--------------------
OTL logfile created on: 4/18/2013 2:34:31 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Razor\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 0.73 Gb Available Physical Memory | 36.46% Memory free
4.22 Gb Paging File | 2.51 Gb Available in Paging File | 59.60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140.68 Gb Total Space | 32.42 Gb Free Space | 23.04% Space Free | Partition Type: NTFS
Drive D: | 8.37 Gb Total Space | 3.54 Gb Free Space | 42.32% Space Free | Partition Type: NTFS
Computer Name: RAZOR-DESKTOP | User Name: Razor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/04/18 14:33:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Razor\Desktop\OTL.exe
PRC - [2013/04/08 06:11:43 | 002,569,168 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
PRC - [2013/04/04 18:41:44 | 025,863,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\Razor\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/03/24 10:01:19 | 000,968,880 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
PRC - [2013/03/24 09:32:48 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files\GamingWonderland\bar\1.bin\gtbarsvc.exe
PRC - [2013/03/24 09:32:48 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files\GamingWonderland\bar\1.bin\gtbrmon.exe
PRC - [2013/03/13 15:00:15 | 000,706,776 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe
PRC - [2013/02/19 15:12:14 | 000,172,416 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2013/02/19 15:08:52 | 000,169,320 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2013/02/19 15:06:50 | 000,203,840 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2013/02/09 09:44:32 | 000,055,320 | ---- | M] (theSideline.com, Inc.) -- C:\Program Files\theSideline.com\Turbo Tourney Pro 2013\tts2013.exe
PRC - [2013/01/14 19:00:22 | 001,278,064 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2012/12/06 13:04:24 | 000,656,576 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\saUI.exe
PRC - [2012/12/04 11:54:14 | 000,095,232 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2012/10/16 09:54:22 | 001,041,736 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe
PRC - [2012/10/08 18:04:18 | 000,166,912 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012/09/25 02:06:14 | 000,195,400 | ---- | M] (NETGEAR) -- C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe
PRC - [2012/09/25 02:06:14 | 000,122,696 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe
PRC - [2012/08/31 14:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2011/03/25 16:50:12 | 003,618,160 | ---- | M] (brother) -- C:\Program Files\Brownie\BrStsWnd.exe
PRC - [2011/01/22 03:13:36 | 000,312,640 | ---- | M] (Smilebox, Inc.) -- C:\Users\Razor\AppData\Roaming\Smilebox\SmileboxTray.exe
PRC - [2010/08/23 10:11:28 | 000,206,240 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
PRC - [2009/11/13 07:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2009/11/13 07:31:12 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2009/11/01 21:30:00 | 002,508,104 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009/09/08 17:12:51 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/20 15:01:28 | 000,222,512 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brownie\BRNIPMON.exe
PRC - [2007/05/30 08:31:10 | 000,312,880 | ---- | M] (GRISOFT s.r.o.) -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
PRC - [2007/03/01 14:40:59 | 000,065,536 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
========== Modules (No Company Name) ==========
MOD - [2013/04/18 14:28:40 | 000,196,512 | ---- | M] () -- C:\Program Files\Java\jre7\bin\jp2iexp.dll
MOD - [2013/04/18 14:28:40 | 000,016,288 | ---- | M] () -- C:\Program Files\Java\jre7\bin\jp2native.dll
MOD - [2013/04/08 06:11:43 | 002,569,168 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
MOD - [2013/04/08 06:08:35 | 002,232,272 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll
MOD - [2013/03/13 16:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Razor\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2012/11/13 19:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Razor\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2012/10/16 21:41:00 | 003,775,488 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Map.dll
MOD - [2012/10/16 09:54:22 | 001,041,736 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe
MOD - [2012/10/11 20:57:28 | 008,295,424 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Resource.dll
MOD - [2012/10/11 20:57:28 | 001,553,408 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\SvtNetworkTool.dll
MOD - [2012/10/11 20:57:28 | 001,188,352 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
MOD - [2012/10/11 20:57:28 | 001,132,032 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
MOD - [2012/10/11 20:57:28 | 001,062,400 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Internet.dll
MOD - [2012/10/11 20:57:28 | 000,920,064 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Ui.dll
MOD - [2012/10/11 20:57:28 | 000,702,464 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\InnerPlugin_Update.dll
MOD - [2012/10/11 20:57:28 | 000,641,536 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
MOD - [2012/10/11 20:57:28 | 000,504,832 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
MOD - [2012/10/11 20:57:28 | 000,500,736 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
MOD - [2012/10/11 20:57:28 | 000,478,720 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\Genie.dll
MOD - [2012/10/11 20:57:28 | 000,438,272 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
MOD - [2012/10/11 20:57:28 | 000,229,888 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Airprint.dll
MOD - [2012/10/11 20:57:28 | 000,186,368 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\DragonNetTool.dll
MOD - [2012/10/11 20:57:28 | 000,150,528 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\DiagnoseDll.dll
MOD - [2012/10/11 20:57:28 | 000,138,752 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\airprintdll.dll
MOD - [2012/10/11 20:57:28 | 000,136,704 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\DiagnosePlugin.dll
MOD - [2012/10/11 20:57:28 | 000,116,224 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\WSetupApiPlugin.dll
MOD - [2012/10/11 20:57:28 | 000,088,064 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\QRCode.dll
MOD - [2012/10/11 20:57:28 | 000,083,968 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\NetcardApi.dll
MOD - [2012/10/11 20:57:28 | 000,082,432 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\SVTUtils.dll
MOD - [2012/10/11 20:57:28 | 000,076,288 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\WSetupDll.dll
MOD - [2012/09/25 02:06:14 | 001,233,389 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\drivers\libntgr_api.dll
MOD - [2012/09/25 02:06:14 | 000,122,696 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe
MOD - [2012/05/11 02:24:16 | 009,814,016 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\QtGui4.dll
MOD - [2012/05/11 02:24:16 | 002,537,472 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\QtCore4.dll
MOD - [2012/05/11 02:24:16 | 001,140,224 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\QtNetwork4.dll
MOD - [2012/05/11 02:24:16 | 000,399,360 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\QtXml4.dll
MOD - [2012/05/11 02:24:16 | 000,287,232 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\imageformats\qjpeg4.dll
MOD - [2012/05/11 02:24:16 | 000,083,456 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\imageformats\qico4.dll
MOD - [2012/05/11 02:24:16 | 000,083,456 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\imageformats\qgif4.dll
MOD - [2012/05/09 22:34:06 | 000,043,008 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
MOD - [2012/05/09 22:34:06 | 000,011,362 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\mingwm10.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
========== Services (SafeList) ==========
SRV - [2013/04/08 06:11:43 | 002,569,168 | ---- | M] () [Auto | Running] -- C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect)
SRV - [2013/03/24 10:01:19 | 000,968,880 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe -- (vToolbarUpdater14.2.0)
SRV - [2013/03/24 09:32:48 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files\GamingWonderland\bar\1.bin\gtbarsvc.exe -- (GamingWonderlandService)
SRV - [2013/03/13 15:00:20 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/19 15:12:14 | 000,172,416 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2013/02/19 15:08:52 | 000,169,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2013/02/19 15:06:50 | 000,203,840 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2012/12/04 11:54:14 | 000,095,232 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2012/11/16 22:07:20 | 000,279,048 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2012/10/08 18:04:18 | 000,166,912 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012/09/25 02:06:14 | 000,195,400 | ---- | M] (NETGEAR) [Auto | Running] -- C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe -- (NETGEARGenieDaemon)
SRV - [2012/08/31 14:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2012/08/31 14:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2012/08/31 14:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2012/08/31 14:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2012/08/31 14:20:06 | 000,167,784 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2009/11/13 07:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009/10/23 17:58:06 | 000,582,424 | ---- | M] (ParetoLogic Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\XoftSpySE\6\xoftspyservice.exe -- (XoftSpyService)
SRV - [2009/09/08 17:12:51 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/05/30 08:31:10 | 000,312,880 | ---- | M] (GRISOFT s.r.o.) [Auto | Running] -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe -- (AVG Anti-Spyware Guard)
SRV - [2007/03/01 14:40:59 | 000,065,536 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (mfeavfk01)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013/03/24 10:01:19 | 000,033,112 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/02/19 15:15:04 | 000,060,920 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2013/02/19 15:12:24 | 000,210,608 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2013/02/19 15:10:52 | 000,092,632 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2013/02/19 15:09:52 | 000,565,888 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2013/02/19 15:09:02 | 000,363,080 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2013/02/19 15:08:40 | 000,065,928 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2013/02/19 15:08:20 | 000,235,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2013/02/19 15:07:50 | 000,133,416 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2013/01/08 21:15:13 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2012/10/08 18:04:18 | 000,023,040 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2012/04/20 17:40:44 | 000,146,872 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HipShieldK.sys -- (HipShieldK)
DRV - [2009/06/10 03:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009/04/11 01:06:26 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan)
DRV - [2008/01/19 02:14:59 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007/06/29 10:11:02 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/20 04:28:38 | 000,267,264 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2007/05/30 08:10:42 | 000,011,000 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys -- (AVG Anti-Spyware Driver)
DRV - [2007/05/30 08:10:42 | 000,010,872 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\AvgAsCln.sys -- (AvgAsCln)
DRV - [2007/02/27 12:39:26 | 000,032,256 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2007/02/12 17:55:56 | 000,075,776 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2006/11/02 03:30:56 | 002,589,184 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw2v32.sys -- (NETw2v32)
DRV - [2006/10/10 13:53:48 | 000,005,632 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2006/05/18 09:49:02 | 000,061,067 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2006/05/18 09:48:50 | 000,047,249 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2006/02/16 17:51:08 | 000,004,096 | R--- | M] (SuperAdBlocker, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2003/10/02 14:47:14 | 000,666,624 | ---- | M] (GlobespanVirata, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PRISMUSB.sys -- (PRISM_USB)
DRV - [2000/07/24 02:01:00 | 000,019,537 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\BRPAR.SYS -- (BrPar)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpa...3-0019D1542C71}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\..\URLSearchHook: {37153479-1976-43c3-a1ee-557513977b64} - C:\Program Files\Coupons.com\prxtbCou0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {84e53b2b-b8f6-4b9a-ab0c-fc293d0f7a45} - No CLSID value found
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2559647
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...3-0019D1542C71}
IE - HKLM\..\SearchScopes\{F5102CF6-67BD-4317-8772-738C0D3B6CDC}: "URL" = http://www.google.co...age={startPage}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = https://www.facebook...home.php?ref=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.live.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {a8625cb7-85fe-4936-92a4-b2a7c925209e} - No CLSID value found
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {347E9CD7-21C9-4B3A-892F-24686313828A}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www1.delta-se...EC60019D1542C71
IE - HKCU\..\SearchScopes\{347E9CD7-21C9-4B3A-892F-24686313828A}: "URL" = http://www.google.co...&rlz=1I7GGIT_en
IE - HKCU\..\SearchScopes\{43CF2460-F0EF-4FA2-A223-D90FE2CB4126}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://mysearch.avg....sa&d=2013-03-24 10:02:01&v=14.2.0.1&pid=safeguard&sg=1&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://dl.ask.com/to...m=1&toolbar=GV2
IE - HKCU\..\SearchScopes\{D22DF367-8FA2-42A5-879A-9758C23AF6E8}: "URL" = http://search.yahoo....=utf-8&fr=b2ie7
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...3-0019D1542C71}
IE - HKCU\..\SearchScopes\{F4C99084-C7ED-4A49-9D6E-F3B7D7A71944}: "URL" = http://search.yahoo....p={SearchTerms}
IE - HKCU\..\SearchScopes\{F5102CF6-67BD-4317-8772-738C0D3B6CDC}: "URL" = http://www.google.co...age={startPage}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@GamingWonderland.com/Plugin: C:\Program Files\GamingWonderland\bar\1.bin\NPgtStub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=2.5: C:\Program Files\Virtual Earth 3D\ [2008/10/23 09:15:48 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=3.0: C:\Program Files\Virtual Earth 3D\ [2008/10/23 09:15:48 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.3088: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.3146: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.3006: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: File not found
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\Razor\AppData\Local\Roblox\Versions\version-54257e546c7e4443\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2007/11/18 18:49:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2013/01/31 04:49:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2013/04/18 14:16:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\GamingWonderland\bar\1.bin [2013/03/24 09:32:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Mozilla FireFox\extensions\[email protected] [2013/04/10 19:43:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HappyLyrics\FF\ [2013/04/10 19:42:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{0F827075-B026-42F3-885D-98981EE7B1AE}: C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension [2013/04/10 19:43:24 | 000,000,000 | ---D | M]
[2008/12/24 22:12:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Razor\AppData\Roaming\Mozilla\Extensions
[2008/12/24 22:12:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Razor\AppData\Roaming\Mozilla\Extensions\[email protected]
[2012/01/23 12:57:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Razor\AppData\Roaming\Mozilla\Firefox\extensions
[2012/01/23 12:57:13 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Razor\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2013/04/10 19:43:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/04/10 19:43:43 | 000,000,000 | ---D | M] (InfoAtoms) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
O1 HOSTS File: ([2010/09/06 13:00:28 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (SelectionLinks) - {3352F334-A389-4004-A026-3A161A0C69A7} - C:\Program Files\OApps\SelectionLinks.dll (SelectionLinks)
O2 - BHO: (Coupons.com Toolbar) - {37153479-1976-43c3-a1ee-557513977b64} - C:\Program Files\Coupons.com\prxtbCou0.dll (Conduit Ltd.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Happy Lyrics) - {59C0C5BD-2579-433A-BBB8-AFFD59642BAF} - C:\Program Files\HappyLyrics\hppylrc.dll (Happy Productions)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120629172243.dll (McAfee, Inc.)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O2 - BHO: (Search Assistant BHO) - {ab5d199e-9659-47a2-930b-fc3b69061353} - C:\Program Files\GamingWonderland\bar\1.bin\gtSrcAs.dll (MindSpark)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.16.16\bh\delta.dll (Delta-search.com)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Coupons.com Toolbar) - {37153479-1976-43C3-A1EE-557513977B64} - C:\Program Files\Coupons.com\prxtbCou0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BrStsWnd] C:\Program Files\Brownie\BrstsWnd.exe (brother)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [GamingWonderland Browser Plugin Loader] C:\Program Files\GamingWonderland\bar\1.bin\gtbrmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [GamingWonderland Search Scope Monitor] C:\Program Files\GamingWonderland\bar\1.bin\gtSrchMn.exe (MindSpark)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKCU..\Run: [NETGEARGenie] C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe ()
O4 - HKCU..\Run: [SmileboxTray] C:\Users\Razor\AppData\Roaming\Smilebox\SmileboxTray.exe (Smilebox, Inc.)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKCU..\Run: [Xvid] C:\Program Files\XviD\CheckUpdate.exe ()
O4 - Startup: C:\Users\Razor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Razor\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B91B512A-5EE2-4EAC-AF4C-D552AAD3D150}: DhcpNameServer = 10.0.0.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll ()
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (c:\progra~2\browse~1\261125~1.80\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Razor\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Razor\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {57B86673-276A-48B2-BAE7-C6DBB3020EB8} - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll (GRISOFT s.r.o.)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {88485281-8b4b-4f8d-9ede-82e29a064277} - C:\Program Files\MarkAny\ContentSafer\MACSMANAGER.dll (MarkAny Cooperation.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 20:01:00 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{43d327a3-4500-11e2-ad24-0019d1542c71}\Shell - "" = AutoRun
O33 - MountPoints2\{43d327a3-4500-11e2-ad24-0019d1542c71}\Shell\AutoRun\command - "" = K:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\{6efc9600-4c96-11e2-9d89-0019d1542c71}\Shell - "" = AutoRun
O33 - MountPoints2\{6efc9600-4c96-11e2-9d89-0019d1542c71}\Shell\AutoRun\command - "" = K:\HTC_Sync_Manager_PC.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/04/18 14:33:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Razor\Desktop\OTL.exe
[2013/04/18 14:31:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/04/18 14:18:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013/04/11 12:08:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/04/11 12:06:49 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/04/11 12:06:33 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/04/11 12:06:32 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/04/10 19:43:33 | 000,000,000 | ---D | C] -- C:\Windows\System32\Extensions
[2013/04/10 19:43:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\searchplugins
[2013/04/10 19:43:32 | 000,000,000 | ---D | C] -- C:\Users\Razor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
[2013/04/10 19:43:15 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect
[2013/04/10 19:43:14 | 000,000,000 | ---D | C] -- C:\Program Files\Delta
[2013/04/10 19:43:02 | 000,000,000 | ---D | C] -- C:\Users\Razor\AppData\Roaming\BabSolution
[2013/04/10 19:42:37 | 000,000,000 | ---D | C] -- C:\Users\Razor\Desktop\world
[2013/04/10 19:42:19 | 000,000,000 | ---D | C] -- C:\Program Files\InfoAtoms
[2013/04/10 19:42:19 | 000,000,000 | ---D | C] -- C:\Program Files\HappyLyrics
[2013/04/10 19:42:18 | 000,000,000 | ---D | C] -- C:\Program Files\OApps
[2013/04/10 19:42:16 | 000,000,000 | ---D | C] -- C:\Users\Razor\AppData\Roaming\Babylon
[2013/04/10 19:42:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013/04/10 18:57:10 | 000,000,000 | ---D | C] -- C:\Users\Razor\AppData\Roaming\.minecraft
[2013/04/10 18:00:49 | 000,000,000 | ---D | C] -- C:\Program Files\SweetIM
[2013/04/03 17:25:47 | 000,000,000 | ---D | C] -- C:\Users\Razor\Documents\ROBLOX
[2013/03/24 10:02:35 | 000,000,000 | ---D | C] -- C:\Users\Razor\AppData\Local\AVG SafeGuard toolbar
[2013/03/24 10:01:58 | 000,033,112 | ---- | C] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2013/03/24 10:01:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2013/03/24 10:01:48 | 000,000,000 | ---D | C] -- C:\Program Files\AVG SafeGuard toolbar
[2013/03/24 10:01:06 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/03/24 09:32:47 | 000,000,000 | ---D | C] -- C:\Program Files\GamingWonderland
[2013/03/24 09:32:16 | 000,000,000 | ---D | C] -- C:\Program Files\GamingWonderlandEI
[2013/03/21 19:13:51 | 000,000,000 | ---D | C] -- C:\Program Files\Dropbox
[2013/03/21 19:12:55 | 000,000,000 | ---D | C] -- C:\Users\Razor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2007/06/18 20:44:01 | 000,488,144 | ---- | C] (Soeperman Enterprises Ltd ) -- C:\Users\Razor\HJTsetup.exe
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/04/18 14:33:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Razor\Desktop\OTL.exe
[2013/04/18 14:12:36 | 000,000,328 | ---- | M] () -- C:\Windows\Brownie.ini
[2013/04/18 14:12:04 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/18 14:12:02 | 000,000,364 | ---- | M] () -- C:\Windows\tasks\Happy Lyrics Update.job
[2013/04/18 14:11:15 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/18 14:11:15 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/18 14:11:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/18 14:11:04 | 2136,227,840 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/18 13:51:47 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/18 13:10:49 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/18 05:22:49 | 000,000,418 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
[2013/04/17 18:00:46 | 000,000,444 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2013/04/12 21:13:00 | 000,000,270 | ---- | M] () -- C:\Windows\tasks\Uniblue SpeedUpMyPC Nag.job
[2013/04/12 16:36:17 | 000,000,532 | ---- | M] () -- C:\Users\Razor\Desktop\server.properties
[2013/04/11 15:03:36 | 000,001,196 | ---- | M] () -- C:\Users\Razor\Desktop\ROBLOX Player.lnk
[2013/04/11 15:02:44 | 000,001,003 | ---- | M] () -- C:\Users\Razor\Desktop\ROBLOX Studio 2013.lnk
[2013/04/11 14:48:14 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/04/11 14:48:14 | 000,104,202 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/04/11 12:08:47 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/04/11 03:35:48 | 000,295,896 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/04/10 19:42:23 | 002,537,984 | ---- | M] () -- C:\Users\Razor\Desktop\Minecraft_Server5.exe
[2013/04/10 18:57:04 | 000,263,186 | ---- | M] () -- C:\Users\Razor\Desktop\Minecraft151.exe
[2013/04/06 03:23:31 | 000,000,994 | ---- | M] () -- C:\Users\Razor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/04/06 03:23:02 | 000,000,962 | ---- | M] () -- C:\Users\Razor\Desktop\Dropbox.lnk
[2013/03/24 10:01:19 | 000,033,112 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2013/03/21 20:05:18 | 000,002,015 | ---- | M] () -- C:\Users\Razor\Desktop\Turbo Tourney Pro 2013.lnk
[2013/03/21 18:55:24 | 000,001,991 | ---- | M] () -- C:\Users\Public\Desktop\Turbo Tourney Pro 2013.lnk
[2013/03/21 18:55:23 | 000,001,989 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Turbo Tourney 2013 Scheduler.lnk
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/04/12 01:25:29 | 000,114,176 | ---- | C] () -- C:\Users\Razor\AppData\Roaming\BabMaint.exe
[2013/04/11 12:08:47 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/04/10 19:42:34 | 000,000,532 | ---- | C] () -- C:\Users\Razor\Desktop\server.properties
[2013/04/10 19:42:24 | 000,000,364 | ---- | C] () -- C:\Windows\tasks\Happy Lyrics Update.job
[2013/04/10 19:42:22 | 002,537,984 | ---- | C] () -- C:\Users\Razor\Desktop\Minecraft_Server5.exe
[2013/04/10 18:57:04 | 000,263,186 | ---- | C] () -- C:\Users\Razor\Desktop\Minecraft151.exe
[2013/04/03 17:24:45 | 000,001,003 | ---- | C] () -- C:\Users\Razor\Desktop\ROBLOX Studio 2013.lnk
[2013/03/21 20:05:18 | 000,002,015 | ---- | C] () -- C:\Users\Razor\Desktop\Turbo Tourney Pro 2013.lnk
[2013/03/21 19:50:39 | 000,000,962 | ---- | C] () -- C:\Users\Razor\Desktop\Dropbox.lnk
[2013/03/21 19:16:04 | 000,000,994 | ---- | C] () -- C:\Users\Razor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/03/21 18:55:24 | 000,001,991 | ---- | C] () -- C:\Users\Public\Desktop\Turbo Tourney Pro 2013.lnk
[2013/03/21 18:55:23 | 000,001,989 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Turbo Tourney 2013 Scheduler.lnk
[2012/10/20 15:37:37 | 000,000,680 | ---- | C] () -- C:\Users\Razor\AppData\Local\d3d9caps.dat
[2011/12/15 17:03:23 | 000,000,410 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/12/15 17:02:27 | 000,000,141 | ---- | C] () -- C:\Windows\BRVIDEO.INI
[2011/12/15 17:02:27 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2011/12/15 17:01:35 | 000,022,892 | ---- | C] () -- C:\Windows\HL-3070CW.INI
[2011/12/15 17:01:33 | 000,045,056 | ---- | C] () -- C:\Windows\System32\BRTCPCON.DLL
[2011/12/15 17:01:32 | 000,000,114 | ---- | C] () -- C:\Windows\System32\BRLMW03A.INI
[2011/12/15 17:01:31 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRADC08A.DAT
[2011/12/15 17:00:08 | 000,000,328 | ---- | C] () -- C:\Windows\Brownie.ini
[2011/04/27 08:53:27 | 000,009,806 | -HS- | C] () -- C:\Users\Razor\AppData\Local\18o18nm6b8nty5e
[2011/04/27 08:53:27 | 000,009,806 | -HS- | C] () -- C:\ProgramData\18o18nm6b8nty5e
[2010/09/03 21:33:01 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/11/18 13:04:41 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/11/05 14:02:53 | 000,000,000 | ---- | C] () -- C:\Users\Razor\AppData\Roaming\wklnhst.dat
[2009/04/19 15:00:09 | 000,037,189 | ---- | C] () -- C:\Users\Razor\ (2)
[2007/04/02 01:04:00 | 000,082,432 | ---- | C] () -- C:\Users\Razor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2006/11/02 08:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 02:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/04/10 20:22:51 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\.minecraft
[2013/04/10 19:43:07 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\BabSolution
[2013/04/10 19:42:16 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Babylon
[2013/04/15 12:30:03 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\BitTorrent
[2013/01/28 15:04:04 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Canon
[2011/05/12 07:02:02 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Catalina Marketing Corp
[2013/04/15 12:35:32 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\ConverterLite
[2008/11/08 16:48:58 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\DataCast
[2013/04/18 14:16:15 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Dropbox
[2007/06/18 22:33:04 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Grisoft
[2008/04/13 11:03:52 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\LimeWire
[2008/07/13 14:47:28 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\MusicNet
[2007/04/02 19:49:50 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\SampleView
[2011/03/05 14:36:02 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Smilebox
[2008/01/22 11:00:34 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\SpinTop
[2009/11/05 14:02:52 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Template
[2011/03/18 18:18:14 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\theSideline.com
[2008/12/24 22:03:58 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\TomTom
[2008/07/14 19:08:45 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\TuxPaint
[2007/06/13 21:15:52 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Uniblue
========== Purity Check ==========
< End of report >