Yes, date is showing good... However, just letting you know that I must've uninstalled Chrome at an earlier date and some remnants may have been left behind. I could find no reference to it other than the ...users/my name/app data/one of the roaming directories/google/chrome.... I deleted that directory... Then I followed the rest of your directions...
*****************************************************************************************
# AdwCleaner v2.300 - Logfile created 05/11/2013 at 11:37:16
# Updated 28/04/2013 by Xplode
# Operating system : Windows 8 Pro (32 bits)
# User : Michael - MICHAEL
# Boot Mode : Normal
# Running from : C:\Users\Michael\Downloads\adwcleaner(1).exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Folder Deleted : C:\Users\Michael\AppData\Roaming\NCdownloader
***** [Registry] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Software
***** [Internet Browsers] *****
-\\ Internet Explorer v10.0.9200.16537
[OK] Registry is clean.
-\\ Mozilla Firefox v20.0.1 (en-US)
File : C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\temto84b.default\prefs.js
Deleted : user_pref("extensions.516a9c4243414.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Deleted : user_pref("extensions.51858348126b3.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
File : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\hy027qr5.default\prefs.js
[OK] File is clean.
*************************
AdwCleaner[S1].txt - [2168 octets] - [11/05/2013 11:37:16]
########## EOF - C:\AdwCleaner[S1].txt - [2228 octets] ##########
**************************************************************************
OTL logfile created on: 5 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Michael\Desktop
Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000409 | Country: United States | Language: ENU | Date Format:
2.99 Gb Total Physical Memory | 2.04 Gb Available Physical Memory | 68.15% Memory free
3.49 Gb Paging File | 2.53 Gb Available in Paging File | 72.43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.42 Gb Total Space | 376.17 Gb Free Space | 80.82% Space Free | Partition Type: NTFS
Drive D: | 750.14 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: MICHAEL | User Name: Michael | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013 (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013 (Siber Systems) -- C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2013 (Power Software Ltd) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2013 (OldTimer Tools) -- C:\Users\Michael\Desktop\OTL(1).exe
PRC - [2013 (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013 (Microsoft Corporation) -- C:\Windows\System32\taskhostex.exe
PRC - [2013 (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2013 (IvoSoft) -- C:\Program Files\Classic Shell\ClassicStartMenu.exe
PRC - [2013 (IvoSoft) -- C:\Program Files\Classic Shell\ClassicShellService.exe
PRC - [2013 (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
PRC - [2012 (Nitro PDF Software) -- C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe
PRC - [2012 (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012 (Microsoft Corporation) -- C:\Windows\sppsvc.exe
PRC - [2012 (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2012 (Microsoft Corporation) -- C:\Windows\System32\dasHost.exe
PRC - [2012 (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2012 (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2009 (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
========== Modules (No Company Name) ========== MOD - [2013 () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_169.dll
MOD - [2013 () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011 () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010 () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
========== Services (SafeList) ========== SRV - [2013 (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013 (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013 (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013 (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\wlidsvc.dll -- (wlidsvc)
SRV - [2013 (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2013 (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\TimeBrokerServer.dll -- (TimeBroker)
SRV - [2013 (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV - [2013 (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofmsvc.dll -- (netprofm)
SRV - [2013 (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsm.dll -- (LSM)
SRV - [2013 (IvoSoft) [Auto | Running] -- C:\Program Files\Classic Shell\ClassicShellService.exe -- (ClassicShellService)
SRV - [2013 (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012 (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe -- (NitroDriverReadSpool8)
SRV - [2012 (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WSService.dll -- (WSService)
SRV - [2012 (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wiarpc.dll -- (WiaRpc)
SRV - [2012 (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wcmsvc.dll -- (Wcmsvc)
SRV - [2012 (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicvss)
SRV - [2012 (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmictimesync)
SRV - [2012 (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicshutdown)
SRV - [2012 (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicrdv)
SRV - [2012 (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmickvpexchange)
SRV - [2012 (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicheartbeat)
SRV - [2012 (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\vaultsvc.dll -- (VaultSvc)
SRV - [2012 (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\svsvc.dll -- (svsvc)
SRV - [2012 (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2012 (Microsoft Corporation) [Auto | Running] -- C:\Windows\sppsvc.exe -- (SLSvc)
SRV - [2012 (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2012 (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\spool\drivers\w32x86\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012 (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2012 (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2012 (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NcaSvc.dll -- (NcaSvc)
SRV - [2012 (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012 (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\keyiso.dll -- (KeyIso)
SRV - [2012 (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\fhsvc.dll -- (fhsvc)
SRV - [2012 (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\efssvc.dll -- (EFS)
SRV - [2012 (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DeviceSetupManager.dll -- (DsmSvc)
SRV - [2012 (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\das.dll -- (DeviceAssociationService)
SRV - [2012 (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\bisrv.dll -- (BrokerInfrastructure)
SRV - [2012 (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV - [2012 (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV - [2012 (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2012 (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2009 (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
========== Driver Services (SafeList) ========== DRV - [2013 (Power Software Ltd) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2013 (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\System32\Drivers\WdFilter.sys -- (WdFilter)
DRV - [2013 (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\WdBoot.sys -- (WdBoot)
DRV - [2013 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV - [2013 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV - [2013 (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\tpm.sys -- (TPM)
DRV - [2013 (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\storahci.sys -- (storahci)
DRV - [2013 (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\spaceport.sys -- (spaceport)
DRV - [2013 (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\pdc.sys -- (pdc)
DRV - [2013 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV - [2013 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV - [2012 (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV - [2012 (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\Rt630x86.sys -- (RTL8168)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\wpcfltr.sys -- (wpcfltr)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\winusb.sys -- (WinUsb)
DRV - [2012 (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2012 (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmbus.sys -- (vmbus)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VerifierExt.sys -- (VerifierExt)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\UCX01000.SYS -- (UCX01000)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\uaspstor.sys -- (UASPStor)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\terminpt.sys -- (terminpt)
DRV - [2012 (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\storvsc.sys -- (storvsc)
DRV - [2012 (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmstorfl.sys -- (storflt)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SpbCx.sys -- (SpbCx)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SerCx.sys -- (SerCx)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\sdstor.sys -- (sdstor)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vms3cap.sys -- (s3cap)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012 (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\npsvctrig.sys -- (npsvctrig)
DRV - [2012 (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\Ndu.sys -- (Ndu)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\mslldp.sys -- (MsLldp)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\mshidumdf.sys -- (mshidumdf)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\kdnic.sys -- (kdnic)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\HyperVideo.sys -- (HyperVideo)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hyperkbd.sys -- (hyperkbd)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hidi2c.sys -- (hidi2c)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vmgencounter.sys -- (gencounter)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\fxppm.sys -- (FxPPM)
DRV - [2012 (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV - [2012 (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\EhStorClass.sys -- (EhStorClass)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\dmvsc.sys -- (dmvsc)
DRV - [2012 (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\dam.sys -- (dam)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\condrv.sys -- (condrv)
DRV - [2012 (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\cnghwassist.sys -- (cnghwassist)
DRV - [2012 (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\clfs.sys -- (CLFS)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthhfHid.sys -- (bthhfhid)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV - [2012 (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicRender.sys -- (BasicRender)
DRV - [2012 (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpitime.sys -- (acpitime)
DRV - [2012 (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpipagr.sys -- (acpipagr)
DRV - [2012 (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\acpiex.sys -- (acpiex)
DRV - [2012 (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\mvumis.sys -- (mvumis)
DRV - [2012 (LSI) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\3ware.sys -- (3ware)
DRV - [2012 (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV - [2012 (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2012 (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\netwlv32.sys -- (netwlv32)
DRV - [2009 (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007 (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\TVALZ_O.SYS -- (TVALZ)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.foxnews.com/IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...Box&FORM=IE10SRIE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.foxnews.com"
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:3.8.7
FF - prefs.js..extensions.enabledAddons: %7Bbee6eb20-01e0-ebd1-da83-080329fb9a3a%7D:1.32
FF - prefs.js..extensions.enabledAddons: %7B82AF8DCA-6DE9-405D-BD5E-43525BDAD38A%7D:6.8.0.12323
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2013
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2013
[2013
[2013
[2013
[2013 () (No name found) -- C:\Users\Michael\AppData\Roaming\mozilla\firefox\profiles\temto84b.default\extensions\
[email protected][2013
[2013
[2013
[2013
[2013 (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013 () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013 () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: () - C:\Windows\System32\Drivers\etc\hosts
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Driver Genius] File not found
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKCU..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Show RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe (IvoSoft)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.0.1 8.8.8.8 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F0F8A4E-29FC-4529-A2C6-7725E929927A}: DhcpNameServer = 10.1.0.1 8.8.8.8 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012 () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010 () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{2465b593-92e8-11e2-afbb-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2465b593-92e8-11e2-afbb-806e6f6e6963}\Shell\AutoRun\command - "" = D:\SETUP.EXE -- [2010 (Microsoft Corporation)
O33 - MountPoints2\{2465b593-92e8-11e2-afbb-806e6f6e6963}\Shell\configure\command - "" = D:\setup.exe -- [2010 (Microsoft Corporation)
O33 - MountPoints2\{2465b593-92e8-11e2-afbb-806e6f6e6963}\Shell\install\command - "" = D:\setup.exe -- [2010 (Microsoft Corporation)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = "E:\setup.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013 (Windows XP Bundled build C-Centric Single User) -- C:\WINDOWS\System32\CSVer.dll
[2013 (Waves Audio Ltd.) -- C:\WINDOWS\System32\WavesLib.dll
[2013 (Waves Audio Ltd.) -- C:\WINDOWS\System32\MaxxAudioEQ.dll
[2013 (Waves Audio Ltd.) -- C:\WINDOWS\System32\MaxxAudioAPO20.dll
[2013 (Waves Audio Ltd.) -- C:\WINDOWS\System32\MaxxAudioAPO.dll
[2013 (SRS Labs, Inc.) -- C:\WINDOWS\System32\SRSWOW.dll
[2013 (SRS Labs, Inc.) -- C:\WINDOWS\System32\SRSTSXT.dll
[2013 (SRS Labs, Inc.) -- C:\WINDOWS\System32\SRSTSHD.dll
[2013 (SRS Labs, Inc.) -- C:\WINDOWS\System32\SRSHP360.dll
[2013 (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioVisualization2.dll
[2013 (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioTransform2.dll
[2013 (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioRecord2.dll
[2013 (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioPlayer2.dll
[2013 (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioInformation2.dll
[2013 (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioEditor2.dll
[2013 (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioDisplay2.dll
[2013 (Online Media Technologies Ltd.) -- C:\WINDOWS\System32\NCTAudioDesign2.dll
[2013 (OldTimer Tools) -- C:\Users\Michael\Desktop\OTL(1).exe
[2013 (Nitro PDF Software) -- C:\WINDOWS\System32\nitrolocalui2.dll
[2013 (Nitro PDF Software) -- C:\WINDOWS\System32\nitrolocalmon2.dll
[2013 (NCT) -- C:\WINDOWS\System32\NCTAudioCDGrabber2.dll
[2013 (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTWMAFile2.dll
[2013 (NCT Company Ltd.) -- C:\WINDOWS\System32\NCTAudioFile2.dll
[2013 (Fortemedia Corporation) -- C:\WINDOWS\System32\FMAPO.dll
[2013 (Dolby Laboratories, Inc.) -- C:\WINDOWS\System32\RP3DHT32.dll
[2013 (Dolby Laboratories, Inc.) -- C:\WINDOWS\System32\RP3DAA32.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Users\Michael\*.tmp files -> C:\Users\Michael\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2018 () -- C:\WINDOWS\System32\slmgr.vbs
[2013 (OldTimer Tools) -- C:\Users\Michael\Desktop\OTL(1).exe
[2013 () -- C:\Users\Michael\Documents\words3.csv
[2013 () -- C:\Users\Michael\Documents\words2.csv
[2013 () -- C:\Users\Michael\Documents\words.csv
[2013 () -- C:\Users\Public\Desktop\TurboTax 2012.lnk
[2013 () -- C:\swapfile.sys
[2013 () -- C:\Users\Public\Desktop\Skype.lnk
[2013 () -- C:\Users\Michael\Desktop\Removed Apps.html
[2013 () -- C:\Users\Public\Desktop\PowerISO.lnk
[2013 () -- C:\WINDOWS\System32\perfh009.dat
[2013 () -- C:\WINDOWS\System32\perfc009.dat
[2013 () -- C:\Users\Michael\Documents\OET-Draft-Grit-Report-2-17-13.pdf
[2013 () -- C:\Users\Public\Desktop\Nitro Pro 8.lnk
[2013 () -- C:\Users\Michael\Documents\New Image File.iso
[2013 () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2013 () -- C:\WINDOWS\System32\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2013 () -- C:\WINDOWS\System32\drivers\Msft_Kernel_SynTP_01007.Wdf
[2013 () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013 () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2013 () -- C:\Users\Michael\Desktop\Microsoft Fix it.url
[2013 () -- C:\Users\Michael\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013 () -- C:\Users\Michael\Documents\kim un.jpg
[2013 () -- C:\Users\Public\Desktop\Jasc Paint Shop Pro 9.lnk
[2013 () -- C:\Users\Michael\Documents\Invoice_1553_from_Atlas_Technology_Group_LLC.pdf
[2013 () -- C:\Users\Michael\Documents\Invoice_130417001039631753.pdf
[2013 () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2013 () -- C:\hiberfil.sys
[2013 () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013 () -- C:\Users\Michael\Documents\Enterprise.gif
[2013 () -- C:\Users\Michael\Desktop\Driver Genius.lnk
[2013 () -- C:\WINDOWS\diagwrn.xml
[2013 () -- C:\WINDOWS\diagerr.xml
[2013 () -- C:\Users\Michael\Desktop\cuteftppro.exe - Shortcut.lnk
[2013 () -- C:\Users\Public\Desktop\Canon MX320 series On-screen Manual.lnk
[2013 () -- C:\Users\Public\Desktop\Canon MP Navigator EX 2.1.lnk
[2013 () -- C:\WINDOWS\bootstat.dat
[2013 () -- C:\WINDOWS\tasks\AutoKMS.job
[2013 () -- C:\WINDOWS\AutoKMS.ini
[2013 () -- C:\WINDOWS\AutoKMS.exe
[2013 () -- C:\Users\Michael\Desktop\Audio Editor Deluxe.lnk
[2013 () -- C:\Users\Michael\Desktop\Artisteer 4.lnk
[2013 () -- C:\Users\Michael\Documents\AReceipt_36175159.pdf
[2013 () -- C:\Users\Public\Desktop\Applian FLV and Media Player.lnk
[2013 () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013 () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013 () -- C:\Users\Michael\Documents\138651077-Obama-Birth-Certificate-No-Seal-Alabama-Supreme-Court-Fogbow-Upload-4-24-2013.pdf
[2013 () -- C:\Users\Public\Desktop\µTorrent.lnk
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Users\Michael\*.tmp files -> C:\Users\Michael\*.tmp -> ]
========== Files Created - No Company Name ========== [2013 () -- C:\Users\Michael\Documents\words3.csv
[2013 () -- C:\Users\Michael\Documents\words2.csv
[2013 () -- C:\Users\Michael\Documents\words.csv
[2013 () -- C:\Users\Michael\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013 () -- C:\Users\Public\Desktop\TurboTax 2012.lnk
[2013 () -- C:\swapfile.sys
[2013 () -- C:\Users\Public\Desktop\Skype.lnk
[2013 () -- C:\Users\Michael\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013 () -- C:\WINDOWS\System32\drivers\RTEQEX0.dat
[2013 () -- C:\Users\Public\Desktop\PowerISO.lnk
[2013 () -- C:\Users\Michael\Documents\OET-Draft-Grit-Report-2-17-13.pdf
[2013 () -- C:\WINDOWS\System32\OEMLicense.dll
[2013 () -- C:\Users\Public\Desktop\Nitro Pro 8.lnk
[2013 () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 8.lnk
[2013 () -- C:\Users\Michael\Documents\New Image File.iso
[2013 () -- C:\WINDOWS\System32\NCTWMAProfiles.prx
[2013 () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2013 () -- C:\WINDOWS\System32\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2013 () -- C:\WINDOWS\System32\drivers\Msft_Kernel_SynTP_01007.Wdf
[2013 () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013 () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013 () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2013 () -- C:\Users\Michael\Desktop\Microsoft Fix it.url
[2013 () -- C:\Users\Michael\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013 () -- C:\Users\Michael\lametritonus_en.dll
[2013 () -- C:\Users\Michael\lame_enc_en.dll
[2013 () -- C:\Users\Michael\Documents\kim un.jpg
[2013 () -- C:\Users\Public\Desktop\Jasc Paint Shop Pro 9.lnk
[2013 () -- C:\Users\Michael\Documents\Invoice_1553_from_Atlas_Technology_Group_LLC.pdf
[2013 () -- C:\Users\Michael\Documents\Invoice_130417001039631753.pdf
[2013 () -- C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013 () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013 () -- C:\Users\Michael\Documents\Enterprise.gif
[2013 () -- C:\Users\Michael\Desktop\Driver Genius.lnk
[2013 () -- C:\WINDOWS\diagwrn.xml
[2013 () -- C:\WINDOWS\diagerr.xml
[2013 () -- C:\Users\Michael\Desktop\cuteftppro.exe - Shortcut.lnk
[2013 () -- C:\WINDOWS\System32\CNC1736D.TBL
[2013 () -- C:\Users\Public\Desktop\Canon MX320 series On-screen Manual.lnk
[2013 () -- C:\Users\Public\Desktop\Canon MP Navigator EX 2.1.lnk
[2013 () -- C:\WINDOWS\tasks\AutoKMS.job
[2013 () -- C:\WINDOWS\AutoKMS.ini
[2013 () -- C:\WINDOWS\AutoKMS.exe
[2013 () -- C:\Users\Michael\Desktop\Audio Editor Deluxe.lnk
[2013 () -- C:\Users\Michael\Desktop\Artisteer 4.lnk
[2013 () -- C:\Users\Michael\Documents\AReceipt_36175159.pdf
[2013 () -- C:\Users\Public\Desktop\Applian FLV and Media Player.lnk
[2013 () -- C:\WINDOWS\System32\ApnDatabase.xml
[2013 () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013 () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013 () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013 () -- C:\Users\Michael\Documents\138651077-Obama-Birth-Certificate-No-Seal-Alabama-Supreme-Court-Fogbow-Upload-4-24-2013.pdf
[2013 () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012 () -- C:\WINDOWS\System32\WpcNBModel.bin
[2012 () -- C:\WINDOWS\System32\staticurllist.bin
[2012 () -- C:\WINDOWS\System32\srms.dat
[2012 () -- C:\WINDOWS\System32\settings.dat
[2012 () -- C:\WINDOWS\System32\perfi009.dat
[2012 () -- C:\WINDOWS\System32\perfh009.dat
[2012 () -- C:\WINDOWS\System32\perfd009.dat
[2012 () -- C:\WINDOWS\System32\perfc009.dat
[2012 () -- C:\WINDOWS\System32\NOISE.DAT
[2012 () -- C:\WINDOWS\System32\mlang.dat
[2012 () -- C:\WINDOWS\mib.bin
[2012 () -- C:\WINDOWS\System32\dssec.dat
[2012 () -- C:\WINDOWS\System32\BWContextHandler.dll
[2012 () -- C:\WINDOWS\System32\BthpanContextHandler.dll
[2012 () -- C:\WINDOWS\bootstat.dat
========== ZeroAccess Check ========== [2010 () -- C:\$Recycle.bin\S-1-5-21-2856520543-2365380021-2580953766-1001\$RGY09UN.001\Prefetch\l.reg
[2010 () -- C:\$Recycle.bin\S-1-5-21-2856520543-2365380021-2580953766-1001\$RGY09UN.001\Prefetch\n.reg
[2010 () -- C:\$Recycle.bin\S-1-5-21-2856520543-2365380021-2580953766-1001\$RJ04V3B.000\Prefetch\l.reg
[2010 () -- C:\$Recycle.bin\S-1-5-21-2856520543-2365380021-2580953766-1001\$RJ04V3B.000\Prefetch\n.reg
[2010 () -- C:\$Recycle.bin\S-1-5-21-2856520543-2365380021-2580953766-1001\$RWG92AS.000\Prefetch\l.reg
[2010 () -- C:\$Recycle.bin\S-1-5-21-2856520543-2365380021-2580953766-1001\$RWG92AS.000\Prefetch\n.reg
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012 (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012 (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2012 (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ========== [2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
[2013
========== Purity Check ========== < End of report >