168 | -H-- | C] () -- C:\Users\Colin\Desktop\photothumb.db
[2012/06/10 14:54:06 | 000,000,098 | -HS- | C] () -- C:\Windows\WSYS049.SYS
[2012/06/06 23:58:55 | 000,068,527 | ---- | C] () -- C:\Users\Colin\Desktop\BlackBerry Desktop Software readme.rtf
[2012/06/06 23:24:05 | 000,002,865 | ---- | C] () -- C:\Users\Colin\Desktop\BlackBerry - Shortcut (2).lnk
[2012/06/06 18:18:44 | 000,000,355 | ---- | C] () -- C:\Users\Colin\Computer - Shortcut.lnk
[2012/06/06 10:18:29 | 000,000,123 | ---- | C] () -- C:\Users\Colin\Desktop\Microsoft Fix it.url
[2012/06/06 00:20:24 | 000,000,162 | -H-- | C] () -- C:\Users\Colin\Desktop\~$IO DRIVERS FOR DISK READER ETC.rtf
[2012/06/06 00:14:13 | 000,015,672 | ---- | C] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2012/06/05 20:17:36 | 000,004,871 | ---- | C] () -- C:\Users\Colin\Desktop\VAIO DRIVERS FOR DISK READER ETC.rtf
[2012/06/05 17:29:31 | 000,006,936 | ---- | C] () -- C:\Users\Colin\Desktop\cc_20120605_172927.reg
[2012/06/04 01:34:25 | 000,000,218 | ---- | C] () -- C:\Users\Colin\Desktop\Back To The Noose by Jak Paxton Song Free Music, Listen Now.url
[2011/12/23 00:33:05 | 000,002,496 | ---- | C] () -- C:\Windows\SysWow64\AVRedirector.ini
[2011/12/23 00:33:05 | 000,001,248 | ---- | C] () -- C:\Windows\SysWow64\AVRedirectorOff.ini
[2011/12/12 11:25:40 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011/12/07 00:55:54 | 000,159,249 | ---- | C] () -- C:\Windows\Bet wizard Uninstaller.exe
[2011/11/20 23:13:38 | 000,000,189 | ---- | C] () -- C:\Users\Colin\Guitar Tuner @ Chordbook.Com.url
[2011/09/26 22:12:31 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat
[2011/08/28 02:17:02 | 000,012,288 | ---- | C] () -- C:\Users\Colin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/03 01:45:38 | 000,704,000 | ---- | C] () -- C:\Windows\is-NAUMG.exe
[2011/07/02 22:31:16 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/07/02 22:31:16 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/07/02 21:55:27 | 000,017,408 | ---- | C] () -- C:\Users\Colin\AppData\Local\WebpageIcons.db
[2011/07/02 01:41:11 | 000,208,178 | ---- | C] () -- C:\Windows\Photo Pos Pro Uninstaller.exe
[2011/06/05 19:41:31 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2011/02/27 00:50:51 | 001,503,232 | ---- | C] () -- C:\Windows\SysWow64\ptj.exe
[2011/02/27 00:50:50 | 004,369,408 | ---- | C] () -- C:\Windows\SysWow64\pdftk.exe
[2011/02/27 00:50:50 | 000,235,008 | ---- | C] () -- C:\Windows\SysWow64\office.exe
[2011/01/20 21:40:03 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2011/01/11 21:31:07 | 000,356,197 | ---- | C] () -- C:\Users\Colin\mural-tile.jpg
[2010/12/08 15:42:32 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfinpa.dll
[2010/12/08 15:42:32 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfiesc.dll
[2010/12/08 15:42:32 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxcfcomx.dll
[2010/12/08 15:42:32 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\lxcfinst.dll
[2010/12/08 15:42:31 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfpmui.dll
[2010/12/08 15:42:30 | 000,991,232 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfusb1.dll
[2010/12/08 15:42:29 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfserv.dll
[2010/12/08 15:42:29 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfppls.exe
[2010/12/08 15:42:29 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfprox.dll
[2010/12/08 15:42:29 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfpplc.dll
[2010/12/08 15:42:28 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfhbn3.dll
[2010/12/08 15:42:28 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcflmpm.dll
[2010/12/08 15:42:28 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfcoms.exe
[2010/12/08 15:42:28 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfih.exe
[2010/12/08 15:42:27 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfcomc.dll
[2010/12/08 15:42:27 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfcomm.dll
[2010/12/08 15:42:26 | 000,381,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxcfcfg.exe
[2010/10/23 04:39:14 | 000,000,286 | ---- | C] () -- C:\Windows\reimage.ini
[2010/10/19 07:17:01 | 000,000,000 | ---- | C] () -- C:\Users\Colin\AppData\Roaming\wklnhst.dat
[2010/09/24 13:20:39 | 000,127,494 | ---- | C] () -- C:\Users\Colin\cc dots.bmp
[2010/09/24 13:02:37 | 000,018,432 | -H-- | C] () -- C:\Users\Colin\photothumb.db
[2010/09/24 09:46:36 | 000,015,064 | ---- | C] () -- C:\Users\Colin\ear.jpg
[2010/08/11 11:43:50 | 000,159,464 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2010/07/26 14:03:32 | 000,004,096 | -H-- | C] () -- C:\Users\Colin\AppData\Local\keyfile3.drm
[2010/07/18 21:14:55 | 000,000,632 | ---- | C] () -- C:\Users\Colin\ntuser.pol
[2010/07/14 08:24:28 | 000,038,491 | ---- | C] () -- C:\Users\Colin\AppData\Roaming\Comma Separated Values (DOS).ADR
[2010/07/05 13:43:50 | 000,059,074 | ---- | C] () -- C:\Users\Colin\start.class
[2010/07/05 13:43:50 | 000,020,415 | ---- | C] () -- C:\Users\Colin\W800.1bt
[2010/07/05 13:43:50 | 000,009,656 | ---- | C] () -- C:\Users\Colin\g.class
[2010/07/05 13:43:50 | 000,008,916 | ---- | C] () -- C:\Users\Colin\f.class
[2010/07/05 13:43:50 | 000,004,494 | ---- | C] () -- C:\Users\Colin\q.class
[2010/07/05 13:43:50 | 000,003,984 | ---- | C] () -- C:\Users\Colin\b.class
[2010/07/05 13:43:50 | 000,003,374 | ---- | C] () -- C:\Users\Colin\d.class
[2010/07/05 13:43:50 | 000,002,872 | ---- | C] () -- C:\Users\Colin\l.class
[2010/07/05 13:43:50 | 000,002,634 | ---- | C] () -- C:\Users\Colin\k.class
[2010/07/05 13:43:50 | 000,002,521 | ---- | C] () -- C:\Users\Colin\c.class
[2010/07/05 13:43:50 | 000,002,206 | ---- | C] () -- C:\Users\Colin\j.class
[2010/07/05 13:43:50 | 000,002,118 | ---- | C] () -- C:\Users\Colin\i.class
[2010/07/05 13:43:50 | 000,001,950 | ---- | C] () -- C:\Users\Colin\v.class
[2010/07/05 13:43:50 | 000,001,495 | ---- | C] () -- C:\Users\Colin\h.class
[2010/07/05 13:43:50 | 000,001,461 | ---- | C] () -- C:\Users\Colin\u.class
[2010/07/05 13:43:50 | 000,001,445 | ---- | C] () -- C:\Users\Colin\s.class
[2010/07/05 13:43:50 | 000,001,002 | ---- | C] () -- C:\Users\Colin\c
[2010/07/05 13:43:50 | 000,000,959 | ---- | C] () -- C:\Users\Colin\a
[2010/07/05 13:43:50 | 000,000,949 | ---- | C] () -- C:\Users\Colin\r.class
[2010/07/05 13:43:50 | 000,000,884 | ---- | C] () -- C:\Users\Colin\e.class
[2010/07/05 13:43:50 | 000,000,863 | ---- | C] () -- C:\Users\Colin\b
[2010/07/05 13:43:50 | 000,000,839 | ---- | C] () -- C:\Users\Colin\p.class
[2010/07/05 13:43:50 | 000,000,771 | ---- | C] () -- C:\Users\Colin\m.class
[2010/07/05 13:43:50 | 000,000,682 | ---- | C] () -- C:\Users\Colin\n.class
[2010/07/05 13:43:50 | 000,000,113 | ---- | C] () -- C:\Users\Colin\LED
[2010/07/05 13:43:50 | 000,000,095 | ---- | C] () -- C:\Users\Colin\o.class
[2010/07/05 13:43:50 | 000,000,091 | ---- | C] () -- C:\Users\Colin\t.class
[2010/07/05 13:43:50 | 000,000,091 | ---- | C] () -- C:\Users\Colin\a.class
[2010/06/26 09:30:26 | 010,294,792 | ---- | C] () -- C:\Users\Colin\mirror world cup wallchartA3.pdf
[2010/05/29 08:29:40 | 000,113,306 | ---- | C] () -- C:\Users\Colin\Mobile_Phone_Software_Pack_2010_Edition.zip
[2010/05/28 07:36:40 | 000,000,167 | ---- | C] () -- C:\Users\Colin\udownload.dat
[2010/05/22 13:45:57 | 000,005,007 | ---- | C] () -- C:\ProgramData\mtbjfghn.xbe
[2010/05/19 06:15:46 | 000,000,359 | ---- | C] () -- C:\Users\Colin\Recycle Bin - Shortcut.lnk
[2010/05/16 12:58:30 | 000,007,621 | ---- | C] () -- C:\Users\Colin\AppData\Local\resmon.resmoncfg
[2010/05/09 01:32:55 | 000,037,704 | ---- | C] () -- C:\Users\Colin\AppData\Roaming\Comma Separated Values (Windows).ADR
[2010/05/05 18:08:35 | 000,000,005 | ---- | C] () -- C:\Users\Colin\AppData\Roaming\openList.awt
[2010/05/05 18:08:35 | 000,000,005 | ---- | C] () -- C:\Users\Colin\AppData\Roaming\closedList.awt
[2010/04/08 05:36:40 | 000,893,952 | ---- | C] () -- C:\Users\Colin\opticalillusions01-1-1.pps
[2010/04/06 19:54:15 | 000,152,031 | ---- | C] () -- C:\Users\Colin\Southern Shih Tzu Application form-pdf.pdf
[2010/03/11 17:43:13 | 000,000,009 | ---- | C] () -- C:\Users\Colin\usb003
[2010/03/08 23:07:12 | 000,000,600 | ---- | C] () -- C:\Users\Colin\PUTTY.RND
[2010/02/05 09:35:45 | 001,492,261 | ---- | C] () -- C:\Users\Colin\PJ033236-Pubsclubscombinedpresentation_Final_V1aqua.pdf
[2009/12/10 20:13:48 | 000,000,010 | ---- | C] () -- C:\Users\Colin\USB001
[2009/12/09 05:33:55 | 000,222,942 | ---- | C] () -- C:\Users\Colin\Full page fax print.pdf
[2009/11/02 05:39:39 | 000,255,358 | ---- | C] () -- C:\Users\Colin\13 x 18 cm. cutout prints.pdf
[2009/05/10 17:23:44 | 000,619,939 | ---- | C] () -- C:\Users\Colin\19 Longford Road.pdf
[2008/12/12 17:15:15 | 000,525,668 | ---- | C] () -- C:\Users\Colin\mhtml_mid___00000013_.pdf
[2008/12/12 17:06:20 | 000,019,844 | ---- | C] () -- C:\Users\Colin\Document1.pdf
[2006/01/04 01:00:00 | 000,094,533 | ---- | C] () -- C:\Users\Colin\btscanner.jar
========== LOP Check ==========
[2011/07/26 01:53:25 | 000,000,000 | ---D | M] -- C:\Users\CC\AppData\Roaming\Vodafone
[2011/02/09 22:43:07 | 000,000,000 | -HSD | M] -- C:\Users\Colin\AppData\Roaming\.#
[2012/06/05 16:43:50 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\Amazon
[2012/06/30 21:00:09 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\AVG2012
[2011/12/23 00:29:34 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\AVSoftware
[2012/06/30 20:09:39 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\Babylon
[2010/10/31 00:46:33 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\BitZipper
[2010/05/22 13:45:58 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\Carambis
[2010/05/22 04:01:59 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\DeviceDoctorSoftware
[2010/05/22 06:00:18 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\DriverCure
[2010/05/22 08:37:47 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\DriverFinder
[2012/06/05 23:13:58 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\Drivers For Free
[2011/08/29 01:26:08 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\eBookPro6
[2011/02/22 01:30:39 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\FCTB000061107
[2011/07/02 21:32:28 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\FDRLab
[2011/11/29 03:48:10 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\gcaltoolkit
[2010/10/07 00:30:56 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\GetRightToGo
[2011/07/06 01:49:00 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\GlarySoft
[2012/07/01 16:49:45 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\GoodSync
[2011/12/10 20:53:48 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\IObit
[2010/05/05 01:01:22 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\LegalSounds
[2011/06/05 20:10:06 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\MAGIX
[2011/12/28 00:27:50 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\Nokia
[2011/12/01 06:59:44 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\Paltalk
[2011/01/24 14:42:42 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\ParetoLogic
[2010/10/14 07:12:36 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\Participatory Culture Foundation
[2011/12/28 00:27:09 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\PC Suite
[2010/10/19 05:37:00 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\PCF-VLC
[2011/01/02 03:30:30 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\PhotoScape
[2011/12/09 23:06:55 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\Research In Motion
[2011/07/06 01:46:41 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\Sammsoft
[2010/07/17 01:05:59 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\Serif
[2010/10/21 23:10:44 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\SmartDraw
[2012/07/01 12:42:12 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\Software Informer
[2012/06/21 19:51:19 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\Spotify
[2011/06/05 20:14:22 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\SynthMaker
[2010/07/05 12:03:20 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\TeamViewer
[2010/10/19 07:17:01 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\Template
[2011/06/24 08:05:28 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\Tific
[2011/05/22 22:15:11 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\TomTom
[2010/05/05 03:29:01 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\Trusteer
[2010/05/31 14:33:34 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\TuneUp Software
[2010/06/05 04:01:17 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\Uniblue
[2012/06/28 03:09:44 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\Usenet.nl
[2011/04/06 21:17:39 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\Vodafone
[2011/04/17 19:58:49 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\WhiteSmoke
[2010/12/30 02:45:09 | 000,000,000 | ---D | M] -- C:\Users\Colin\AppData\Roaming\Windows Live Writer
[2011/12/01 05:55:28 | 000,000,000 | ---D | M] -- C:\Users\Colin Campbell\AppData\Roaming\IObit
[2010/07/24 03:07:14 | 000,000,000 | ---D | M] -- C:\Users\Colin_2\AppData\Roaming\GoodSync
[2010/07/07 23:55:05 | 000,000,000 | ---D | M] -- C:\Users\Colin_2\AppData\Roaming\TuneUp Software
[2011/12/01 05:55:28 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit
[2011/12/01 05:55:28 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit
[2010/10/02 16:36:20 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\BitZipper
[2010/10/14 19:42:12 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Software Informer
[2010/10/08 17:28:57 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Trusteer
[2011/06/18 15:17:23 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Vodafone
[2010/10/10 14:01:52 | 000,000,000 | ---D | M] -- C:\Users\owner 2\AppData\Roaming\DriverCure
[2011/01/24 03:26:56 | 000,000,000 | ---D | M] -- C:\Users\owner 2\AppData\Roaming\GoodSync
[2010/10/10 23:49:37 | 000,000,000 | ---D | M] -- C:\Users\owner 2\AppData\Roaming\IObit
[2010/10/10 14:01:52 | 000,000,000 | ---D | M] -- C:\Users\owner 2\AppData\Roaming\ParetoLogic
[2010/10/10 13:43:44 | 000,000,000 | ---D | M] -- C:\Users\owner 2\AppData\Roaming\Trusteer
[2010/10/10 16:14:43 | 000,000,000 | ---D | M] -- C:\Users\owner 2\AppData\Roaming\Uniblue
[2012/07/02 01:15:11 | 000,000,324 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2012/07/01 18:00:00 | 000,000,472 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration3.job
[2012/05/08 08:31:34 | 000,000,494 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version3.job
[2012/06/28 04:47:00 | 000,000,404 | ---- | M] () -- C:\Windows\Tasks\PC Health Advisor Defrag.job
[2012/04/28 15:13:52 | 000,000,276 | ---- | M] () -- C:\Windows\Tasks\RegistryBooster.job
[2012/05/16 07:47:35 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/06/10 22:00:00 | 000,000,408 | ---- | M] () -- C:\Windows\Tasks\SmartDefrag.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 151 bytes -> C:\ProgramData\TEMP:DBC416F8
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:05E9FFE5
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:A3E39C6A
< End of report >