Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Snap.Do and Audio Cuts/General Slowdown Spurts [Closed]

Started by Chintapop , Dec 03 2012 11:20 AM

  • This topic is locked This topic is locked

#1
Chintapop
Posted 03 December 2012 - 11:20 AM

Chintapop

    Member

  • Member
  • PipPipPip
  • 213 posts
Hello,

I have recently noticed that my search via url bar is sometimes through Snap.Do. I've tried looking through Firefox settings and Control Panel (add or remove programs) but I haven't seen anything with Snap.Do or Resoft. I'd like to remove it.

In addition, I have noticed regularly spaced slowdown/lag. Every few seconds something occurs that slows down my computer for a half a second or so. This could be unrelated to malware issues, so if it is I'll head over to the Windows 7 Help Forum. Otherwise, I'd appreciate help here too.

Thanks in advance! OTL log below.




OTL logfile created on: 12/2/2012 10:51:44 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

7.80 Gb Total Physical Memory | 4.98 Gb Available Physical Memory | 63.81% Memory free
15.60 Gb Paging File | 12.28 Gb Available in Paging File | 78.72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 575.94 Gb Total Space | 438.15 Gb Free Space | 76.08% Space Free | Partition Type: NTFS
Drive D: | 19.93 Gb Total Space | 2.90 Gb Free Space | 14.54% Space Free | Partition Type: NTFS
Drive F: | 99.34 Mb Total Space | 84.19 Mb Free Space | 84.75% Space Free | Partition Type: FAT32

Computer Name: USER-HP | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/12/02 22:45:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
PRC - [2012/12/01 19:03:56 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2012/12/01 09:30:18 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe
PRC - [2012/11/28 14:13:16 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2012/11/06 19:00:32 | 003,143,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2012/11/06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2012/11/06 16:52:01 | 010,057,216 | ---- | M] () -- C:\Users\User\AppData\Roaming\FAHClient\cores\www.stanford.edu\~pande\Win32\AMD64\Core_a4.fah\FahCore_a4.exe
PRC - [2012/10/27 14:39:45 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2012/10/22 13:04:06 | 000,329,848 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
PRC - [2012/10/09 09:53:36 | 004,441,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\User\AppData\Local\Akamai\netsession_win.exe
PRC - [2012/10/03 17:08:02 | 012,497,920 | ---- | M] () -- C:\Program Files (x86)\FAHClient\FAHClient.exe
PRC - [2012/10/03 17:06:46 | 002,619,392 | ---- | M] () -- C:\Program Files (x86)\FAHClient\FAHCoreWrapper.exe
PRC - [2012/10/03 17:01:30 | 001,525,760 | ---- | M] () -- C:\Program Files (x86)\FAHClient\FAHControl.exe
PRC - [2012/10/01 15:09:24 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
PRC - [2012/08/11 15:43:08 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileBackup.exe
PRC - [2012/08/09 22:12:18 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
PRC - [2012/07/27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/27 02:07:46 | 000,879,800 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
PRC - [2012/07/27 02:05:02 | 000,380,088 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
PRC - [2012/07/26 17:17:56 | 001,374,112 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
PRC - [2012/07/18 15:10:04 | 000,052,192 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
PRC - [2012/05/24 10:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/04/26 04:33:16 | 002,743,104 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2012/03/30 14:41:46 | 001,858,152 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
PRC - [2012/03/30 14:41:46 | 000,151,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
PRC - [2012/03/28 02:53:14 | 000,404,568 | ---- | M] (LG Electronics) -- C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
PRC - [2012/01/31 09:46:56 | 000,019,232 | ---- | M] (Autodesk, Inc.) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2011/06/14 13:29:22 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/06/01 08:42:28 | 000,071,432 | ---- | M] (Memeo) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
PRC - [2011/06/01 08:42:28 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2011/06/01 08:16:54 | 002,260,992 | ---- | M] (Axentra Corporation) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
PRC - [2011/05/27 15:23:00 | 004,999,976 | ---- | M] (Synaptics Incorporated) -- C:\Program Files (x86)\Synaptics\Scrybe\scrybe.exe
PRC - [2011/05/27 15:23:00 | 001,300,264 | ---- | M] (Synaptics, Inc.) -- C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe
PRC - [2011/05/21 15:52:16 | 000,103,992 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/06/24 21:32:50 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
PRC - [2010/05/01 09:21:14 | 002,533,400 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/05/01 09:21:14 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe


========== Modules (No Company Name) ==========

MOD - [2012/12/01 09:30:16 | 014,586,808 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll
MOD - [2012/11/16 22:02:31 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\17796f2951c17ebf92dd4b7c9b3ce556\System.ServiceProcess.ni.dll
MOD - [2012/11/16 22:02:16 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\03cfab5534482e8fc313ead6edc19100\System.Web.ni.dll
MOD - [2012/11/16 22:02:06 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll
MOD - [2012/11/16 22:01:18 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
MOD - [2012/11/16 22:01:08 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
MOD - [2012/11/16 22:01:05 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\70705382a499703e7a595fada80b04e6\Accessibility.ni.dll
MOD - [2012/11/16 22:00:34 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
MOD - [2012/11/16 22:00:28 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
MOD - [2012/11/16 22:00:27 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
MOD - [2012/11/16 22:00:20 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2012/11/06 16:52:01 | 010,057,216 | ---- | M] () -- C:\Users\User\AppData\Roaming\FAHClient\cores\www.stanford.edu\~pande\Win32\AMD64\Core_a4.fah\FahCore_a4.exe
MOD - [2012/10/27 14:39:11 | 002,295,264 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/10/03 17:08:02 | 012,497,920 | ---- | M] () -- C:\Program Files (x86)\FAHClient\FAHClient.exe
MOD - [2012/10/03 17:06:46 | 002,619,392 | ---- | M] () -- C:\Program Files (x86)\FAHClient\FAHCoreWrapper.exe
MOD - [2012/10/03 17:01:46 | 000,585,728 | ---- | M] () -- C:\Program Files (x86)\FAHClient\unicodedata.pyd
MOD - [2012/10/03 17:01:46 | 000,111,104 | ---- | M] () -- C:\Program Files (x86)\FAHClient\pango.pyd
MOD - [2012/10/03 17:01:46 | 000,110,080 | ---- | M] () -- C:\Program Files (x86)\FAHClient\pywintypes26.dll
MOD - [2012/10/03 17:01:46 | 000,095,744 | ---- | M] () -- C:\Program Files (x86)\FAHClient\win32api.pyd
MOD - [2012/10/03 17:01:46 | 000,015,872 | ---- | M] () -- C:\Program Files (x86)\FAHClient\pangocairo.pyd
MOD - [2012/10/03 17:01:46 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\FAHClient\select.pyd
MOD - [2012/10/03 17:01:44 | 000,094,625 | ---- | M] () -- C:\Program Files (x86)\FAHClient\libpangocairo-1.0-0.dll
MOD - [2012/10/03 17:01:36 | 001,836,544 | ---- | M] () -- C:\Program Files (x86)\FAHClient\gtk._gtk.pyd
MOD - [2012/10/03 17:01:36 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\FAHClient\gobject._gobject.pyd
MOD - [2012/10/03 17:01:36 | 000,054,784 | ---- | M] () -- C:\Program Files (x86)\FAHClient\glib._glib.pyd
MOD - [2012/10/03 17:01:34 | 000,669,318 | ---- | M] () -- C:\Program Files (x86)\FAHClient\libgio-2.0-0.dll
MOD - [2012/10/03 17:01:34 | 000,279,059 | ---- | M] () -- C:\Program Files (x86)\FAHClient\libfontconfig-1.dll
MOD - [2012/10/03 17:01:34 | 000,194,048 | ---- | M] () -- C:\Program Files (x86)\FAHClient\gio._gio.pyd
MOD - [2012/10/03 17:01:34 | 000,143,096 | ---- | M] () -- C:\Program Files (x86)\FAHClient\libexpat-1.dll
MOD - [2012/10/03 17:01:32 | 000,921,369 | ---- | M] () -- C:\Program Files (x86)\FAHClient\libcairo-2.dll
MOD - [2012/10/03 17:01:32 | 000,645,120 | ---- | M] () -- C:\Program Files (x86)\FAHClient\_ssl.pyd
MOD - [2012/10/03 17:01:32 | 000,572,928 | ---- | M] () -- C:\Program Files (x86)\FAHClient\sqlite3.dll
MOD - [2012/10/03 17:01:32 | 000,219,305 | ---- | M] () -- C:\Program Files (x86)\FAHClient\libpng14-14.dll
MOD - [2012/10/03 17:01:32 | 000,207,872 | ---- | M] () -- C:\Program Files (x86)\FAHClient\atk.pyd
MOD - [2012/10/03 17:01:32 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\FAHClient\_ctypes.pyd
MOD - [2012/10/03 17:01:32 | 000,066,048 | ---- | M] () -- C:\Program Files (x86)\FAHClient\cairo._cairo.pyd
MOD - [2012/10/03 17:01:32 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\FAHClient\zlib1.dll
MOD - [2012/10/03 17:01:32 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\FAHClient\_sqlite3.pyd
MOD - [2012/10/03 17:01:32 | 000,039,936 | ---- | M] () -- C:\Program Files (x86)\FAHClient\_socket.pyd
MOD - [2012/10/03 17:01:30 | 001,525,760 | ---- | M] () -- C:\Program Files (x86)\FAHClient\FAHControl.exe
MOD - [2011/11/21 19:37:28 | 000,054,700 | ---- | M] () -- C:\Program Files (x86)\FAHClient\lib\gtk-2.0\2.10.0\engines\libpixmap.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/06/01 08:46:02 | 000,030,984 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll
MOD - [2011/06/01 08:42:24 | 000,108,296 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Progress.dll
MOD - [2011/06/01 08:16:54 | 000,971,776 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll
MOD - [2011/06/01 08:16:54 | 000,241,664 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll
MOD - [2010/06/16 11:48:34 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2010/06/16 11:48:32 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2010/06/16 11:48:32 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/07/29 20:53:02 | 001,432,400 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2011/05/13 17:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/09/09 18:26:44 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/06/18 15:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2010/06/17 21:10:14 | 000,258,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/03/05 09:26:38 | 001,425,168 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2010/03/05 09:07:58 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2010/03/05 09:06:22 | 000,831,760 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/03 02:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2012/12/01 09:30:19 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/11/06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/11/06 16:56:01 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/10/27 14:39:44 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012/07/27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 13:14:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/03/30 14:41:46 | 000,151,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2012/01/31 09:46:56 | 000,019,232 | ---- | M] (Autodesk, Inc.) [Auto | Running] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2011/09/09 16:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/06/14 13:29:22 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2011/06/01 08:42:28 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011/05/27 15:23:00 | 001,300,264 | ---- | M] (Synaptics, Inc.) [Auto | Running] -- C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe -- (ScrybeUpdater)
SRV - [2011/05/21 15:52:16 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/05/01 09:21:14 | 002,533,400 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/05/01 09:21:14 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/10/22 13:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2012/10/15 03:48:50 | 000,063,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/10/05 03:32:50 | 000,111,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2012/10/02 03:30:38 | 000,185,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/09/21 03:46:04 | 000,200,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/09/21 03:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2012/09/14 03:05:18 | 000,040,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012/09/08 18:44:44 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/08/23 06:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 06:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/04/25 07:03:30 | 000,093,272 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/02 16:02:00 | 000,034,304 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandmodem64.sys -- (ANDModem)
DRV:64bit: - [2012/03/02 16:02:00 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lganddiag64.sys -- (AndDiag)
DRV:64bit: - [2012/03/02 16:02:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandgps64.sys -- (AndGps)
DRV:64bit: - [2012/03/02 16:02:00 | 000,019,456 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandbus64.sys -- (Andbus)
DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/14 04:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/07/20 21:18:41 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/13 17:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 17:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 05:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 01:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/09/09 18:45:34 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/09/09 17:52:50 | 000,279,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/07/28 18:10:40 | 010,610,400 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2010/07/28 18:10:40 | 010,610,400 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/06/24 21:32:52 | 000,032,880 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/06/17 21:10:14 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/05/06 05:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/04/30 17:21:00 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2010/04/16 10:45:50 | 000,039,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010/04/13 08:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/03/17 21:21:58 | 007,680,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2010/01/11 14:31:04 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/10/26 12:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/08/13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 13:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 13:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 13:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 12:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 12:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/08/31 14:15:34 | 000,079,872 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emAudio64.sys -- (emAudio)
DRV:64bit: - [2007/06/21 17:51:46 | 000,215,808 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emDevice64.sys -- (DCamUSBEMPIA)
DRV:64bit: - [2007/06/21 17:51:32 | 000,006,400 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emFilter64.sys -- (FiltUSBEMPIA)
DRV:64bit: - [2007/06/21 17:51:30 | 000,006,144 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emScan64.sys -- (ScanUSBEMPIA)
DRV:64bit: - [2005/09/23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON/4
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0C37080F-5FE7-462D-885F-772E49D666A0}
IE:64bit: - HKLM\..\SearchScopes\{0C37080F-5FE7-462D-885F-772E49D666A0}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{92C9F705-4639-462F-85C3-9C326715FDF1}: "URL" = http://ca.search.yah...psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{CCEC98EC-C712-42F3-88EB-632CCACDA995}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D788D896-8F94-4F79-BBEA-C00E91968CCA}: "URL" = http://www.ask.com/w...}&l=dis&o=cahpl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON/4
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/...q={searchTerms}
IE - HKLM\..\SearchScopes\{0C37080F-5FE7-462D-885F-772E49D666A0}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{92C9F705-4639-462F-85C3-9C326715FDF1}: "URL" = http://ca.search.yah...psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{CCEC98EC-C712-42F3-88EB-632CCACDA995}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{D788D896-8F94-4F79-BBEA-C00E91968CCA}: "URL" = http://www.ask.com/w...}&l=dis&o=cahpl

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.snap.do/...0&searchtype=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/...q={searchTerms}
IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/...q={searchTerms}
IE - HKCU\..\SearchScopes\{06F82AAB-660A-4B36-8F69-3C839F2734ED}: "URL" = http://websearch.ask...BC-141867620DD9
IE - HKCU\..\SearchScopes\{0C37080F-5FE7-462D-885F-772E49D666A0}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{92C9F705-4639-462F-85C3-9C326715FDF1}: "URL" = http://ca.search.yah...psg&type=HPNTDF
IE - HKCU\..\SearchScopes\{CCEC98EC-C712-42F3-88EB-632CCACDA995}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKCU\..\SearchScopes\{D788D896-8F94-4F79-BBEA-C00E91968CCA}: "URL" = http://www.ask.com/w...}&l=dis&o=cahpl
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: {ab91efd4-6975-4081-8552-1b3922ed79e2}:1.0.15.0
FF - prefs.js..extensions.enabledAddons: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.10
FF - prefs.js..extensions.enabledAddons: {0153E448-190B-4987-BDE1-F256CADA672F}:15.0.6
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..keyword.URL: "http://feed.snap.do/...archtype=ds&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Citrix.com/npican: C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}: C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/12/01 19:04:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/11/11 15:27:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/12/01 19:05:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/11/11 15:27:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/12/01 19:05:13 | 000,000,000 | ---D | M]

[2011/03/17 16:50:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions
[2012/11/23 20:45:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\40fk8wyi.default\extensions
[2012/02/04 16:51:43 | 000,000,000 | ---D | M] (HP Detect) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\40fk8wyi.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
[2012/06/08 17:16:20 | 000,401,328 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\40fk8wyi.default\extensions\[email protected]
[2012/11/23 20:45:33 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\40fk8wyi.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011/10/29 11:59:31 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\40fk8wyi.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2012/01/03 16:27:44 | 000,002,333 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\40fk8wyi.default\searchplugins\askcom.xml
[2012/10/27 14:39:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/10/27 14:39:04 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/12/01 19:04:36 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2012/10/27 14:39:45 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/12/01 19:04:14 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll
[2012/09/05 17:26:22 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/10/13 12:19:37 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [CitrixReceiver] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk" File not found
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\User\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FAHControl.lnk = C:\Program Files (x86)\FAHClient\FAHControl.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: kccsoft.com ([www] http in Trusted sites)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} http://www.kccsoft.c...les/awswaxd.cab (Macromedia Authorware Web Player Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0255CC34-89D7-4BE3-BE1B-31C16E655DF9}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7658D126-D63A-4A11-B5AD-33A1A2A954A5}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{90765EAA-5549-45C6-82C4-F49C547405DF}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll) - C:\Program Files (x86)\Citrix\ICA Client\RSHook.dll (Citrix Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/07/29 20:59:54 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/02 22:45:22 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2012/12/02 22:20:05 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\AVG2013
[2012/12/02 22:19:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/12/02 22:19:13 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\TuneUp Software
[2012/12/02 22:18:46 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/12/02 22:18:46 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2012/12/02 22:17:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2012/12/02 22:03:48 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/12/02 22:03:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\MFAData
[2012/12/02 22:03:47 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/12/02 22:03:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Avg2013
[2012/12/02 22:01:48 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2012/12/02 21:25:15 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F2E960E1-5444-4451-88AD-606971767A08}
[2012/12/02 19:51:48 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Pinnacle Studio
[2012/12/02 19:51:22 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Pinnacle
[2012/12/02 19:49:59 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E577B9E2-04F7-485E-8589-84EA182E3E73}
[2012/12/02 19:44:34 | 000,000,000 | ---D | C] -- C:\Drivers
[2012/12/01 20:05:27 | 000,215,808 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\SysNative\drivers\emDevice64.sys
[2012/12/01 20:05:27 | 000,070,656 | ---- | C] (Pinnacle Systems) -- C:\Windows\SysNative\PCLECoInst64.dll
[2012/12/01 20:05:27 | 000,006,400 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\SysNative\drivers\emFilter64.sys
[2012/12/01 20:05:27 | 000,006,144 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\SysNative\drivers\emScan64.sys
[2012/12/01 20:05:26 | 000,057,344 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\SysWow64\emVFW.dll
[2012/12/01 20:05:26 | 000,032,768 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\SysWow64\emProp.ax
[2012/12/01 20:05:26 | 000,013,824 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\SysNative\emUSD64.dll
[2012/12/01 20:05:19 | 000,079,872 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\SysNative\drivers\emAudio64.sys
[2012/12/01 20:04:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pinnacle
[2012/12/01 20:04:03 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Downloaded Installations
[2012/12/01 20:03:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle Studio HD
[2012/12/01 20:01:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 14
[2012/12/01 20:01:18 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\My Projects
[2012/12/01 19:53:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pegasus Imaging
[2012/12/01 19:53:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Yahoo!
[2012/12/01 19:53:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Studio 14
[2012/12/01 19:53:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle Studio Plus
[2012/12/01 19:53:45 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Pinnacle
[2012/12/01 19:53:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pinnacle
[2012/12/01 19:50:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle
[2012/12/01 19:04:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2012/12/01 19:04:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
[2012/12/01 19:03:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2012/12/01 19:00:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2012/12/01 17:48:12 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{28FDECFE-4BF4-461C-B1DE-6EEEB4385B83}
[2012/12/01 17:31:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/12/01 17:28:57 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/12/01 17:28:55 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/12/01 17:28:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/12/01 17:28:55 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012/12/01 16:28:19 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Seagate
[2012/12/01 16:27:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate Dashboard
[2012/12/01 16:26:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seagate
[2012/12/01 16:23:53 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Leadertech
[2012/12/01 09:34:32 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Steel Project Chris
[2012/11/25 19:56:24 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{AD816FCC-3CF1-4D28-BAEA-6F9C9E07C5FE}
[2012/11/24 14:42:57 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DD9E8499-2E5C-4B6E-857B-AF97103330B1}
[2012/11/23 17:16:49 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{BA8FB625-9781-4DF1-AFBD-7011F41A9C20}
[2012/11/21 18:49:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{157F5C98-8494-4EAC-AE79-692D7C28563A}
[2012/11/19 18:54:55 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\A00799063 (myfiles.bcit.ca@SSLDavWWWRoothome3)
[2012/11/19 17:47:32 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{193494B4-6A46-485B-B3D6-102EDF6C1A7E}
[2012/11/18 13:16:53 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{4BFB3FFD-B279-486C-BD69-BEABDD29F762}
[2012/11/17 14:20:12 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{43EBCDC2-2D7B-41EA-AF39-B8B3E97EFD60}
[2012/11/17 10:39:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2012/11/17 10:38:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2012/11/17 10:37:34 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Programs
[2012/11/14 23:41:10 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{6EB9CD01-70FE-43B8-AC26-0EAC26E7F3E1}
[2012/11/12 18:38:50 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{FBE31ABC-A61B-414F-9683-EDDEE09B36CC}
[2012/11/11 15:56:31 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{022AE1A5-01FE-4127-985C-2512D75CEB42}
[2012/11/11 15:27:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/11/11 15:27:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012/11/08 19:22:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{73DC3019-ED54-48D2-B36F-3F1EBCB2DFDC}
[2012/11/07 22:07:21 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{44CF54BC-4A5E-4EC4-8560-10A4788AB71B}
[2012/11/07 18:41:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Autodesk, Inc
[2012/11/07 18:39:49 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012/11/07 18:37:25 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012/11/06 22:34:26 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Second Year
[2012/11/06 16:51:28 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FAHClient
[2012/11/06 16:51:14 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\FAHClient
[2012/11/06 16:51:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FAHClient
[2012/11/06 15:32:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012/11/06 15:29:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LG Electronics
[2012/11/06 15:21:52 | 000,000,000 | ---D | C] -- C:\ProgramData\LGMOBILEAX
[2012/11/06 10:58:57 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{764BFDCB-A17C-4612-8C6B-6F312CE2F430}
[2012/11/05 15:04:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing Desktop
[2012/11/05 13:52:27 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{3AE0B93E-E6CA-4076-8F49-56F15FC1DDD0}
[2012/11/05 12:35:55 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{1D2AD950-703C-4BB4-B089-AE77FB2BE558}
[2012/11/03 10:54:34 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{44F42069-5700-482B-ABC0-476FDE4F6195}

========== Files - Modified Within 30 Days ==========

[2012/12/02 22:45:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2012/12/02 22:37:05 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/02 22:19:14 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2012/12/02 22:13:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/02 22:09:43 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/12/02 21:27:13 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/02 21:27:13 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/02 21:20:35 | 000,002,413 | ---- | M] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2012/12/02 21:19:38 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/02 21:19:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/02 21:18:31 | 1988,513,791 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/02 20:02:08 | 000,792,890 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/12/02 20:02:08 | 000,673,922 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/12/02 20:02:08 | 000,129,884 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/12/02 19:51:37 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2012/12/02 19:11:54 | 000,521,264 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/11/23 17:04:31 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForUser.job
[2012/11/17 10:40:09 | 000,003,294 | ---- | M] () -- C:\Users\User\.recently-used.xbel
[2012/11/12 10:32:25 | 000,470,561 | ---- | M] () -- C:\Users\User\Desktop\IOGraph.exe
[2012/11/07 18:35:19 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012/11/07 18:35:19 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012/11/06 17:19:59 | 000,001,920 | ---- | M] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FAHControl.lnk
[2012/11/06 17:19:58 | 000,001,884 | ---- | M] () -- C:\Users\User\Desktop\FAHControl.lnk
[2012/11/06 13:38:54 | 000,003,580 | ---- | M] () -- C:\Users\User\.ganttproject
[2012/11/04 22:03:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForUSER-HP$.job

========== Files Created - No Company Name ==========

[2012/12/02 22:19:14 | 000,000,925 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2012/12/02 19:44:34 | 000,003,654 | ---- | C] () -- C:\Windows\SysWow64\drivers\Sonyhcp.dll
[2012/12/01 19:51:30 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2012/11/17 10:40:09 | 000,003,294 | ---- | C] () -- C:\Users\User\.recently-used.xbel
[2012/11/14 23:52:56 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/14 23:42:53 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/11/12 10:32:24 | 000,470,561 | ---- | C] () -- C:\Users\User\Desktop\IOGraph.exe
[2012/11/06 16:51:29 | 000,001,920 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FAHControl.lnk
[2012/11/06 16:51:28 | 000,001,884 | ---- | C] () -- C:\Users\User\Desktop\FAHControl.lnk
[2012/11/06 13:38:51 | 000,003,580 | ---- | C] () -- C:\Users\User\.ganttproject
[2012/10/07 18:53:44 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/10/07 18:53:44 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012/09/09 10:35:37 | 000,000,533 | ---- | C] () -- C:\Windows\eReg.dat
[2012/08/18 22:57:32 | 238,744,520 | ---- | C] () -- C:\Users\User\AMANDA_ON_PATROL.mpg
[2012/08/08 23:40:32 | 000,065,576 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2012/08/08 23:40:28 | 000,022,560 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2012/06/09 22:11:54 | 000,000,092 | ---- | C] () -- C:\Users\User\AppData\Local\fusioncache.dat
[2012/05/17 19:38:21 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\bsreffs.dll
[2012/05/17 19:38:21 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\bsrlback.dll
[2012/05/17 19:38:20 | 000,692,224 | ---- | C] () -- C:\Windows\SysWow64\bsrmgcv.dll
[2012/05/17 19:38:20 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\bsrmgps.dll
[2012/05/17 19:38:20 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\bsrgvas.dll
[2012/05/17 19:38:14 | 000,585,728 | ---- | C] () -- C:\Windows\SysWow64\bsratswf.dll
[2012/05/17 19:38:14 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\bsratwmv.dll
[2012/05/16 19:44:08 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012/02/24 22:17:34 | 000,000,043 | ---- | C] () -- C:\Users\User\jagex_cl_runescape_LIVE.dat
[2012/02/24 22:17:34 | 000,000,024 | ---- | C] () -- C:\Users\User\random.dat
[2012/02/13 17:01:42 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat.temp
[2011/11/13 20:58:32 | 000,055,808 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll
[2011/11/13 19:50:04 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2011/11/13 19:50:04 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2011/09/28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/09/20 19:12:12 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/05/11 18:50:58 | 000,000,695 | ---- | C] () -- C:\Users\User\.jscreenfix.licence
[2011/05/04 15:59:10 | 000,001,854 | ---- | C] () -- C:\Users\User\AppData\Roaming\GhostObjGAFix.xml
[2011/04/07 18:56:35 | 000,023,154 | ---- | C] () -- C:\Windows\hpqins15.dat
[2011/03/19 20:01:40 | 000,004,592 | ---- | C] () -- C:\Users\User\.jmf-resource
[2011/03/17 17:26:46 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/03/17 17:01:25 | 000,804,594 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/03/15 17:27:20 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/03/15 17:20:39 | 000,002,189 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2011/03/15 17:19:16 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2011/03/15 17:19:16 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2011/03/15 17:19:16 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2011/03/15 17:19:15 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2011/03/15 17:19:00 | 000,000,299 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2011/03/15 17:19:00 | 000,000,240 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini

========== ZeroAccess Check ==========

[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 21:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 20:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/12/02 22:27:45 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\.minecraft
[2012/07/20 21:17:04 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\.Nitrous
[2012/10/12 19:06:36 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\.techniclauncher
[2012/11/01 20:37:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\0ad
[2011/10/29 10:51:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\a00799063
[2012/11/04 12:54:46 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Audacity
[2012/11/10 10:16:32 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Autodesk
[2012/12/02 22:20:05 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\AVG2013
[2012/05/19 16:34:22 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\BANDISOFT
[2012/02/18 14:59:05 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Canon
[2012/08/18 21:44:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DAEMON Tools Lite
[2012/10/07 19:00:17 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DAEMON Tools Pro
[2012/12/02 21:20:52 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Dropbox
[2012/05/19 16:33:20 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DVDVideoSoft
[2012/12/02 21:21:11 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\FAHClient
[2012/01/11 17:49:54 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\FileOpen
[2012/07/29 18:56:18 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GameRanger
[2012/11/17 10:40:09 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\gtk-2.0
[2012/10/05 15:50:26 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ICAClient
[2012/12/01 16:23:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Leadertech
[2012/10/27 23:53:54 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\megaglest
[2012/01/27 19:22:17 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\MP3SkypeRecorder
[2012/08/09 20:45:37 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\MTE
[2011/03/28 15:29:39 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\MusE
[2012/04/23 20:53:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Notepad++
[2011/03/17 17:41:17 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\OpenOffice.org
[2012/11/17 10:39:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\pdfforge
[2012/12/01 16:28:19 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Seagate
[2012/10/21 21:22:49 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\SplitMediaLabs
[2011/11/13 21:44:02 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Synaptics
[2012/10/27 20:35:11 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Teeworlds
[2012/07/19 18:11:14 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TS3Client
[2012/12/02 22:19:13 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TuneUp Software
[2012/08/16 14:05:04 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TunkDesign
[2012/09/02 21:28:32 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Unity
[2012/09/09 22:13:24 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\uTorrent
[2011/04/03 21:23:39 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
Essexboy
Posted 03 December 2012 - 01:34 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there let me know if this kills it

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:OTL
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.snap.do/...0&searchtype=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/...q={searchTerms}
IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/...q={searchTerms}
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..keyword.URL: "http://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoEMon&co=CA&userid=bd338867-3cfd-40f4-b100-4ff9a3771c30&searchtype=ds&q="
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

CLEAR THE BAD TOOLBARS

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that
  • 0

#3
Chintapop
Posted 03 December 2012 - 02:37 PM

Chintapop

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 213 posts
Hi Essexboy,

My default search from the url bar has changed to shaw.ca. I still need to change that but at least it's not Snap.do.

The regular and periodic slowdown/audio cuts have not been removed. I may ask in the Windows 7 Forum if it is not your area of expertise.


Thanks!


OTL LOG:

OTL logfile created on: 12/3/2012 12:17:17 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

7.80 Gb Total Physical Memory | 5.44 Gb Available Physical Memory | 69.76% Memory free
15.60 Gb Paging File | 13.03 Gb Available in Paging File | 83.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 575.94 Gb Total Space | 444.08 Gb Free Space | 77.11% Space Free | Partition Type: NTFS
Drive D: | 19.93 Gb Total Space | 2.90 Gb Free Space | 14.54% Space Free | Partition Type: NTFS
Drive F: | 99.34 Mb Total Space | 84.19 Mb Free Space | 84.75% Space Free | Partition Type: FAT32

Computer Name: USER-HP | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/12/02 22:45:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
PRC - [2012/12/01 19:03:56 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2012/11/28 14:13:16 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2012/11/06 19:00:32 | 003,143,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2012/11/06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2012/10/27 14:39:45 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2012/10/09 09:53:36 | 004,441,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\User\AppData\Local\Akamai\netsession_win.exe
PRC - [2012/10/01 15:09:24 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
PRC - [2012/08/11 15:43:08 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileBackup.exe
PRC - [2012/08/09 22:12:18 | 000,055,184 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
PRC - [2012/07/27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/27 02:07:46 | 000,879,800 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
PRC - [2012/07/27 02:05:02 | 000,380,088 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
PRC - [2012/07/26 17:17:56 | 001,374,112 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
PRC - [2012/07/18 15:10:04 | 000,052,192 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
PRC - [2012/04/26 04:33:16 | 002,743,104 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2012/03/30 14:41:46 | 001,858,152 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
PRC - [2012/03/30 14:41:46 | 000,151,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
PRC - [2012/03/28 02:53:14 | 000,404,568 | ---- | M] (LG Electronics) -- C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
PRC - [2012/01/31 09:46:56 | 000,019,232 | ---- | M] (Autodesk, Inc.) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2011/06/14 13:29:22 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/06/01 08:42:28 | 000,071,432 | ---- | M] (Memeo) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
PRC - [2011/06/01 08:42:28 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2011/06/01 08:16:54 | 002,260,992 | ---- | M] (Axentra Corporation) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
PRC - [2011/05/27 15:23:00 | 004,999,976 | ---- | M] (Synaptics Incorporated) -- C:\Program Files (x86)\Synaptics\Scrybe\scrybe.exe
PRC - [2011/05/27 15:23:00 | 001,300,264 | ---- | M] (Synaptics, Inc.) -- C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe
PRC - [2011/05/21 15:52:16 | 000,103,992 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/06/24 21:32:50 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
PRC - [2010/05/01 09:21:14 | 002,533,400 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/05/01 09:21:14 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe


========== Modules (No Company Name) ==========

MOD - [2012/11/16 22:02:31 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\17796f2951c17ebf92dd4b7c9b3ce556\System.ServiceProcess.ni.dll
MOD - [2012/11/16 22:02:06 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll
MOD - [2012/11/16 22:01:18 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
MOD - [2012/11/16 22:01:08 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
MOD - [2012/11/16 22:01:05 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\70705382a499703e7a595fada80b04e6\Accessibility.ni.dll
MOD - [2012/11/16 22:00:34 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
MOD - [2012/11/16 22:00:28 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
MOD - [2012/11/16 22:00:27 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
MOD - [2012/11/16 22:00:20 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2012/10/27 14:39:11 | 002,295,264 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/06/01 08:46:02 | 000,030,984 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll
MOD - [2011/06/01 08:42:24 | 000,108,296 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Progress.dll
MOD - [2011/06/01 08:16:54 | 000,971,776 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll
MOD - [2011/06/01 08:16:54 | 000,241,664 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll
MOD - [2010/06/16 11:48:34 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2010/06/16 11:48:32 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2010/06/16 11:48:32 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/07/29 20:53:02 | 001,432,400 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2011/05/13 17:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/09/09 18:26:44 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/06/18 15:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2010/06/17 21:10:14 | 000,258,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/03/05 09:26:38 | 001,425,168 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2010/03/05 09:07:58 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2010/03/05 09:06:22 | 000,831,760 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/03 02:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2012/12/01 09:30:19 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/11/06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/11/06 16:56:01 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/10/27 14:39:44 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012/07/27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 13:14:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/03/30 14:41:46 | 000,151,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2012/01/31 09:46:56 | 000,019,232 | ---- | M] (Autodesk, Inc.) [Auto | Running] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2011/09/09 16:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/06/14 13:29:22 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2011/06/01 08:42:28 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011/05/27 15:23:00 | 001,300,264 | ---- | M] (Synaptics, Inc.) [Auto | Running] -- C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe -- (ScrybeUpdater)
SRV - [2011/05/21 15:52:16 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/05/01 09:21:14 | 002,533,400 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/05/01 09:21:14 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/10/22 13:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2012/10/15 03:48:50 | 000,063,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/10/05 03:32:50 | 000,111,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2012/10/02 03:30:38 | 000,185,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/09/28 10:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/09/21 03:46:04 | 000,200,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/09/21 03:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2012/09/14 03:05:18 | 000,040,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012/09/08 18:44:44 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/08/23 06:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 06:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/04/25 07:03:30 | 000,093,272 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/02 16:02:00 | 000,034,304 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandmodem64.sys -- (ANDModem)
DRV:64bit: - [2012/03/02 16:02:00 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lganddiag64.sys -- (AndDiag)
DRV:64bit: - [2012/03/02 16:02:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandgps64.sys -- (AndGps)
DRV:64bit: - [2012/03/02 16:02:00 | 000,019,456 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandbus64.sys -- (Andbus)
DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/14 04:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/07/20 21:18:41 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/13 17:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 17:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 05:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 01:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/09/09 18:45:34 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/09/09 17:52:50 | 000,279,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/07/28 18:10:40 | 010,610,400 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2010/07/28 18:10:40 | 010,610,400 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/06/24 21:32:52 | 000,032,880 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/06/17 21:10:14 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/05/06 05:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/04/30 17:21:00 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2010/04/16 10:45:50 | 000,039,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010/04/13 08:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/03/17 21:21:58 | 007,680,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2010/01/11 14:31:04 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/10/26 12:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/08/13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 13:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 13:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 13:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 12:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 12:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/08/31 14:15:34 | 000,079,872 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emAudio64.sys -- (emAudio)
DRV:64bit: - [2007/06/21 17:51:46 | 000,215,808 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emDevice64.sys -- (DCamUSBEMPIA)
DRV:64bit: - [2007/06/21 17:51:32 | 000,006,400 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emFilter64.sys -- (FiltUSBEMPIA)
DRV:64bit: - [2007/06/21 17:51:30 | 000,006,144 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emScan64.sys -- (ScanUSBEMPIA)
DRV:64bit: - [2005/09/23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON/4
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0C37080F-5FE7-462D-885F-772E49D666A0}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{92C9F705-4639-462F-85C3-9C326715FDF1}: "URL" = http://ca.search.yah...psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{CCEC98EC-C712-42F3-88EB-632CCACDA995}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D788D896-8F94-4F79-BBEA-C00E91968CCA}: "URL" = http://www.ask.com/w...}&l=dis&o=cahpl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCON/4
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0C37080F-5FE7-462D-885F-772E49D666A0}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{92C9F705-4639-462F-85C3-9C326715FDF1}: "URL" = http://ca.search.yah...psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{CCEC98EC-C712-42F3-88EB-632CCACDA995}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{D788D896-8F94-4F79-BBEA-C00E91968CCA}: "URL" = http://www.ask.com/w...}&l=dis&o=cahpl

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{06F82AAB-660A-4B36-8F69-3C839F2734ED}: "URL" = http://websearch.ask...BC-141867620DD9
IE - HKCU\..\SearchScopes\{0C37080F-5FE7-462D-885F-772E49D666A0}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{92C9F705-4639-462F-85C3-9C326715FDF1}: "URL" = http://ca.search.yah...psg&type=HPNTDF
IE - HKCU\..\SearchScopes\{CCEC98EC-C712-42F3-88EB-632CCACDA995}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKCU\..\SearchScopes\{D788D896-8F94-4F79-BBEA-C00E91968CCA}: "URL" = http://www.ask.com/w...}&l=dis&o=cahpl
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: {ab91efd4-6975-4081-8552-1b3922ed79e2}:1.0.15.0
FF - prefs.js..extensions.enabledAddons: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.10
FF - prefs.js..extensions.enabledAddons: {0153E448-190B-4987-BDE1-F256CADA672F}:15.0.6
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Citrix.com/npican: C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}: C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/12/01 19:04:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/11/11 15:27:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/12/01 19:05:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/11/11 15:27:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/12/01 19:05:13 | 000,000,000 | ---D | M]

[2011/03/17 16:50:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions
[2012/11/23 20:45:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\40fk8wyi.default\extensions
[2012/02/04 16:51:43 | 000,000,000 | ---D | M] (HP Detect) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\40fk8wyi.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
[2012/06/08 17:16:20 | 000,401,328 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\40fk8wyi.default\extensions\[email protected]
[2012/11/23 20:45:33 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\40fk8wyi.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011/10/29 11:59:31 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\40fk8wyi.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2012/01/03 16:27:44 | 000,002,333 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\40fk8wyi.default\searchplugins\askcom.xml
[2012/10/27 14:39:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/10/27 14:39:04 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/12/01 19:04:36 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2012/10/27 14:39:45 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/12/01 19:04:14 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll
[2012/09/05 17:26:22 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/10/13 12:19:37 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/12/03 12:00:24 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [CitrixReceiver] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk" File not found
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\User\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: kccsoft.com ([www] http in Trusted sites)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} http://www.kccsoft.c...les/awswaxd.cab (Macromedia Authorware Web Player Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0255CC34-89D7-4BE3-BE1B-31C16E655DF9}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7658D126-D63A-4A11-B5AD-33A1A2A954A5}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{90765EAA-5549-45C6-82C4-F49C547405DF}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll) - C:\Program Files (x86)\Citrix\ICA Client\RSHook.dll (Citrix Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/07/29 20:59:54 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/03 12:00:20 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/12/02 22:45:22 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2012/12/02 22:20:05 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\AVG2013
[2012/12/02 22:19:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/12/02 22:19:13 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\TuneUp Software
[2012/12/02 22:18:46 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/12/02 22:18:46 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2012/12/02 22:17:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2012/12/02 22:03:48 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/12/02 22:03:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\MFAData
[2012/12/02 22:03:47 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/12/02 22:03:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Avg2013
[2012/12/02 22:01:48 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2012/12/02 21:25:15 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F2E960E1-5444-4451-88AD-606971767A08}
[2012/12/02 19:51:48 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Pinnacle Studio
[2012/12/02 19:51:22 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Pinnacle
[2012/12/02 19:49:59 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E577B9E2-04F7-485E-8589-84EA182E3E73}
[2012/12/02 19:44:34 | 000,000,000 | ---D | C] -- C:\Drivers
[2012/12/01 20:05:27 | 000,215,808 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\SysNative\drivers\emDevice64.sys
[2012/12/01 20:05:27 | 000,070,656 | ---- | C] (Pinnacle Systems) -- C:\Windows\SysNative\PCLECoInst64.dll
[2012/12/01 20:05:27 | 000,006,400 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\SysNative\drivers\emFilter64.sys
[2012/12/01 20:05:27 | 000,006,144 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\SysNative\drivers\emScan64.sys
[2012/12/01 20:05:26 | 000,057,344 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\SysWow64\emVFW.dll
[2012/12/01 20:05:26 | 000,032,768 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\SysWow64\emProp.ax
[2012/12/01 20:05:26 | 000,013,824 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\SysNative\emUSD64.dll
[2012/12/01 20:05:19 | 000,079,872 | ---- | C] (eMPIA Technology, Inc.) -- C:\Windows\SysNative\drivers\emAudio64.sys
[2012/12/01 20:04:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pinnacle
[2012/12/01 20:04:03 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Downloaded Installations
[2012/12/01 20:03:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle Studio HD
[2012/12/01 20:01:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 14
[2012/12/01 20:01:18 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\My Projects
[2012/12/01 19:53:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Pegasus Imaging
[2012/12/01 19:53:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Yahoo!
[2012/12/01 19:53:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Studio 14
[2012/12/01 19:53:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle Studio Plus
[2012/12/01 19:53:45 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Pinnacle
[2012/12/01 19:53:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pinnacle
[2012/12/01 19:50:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle
[2012/12/01 19:04:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2012/12/01 19:04:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
[2012/12/01 19:03:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2012/12/01 19:00:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2012/12/01 17:48:12 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{28FDECFE-4BF4-461C-B1DE-6EEEB4385B83}
[2012/12/01 17:31:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/12/01 17:28:57 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/12/01 17:28:55 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/12/01 17:28:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/12/01 17:28:55 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012/12/01 16:28:19 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Seagate
[2012/12/01 16:27:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate Dashboard
[2012/12/01 16:26:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seagate
[2012/12/01 16:23:53 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Leadertech
[2012/12/01 09:34:32 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Steel Project Chris
[2012/11/25 19:56:24 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{AD816FCC-3CF1-4D28-BAEA-6F9C9E07C5FE}
[2012/11/24 14:42:57 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DD9E8499-2E5C-4B6E-857B-AF97103330B1}
[2012/11/23 17:16:49 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{BA8FB625-9781-4DF1-AFBD-7011F41A9C20}
[2012/11/21 18:49:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{157F5C98-8494-4EAC-AE79-692D7C28563A}
[2012/11/19 18:54:55 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\A00799063 (myfiles.bcit.ca@SSLDavWWWRoothome3)
[2012/11/19 17:47:32 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{193494B4-6A46-485B-B3D6-102EDF6C1A7E}
[2012/11/18 13:16:53 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{4BFB3FFD-B279-486C-BD69-BEABDD29F762}
[2012/11/17 14:20:12 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{43EBCDC2-2D7B-41EA-AF39-B8B3E97EFD60}
[2012/11/17 10:39:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2012/11/17 10:38:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2012/11/17 10:37:34 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Programs
[2012/11/14 23:41:10 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{6EB9CD01-70FE-43B8-AC26-0EAC26E7F3E1}
[2012/11/12 18:38:50 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{FBE31ABC-A61B-414F-9683-EDDEE09B36CC}
[2012/11/11 15:56:31 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{022AE1A5-01FE-4127-985C-2512D75CEB42}
[2012/11/11 15:27:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/11/11 15:27:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012/11/08 19:22:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{73DC3019-ED54-48D2-B36F-3F1EBCB2DFDC}
[2012/11/07 22:07:21 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{44CF54BC-4A5E-4EC4-8560-10A4788AB71B}
[2012/11/07 18:41:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Autodesk, Inc
[2012/11/07 18:39:49 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012/11/07 18:37:25 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012/11/06 22:34:26 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\Second Year
[2012/11/06 15:32:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012/11/06 15:29:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LG Electronics
[2012/11/06 15:21:52 | 000,000,000 | ---D | C] -- C:\ProgramData\LGMOBILEAX
[2012/11/06 10:58:57 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{764BFDCB-A17C-4612-8C6B-6F312CE2F430}
[2012/11/05 15:04:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing Desktop
[2012/11/05 13:52:27 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{3AE0B93E-E6CA-4076-8F49-56F15FC1DDD0}
[2012/11/05 12:35:55 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{1D2AD950-703C-4BB4-B089-AE77FB2BE558}

========== Files - Modified Within 30 Days ==========

[2012/12/03 12:21:24 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/03 12:21:24 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/03 12:14:37 | 000,002,413 | ---- | M] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2012/12/03 12:13:52 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/03 12:13:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/03 12:13:24 | 1988,513,791 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/03 12:00:24 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/12/03 11:59:18 | 000,540,743 | ---- | M] () -- C:\Users\User\Desktop\adwcleaner.exe
[2012/12/03 11:37:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/03 11:13:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/03 10:12:03 | 000,792,890 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/12/03 10:12:03 | 000,673,922 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/12/03 10:12:03 | 000,129,884 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/12/02 22:45:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2012/12/02 22:19:14 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2012/12/02 22:09:43 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/12/02 19:51:37 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2012/12/02 19:11:54 | 000,521,264 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/11/23 17:04:31 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForUser.job
[2012/11/17 10:40:09 | 000,003,294 | ---- | M] () -- C:\Users\User\.recently-used.xbel
[2012/11/12 10:32:25 | 000,470,561 | ---- | M] () -- C:\Users\User\Desktop\IOGraph.exe
[2012/11/07 18:35:19 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012/11/07 18:35:19 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012/11/06 13:38:54 | 000,003,580 | ---- | M] () -- C:\Users\User\.ganttproject
[2012/11/04 22:03:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForUSER-HP$.job

========== Files Created - No Company Name ==========

[2012/12/03 11:59:06 | 000,540,743 | ---- | C] () -- C:\Users\User\Desktop\adwcleaner.exe
[2012/12/02 22:19:14 | 000,000,925 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2012/12/02 19:44:34 | 000,003,654 | ---- | C] () -- C:\Windows\SysWow64\drivers\Sonyhcp.dll
[2012/12/01 19:51:30 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2012/11/17 10:40:09 | 000,003,294 | ---- | C] () -- C:\Users\User\.recently-used.xbel
[2012/11/14 23:52:56 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/14 23:42:53 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/11/12 10:32:24 | 000,470,561 | ---- | C] () -- C:\Users\User\Desktop\IOGraph.exe
[2012/11/06 13:38:51 | 000,003,580 | ---- | C] () -- C:\Users\User\.ganttproject
[2012/10/07 18:53:44 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/10/07 18:53:44 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012/09/09 10:35:37 | 000,000,533 | ---- | C] () -- C:\Windows\eReg.dat
[2012/08/18 22:57:32 | 238,744,520 | ---- | C] () -- C:\Users\User\AMANDA_ON_PATROL.mpg
[2012/08/08 23:40:32 | 000,065,576 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2012/08/08 23:40:28 | 000,022,560 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2012/06/09 22:11:54 | 000,000,092 | ---- | C] () -- C:\Users\User\AppData\Local\fusioncache.dat
[2012/05/17 19:38:21 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\bsreffs.dll
[2012/05/17 19:38:21 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\bsrlback.dll
[2012/05/17 19:38:20 | 000,692,224 | ---- | C] () -- C:\Windows\SysWow64\bsrmgcv.dll
[2012/05/17 19:38:20 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\bsrmgps.dll
[2012/05/17 19:38:20 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\bsrgvas.dll
[2012/05/17 19:38:14 | 000,585,728 | ---- | C] () -- C:\Windows\SysWow64\bsratswf.dll
[2012/05/17 19:38:14 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\bsratwmv.dll
[2012/05/16 19:44:08 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012/02/24 22:17:34 | 000,000,043 | ---- | C] () -- C:\Users\User\jagex_cl_runescape_LIVE.dat
[2012/02/24 22:17:34 | 000,000,024 | ---- | C] () -- C:\Users\User\random.dat
[2012/02/13 17:01:42 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat.temp
[2011/11/13 20:58:32 | 000,055,808 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll
[2011/11/13 19:50:04 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2011/11/13 19:50:04 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2011/09/28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/09/20 19:12:12 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/05/11 18:50:58 | 000,000,695 | ---- | C] () -- C:\Users\User\.jscreenfix.licence
[2011/05/04 15:59:10 | 000,001,854 | ---- | C] () -- C:\Users\User\AppData\Roaming\GhostObjGAFix.xml
[2011/04/07 18:56:35 | 000,023,154 | ---- | C] () -- C:\Windows\hpqins15.dat
[2011/03/19 20:01:40 | 000,004,592 | ---- | C] () -- C:\Users\User\.jmf-resource
[2011/03/17 17:26:46 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/03/17 17:01:25 | 000,804,594 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/03/15 17:27:20 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/03/15 17:20:39 | 000,002,189 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2011/03/15 17:19:16 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2011/03/15 17:19:16 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2011/03/15 17:19:16 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2011/03/15 17:19:15 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2011/03/15 17:19:00 | 000,000,299 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2011/03/15 17:19:00 | 000,000,240 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini

========== ZeroAccess Check ==========

[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 21:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 20:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/12/02 22:27:45 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\.minecraft
[2012/07/20 21:17:04 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\.Nitrous
[2012/10/12 19:06:36 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\.techniclauncher
[2012/11/01 20:37:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\0ad
[2011/10/29 10:51:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\a00799063
[2012/11/04 12:54:46 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Audacity
[2012/11/10 10:16:32 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Autodesk
[2012/12/02 22:20:05 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\AVG2013
[2012/05/19 16:34:22 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\BANDISOFT
[2012/02/18 14:59:05 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Canon
[2012/08/18 21:44:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DAEMON Tools Lite
[2012/10/07 19:00:17 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DAEMON Tools Pro
[2012/12/03 10:34:59 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Dropbox
[2012/05/19 16:33:20 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DVDVideoSoft
[2012/01/11 17:49:54 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\FileOpen
[2012/07/29 18:56:18 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GameRanger
[2012/11/17 10:40:09 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\gtk-2.0
[2012/10/05 15:50:26 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ICAClient
[2012/12/01 16:23:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Leadertech
[2012/10/27 23:53:54 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\megaglest
[2012/01/27 19:22:17 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\MP3SkypeRecorder
[2012/08/09 20:45:37 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\MTE
[2011/03/28 15:29:39 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\MusE
[2012/04/23 20:53:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Notepad++
[2011/03/17 17:41:17 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\OpenOffice.org
[2012/11/17 10:39:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\pdfforge
[2012/12/01 16:28:19 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Seagate
[2012/10/21 21:22:49 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\SplitMediaLabs
[2011/11/13 21:44:02 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Synaptics
[2012/10/27 20:35:11 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Teeworlds
[2012/07/19 18:11:14 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TS3Client
[2012/12/02 22:19:13 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TuneUp Software
[2012/08/16 14:05:04 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TunkDesign
[2012/09/02 21:28:32 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Unity
[2011/04/03 21:23:39 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



< End of report >






ADW LOG


# AdwCleaner v2.011 - Logfile created 12/03/2012 at 12:11:20
# Updated 02/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : User - USER-HP
# Boot Mode : Normal
# Running from : C:\Users\User\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\Conduit

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16455

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (en-US)

*************************

AdwCleaner[R1].txt - [784 octets] - [03/12/2012 12:09:40]
AdwCleaner[S1].txt - [722 octets] - [03/12/2012 12:11:20]

########## EOF - C:\AdwCleaner[S1].txt - [781 octets] ##########
  • 0

#4
Essexboy
Posted 03 December 2012 - 02:52 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Do these occur when you are running a specific programme or just at random ?

Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.
  • 0

#5
Chintapop
Posted 03 December 2012 - 03:08 PM

Chintapop

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 213 posts
Hi Essexboy,

These slowdown moments occur when any program is open (therefore randomly). I have attached my malware bytes log below.

Thank you!




Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.12.03.13

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
User :: USER-HP [administrator]

03/12/2012 12:57:58 PM
mbam-log-2012-12-03 (12-57-58).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 223035
Time elapsed: 7 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Users\User\AppData\Roaming\a00799063 (Rogue.Multiple) -> Quarantined and deleted successfully.

Files Detected: 3
C:\Users\User\AppData\Roaming\a00799063\101whmis.rec (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Users\User\AppData\Roaming\a00799063\213notes.txt (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Users\User\AppData\Roaming\a00799063\kccmenu.rec (Rogue.Multiple) -> Quarantined and deleted successfully.

(end)
  • 0

#6
Essexboy
Posted 03 December 2012 - 04:23 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
When you experience the slowdowns could you open Task Manager
Select Processes
Select "Show All Users"
Click the CPU marker so it is in descending order and let me know which process is using the CPU
[attachment=61811:Capture.JPG]
  • 0

#7
Chintapop
Posted 03 December 2012 - 05:27 PM

Chintapop

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 213 posts
Hi Essexboy,

The slowdowns seem to come mostly when I'm typing.
A high majority of the processes there are using 00 CPU but the ones that use more are, in no order are:

firefox.exe *32
taskmgr.exe
iTunes.exe *32
Receiver.exe *32
realsched.exe *32
SynTPHelper.exe
scrybe.exe *32
csrss.exe
dwm.exe
explorer.exe


Note: My open applications are:
Firefox
Mathcad vis Citrix Receiver
iTunes
Task Manager

Thanks!
  • 0

#8
Essexboy
Posted 04 December 2012 - 08:07 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
My first thought would be that it iTunes causing the delay, as I experience slowdowns when iTunes is running on my windows 8 with 4Gb of ram
Close iTunes and see if that helps, also update iTunes to the 64bit version
  • 0

#9
Chintapop
Posted 07 December 2012 - 09:41 AM

Chintapop

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 213 posts
Hi Essexboy,

I updated my iTunes and also closed it while working. The slowdowns still occur.
  • 0

#10
Essexboy
Posted 07 December 2012 - 09:46 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Next we will check for driver conflicts

Step 1: Start MSConfig

Click Start, type msconfig in the Start Search box, and then press ENTER.
If you are prompted for an administrator password or for a confirmation, type the password, or provide confirmation.

Step 2: Configure Selective Startup options

1.In the System Configuration Utility dialog box, click Selective Startup on the General tab.

Posted Image

2.Click to clear the Load Startup Items check box.
Note The Use Original Boot.ini check box is unavailable.

3.Click the Services tab.

Posted Image

4.Click to select the Hide All Microsoft Services check box.
5.Click Disable All, and then click OK.
6. When you are prompted, click Restart.

Once back in windows does the problem still occur ?
  • 0

#11
Chintapop
Posted 07 December 2012 - 11:51 PM

Chintapop

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 213 posts
Hi Essexboy,

Yes. If I restart with all services off, the slowdowns stop in the actual system. My internet connection seems to become more terrible than it usually is though. Speedtest.net tells me that it is about the same though.

On a slightly related topic, why does Speedtest.net tell me my download speed is 18Mb/s while the actual download speed on a file is 300kb/s? I might have to ask networking about this.

Thanks for the extra help!
  • 0

#12
Essexboy
Posted 08 December 2012 - 05:27 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Next we need to determine which service is causing the slowdown. To do this run MSConfig again and re-enable half of the services.
Reboot and if the slowdown is still not present then re-enable half of the remaining services
If the slowdown remains then deselect half of the services you had re-enabled.

We are using a trial and error system here to determine the culprit
  • 0

#13
Essexboy
Posted 12 December 2012 - 09:01 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP