I've been having an ongoing problem and it is really annoying. When I do a google search i often will click on one of the results and I'm directed to something else. If I click the back button and reclick on same link it usually works and sends me to correct site. It isn't 100% an issue. Sometimes i get hijacked, sometimes I don't.
I did run the OTL and below is the report it generated. THanks for any help you can give me.
OTL logfile created on: 7/20/2013 3:12:31 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Anderson\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
5.75 Gb Total Physical Memory | 1.97 Gb Available Physical Memory | 34.21% Memory free
11.50 Gb Paging File | 4.73 Gb Available in Paging File | 41.16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1862.92 Gb Total Space | 1393.06 Gb Free Space | 74.78% Space Free | Partition Type: NTFS
Drive E: | 100.00 Mb Total Space | 70.33 Mb Free Space | 70.33% Space Free | Partition Type: NTFS
Drive F: | 931.41 Gb Total Space | 707.45 Gb Free Space | 75.95% Space Free | Partition Type: NTFS
Computer Name: ANDERSON-PC | User Name: Anderson | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/07/20 15:11:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Anderson\Downloads\OTL.exe
PRC - [2013/06/28 14:02:06 | 002,255,184 | ---- | M] (LogMeIn Inc.) -- C:\minecraft crap\hamachi-2-ui.exe
PRC - [2013/06/07 20:39:42 | 001,302,336 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2013/06/07 19:33:12 | 000,806,776 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
PRC - [2013/05/22 17:51:51 | 003,113,792 | ---- | M] () -- C:\Users\Anderson\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
PRC - [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/05/08 19:45:06 | 000,056,872 | ---- | M] (White Sky, Inc.) -- C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
PRC - [2013/05/08 19:45:03 | 004,023,848 | ---- | M] (White Sky, Inc.) -- C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
PRC - [2012/12/23 23:33:30 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security Suite\Engine\20.3.1.22\ccsvchst.exe
PRC - [2012/12/20 15:36:54 | 001,892,352 | ---- | M] () -- C:\Program Files (x86)\Luth Research\SavvyConnectFramework\bin\scservice\SCService.exe
PRC - [2012/12/20 08:42:34 | 000,713,816 | ---- | M] (Koninklijke Philips Electronics N.V.) -- C:\Users\Anderson\AppData\Roaming\DirectLife\ALconnect\ALconnect.exe
PRC - [2012/04/24 13:47:30 | 000,697,344 | ---- | M] (Luth Research LLC) -- C:\Program Files (x86)\Luth Research\SavvyConnectFramework\bin\scui\SavvyConnectUI.exe
PRC - [2012/02/06 16:57:52 | 000,104,608 | ---- | M] () -- C:\Program Files (x86)\EmEditor\emedtray.exe
PRC - [2011/03/28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/17 18:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 18:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010/08/19 13:08:42 | 000,246,400 | ---- | M] (F5 Networks) -- C:\Windows\SysWOW64\F5InstallerService.exe
PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
========== Modules (No Company Name) ==========
MOD - [2013/07/12 14:49:44 | 000,396,240 | ---- | M] () -- C:\Users\Anderson\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppgooglenaclpluginchrome.dll
MOD - [2013/07/12 14:49:43 | 013,599,184 | ---- | M] () -- C:\Users\Anderson\AppData\Local\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
MOD - [2013/07/12 14:49:42 | 004,052,944 | ---- | M] () -- C:\Users\Anderson\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll
MOD - [2013/07/12 14:48:52 | 000,601,552 | ---- | M] () -- C:\Users\Anderson\AppData\Local\Google\Chrome\Application\28.0.1500.72\libglesv2.dll
MOD - [2013/07/12 14:48:51 | 000,123,344 | ---- | M] () -- C:\Users\Anderson\AppData\Local\Google\Chrome\Application\28.0.1500.72\libegl.dll
MOD - [2013/07/12 14:48:49 | 001,597,392 | ---- | M] () -- C:\Users\Anderson\AppData\Local\Google\Chrome\Application\28.0.1500.72\ffmpegsumo.dll
MOD - [2013/07/10 03:26:16 | 001,886,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\e84256d44f3f04ac6e80f4b36aa82d68\System.Web.Services.ni.dll
MOD - [2013/07/10 03:26:13 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\9f22d07e9863e4e1bf4f47ef4c3862e6\System.ServiceProcess.ni.dll
MOD - [2013/07/10 03:26:12 | 000,369,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\c24b36ceb832eabefe020b7453994a87\System.ServiceModel.Routing.ni.dll
MOD - [2013/07/10 03:26:11 | 001,141,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\4e250337cd18240b68997db97a661701\System.ServiceModel.Discovery.ni.dll
MOD - [2013/07/10 03:26:10 | 000,082,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\aab5ffcd3df45c984400184a9a041a8f\System.ServiceModel.Channels.ni.dll
MOD - [2013/07/10 03:26:09 | 001,394,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\fd6ee30e73a33e86f4da7180a38feec7\System.ServiceModel.Activities.ni.dll
MOD - [2013/07/10 03:26:07 | 018,101,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\1fd03dbce5fb842598861bcc46d549a2\System.ServiceModel.ni.dll
MOD - [2013/07/10 03:25:49 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\36d4abefb9287140975d11057bb8f7ee\System.Management.ni.dll
MOD - [2013/07/10 03:25:46 | 001,078,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\1489265c93f726f72f59fa268b99af37\System.IdentityModel.ni.dll
MOD - [2013/07/10 03:24:29 | 000,096,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\3f0863816ab6f5fef4e0abb442752b9f\UIAutomationProvider.ni.dll
MOD - [2013/07/10 03:24:25 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\da2cc25eb270a9d8607ab7486f3ce890\System.Runtime.DurableInstancing.ni.dll
MOD - [2013/07/10 03:24:24 | 002,647,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\6b3adc90b6f811b557d290e1436e7ff8\System.Runtime.Serialization.ni.dll
MOD - [2013/07/10 03:24:24 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\8a26ba5b45d30874fbebb0a475b22a75\SMDiagnostics.ni.dll
MOD - [2013/07/10 03:24:21 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\e8aafadcd1fc0f8f406434176fb97477\System.Xaml.ni.dll
MOD - [2013/07/10 03:15:57 | 018,003,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\4c152db66c5438fbf9e3975858dde0bc\PresentationFramework.ni.dll
MOD - [2013/07/10 03:15:45 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\8d9db55b1eef7728c04fb1ec500089c6\PresentationCore.ni.dll
MOD - [2013/07/10 03:15:38 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\9631f1dac820cb6987560f074492150d\PresentationFramework.Aero.ni.dll
MOD - [2013/07/10 03:15:36 | 006,817,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\a77cef85535aec07317e7b1a302365c1\System.Data.ni.dll
MOD - [2013/07/10 03:15:35 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\d3c944049319ebe51e939c9342f0bcc2\WindowsBase.ni.dll
MOD - [2013/07/10 03:15:31 | 005,628,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\91c185bd043af039dcdc93e3fcf87f3d\System.Xml.ni.dll
MOD - [2013/07/10 03:15:28 | 000,749,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\dc48e3e467309e2bbde8a876614b38e4\System.Security.ni.dll
MOD - [2013/07/10 03:15:27 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\6ea5ee4386d67f4b432a27c40fbff93c\System.Windows.Forms.ni.dll
MOD - [2013/07/10 03:15:27 | 001,013,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\256b7bb1216345c5a66ced50c1cf239d\System.Configuration.ni.dll
MOD - [2013/07/10 03:15:24 | 007,070,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\a1c174e579c9ad4e5b6eeed8a58a721b\System.Core.ni.dll
MOD - [2013/07/10 03:15:19 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4787bb699ed4291859fb86f15d793add\System.Drawing.ni.dll
MOD - [2013/07/10 03:15:17 | 009,099,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\8a6d1c8abeb8eb82f06c7d075130cc67\System.ni.dll
MOD - [2013/07/10 03:07:48 | 000,145,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\cfbc74c91b44af85d10b272ae5c70d5a\System.Numerics.ni.dll
MOD - [2013/07/10 03:07:47 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
MOD - [2013/05/22 17:51:51 | 003,113,792 | ---- | M] () -- C:\Users\Anderson\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
MOD - [2013/05/08 19:43:45 | 000,548,488 | ---- | M] () -- C:\Program Files (x86)\Constant Guard Protection Suite\sqlite3.dll
MOD - [2012/05/30 10:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Security Suite\Engine\20.3.1.22\wincfi39.dll
MOD - [2012/04/27 00:12:48 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2012/04/27 00:12:48 | 000,170,496 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/02/06 16:57:52 | 000,104,608 | ---- | M] () -- C:\Program Files (x86)\EmEditor\emedtray.exe
MOD - [2012/02/06 16:57:44 | 000,281,248 | ---- | M] () -- C:\Program Files (x86)\EmEditor\mui\1033\emedloc.dll
MOD - [2012/02/06 16:57:32 | 001,326,240 | ---- | M] () -- C:\Program Files (x86)\EmEditor\emedres.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/04/20 03:04:20 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2013/06/28 14:02:04 | 002,470,736 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\minecraft crap\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2013/06/12 00:50:13 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/06/07 19:33:12 | 000,806,776 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2013/06/03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/21 00:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe -- (N360)
SRV - [2013/05/14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/05/08 19:45:06 | 000,056,872 | ---- | M] (White Sky, Inc.) [Auto | Running] -- C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe -- (IDVaultSvc)
SRV - [2012/12/20 15:36:54 | 001,892,352 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Luth Research\SavvyConnectFramework\bin\scservice\SCService.exe -- (SCService)
SRV - [2012/09/05 11:56:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService)
SRV - [2011/04/01 11:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/03/28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/08/19 13:08:42 | 000,246,400 | ---- | M] (F5 Networks) [Auto | Running] -- C:\Windows\SysWOW64\F5InstallerService.exe -- (F5 Networks Component Installer)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/07/16 10:45:34 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/05/26 23:08:31 | 000,049,240 | ---- | M] (Zemana Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AntiLog64.sys -- (AntiLog32)
DRV:64bit: - [2013/05/23 01:25:28 | 001,139,800 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1404000.028\symefa64.sys -- (SymEFA)
DRV:64bit: - [2013/05/21 01:02:00 | 000,493,656 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1404000.028\symds64.sys -- (SymDS)
DRV:64bit: - [2013/04/15 22:41:14 | 000,169,048 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1404000.028\ccsetx64.sys -- (ccSet_N360)
DRV:64bit: - [2013/03/07 17:41:22 | 000,025,784 | ---- | M] (Zemana Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\KeyCrypt64.sys -- (keycrypt)
DRV:64bit: - [2013/03/04 21:21:36 | 000,036,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1404000.028\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/01/28 21:45:20 | 000,796,248 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\1403010.016\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/27 23:05:22 | 000,224,416 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1404000.028\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/07/22 21:34:24 | 000,432,800 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\1403010.016\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/05/18 08:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011/04/20 03:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011/04/20 03:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/04/20 02:22:34 | 000,306,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/28 15:45:54 | 000,412,776 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/01/25 17:18:51 | 000,041,232 | ---- | M] (F5 Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\covpnv64.sys -- (urvpndrv)
DRV:64bit: - [2010/01/25 17:18:47 | 000,018,448 | ---- | M] (F5 Networks) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urfltv64.sys -- (f5ipfw)
DRV:64bit: - [2009/12/22 02:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/04 21:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2013/07/06 08:24:33 | 002,098,776 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130719.020\ex64.sys -- (NAVEX15)
DRV - [2013/07/06 08:24:33 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130719.020\eng64.sys -- (NAVENG)
DRV - [2013/05/31 12:58:18 | 001,393,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013/03/06 13:04:47 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/03/05 17:54:16 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130719.002\IDSviA64.sys -- (IDSVia64)
DRV - [2012/08/08 22:41:38 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.sweetpa...9-463500000031}
IE - HKLM\..\URLSearchHook: {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...9-463500000031}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 75 52 99 F5 E7 23 CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\7.2\ytdToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {A459EC1F-CEF9-4067-8693-91DAA85E6658}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{70DA8D97-A85A-4D7B-9E82-E2169B5A75EE}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{78CBA9B9-2012-4AA6-9CBF-719FC470DB79}: "URL" = http://websearch.ask...6F-0F4CF59A49A9
IE - HKCU\..\SearchScopes\{A459EC1F-CEF9-4067-8693-91DAA85E6658}: "URL" = http://www.google.co...f8&oe=utf8&rlz=
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...9-463500000031}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://start.sweetpa...-463500000031}"
FF - prefs.js..extensions.enabledItems: {DBBB3167-6E81-400f-BBFD-BD8921726F52}:6031.2010.0122.2105
FF - prefs.js..extensions.enabledItems: idvaultaddin@whitesky:1.13.506.2
FF - prefs.js..extensions.enabledItems: [email protected]:3.4
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:11.3.0.9 - 5
FF - prefs.js..extensions.enabledItems: [email protected]:7.2
FF - prefs.js..keyword.URL: "http://start.sweetpa...3500000031}&q="
FF - prefs.js..browser.startup.homepage: "http://search.yahoo....=spigot-yhp-ff"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Yahoo"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.yahoo....type=937811&p="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Anderson\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Anderson\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\CouponNetwork.com/CMDUniversalCouponPrintActivator: C:\Users\Anderson\AppData\Roaming\CATALI~3\NPBCSK~1.DLL (Catalina Marketing Corporation)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ [2013/07/16 09:21:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\ [2013/03/06 12:43:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}: C:\Program Files\Updater By SweetPacks\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\WeightWatchers Browser\components [2013/01/18 10:44:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\WeightWatchers Browser\plugins [2013/05/16 11:45:09 | 000,000,000 | ---D | M]
[2013/01/18 10:49:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anderson\AppData\Roaming\Mozilla\Extensions
[2013/07/02 22:55:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anderson\AppData\Roaming\Mozilla\Firefox\Profiles\78s4ly4s.default\extensions
[2013/01/18 10:49:00 | 000,000,000 | ---D | M] (F5 Networks Host Plugin) -- C:\Users\Anderson\AppData\Roaming\Mozilla\Firefox\Profiles\78s4ly4s.default\extensions\{DBBB3167-6E81-400f-BBFD-BD8921726F52}
[2013/07/02 22:45:39 | 000,000,000 | ---D | M] (SweetPacks Toolbar for Firefox) -- C:\Users\Anderson\AppData\Roaming\Mozilla\Firefox\Profiles\78s4ly4s.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2013/01/22 14:55:37 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Users\Anderson\AppData\Roaming\Mozilla\Firefox\Profiles\78s4ly4s.default\extensions\[email protected]
[2013/01/20 08:54:30 | 000,000,000 | ---D | M] (XFINITY Constant Guard Protection Suite) -- C:\Users\Anderson\AppData\Roaming\Mozilla\Firefox\Profiles\78s4ly4s.default\extensions\idvaultaddin@whitesky
[2013/07/02 22:51:37 | 000,001,793 | ---- | M] () -- C:\Users\Anderson\AppData\Roaming\Mozilla\Firefox\Profiles\78s4ly4s.default\searchplugins\Bing.xml
[2013/01/22 14:54:15 | 000,002,203 | ---- | M] () -- C:\Users\Anderson\AppData\Roaming\Mozilla\Firefox\Profiles\78s4ly4s.default\searchplugins\MyStart Search.xml
[2013/07/02 22:44:27 | 000,000,514 | ---- | M] () -- C:\Users\Anderson\AppData\Roaming\Mozilla\Firefox\Profiles\78s4ly4s.default\searchplugins\sweetim.xml
[2012/12/02 08:53:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/03/05 15:15:23 | 000,000,000 | ---D | M] (SavvyConnect) -- C:\PROGRAM FILES (X86)\LUTH RESEARCH\SAVVYCONNECTFRAMEWORK\BIN\FFEXTENSION
[2013/06/14 20:20:48 | 000,000,000 | ---D | M] (YTD Toolbar) -- C:\PROGRAM FILES (X86)\YTD TOOLBAR\FF
[2013/03/06 12:43:32 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPLGN
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Anderson\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Anderson\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Anderson\AppData\Local\Google\Chrome\Application\28.0.1500.72\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Java Platform SE 7 U4 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Anderson\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Google Drive = C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Add to Amazon Wish List = C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\
CHR - Extension: Google Search = C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Skype Click to Call = C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0\
CHR - Extension: Norton Identity Protection = C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.3.19_0\
CHR - Extension: Amazon Shopping Assistant by Spigot = C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\
CHR - Extension: Gmail = C:\Users\Anderson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (WinZipBar Toolbar) - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll (Conduit Ltd.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\20.3.1.22\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Constant Guard Protection Suite) - {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.13.506.2\NativeBHO.dll (WhiteSky)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SavvyConnect IE Extension) - {E6C6EC35-C04A-42CD-A3A7-4F09FB0F1B76} - C:\Program Files (x86)\Luth Research\SavvyConnectFramework\bin\ieplugin\LuthIEPlugin.dll (Luth Research, LLC)
O2 - BHO: (YTD Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\7.2\ytdToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (WinZipBar Toolbar) - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (YTD Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\7.2\ytdToolbarIE.dll (Spigot, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (WinZipBar Toolbar) - {50FAFAF0-70A9-419D-A109-FA4B4FFD4E37} - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\minecraft crap\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [SavvyConnectMenu] C:\Program Files (x86)\Luth Research\SavvyConnectFramework\bin\scui\SavvyConnectUI.exe (Luth Research LLC)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [ALconnect] C:\Users\Anderson\AppData\Roaming\DirectLife\ALconnect\ALconnect.exe (Koninklijke Philips Electronics N.V.)
O4 - HKCU..\Run: [Amazon Cloud Player] C:\Users\Anderson\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe ()
O4 - Startup: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EmEditor.lnk = C:\Program Files (x86)\EmEditor\emedtray.exe ()
O4 - Startup: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Anderson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe (Leader Technologies)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: weightwatchers.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: weightwatchers.com ([]https in Trusted sites)
O16 - DPF: {00627E89-A19D-4A2B-938B-059CB7B1B493} file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5certchk.cab (F5 Networks Certificate Checker)
O16 - DPF: {195538FD-1C39-44B1-A7C3-5D7137A8A8F1} file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab (OPSWAT AntiViruses Class)
O16 - DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} file://C:/Program Files (x86)/F5 VPN/F5_TMP/cachecleaner.cab (F5 Networks CacheCleaner)
O16 - DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} file://C:/Program Files (x86)/F5 VPN/F5_TMP/urxvpn.cab (F5 Networks VPN Manager)
O16 - DPF: {30CF9713-6614-4556-B5F5-66F8C7F9DEF1} file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab (OPSWAT FireWalls Class)
O16 - DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5tunsrv.cab (F5 Networks Dynamic Application Tunnel Control)
O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} file://C:/Program Files (x86)/F5 VPN/F5_TMP/InstallerControl.cab (F5 Networks Auto Update)
O16 - DPF: {49EC7987-E331-44E3-B170-748B58A268B9} file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab (OPSWAT ProcessesScanner Class)
O16 - DPF: {57C76689-F052-487B-A19F-855AFDDF28EE} file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5InspectionHost.cab (F5 Networks Policy Agent Host Class)
O16 - DPF: {7584c670-2274-4efb-b00b-d6aaba6d3850} file://C:/Program Files (x86)/F5 VPN/F5_TMP/msrdp.cab (Microsoft RDP Client Control (redistributable) - version 4)
O16 - DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} file://C:/Program Files (x86)/F5 VPN/F5_TMP/vdeskctrl.cab (F5 Virtual Sandbox Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {8F6AFB67-F834-4227-94A7-A51377E0678E} file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5GroupPolicyAgent.cab (F5 Networks Group Policy Control)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} http://web1.shutterf...ds/Uploader.cab (Shutterfly Picture Upload Plugin)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} file://C:/Program Files (x86)/F5 VPN/F5_TMP/urxshost.cab (F5 Networks SuperHost Class)
O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} file://C:/Program Files (x86)/F5 VPN/F5_TMP/urxhost.cab (F5 Networks Host Control)
O16 - DPF: {E615C9EA-AD69-4AE9-83C9-9D906A0ACA6D} file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5syschk.cab (F5 Networks OS Policy Agent)
O16 - DPF: {EBDC91CB-F23F-477D-B152-3F7243760D04} file://C:/Program Files (x86)/F5 VPN/F5_TMP/f5opswati.cab (F5 Networks OPSWAT Helper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC5B7BFB-4283-47B9-B6B7-D36F88381C57}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KEYCRY~1\KE6D28~1.DLL) - C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(2).dll (Zemana Ltd.)
O20 - AppInit_DLLs: (C:\PROGRA~2\KEYCRY~1\KE50FD~1.DLL) - C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(2).dll (Zemana Ltd.)
O20 - AppInit_DLLs: (c:\progra~3\pcperf~1\25912~1.8\{16cdf~1\pcpmngr.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/07/20 09:35:05 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{2C9A4091-67CF-4F4C-BA0C-2021EA4D4677}
[2013/07/19 21:34:44 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{077CD0EE-E50C-4BF7-9D56-30064531960C}
[2013/07/19 09:34:33 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{51B88A2C-1805-4A57-B2C5-BA6D973A5393}
[2013/07/18 12:30:17 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{38F0DA41-EACA-4552-9FD0-E4EE5E42DDE9}
[2013/07/18 00:29:56 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{146579C5-9B1D-421A-BE32-93BAA53ABB47}
[2013/07/17 12:29:34 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{F6ACA603-04AF-4628-95D3-64C4B81E6209}
[2013/07/17 00:29:23 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{AD06E4DD-F19A-4BA4-B1FC-9139A921EE1F}
[2013/07/16 12:29:13 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{9086543D-B68D-4607-90E3-9BE9FDEF02C9}
[2013/07/15 19:39:39 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{6E16217A-0D86-43DA-814D-BF7F12E29D1B}
[2013/07/15 07:32:27 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{2795646E-FA65-4361-83B4-1761BE17543D}
[2013/07/14 13:43:16 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{BB6B9869-8097-4046-AEB3-96E0CF10C7F4}
[2013/07/14 01:18:16 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{C4D7D0A2-38ED-4FD7-A29D-293D135CA96D}
[2013/07/13 13:17:54 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{CB90463F-D38D-433A-8FB3-69D5C79436D0}
[2013/07/13 01:17:33 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{4C2A5FCD-9BD2-4807-88A6-877B68C71BB8}
[2013/07/12 13:16:58 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{DB55AAF4-1B8F-49F5-9B13-CBB7BF3F3C70}
[2013/07/12 01:16:24 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{ADE58E06-B1A9-48CA-9828-6AD88A61BB20}
[2013/07/11 13:16:01 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{4CCBB35D-B74A-46D2-8E9A-0D738BD2F4B3}
[2013/07/10 18:09:26 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{1C878D6D-E50E-4251-A4CF-F628315CDB14}
[2013/07/10 06:08:51 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{6C151C63-44B6-4C4F-94BC-7C9C3D06665D}
[2013/07/09 18:08:28 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{64A278C3-8A53-4A89-BE5D-10D282FD427E}
[2013/07/09 05:20:18 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{ACC5DFA5-4E87-4225-97CE-E178A0485001}
[2013/07/08 07:10:30 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{FD675A68-9FF4-49A2-AFAD-B91C3BF758E5}
[2013/07/07 18:50:00 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{C22FC59E-BF68-4A13-BB20-9871B98683C1}
[2013/07/07 06:49:17 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{C1F410A0-4591-4857-8930-5A97AF525DE1}
[2013/07/06 18:48:18 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{1490EA5C-642C-48BD-A101-330E2C1F9054}
[2013/07/06 06:47:56 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{59A1ABA6-8A77-49F4-BEE5-22A1C7EFF6C6}
[2013/07/05 18:49:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/07/05 18:49:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/07/05 18:47:18 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{1D856BC5-0730-4040-A507-F2B4A6EB0912}
[2013/07/03 07:01:22 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{C7EB1A57-7B44-46CA-836F-71ED563AB454}
[2013/07/03 07:00:32 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\LogMeIn Hamachi
[2013/07/02 17:35:25 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{F93212FA-8EC5-4225-B9FA-60F4C23D4EC3}
[2013/07/02 05:35:14 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{DF4F3BCF-619F-4F0A-8A57-F1D6411C7759}
[2013/07/01 09:36:28 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{F02C472A-82E4-4C00-BCBB-E22385E60E43}
[2013/06/30 21:35:43 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{FAFDD816-9920-41BB-9ED8-3CBCF41854CB}
[2013/06/30 09:35:13 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{9FB08D57-950B-45A5-91B8-DE94E19CA7B6}
[2013/06/29 10:02:22 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{95F13ADF-A659-4F73-A36C-EF2C5039D7D6}
[2013/06/28 22:01:35 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{3EC325EA-FCA0-4A85-BA15-22438A75DF72}
[2013/06/28 10:01:08 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{9A52C4D5-D975-44A5-8FA7-9AD60FFC1E37}
[2013/06/27 12:19:01 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{569FEAD8-FE22-42C4-A3AD-AEDB783B909B}
[2013/06/26 21:54:30 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{D7FD81CC-5805-4119-A2D3-B7566AF8DC52}
[2013/06/26 09:51:11 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{2544CE89-E72B-4C77-A0F6-B9BF8419353C}
[2013/06/25 21:50:24 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{BB89BD70-9DEF-4375-B068-D7E7154EBF5E}
[2013/06/24 12:31:20 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{A7816DDA-A5D8-4A0E-8B25-18CAE09CA382}
[2013/06/24 00:30:50 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{4D8152E1-9E64-4D72-83AA-673B5590F791}
[2013/06/23 11:26:03 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{624BAED0-E580-44CD-91C5-5D767E314F8C}
[2013/06/22 23:25:17 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{8779B53E-5B63-44AF-AA89-F6618FA8A39F}
[2013/06/22 11:24:46 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{0B76F7D3-CD0D-4244-B603-61B0078AA383}
[2013/06/21 22:00:32 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{06D9ECA5-5CF1-4091-AC9A-3BA5473745D1}
[2013/06/21 09:59:45 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{E4986475-BC48-43FB-877A-B4A6ACFB60BD}
[2013/06/20 21:59:26 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{7A641FA6-6B14-4D7C-8EA6-3CE4188D5462}
[2013/06/20 21:52:49 | 000,000,000 | ---D | C] -- C:\Users\Anderson\AppData\Local\{49E0399E-0C7C-4672-A781-8CDFA3946606}
[2013/06/20 14:59:20 | 002,162,336 | ---- | C] (Catalina Marketing Corp) -- C:\Users\Anderson\AppData\Local\BcsKtYcHW.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/07/20 15:03:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/20 14:50:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/20 14:21:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2402522246-2785333876-2617129170-1001UA.job
[2013/07/20 06:03:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/19 22:21:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2402522246-2785333876-2617129170-1001Core.job
[2013/07/19 18:00:01 | 000,000,498 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Registration3.job
[2013/07/19 10:10:32 | 000,015,942 | ---- | M] () -- C:\Users\Anderson\Documents\Anderson, Laura 2013.ods
[2013/07/19 09:39:26 | 000,000,470 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Update Version3.job
[2013/07/16 10:45:34 | 000,177,312 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013/07/16 10:45:34 | 000,007,631 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013/07/16 10:45:34 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013/07/16 09:26:43 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/16 09:26:43 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/16 09:22:36 | 000,000,522 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Update Version3 Startup Task.job
[2013/07/16 09:19:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/16 09:19:02 | 334,897,151 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/14 11:15:23 | 000,021,329 | ---- | M] () -- C:\Users\Anderson\Documents\quote.odt
[2013/07/12 22:24:11 | 000,002,386 | ---- | M] () -- C:\Users\Anderson\Desktop\Google Chrome.lnk
[2013/07/12 07:48:15 | 000,002,448 | ---- | M] () -- C:\Users\Anderson\PrintMaster-2012-Gold.prefs
[2013/07/10 03:35:26 | 000,567,016 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/07/10 03:14:04 | 000,740,322 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/07/10 03:14:04 | 000,624,162 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/07/10 03:14:04 | 000,106,538 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/07/05 18:49:36 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/07/04 03:34:28 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1404000.028\isolate.ini
[2013/07/02 22:40:04 | 000,430,348 | ---- | M] () -- C:\Users\Anderson\Desktop\EA20536286.xps
[2013/06/28 13:10:16 | 000,024,558 | ---- | M] () -- C:\Users\Anderson\Documents\sickle cell form.odt
[2013/06/27 20:08:11 | 000,010,263 | ---- | M] () -- C:\Users\Anderson\Documents\grad invite 1.odt
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/07/19 10:10:30 | 000,015,942 | ---- | C] () -- C:\Users\Anderson\Documents\Anderson, Laura 2013.ods
[2013/07/14 11:15:19 | 000,021,329 | ---- | C] () -- C:\Users\Anderson\Documents\quote.odt
[2013/07/02 22:40:03 | 000,430,348 | ---- | C] () -- C:\Users\Anderson\Desktop\EA20536286.xps
[2013/06/28 13:10:14 | 000,024,558 | ---- | C] () -- C:\Users\Anderson\Documents\sickle cell form.odt
[2013/06/27 20:08:09 | 000,010,263 | ---- | C] () -- C:\Users\Anderson\Documents\grad invite 1.odt
[2013/06/20 14:59:18 | 000,922,944 | ---- | C] () -- C:\Users\Anderson\AppData\Local\a.zip
[2013/06/05 18:44:46 | 000,000,000 | ---- | C] () -- C:\Users\Anderson\ipconfig
[2012/05/22 13:04:27 | 000,002,448 | ---- | C] () -- C:\Users\Anderson\PrintMaster-2012-Gold.prefs
[2012/05/20 15:15:58 | 000,000,000 | ---- | C] () -- C:\Windows\Tlcsel.bin
[2012/05/20 15:15:58 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Mfts50.dll
[2012/04/29 17:16:02 | 000,015,360 | ---- | C] () -- C:\Users\Anderson\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/26 18:59:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/01/18 04:53:32 | 002,994,688 | ---- | C] () -- C:\Program Files\openofficeorg33.msi
[2011/01/18 04:52:10 | 000,475,016 | ---- | C] () -- C:\Program Files\setup.exe
[2011/01/18 04:50:56 | 132,609,310 | ---- | C] () -- C:\Program Files\openofficeorg1.cab
[2011/01/18 04:05:08 | 000,000,290 | ---- | C] () -- C:\Program Files\setup.ini
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/07/10 08:10:11 | 000,000,000 | ---D | M] -- C:\Users\Anderson\AppData\Roaming\.minecraft
[2012/12/11 18:50:33 | 000,000,000 | ---D | M] -- C:\Users\Anderson\AppData\Roaming\.techniclauncher
[2012/06/13 15:47:26 | 000,000,000 | ---D | M] -- C:\Users\Anderson\AppData\Roaming\Babylon
[2012/06/25 09:31:57 | 000,000,000 | ---D | M] -- C:\Users\Anderson\AppData\Roaming\Catalina Marketing Corp
[2012/12/14 08:26:27 | 000,000,000 | ---D | M] -- C:\Users\Anderson\AppData\Roaming\Catalina Marketing France
[2013/06/20 14:59:17 | 000,000,000 | ---D | M] -- C:\Users\Anderson\AppData\Roaming\Catalina – Print Savings
[2013/03/19 15:21:35 | 000,000,000 | ---D | M] -- C:\Users\Anderson\AppData\Roaming\com.nationalgeographic.products.cng120.68B1CC4249876152EBE333BD4B7514ADB4D94062.1
[2012/08/23 14:15:04 | 000,000,000 | ---D | M] -- C:\Users\Anderson\AppData\Roaming\com.Shutterfly.ExpressUploader
[2013/01/27 13:53:02 | 000,000,000 | ---D | M] -- C:\Users\Anderson\AppData\Roaming\DirectLife
[2012/07/16 14:33:06 | 000,000,000 | ---D | M] -- C:\Users\Anderson\AppData\Roaming\DriverCure
[2013/04/21 09:17:26 | 000,000,000 | ---D | M] -- C:\Users\Anderson\AppData\Roaming\File Scout
[2013/04/26 19:00:32 | 000,000,000 | ---D | M] -- C:\Users\Anderson\AppData\Roaming\ftblauncher
[2013/07/20 09:30:00 | 000,000,000 | ---D | M] -- C:\Users\Anderson\AppData\Roaming\ID Vault
[2012/07/02 13:25:29 | 000,000,000 | ---D | M] -- C:\Users\Anderson\AppData\Roaming\Leadertech
[2012/04/27 01:02:30 | 000,000,000 | ---D | M] -- C:\Users\Anderson\AppData\Roaming\OpenOffice.org
[2012/11/08 11:46:52 | 000,000,000 | ---D | M] -- C:\Users\Anderson\AppData\Roaming\OverDrive
[2012/12/02 13:34:55 | 000,000,000 | ---D | M] -- C:\Users\Anderson\AppData\Roaming\PerformerSoft
[2012/11/19 21:19:45 | 000,000,000 | ---D | M] -- C:\Users\Anderson\AppData\Roaming\PriceGong
[2012/07/16 14:33:06 | 000,000,000 | ---D | M] -- C:\Users\Anderson\AppData\Roaming\SpeedyPC Software
[2013/01/22 15:09:27 | 000,000,000 | ---D | M] -- C:\Users\Anderson\AppData\Roaming\Strongvault
[2013/05/19 09:01:01 | 000,000,000 | ---D | M] -- C:\Users\Anderson\AppData\Roaming\tfcraft
[2012/07/16 15:03:19 | 000,000,000 | ---D | M] -- C:\Users\Anderson\AppData\Roaming\Ulead Systems
[2012/06/28 18:59:01 | 000,000,000 | ---D | M] -- C:\Users\Anderson\AppData\Roaming\WeatherBug
[2012/04/26 22:49:57 | 000,000,000 | ---D | M] -- C:\Users\Anderson\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
< End of report >