Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

certified toolbar [Solved]


  • This topic is locked This topic is locked

#31
cyerman

cyerman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
OTL logfile created on: 2/5/2013 12:08:30 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pops\Desktop
Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.87 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 54.74% Memory free
5.75 Gb Paging File | 3.33 Gb Available in Paging File | 58.03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.09 Gb Total Space | 196.31 Gb Free Space | 68.14% Space Free | Partition Type: NTFS

Computer Name: POPS-PC | User Name: Pops | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/20 09:17:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pops\Desktop\OTL (1).exe
PRC - [2012/12/18 09:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/15 08:59:05 | 000,308,368 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/12/11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2012/11/22 21:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/11/15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2012/10/30 04:59:56 | 000,726,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2012/10/22 13:04:32 | 001,116,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2012/10/22 13:03:46 | 000,440,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2012/09/17 11:41:58 | 000,508,336 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2012/08/13 10:57:02 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2012/08/13 10:57:02 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2012/05/25 03:25:02 | 006,595,928 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2012/01/18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/09/16 10:08:18 | 001,804,648 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe
PRC - [2011/09/16 09:56:50 | 000,643,944 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPNetworkCommunicator.exe
PRC - [2011/03/01 22:14:08 | 000,190,808 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/03 19:19:24 | 000,094,024 | ---- | M] (Sling Media Inc.) -- C:\Program Files\Sling Media\SlingAgent\SlingAgentService.exe
PRC - [2010/10/29 15:06:08 | 005,915,480 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Vid HD\Vid.exe
PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/01/27 08:40:58 | 000,323,584 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2009/09/22 16:02:26 | 000,098,304 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Program Files\WinTV\WinTV7\WinTVTray.exe
PRC - [2009/09/22 16:02:16 | 000,315,392 | ---- | M] (Hauppauge Computer Works) -- C:\Program Files\WinTV\TVServer\CaptureGenUSB.exe
PRC - [2009/09/22 16:01:46 | 000,434,176 | ---- | M] (Hauppauge Computer Works) -- C:\Program Files\WinTV\TVServer\HauppaugeTVServer.exe
PRC - [2009/09/01 22:46:00 | 000,117,344 | ---- | M] (Hauppauge Computer Works) -- C:\Program Files\WinTV\Ir.exe
PRC - [2009/03/27 22:10:56 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2007/12/13 19:10:56 | 001,688,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2004/05/12 15:04:54 | 000,196,608 | ---- | M] () -- C:\Program Files\Ahead\Ahead\data\Xtras\mssysmgr.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/10 03:42:20 | 000,593,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\da8f64c83f81621fa61a3e61a1f570a8\System.Messaging.ni.dll
MOD - [2013/01/10 03:41:18 | 010,580,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Design\c68040f7f0d621d43b25aa31a61cc8ab\System.Design.ni.dll
MOD - [2013/01/10 03:41:07 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0ac577a8ad6528ff03b50db5eeeac8be\System.Web.ni.dll
MOD - [2013/01/10 03:40:57 | 000,628,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\01c6cb58745f397c9b7ccf3ab7bfc9cd\System.EnterpriseServices.ni.dll
MOD - [2013/01/10 03:40:55 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\536d704e93ffec9b54e4a0312fb5b996\System.Transactions.ni.dll
MOD - [2013/01/10 03:40:54 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll
MOD - [2013/01/10 03:40:19 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll
MOD - [2013/01/10 03:40:09 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/10 03:40:07 | 001,806,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\43f1725719239288707661115956470e\System.Deployment.ni.dll
MOD - [2013/01/10 03:40:05 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d908c91e24616e6b8d38c9da61038b25\Accessibility.ni.dll
MOD - [2013/01/10 03:40:04 | 000,684,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\3abd733e8fa28fafbfc99458fdf691da\System.Security.ni.dll
MOD - [2013/01/10 03:40:00 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/10 03:39:55 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/01/10 03:39:31 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/10 03:39:24 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012/11/16 03:43:24 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2012/10/05 05:53:24 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012/10/05 05:53:24 | 003,198,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012/10/05 05:53:24 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012/08/10 16:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2012/05/25 03:25:00 | 000,921,600 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2012/05/25 03:25:00 | 000,078,336 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\pcre.dll
MOD - [2011/04/01 00:06:54 | 000,181,592 | ---- | M] () -- C:\Program Files\Common Files\logishrd\SharedBin\LvApi11.dll
MOD - [2010/11/04 20:58:14 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2010/11/04 20:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/10/29 15:02:38 | 000,751,616 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\vpxmd.dll
MOD - [2010/10/29 15:01:30 | 000,027,472 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\SDL.dll
MOD - [2010/05/07 18:37:40 | 000,126,808 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2010/05/07 18:37:40 | 000,027,480 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2010/05/07 18:36:54 | 000,340,824 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2010/05/07 18:35:56 | 007,954,776 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2010/05/07 18:35:44 | 002,143,576 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2010/04/15 10:21:51 | 000,847,872 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxXML2V.dll
MOD - [2010/04/15 10:21:51 | 000,782,336 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxImV.dll
MOD - [2010/04/15 10:21:51 | 000,688,128 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll
MOD - [2010/04/15 10:21:51 | 000,528,384 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxProcV.dll
MOD - [2010/04/15 10:21:51 | 000,237,568 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll
MOD - [2010/04/15 10:21:51 | 000,155,648 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxZipV.dll
MOD - [2010/04/15 10:21:51 | 000,143,360 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll
MOD - [2010/04/15 10:21:50 | 001,396,736 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCommonV.dll
MOD - [2010/04/15 10:21:50 | 000,462,848 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxFFV.dll
MOD - [2010/04/15 10:21:49 | 002,236,416 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCmpV.dll
MOD - [2010/04/15 10:21:49 | 000,868,352 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxBaseV.dll
MOD - [2010/04/15 10:21:48 | 000,471,040 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCom.dll
MOD - [2010/04/15 10:21:48 | 000,406,016 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KFx.dll
MOD - [2010/04/15 10:21:48 | 000,129,536 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\kpries40.dll
MOD - [2010/04/15 10:21:48 | 000,090,112 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll
MOD - [2010/04/15 10:21:48 | 000,084,480 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\keml40.dll
MOD - [2010/04/15 10:21:48 | 000,062,464 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DibLibIP.dll
MOD - [2010/04/15 10:21:48 | 000,052,224 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll
MOD - [2010/04/15 10:21:48 | 000,044,544 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocCamBack.dll
MOD - [2010/04/15 10:21:48 | 000,010,240 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll
MOD - [2010/04/15 10:21:47 | 011,503,616 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESSkin.esx
MOD - [2010/04/15 10:21:47 | 001,564,672 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\areaifdll.dll
MOD - [2010/04/15 10:21:47 | 000,761,856 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCliWicMDRW.esx
MOD - [2010/04/15 10:21:47 | 000,684,032 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESEmail.esx
MOD - [2010/04/15 10:21:47 | 000,356,352 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Atlas.dll
MOD - [2010/04/15 10:21:47 | 000,339,968 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx
MOD - [2010/04/15 10:21:47 | 000,315,392 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx
MOD - [2010/04/15 10:21:47 | 000,264,192 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\AppCore.dll
MOD - [2010/04/15 10:21:47 | 000,233,984 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaControls.esx
MOD - [2010/04/15 10:21:47 | 000,171,520 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Pcd.esx
MOD - [2010/04/15 10:21:47 | 000,152,576 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx
MOD - [2010/04/15 10:21:47 | 000,098,304 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx
MOD - [2010/04/15 10:21:47 | 000,084,480 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx
MOD - [2010/04/15 10:21:47 | 000,078,848 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx
MOD - [2010/03/16 23:03:32 | 000,032,768 | ---- | M] () -- C:\Program Files\MuvEnum\AddressBar\BandObjectLib.dll
MOD - [2009/09/22 16:01:46 | 000,024,576 | ---- | M] () -- C:\Program Files\WinTV\TVServer\HauppaugeTVServerps.dll
MOD - [2009/07/26 18:26:24 | 000,886,272 | ---- | M] () -- C:\Program Files\MuvEnum\AddressBar\System.Data.SQLite.dll
MOD - [2009/06/10 16:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009/06/10 16:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2009/04/22 16:53:56 | 000,969,040 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtNetwork4.dll
MOD - [2009/04/09 18:04:56 | 002,141,008 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtCore4.dll
MOD - [2009/03/03 17:18:08 | 000,138,064 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll
MOD - [2009/03/03 17:18:06 | 000,035,152 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qico4.dll
MOD - [2009/03/03 17:18:06 | 000,029,008 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qgif4.dll
MOD - [2009/03/03 17:17:46 | 011,311,952 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtWebKit4.dll
MOD - [2009/03/03 17:17:46 | 000,363,856 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtXml4.dll
MOD - [2009/03/03 17:17:44 | 000,200,016 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtSql4.dll
MOD - [2009/03/03 17:17:40 | 000,475,472 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtOpenGL4.dll
MOD - [2009/03/03 17:17:38 | 007,704,400 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtGui4.dll
MOD - [2009/03/03 17:17:32 | 000,291,664 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\phonon4.dll
MOD - [2004/05/12 15:04:54 | 000,196,608 | ---- | M] () -- C:\Program Files\Ahead\Ahead\data\Xtras\mssysmgr.exe


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)
SRV - [2013/01/09 14:02:21 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/18 09:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/11/15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/10/22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012/01/18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010/11/03 19:19:24 | 000,094,024 | ---- | M] (Sling Media Inc.) [Auto | Running] -- C:\Program Files\Sling Media\SlingAgent\SlingAgentService.exe -- (SlingAgentService)
SRV - [2010/05/05 02:00:59 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/02/24 15:42:56 | 000,386,424 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2009/09/22 16:01:46 | 000,434,176 | ---- | M] (Hauppauge Computer Works) [Auto | Running] -- C:\Program Files\WinTV\TVServer\HauppaugeTVServer.exe -- (HauppaugeTVServer)
SRV - [2009/07/13 20:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/03/27 22:10:56 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Pops\AppData\Local\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - [2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/11/15 23:33:26 | 000,094,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2012/11/08 17:53:32 | 000,026,984 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012/10/22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/10/15 03:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/10/02 02:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/09/21 02:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/09/21 02:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2012/09/21 02:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012/09/14 02:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012/01/18 05:44:52 | 004,332,960 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2012/01/18 05:44:28 | 000,312,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/11/20 07:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 07:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 07:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 05:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 05:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 04:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 04:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 04:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/08/12 11:07:48 | 000,298,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2010/07/10 04:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/05/07 18:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2010/04/23 15:52:38 | 001,220,224 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hcw72DTV.sys -- (hcw72DTV)
DRV - [2010/04/23 15:48:44 | 001,217,920 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hcw72ATV.sys -- (hcw72ATV)
DRV - [2010/04/23 15:47:40 | 000,028,928 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hcw72ADFilter.sys -- (hcw72ADFilter)
DRV - [2009/08/13 15:07:12 | 001,163,328 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/13 17:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2007/02/03 10:32:36 | 000,041,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/02/03 10:25:56 | 001,075,360 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Camdrl.sys -- (CamDrL)
DRV - [2004/03/10 12:42:24 | 000,012,953 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\itchfltr.sys -- (itchfltr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2676647658-2781718572-2959220747-1001\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1me10IE9ENUS/110
IE - HKU\S-1-5-21-2676647658-2781718572-2959220747-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2676647658-2781718572-2959220747-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2676647658-2781718572-2959220747-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://myyahoo.com/
IE - HKU\S-1-5-21-2676647658-2781718572-2959220747-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-2676647658-2781718572-2959220747-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-2676647658-2781718572-2959220747-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
IE - HKU\S-1-5-21-2676647658-2781718572-2959220747-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-2676647658-2781718572-2959220747-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2676647658-2781718572-2959220747-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-2676647658-2781718572-2959220747-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2676647658-2781718572-2959220747-1001\..\SearchScopes,DefaultScope = {92FF10E2-981B-43C0-B947-3A5C022A7198}
IE - HKU\S-1-5-21-2676647658-2781718572-2959220747-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...searchTerms}&r=
IE - HKU\S-1-5-21-2676647658-2781718572-2959220747-1001\..\SearchScopes\{4640F400-876D-41D9-A527-94F6304E1680}: "URL" = http://www.flickr.co...q={searchTerms}
IE - HKU\S-1-5-21-2676647658-2781718572-2959220747-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7GGNI_enUS512
IE - HKU\S-1-5-21-2676647658-2781718572-2959220747-1001\..\SearchScopes\{89FD188D-B7CE-4D73-9549-A18DBE481052}: "URL" = http://delicious.com...p={searchTerms}
IE - HKU\S-1-5-21-2676647658-2781718572-2959220747-1001\..\SearchScopes\{92FF10E2-981B-43C0-B947-3A5C022A7198}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKU\S-1-5-21-2676647658-2781718572-2959220747-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@ei.CouponAlert_2p.com/Plugin: C:\Program Files\CouponAlert_2pEI\Installr\1.bin\NP2pEISB.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Pops\AppData\Roaming\Move Networks\plugins\npqmp071503000010.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/11/04 02:02:36 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Pops\AppData\Roaming\Move Networks [2010/01/18 17:22:26 | 000,000,000 | ---D | M]

[2013/01/13 13:20:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

========== Chrome ==========

CHR - Extension: Docs = C:\Users\Pops\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Google Drive = C:\Users\Pops\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\Pops\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Pops\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Pops\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 16:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKU\S-1-5-21-2676647658-2781718572-2959220747-1001..\Run: [Adobe Reader Synchronizer] C:\Program Files\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-2676647658-2781718572-2959220747-1001..\Run: [HP Photosmart 6510 series (NET)] C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKU\S-1-5-21-2676647658-2781718572-2959220747-1001..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKU\S-1-5-21-2676647658-2781718572-2959220747-1001..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-2676647658-2781718572-2959220747-1001..\Run: [PhotoShow Deluxe Media Manager] C:\Program Files\Ahead\Ahead\data\Xtras\mssysmgr.exe ()
O4 - HKU\S-1-5-21-2676647658-2781718572-2959220747-1001..\Run: [SPMTray] "C:\Program Files\PC Speed Maximizer\SPMTray.exe" File not found
O4 - HKU\S-1-5-21-2676647658-2781718572-2959220747-1001..\Run: [UniblueRegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Pops\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-2676647658-2781718572-2959220747-1001\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Reg Error: Value error.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F89715C3-BB3C-4DEF-825F-D04DEE1A0C05}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/02/02 12:47:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\100% Free Hearts
[2013/02/01 15:34:54 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013/02/01 15:34:53 | 000,000,000 | ---D | C] -- C:\rsit
[2013/01/29 21:45:09 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/01/29 21:44:33 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot2
[2013/01/29 21:03:56 | 000,000,000 | ---D | C] -- C:\RegBackup
[2013/01/29 20:33:22 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/01/29 20:13:22 | 000,000,000 | ---D | C] -- C:\Tweaking.com_Windows_Repair_Logs
[2013/01/27 20:27:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
[2013/01/27 20:27:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Designer
[2013/01/26 20:05:53 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/01/26 20:04:45 | 000,000,000 | ---D | C] -- C:\JRT
[2013/01/22 10:36:42 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/01/20 09:17:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Pops\Desktop\OTL (1).exe
[2013/01/16 21:25:18 | 000,000,000 | ---D | C] -- C:\Users\Pops\AppData\Roaming\OpenOffice.org
[2013/01/16 21:23:55 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2013/01/16 21:22:45 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2013/01/16 21:20:34 | 000,000,000 | ---D | C] -- C:\Users\Pops\Desktop\OpenOffice.org 3.4.1 (en-US) Installation Files
[2013/01/16 20:17:41 | 000,000,000 | ---D | C] -- C:\Users\Pops\AppData\Local\{C5CEDC6E-9817-480E-9235-8AEAD610210B}
[2013/01/14 16:51:21 | 000,000,000 | ---D | C] -- C:\Users\Pops\AppData\Roaming\Apple Computer
[2013/01/14 16:51:21 | 000,000,000 | ---D | C] -- C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
[2013/01/14 16:51:16 | 000,000,000 | ---D | C] -- C:\ProgramData\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
[2013/01/14 16:49:44 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2013/01/14 16:49:43 | 000,000,000 | ---D | C] -- C:\Users\Pops\AppData\Roaming\IObit
[2013/01/14 16:49:39 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2013/01/13 13:03:02 | 000,000,000 | ---D | C] -- C:\Users\Pops\AppData\Roaming\WinRAR
[2013/01/13 13:01:52 | 000,000,000 | ---D | C] -- C:\Program Files\Red Sky

========== Files - Modified Within 30 Days ==========

[2013/02/05 12:02:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/02/05 11:56:43 | 000,000,150 | ---- | M] () -- C:\Users\Pops\Documents\FIX.BAT
[2013/02/05 11:43:42 | 000,626,844 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/02/05 11:43:42 | 000,107,160 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/02/05 11:42:55 | 000,017,120 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/05 11:42:55 | 000,017,120 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/05 11:41:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
[2013/02/05 11:38:17 | 000,001,946 | ---- | M] () -- C:\Users\Pops\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 6510 series (Network).lnk
[2013/02/05 11:37:42 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/05 11:37:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/02/05 11:37:30 | 2314,067,968 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/05 11:37:25 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2013/02/05 11:18:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/03 08:30:56 | 000,204,283 | ---- | M] () -- C:\Users\Pops\Documents\Scan0001.pdf
[2013/02/02 12:47:09 | 000,001,121 | ---- | M] () -- C:\Users\Pops\Desktop\Play Free Hearts.lnk
[2013/02/01 08:40:13 | 000,000,816 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/01/31 11:18:01 | 000,000,398 | ---- | M] () -- C:\Windows\tasks\EasyShare Registration Task.job
[2013/01/29 21:51:17 | 000,436,208 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/01/29 21:47:24 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/01/29 21:05:03 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-POPS-PC-Microsoft-Windows-7-Enterprise-(32-bit).dat
[2013/01/28 10:08:07 | 000,013,896 | ---- | M] () -- C:\Users\Pops\Desktop\Document.rtf
[2013/01/27 20:28:00 | 000,000,483 | ---- | M] () -- C:\Windows\ODBC.INI
[2013/01/27 20:27:30 | 000,001,931 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
[2013/01/27 08:39:29 | 000,198,996 | ---- | M] () -- C:\Users\Pops\Documents\Scan0003.pdf
[2013/01/20 09:17:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pops\Desktop\OTL (1).exe
[2013/01/19 17:39:44 | 000,001,373 | ---- | M] () -- C:\Users\Pops\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/01/16 21:25:32 | 000,001,159 | ---- | M] () -- C:\Users\Pops\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2013/01/16 21:23:58 | 000,001,126 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2013/01/16 20:16:07 | 000,911,360 | R--- | M] () -- C:\Users\Public\Documents\ESBK.mb
[2013/01/16 20:14:07 | 001,874,944 | R--- | M] () -- C:\Users\Public\Documents\ESBK.mbb
[2013/01/13 17:28:18 | 000,001,033 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/01/13 13:03:37 | 000,002,845 | ---- | M] () -- C:\Users\Pops\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk
[2013/01/13 13:03:37 | 000,002,747 | ---- | M] () -- C:\Users\Pops\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero Home.lnk
[2013/01/13 13:03:37 | 000,001,444 | ---- | M] () -- C:\Users\Pops\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero PhotoShow Express.lnk
[2013/01/13 13:03:37 | 000,001,245 | ---- | M] () -- C:\Users\Pops\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2013/01/13 13:03:37 | 000,001,245 | ---- | M] () -- C:\Users\Pops\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Outlook.lnk
[2013/01/13 13:03:37 | 000,001,233 | ---- | M] () -- C:\Users\Pops\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2013/01/13 13:03:37 | 000,001,217 | ---- | M] () -- C:\Users\Pops\Application Data\Microsoft\Internet Explorer\Quick Launch\PokerStars.net.lnk
[2013/01/13 13:03:37 | 000,000,426 | ---- | M] () -- C:\Users\Pops\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/01/13 13:03:37 | 000,000,408 | ---- | M] () -- C:\Users\Pops\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/01/08 18:14:19 | 000,005,576 | ---- | M] () -- C:\Windows\ST5UNST.001

========== Files Created - No Company Name ==========

[2013/02/03 21:02:04 | 000,000,150 | ---- | C] () -- C:\Users\Pops\Documents\FIX.BAT
[2013/02/03 08:30:56 | 000,204,283 | ---- | C] () -- C:\Users\Pops\Documents\Scan0001.pdf
[2013/02/02 12:47:09 | 000,001,121 | ---- | C] () -- C:\Users\Pops\Desktop\Play Free Hearts.lnk
[2013/01/29 21:40:06 | 000,303,616 | ---- | C] ( ) -- C:\SetACL.exe
[2013/01/29 21:05:03 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-POPS-PC-Microsoft-Windows-7-Enterprise-(32-bit).dat
[2013/01/27 20:42:01 | 000,013,896 | ---- | C] () -- C:\Users\Pops\Desktop\Document.rtf
[2013/01/27 20:27:30 | 000,002,673 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Outlook.lnk
[2013/01/27 20:27:30 | 000,002,625 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint.lnk
[2013/01/27 20:27:29 | 000,002,657 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Excel.lnk
[2013/01/27 20:27:29 | 000,002,611 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft FrontPage.lnk
[2013/01/27 08:39:29 | 000,198,996 | ---- | C] () -- C:\Users\Pops\Documents\Scan0003.pdf
[2013/01/16 21:25:32 | 000,001,159 | ---- | C] () -- C:\Users\Pops\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2013/01/16 21:23:58 | 000,001,126 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2013/01/16 20:17:02 | 001,874,944 | R--- | C] () -- C:\Users\Public\Documents\ESBK.mbb
[2013/01/16 20:17:02 | 000,911,360 | R--- | C] () -- C:\Users\Public\Documents\ESBK.mb
[2013/01/13 13:03:40 | 000,015,360 | ---- | C] () -- C:\Windows\Launcher.exe
[2013/01/08 18:14:01 | 000,005,576 | ---- | C] () -- C:\Windows\ST5UNST.001
[2012/08/29 08:25:20 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/08/12 16:54:18 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2012/07/25 11:10:35 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2012/07/22 14:55:57 | 000,027,520 | ---- | C] () -- C:\Users\Pops\AppData\Local\dt.dat
[2012/07/22 09:38:36 | 001,294,336 | ---- | C] () -- C:\Windows\System32\MGIIpl2A6.dll
[2012/07/22 09:38:36 | 001,261,568 | ---- | C] () -- C:\Windows\System32\MGIIpl2M6.dll
[2012/07/22 09:38:36 | 001,228,800 | ---- | C] () -- C:\Windows\System32\MGIIpl2M5.dll
[2012/07/22 09:38:36 | 001,105,920 | ---- | C] () -- C:\Windows\System32\MGIIpl2P6.dll
[2012/07/22 09:38:35 | 001,052,672 | ---- | C] () -- C:\Windows\System32\MGIIpl2P5.dll
[2012/07/22 09:38:14 | 000,000,002 | ---- | C] () -- C:\Windows\PhotoSuite.ini
[2012/07/22 09:38:11 | 001,093,632 | ---- | C] () -- C:\Windows\System32\MGIIpl2PX.dll
[2012/07/22 09:38:11 | 000,122,880 | ---- | C] () -- C:\Windows\System32\JPEGLIB.DLL
[2012/07/22 09:38:11 | 000,122,880 | ---- | C] () -- C:\Windows\System32\EnrouteStitch.dll
[2012/07/22 09:38:11 | 000,020,480 | ---- | C] () -- C:\Windows\System32\MGIIpl2.dll
[2012/07/22 09:38:11 | 000,019,968 | ---- | C] () -- C:\Windows\System32\CPUINF32.DLL
[2012/07/22 09:38:09 | 000,332,800 | ---- | C] () -- C:\Windows\System32\FPXLIB.DLL
[2012/07/22 09:10:02 | 000,046,512 | ---- | C] () -- C:\Windows\System32\EPSN.DLL
[2012/07/22 09:10:02 | 000,012,126 | ---- | C] () -- C:\Windows\System32\PIXPCZ.DLL
[2012/07/22 09:10:02 | 000,011,934 | ---- | C] () -- C:\Windows\System32\PIXPNR.DLL
[2012/01/18 05:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2012/01/18 05:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2012/01/18 05:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2012/01/18 05:22:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011/06/06 20:22:21 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/06/06 20:21:03 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/03/22 22:58:22 | 000,014,168 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2009/12/12 09:06:36 | 000,001,024 | ---- | C] () -- C:\Users\Pops\.rnd

========== ZeroAccess Check ==========

[2009/07/13 23:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\Windows\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\Windows\system32\wbem\wbemess.dll -- [2009/07/13 20:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010/12/29 19:50:43 | 000,000,000 | ---D | M] -- C:\Users\Pops\AppData\Roaming\Argali
[2012/01/22 17:40:54 | 000,000,000 | ---D | M] -- C:\Users\Pops\AppData\Roaming\AVG
[2012/09/27 08:21:58 | 000,000,000 | ---D | M] -- C:\Users\Pops\AppData\Roaming\AVG2013
[2010/10/09 16:49:33 | 000,000,000 | ---D | M] -- C:\Users\Pops\AppData\Roaming\Catalina Marketing Corp
[2010/04/29 19:37:21 | 000,000,000 | ---D | M] -- C:\Users\Pops\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/08/02 09:26:21 | 000,000,000 | ---D | M] -- C:\Users\Pops\AppData\Roaming\Foxit Software
[2012/03/10 17:13:04 | 000,000,000 | ---D | M] -- C:\Users\Pops\AppData\Roaming\Genieo
[2013/01/14 17:42:54 | 000,000,000 | ---D | M] -- C:\Users\Pops\AppData\Roaming\IObit
[2010/12/02 21:38:27 | 000,000,000 | ---D | M] -- C:\Users\Pops\AppData\Roaming\Leadertech
[2013/01/16 21:25:18 | 000,000,000 | ---D | M] -- C:\Users\Pops\AppData\Roaming\OpenOffice.org
[2012/08/01 12:08:49 | 000,000,000 | ---D | M] -- C:\Users\Pops\AppData\Roaming\PDF Software
[2012/10/29 19:00:50 | 000,000,000 | ---D | M] -- C:\Users\Pops\AppData\Roaming\PDFCreatorPackages
[2009/12/26 10:38:36 | 000,000,000 | ---D | M] -- C:\Users\Pops\AppData\Roaming\Skinux
[2012/12/23 16:00:29 | 000,000,000 | ---D | M] -- C:\Users\Pops\AppData\Roaming\Sling Media
[2009/12/26 09:26:32 | 000,000,000 | ---D | M] -- C:\Users\Pops\AppData\Roaming\Snapfish
[2012/09/27 08:21:36 | 000,000,000 | ---D | M] -- C:\Users\Pops\AppData\Roaming\TuneUp Software
[2012/09/24 20:34:49 | 000,000,000 | ---D | M] -- C:\Users\Pops\AppData\Roaming\Visan
[2012/07/24 10:41:38 | 000,000,000 | ---D | M] -- C:\Users\Pops\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



========== Custom Scans ==========

< reg query "HKEY_Local_Machine\Software\Microsoft\Internet Explorer\Main" > C:\log.txt >
[2009/07/13 23:53:46 | 000,032,548 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/13 23:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2010/04/15 10:19:46 | 000,000,398 | ---- | C] () -- C:\Windows\Tasks\EasyShare Registration Task.job
[2010/04/17 20:21:34 | 000,000,882 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2010/04/17 20:21:35 | 000,000,886 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012/04/03 08:28:45 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012/09/24 20:34:41 | 000,000,336 | ---- | C] () -- C:\Windows\Tasks\HP Photo Creations Communicator.job

< notepad C:\log.txt >

< del C:\log.txt >

< exit >

========== Alternate Data Streams ==========

@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:0B4227B4

< End of report >
  • 0

Advertisements


#32
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Are you still having any problems with Certified Toolbar?
  • 0

#33
cyerman

cyerman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
The only problem I have is the Certified toolbar opens up in my home page
As far as everything else on my pc seems to be running normally
So I guess it's not a big deal if that is all it is
Thanks
  • 0

#34
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts

The only problem I have is the Certified toolbar opens up in my home page

Can you send me a print screen of your homepage + Certified toolbar?
  • 0

#35
cyerman

cyerman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
http://search.certif...t=true&tid=3206
  • 0

#36
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
That's not what I've asked. ;)

What I wanted is a print screen:
http://en.wikipedia....ki/Print_screen
  • 0

#37
cyerman

cyerman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Not sure if I did this right
Hope it helps you

Untitled.png
  • 0

#38
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Hi,

Apparently everything seems fine. :happy:

The certified toolbar problem still happen? If yes, please show me where because all your logs are cleaned. :thumbsup:

  • 0

#39
cyerman

cyerman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Thank you for your help
My pc is working just fine
I do have the certified search taking over my home page but I can get around that.
I really appreciate your help
Thank you again
Gary
  • 0

#40
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts

I do have the certified search taking over my home page but I can get around that.

Your OTL log shows that your Homepage is Yahoo. That's why I don't understand, your homepage is not related to certified toolbar.
  • 0

Advertisements


#41
cyerman

cyerman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
If I click on Explorer to open my browser, the certified toolbar opens up a page that is different from my yahoo homepage.
So I don't open explorer for my homepage

I open up Yahoo messenger and click on mail then go the top of that page and put in http//myyahoo.com or just click it on being it's my history and then I get my homepage with no problem.
Sorry, I hope this helps you
  • 0

#42
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Click on the start orb > type NOTEPAD and press [ENTER].

Copy (CTRL + C) and past (CTRL + V):
reg query "HKEY_Local_Machine\Software\Microsoft\Internet Explorer\Main" > C:\log.txt
notepad C:\log.txt
del C:\log.txt
exit

  • Save with the name FIX.BAT
  • The icon looks like this:
    Posted Image
  • Double click in FIX.bat and wait.
  • Copy and past the entire content of the log.txt in your next reply.

  • 0

#43
cyerman

cyerman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main
AutoHide REG_SZ yes
Security Risk Page REG_SZ about:SecurityRisk
Extensions Off Page REG_SZ about:NoAdd-ons
Default_Search_URL REG_SZ http://www.google.com
Default_Page_URL REG_SZ http://go.microsoft....k/?LinkId=69157
Anchor_Visitation_Horizon REG_BINARY 01000000
Cache_Percent_of_Disk REG_BINARY 0A000000
Placeholder_Width REG_BINARY 1A000000
Placeholder_Height REG_BINARY 1A000000
Default_Secondary_Page_URL REG_MULTI_SZ
Use_Async_DNS REG_SZ yes
Start Page REG_SZ http://www.google.com
Local Page REG_SZ C:\Windows\system32\blank.htm
Search Page REG_SZ http://www.google.com
Delete_Temp_Files_On_Exit REG_SZ yes
Enable_Disk_Cache REG_SZ yes
Check_Associations REG_SZ yes
DEPOff REG_DWORD 0x0
StatusBarWeb REG_DWORD 0x1
SearchControlWidth REG_DWORD 0x12c
ForceGDIPlus REG_DWORD 0x0
AlwaysShowMenus REG_DWORD 0x0
ShutdownWaitForOnUnload REG_DWORD 0x0
DNSPreresolution REG_DWORD 0x8
GotoIntranetSiteForSingleWordEntry REG_DWORD 0x0
AutoSearch REG_DWORD 0x1
MaxRenderLine REG_DWORD 0xfa0
Use_DlgBox_Colors REG_SZ yes
Anchor Underline REG_SZ yes
Display Inline Images REG_SZ yes
Display Inline Videos REG_DWORD 0x1
Play_Background_Sounds REG_SZ yes
Play_Animations REG_SZ yes
Print_Background REG_DWORD 0x0
SmoothScroll REG_DWORD 0x1
XMLHTTP REG_DWORD 0x1
Show image placeholders REG_DWORD 0x0
Disable Script Debugger REG_SZ yes
Enable AutoImageResize REG_SZ yes
XDomainRequest REG_DWORD 0x1
DOMStorage REG_DWORD 0x1
EnableAlternativeCodec REG_SZ yes
IE9RunOnceLastShown REG_DWORD 0x0
IE9RunOncePerInstallCompleted REG_DWORD 0x0
IE9TourNoShow REG_DWORD 0x0
IE9TourShown REG_DWORD 0x0
IE9RecommendedSettingsNo REG_DWORD 0x0
FrameTabWindow REG_DWORD 0x1
AdminTabProcs REG_DWORD 0x1
SessionMerging REG_DWORD 0x1
FrameMerging REG_DWORD 0x1
HangRecovery REG_DWORD 0x1
TabShutdownDelay REG_DWORD 0xea60
FrameShutdownDelay REG_DWORD 0x0
TabProcGrowth REG_SZ Medium

HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\ErrorThresholds
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Touch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\UrlTemplate
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\WindowsSearch
  • 0

#44
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Hi,

Nothing related to certified toolbar.

Reset the Internet Explorer preferencies:
http://support.microsoft.com/kb/923737

I think this will solve the problem.
  • 0

#45
cyerman

cyerman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
I tried again, twice what you asked me , http://support.microsoft.com/kb/923737
I still have the problem but I can get around to get to my home page other ways
So I can live with it
Thank you for your help
Gary
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP