I recently started experiencing popup ads on all of the websites I search along with Ad hyperlinks throughout the pages. I can barely move around the screen without them trying to offer me something. The ads also surround every page I go to. Here is my log::
OTL logfile created on: 9/3/2013 5:16:12 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\DayanStudios\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.48 Gb Total Physical Memory | 1.73 Gb Available Physical Memory | 49.79% Memory free
6.95 Gb Paging File | 5.08 Gb Available in Paging File | 73.05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 441.65 Gb Total Space | 190.97 Gb Free Space | 43.24% Space Free | Partition Type: NTFS
Drive D: | 19.95 Gb Total Space | 2.16 Gb Free Space | 10.83% Space Free | Partition Type: NTFS
Drive E: | 3.96 Gb Total Space | 1.08 Gb Free Space | 27.23% Space Free | Partition Type: FAT32
Computer Name: DAYANSTUDIOS-HP | User Name: DayanStudios | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/09/03 17:15:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DayanStudios\Desktop\OTL.exe
PRC - [2013/08/28 17:20:08 | 001,345,856 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2013/08/28 17:17:34 | 000,807,800 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
PRC - [2013/08/26 11:20:01 | 002,159,128 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_AUG2013_TB.exe
PRC - [2013/08/20 14:29:17 | 001,861,512 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
PRC - [2013/08/17 11:38:56 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/08/14 16:05:55 | 002,314,416 | ---- | M] () -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
PRC - [2013/08/14 16:05:55 | 001,643,184 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
PRC - [2013/08/14 16:05:55 | 000,161,968 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exe
PRC - [2013/05/25 11:13:01 | 001,253,912 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_MAY2013_TB.exe
PRC - [2013/05/24 19:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Users\DayanStudios\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/04/05 12:59:08 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2013/03/28 22:35:44 | 000,642,656 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
PRC - [2012/12/18 09:28:26 | 000,825,560 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2012/12/18 07:28:10 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/09/06 11:32:12 | 000,197,536 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2012/06/15 21:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
PRC - [2012/03/05 14:38:38 | 000,578,944 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2012/03/05 14:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2012/02/07 23:09:21 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/10/07 21:10:48 | 000,169,528 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
PRC - [2011/09/28 18:42:14 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/08/19 16:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2010/04/12 03:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
========== Modules (No Company Name) ==========
MOD - [2013/08/20 14:29:17 | 016,166,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
MOD - [2013/08/17 11:38:56 | 003,551,640 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/08/14 16:05:55 | 002,314,416 | ---- | M] () -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
MOD - [2013/08/14 16:05:55 | 000,521,904 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\log4cplusU.dll
MOD - [2013/08/14 16:05:55 | 000,144,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\SiteSafety.dll
MOD - [2013/07/10 11:57:54 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/03/13 15:48:52 | 024,978,944 | ---- | M] () -- C:\Users\DayanStudios\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2012/11/13 18:32:50 | 003,558,400 | ---- | M] () -- C:\Users\DayanStudios\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 16:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/03/28 22:30:42 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2013/03/28 20:34:18 | 000,241,152 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/01/23 08:38:24 | 007,515,000 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe -- (TabletServiceWacom)
SRV:64bit: - [2012/01/23 08:38:24 | 000,552,312 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Wacom\Wacom_TouchService.exe -- (TouchServiceWacom)
SRV:64bit: - [2011/05/27 14:06:16 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/10/11 04:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2013/08/28 17:17:34 | 000,807,800 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2013/08/20 14:29:17 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/08/17 11:38:56 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/08/14 16:05:55 | 001,643,184 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe -- (vToolbarUpdater15.5.0)
SRV - [2013/04/19 15:14:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/18 07:28:10 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/27 12:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/09/21 18:02:33 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/09/06 11:32:12 | 000,197,536 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2012/06/15 21:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe -- (NIS)
SRV - [2012/03/05 14:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2012/02/07 23:09:21 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/06/28 20:12:08 | 002,413,056 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2005/03/09 21:50:18 | 000,018,944 | ---- | M] (http://libusb-win32.sourceforge.net) [Auto | Stopped] -- C:\Windows\SysWOW64\libusbd-nt.exe -- (libusbd)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/08/14 16:05:55 | 000,045,856 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/03/28 21:35:02 | 011,658,752 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/03/28 20:09:44 | 000,581,120 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/02/14 06:41:10 | 000,096,768 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/12/14 16:27:28 | 000,878,184 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/05 21:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/07/05 21:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/06/06 23:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2012/05/21 20:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/04/17 21:13:32 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/04/17 20:42:14 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/04/09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV:64bit: - [2012/03/27 10:06:54 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/14 10:29:54 | 000,013,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:64bit: - [2011/11/14 10:29:44 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV:64bit: - [2011/11/14 10:29:42 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2011/11/03 03:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011/10/15 00:45:36 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/10/15 00:45:36 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/08/18 07:44:46 | 000,053,376 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2011/07/25 13:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symds64.sys -- (SymDS)
DRV:64bit: - [2011/06/17 06:08:26 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011/06/17 06:08:24 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/06/09 21:19:54 | 001,451,056 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/05/30 19:03:34 | 000,338,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011/05/27 14:06:16 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/01/27 00:35:26 | 000,425,064 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/07/28 12:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/04/27 18:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010/04/27 18:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010/04/27 16:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010/04/27 16:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2010/04/12 03:55:00 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2010/02/18 12:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 15:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/04/08 15:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV - [2012/03/18 19:36:35 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120318.006\ex64.sys -- (NAVEX15)
DRV - [2012/03/18 19:36:35 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/03/18 19:36:35 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120318.006\eng64.sys -- (NAVENG)
DRV - [2012/03/06 17:04:10 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120316.005\IDSviA64.sys -- (IDSVia64)
DRV - [2012/03/02 13:58:01 | 001,157,240 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120302.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/02/03 21:53:53 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{E299733F-4292-4B51-AFB0-0CE4B91A9E6C}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKLM\..\SearchScopes\{E299733F-4292-4B51-AFB0-0CE4B91A9E6C}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: {05478A66-EDB6-4A22-A870-A5987F80A7DA} - C:\Program Files (x86)\Vuze Remote Toolbar\IE\7.5\vuzeToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\URLSearchHook: {1930e38a-deef-4cf4-9bfb-9c4ea3689a9d} - No CLSID value found
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE - HKCU\..\SearchScopes\{36207916-5C0C-44BC-9787-4DCA711A8D37}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{4E0467F0-0CAF-442E-89BD-62D7C181A093}: "URL" = http://search.condui...&ctid=CT2504091
IE - HKCU\..\SearchScopes\{72181D5C-93E5-48A0-887E-199569F07435}: "URL" = http://search.condui...&ctid=CT3247201
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://mysearch.avg....sa&d=2013-03-13 15:36:06&v=15.3.0.11&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKCU\..\SearchScopes\{E299733F-4292-4B51-AFB0-0CE4B91A9E6C}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..CT3247201.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultenginename: "Bing "
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=994519"
FF - prefs.js..browser.search.selectedEngine: "Bing "
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: addon%40music-clips.net:1.1.1
FF - prefs.js..extensions.enabledAddons: beta%40linkdiagnosis.com:2.3.6
FF - prefs.js..extensions.enabledAddons: ff-addon%40loudtronix.com:1.5
FF - prefs.js..extensions.enabledAddons: %7B1930e38a-deef-4cf4-9bfb-9c4ea3689a9d%7D:10.10.27.6
FF - prefs.js..extensions.enabledAddons: %7Ba018b213-6b46-4791-9298-519020db5737%7D:1.0.40
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.12
FF - prefs.js..extensions.enabledAddons: flvto%40hotger.com:1.6.6
FF - prefs.js..extensions.enabledAddons: savingsslider%40mybrowserbar.com:2.7
FF - prefs.js..extensions.enabledAddons: %7B841531c9-338a-47e8-9724-864b3be7f84e%7D:1.131
FF - prefs.js..extensions.enabledAddons: %7B2326C1C3-3E92-49da-A3FB-CB8AD8AD8F25%7D:9.0
FF - prefs.js..extensions.enabledAddons: %7Bbadea1ae-72ed-4f6a-8c37-4db9a4ac7bc9%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - prefs.js..keyword.URL: "http://www.bing.com/...7DF&PC=U027&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.4: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\DayanStudios\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\DayanStudios\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\DayanStudios\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\DayanStudios\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\DayanStudios\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2012/02/07 10:10:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2013/09/03 17:15:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013/03/06 16:42:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\15.5.0.2 [2013/08/14 16:06:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/08/17 11:38:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/08/17 11:38:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{841531c9-338a-47e8-9724-864b3be7f84e}: C:\Program Files (x86)\TubeSaver\131.xpi [2013/08/29 22:28:07 | 000,004,821 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/08/17 11:38:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/08/17 11:38:50 | 000,000,000 | ---D | M]
[2012/01/18 23:30:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DayanStudios\AppData\Roaming\Mozilla\Extensions
[2013/08/30 19:41:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DayanStudios\AppData\Roaming\Mozilla\Firefox\Profiles\q9np4ptz.default\extensions
[2012/09/27 22:19:12 | 000,000,000 | ---D | M] (InternetHelper1.5) -- C:\Users\DayanStudios\AppData\Roaming\Mozilla\Firefox\Profiles\q9np4ptz.default\extensions\{1930e38a-deef-4cf4-9bfb-9c4ea3689a9d}
[2013/08/29 22:28:48 | 000,000,000 | ---D | M] ("FoodBuzz") -- C:\Users\DayanStudios\AppData\Roaming\Mozilla\Firefox\Profiles\q9np4ptz.default\extensions\{2326C1C3-3E92-49da-A3FB-CB8AD8AD8F25}
[2012/11/21 16:40:26 | 000,000,000 | ---D | M] (ShopToWin20) -- C:\Users\DayanStudios\AppData\Roaming\Mozilla\Firefox\Profiles\q9np4ptz.default\extensions\{a018b213-6b46-4791-9298-519020db5737}
[2012/12/15 13:14:56 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\DayanStudios\AppData\Roaming\Mozilla\Firefox\Profiles\q9np4ptz.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013/08/30 19:41:14 | 000,000,000 | ---D | M] (Address Bar Search) -- C:\Users\DayanStudios\AppData\Roaming\Mozilla\Firefox\Profiles\q9np4ptz.default\extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}
[2013/08/06 02:06:01 | 000,000,000 | ---D | M] (Slick Savings) -- C:\Users\DayanStudios\AppData\Roaming\Mozilla\Firefox\Profiles\q9np4ptz.default\extensions\[email protected]
[2012/08/07 00:23:15 | 000,014,468 | ---- | M] () (No name found) -- C:\Users\DayanStudios\AppData\Roaming\Mozilla\Firefox\Profiles\q9np4ptz.default\extensions\[email protected]
[2012/01/28 12:08:19 | 000,066,808 | ---- | M] () (No name found) -- C:\Users\DayanStudios\AppData\Roaming\Mozilla\Firefox\Profiles\q9np4ptz.default\extensions\[email protected]
[2012/03/04 16:30:29 | 000,011,119 | ---- | M] () (No name found) -- C:\Users\DayanStudios\AppData\Roaming\Mozilla\Firefox\Profiles\q9np4ptz.default\extensions\[email protected]
[2013/01/22 11:19:04 | 000,005,886 | ---- | M] () (No name found) -- C:\Users\DayanStudios\AppData\Roaming\Mozilla\Firefox\Profiles\q9np4ptz.default\extensions\[email protected]
[2013/04/02 08:09:05 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\DayanStudios\AppData\Roaming\Mozilla\Firefox\Profiles\q9np4ptz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/08/17 11:38:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/08/17 11:38:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/08/17 11:38:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/08/17 11:38:56 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/08/29 22:28:07 | 000,004,821 | ---- | M] () (No name found) -- C:\PROGRAM FILES (X86)\TUBESAVER\131.XPI
[2012/05/31 04:16:36 | 000,108,576 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\nptrademanager.dll
[2013/05/20 19:35:16 | 000,003,725 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\safeguard-secure-search.xml
========== Chrome ==========
CHR - homepage: 11,autofill:{enabled:false},browser:{check_default_browser:false,clear_data:{form_data:true,passwords:true,time_period:4},clear_lso_data_enabled:true,window_placement:{bottom:850,left:10,maximized:true,right:1060,top:10,work_area_bottom:860,work_area_left:0,work_area_right:1600,work_area_top:0}},cloud_print:{email:},countryid_at_install:21843,default_apps_install_state:1,default_search_provider:{enabled:true,encodings:UTF-8,icon_url:http://www.google.com/favicon.ico,id:2,instant_url:{google:baseURL}webhp?{google:RLZ}sourceid=chrome-instant&{google:instantFieldTrialGroupParameter}ie={inputEncoding}{google:instantEnabledParameter}{searchTerms},keyword:google.com,name:Google,prepopulate_id:1,search_url:{google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms},suggest_url:{google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}},dns_prefetching:{host_referral_list:[2,[http://ad-g.doubleclick.net/,[http://googleads.g.d....082587252480]],[http://googleads.g.doubleclick.net/,[https://googleads.g....m/,2.60370040]],[http://s.ytimg.com/,[http://ad.doubleclic...4660999999999]],[http://s0.2mdn.net/,[http://csi.gstatic.c...4340799999999]],[http://www.youtube.com/,[http://clients1.goog...],startup_list:[1,http://ad-g.doubleclick.net/,http://i1.ytimg.com/,http://i2.ytimg.com/,http://i3.ytimg.com/,http://i4.ytimg.com/,http://s.ytimg.com/,http://www.google-analytics.com/,http://www.google.com/,http://www.youtube.com/,https://ssl.google-analytics.com/]},download:{directory_upgrade:true,extensions_to_open:},extensions:{alerts:{initialized:true},autoupdate:{next_check:12982443959398959},chrome_url_overrides:{bookmarks:[chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html]},settings:{aggiiclaiamajehmlfpkjmlbadmkledi:{active_permissions:{api:[tabs],explicit_host:[http://www.google.co...criptable_host:[<all_urls>]},from_bookmark:false,from_webstore:true,granted_permissions:{api:[tabs],explicit_host:[http://www.google.co...criptable_host:[<all_urls>]},install_time:12980578846184700,location:1,manifest:{background_page:background.html,content_scripts:[{all_frames:true,css:[styles.css],js:[lib/jquery.min.js,lib/xregexp-min.js,lib/xregexp-unicode-base.js,lib/xregexp-unicode-categories.js,lib/underscore.js,lib/tooltip.js,contentscript.js],matches:[<all_urls>]}],description:Hover, click or select to translate,icons:{128:to_icon.png,48:to_icon.png},key:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEjYs12KKpdISaExyCRxBxrhIbkdfRIp+jbSyZpRwwqiaeay3Gyfyxt4Jovd0Pzun8Gk/02UmsPEJe5gcnxbCX01g/bjTNsfO9C5HbxppZXyL4gYF1yl90qAL2GDwOQEJcn4K0aBlQuyaiqXRTGqvHII8dTY8RsMiOV3/DeOk6wwIDAQAB,name:TransOver,options_page:options.html,permissions:[http://www.google.com/translate_a/t,tabs],update_url:http://clients2.google.com/service/update2/crx,version:0.26},path:aggiiclaiamajehmlfpkjmlbadmkledi\\0.26_0,state:1},ahfgeienlihckogmohjhadlkjgocpleb:{active_permissions:{api:[appNotifications,management,webstorePrivate]},app_launcher_ordinal:n,page_ordinal:n},blpcfgokakmgnkcojhhkbfbldkacnbeo:{ack_external:true,active_bit:true,app_launcher_ordinal:t,from_bookmark:true,from_webstore:false,install_time:12980577779847603,location:2,manifest:{app:{launch:{container:tab,web_url:http://www.youtube.com/},web_content:{enabled:true,origin:http://www.youtube.com}},description:The world's most popular online video community.,icons:{128:128.png},key:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC/HotmFlyuz5FaHaIbVBhhL4BwbcUtsfWwzgUMpZt5ZsLB2nW/Y5xwNkkPANYGdVsJkT2GPpRRIKBO5QiJ7jPMa3EZtcZHpkygBlQLSjMhdrAKevpKgIl6YTkwzNvExY6rzVDzeE9zqnIs33eppY4S5QcoALMxuSWlMKqgFQjHQIDAQAB,name:YouTube,update_url:http://clients2.google.com/service/update2/crx,version:4.2},page_ordinal:n,path:blpcfgokakmgnkcojhhkbfbldkacnbeo\\4.2_0,state:1},coobgpohoikkiipiblmjeljniedjpjpf:{ack_external:true,active_bit:true,app_launcher_ordinal:x,from_bookmark:true,from_webstore:false,install_time:12980577781868603,location:2,manifest:{app:{launch:{web_url:http://www.google.com/?source=search_app},urls:[*://www.google.com/?source=search_app,*://www.google.com/search,*://www.google.com/webhp,*://www.google.com/imgres]},current_locale:en_US,default_locale:en,description:The fastest way to search the web.,icons:{128:128.png,16:16.png,32:32.png,48:48.png},key:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIiso3Loy5VJHL40shGhUl6it5ZG55XB9q/2EX6aa88jAxwPutbCgy5d9bm1YmBzLfSgpX4xcpgTU08ydWbd7b50fbkLsqWl1mRhxoqnN01kuNfv9Hbz9dWWYd+O4ZfD3L2XZs0wQqo0y6k64n+qeLkUMd1MIhf6MR8Xz1SOA8pwIDAQAB,name:Google Search,update_url:http://clients2.google.com/service/update2/crx,version:0.0.0.14},page_ordinal:n,path:coobgpohoikkiipiblmjeljniedjpjpf\\0.0.0.14_0,state:1},fgkbmedckhcibhkdhaokebnllokeokek:{ack_external:true},lbnbkjocmknnifdpllfjjphhdjfopofl:{active_permissions:{api:[contextMenus,notifications,unlimitedStorage],explicit_host:[http://translate.goo...rmissions:{api:[contextMenus,notifications,unlimitedStorage],explicit_host:[http://translate.goo...ption:Translate, listen and learn words from pages you browse.,icons:{128:Translation.png,16:Translation16.png,48:Translation48.png},key:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDG3vi9cR3hRAh1pc7vVQP+VPXzHePQnJ6yJIBixsZ8o+hnI27WqcTgkabNBxLnXMbWZqVvS07YRAKsCf6AiKcbSYrVkqRwIGrT+Dq0nmhG1ZsNrWceKeO5xbEUqxZjqvL9SwXrgkMOnrlld6C019bJ1SucRECUK7Y8p8EJSKEVfwIDAQAB,name:Translate And Speak!,options_page:options.html,permissions:[contextMenus,notifications,unlimitedStorage,http://translate.google.com/],update_url:http://clients2.google.com/service/update2/crx,version:1.7},path:lbnbkjocmknnifdpllfjjphhdjfopofl\\1.7_0,state:1},mkfokfffehpeedafpekjeddnmnjhmcmk:{ack_external:true,active_permissions:{api:[history,plugin,tabs],scriptable_host:[<all_urls>]},events:[experimental.extension.onInstalled],from_bookmark:false,from_webstore:false,install_time:12982443472124099,location:3,manifest:{background_page:background.html,browser_action:{default_icon:images/StatusButton/coBA_unknown.png,default_popup:,default_title:Norton Toolbar},content_scripts:[{all_frames:true,js:[docstart.js],matches:[<all_urls>],run_at:document_start},{all_frames:true,js:[docend.js],matches:[<all_urls>],run_at:document_end}],current_locale:en_US,default_locale:en,description:Symantec Corporation,icons:{48:images/48_Norton_Ext_Icon.png},key:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCN17j8JLKorF+VBEKJgK4pj8g17X7JvJhwca8GU6eC+m33Mp7Wts5uLKDpImOPe0r/0VHiO54Bmwz0E9G67599bllrlhbIjHGKLeicrh4hmOaG1zArNN/DLDDUkcxU50odaPSgDoFUsp6TreA9lwoE5ypYw+lGnbo+BJwNe0hnQQIDAQAB,minimum_chrome_version:10.0,name:Norton Identity Protection,permissions:[tabs,history],plugins:[{path:npcoplgn.dll,public:true}],version:2012.5.4.6},path:mkfokfffehpeedafpekjeddnmnjhmcmk\\2012.5.4.6_0,state:1},ojpijjmpahflnipadmlpgbjmagmjchkk:{ack_external:true},pjkljhegncpnkpknbcohdijeoejaedia:{ack_external:true,active_permissions:{api:[notifications]},app_launcher_ordinal:w,from_bookmark:true,from_webstore:false,install_time:12980577781269603,location:2,manifest:{app:{launch:{container:tab,web_url:https://mail.google.com/mail/ca},urls:[*://mail.google.com/mail/ca]},current_locale:en_US,default_locale:en,description:Fast, searchable email with less spam.,icons:{128:128.png,24:24.png,48:48.png},key:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB,name:Gmail,options_page:https://mail.google.com/mail/ca/#settings,permissions:[notifications],update_url:http://clients2.google.com/service/update2/crx,version:6.1.3},page_ordinal:n,path:pjkljhegncpnkpknbcohdijeoejaedia\\6.1.3_0,state:1}},toolbar:[mkfokfffehpeedafpekjeddnmnjhmcmk,lbnbkjocmknnifdpllfjjphhdjfopofl],toolbarsize:-1},homepage:http://mysearch.avg.com/?cid={400F5A31-E980-4A59-A4B9-03F95D4B49CC}&mid=6a46084101614c9d8d1a3f201d84fa58-17e61d9699af2721aa07323efb911cb5786b0bb8&lang=en&ds=fp011&pr=sa&d=2013-03-13 15:36:06&v=14.2.0.1&pid=safeguard&sg=1&sap=hp,homepage_is_newtabpage:false,http_throttling:{enabled:true},instant:{enabled_time:12980579061139895},net:{http_server_properties:{googleads.g.doubleclick.net:443:{settings:[{id:4,value:100}],supports_spdy:true},lh3.googleusercontent.com:443:{settings:[{id:4,value:100}],supports_spdy:true},ssl.google-analytics.com:443:{settings:[{id:4,value:100},{id:5,value:32},{id:6,value:0}],supports_spdy:true},www.google.com:443:{settings:[{id:4,value:100}],supports_spdy:true}}},ntp:{app_page_names:[Apps],promo_build:11,promo_closed:false,promo_end:1333353540.0,promo_feature_mask:0,promo_group:16,promo_group_max:99,promo_group_timeslice:0,promo_is_logged_in_to_plus:false,promo_line:<b>New!</b> Browse the web with twice the mice. <a href=\http://google.com/chrome/multitask\>Try Chrome Multitask Mode</a>,promo_platform:15,promo_resource_cache_update:1337969874.744128,promo_start:1333267260.0,promo_views:0,promo_views_max:15,sign_in_promo:{group_max:100}},plugins:{enabled_internal_pdf3:true,enabled_nacl:true,last_internal_directory:C:\\Users\\DayanStudios\\AppData\\Local\\Google\\Chrome\\Application\\19.0.1084.52,plugins_list:[{enabled:true,name:Remoting Viewer,path:internal-remoting-viewer,version:},{enabled:true,name:Remoting Viewer},{enabled:true,name:Native Client,path:C:\\Users\\DayanStudios\\AppData\\Local\\Google\\Chrome\\Application\\19.0.1084.52\\ppGoogleNaClPluginChrome.dll,version:},{enabled:true,name:Native Client},{enabled:true,name:Chrome PDF Viewer,path:C:\\Users\\DayanStudios\\AppData\\Local\\Google\\Chrome\\Application\\19.0.1084.52\\pdf.dll,version:},{enabled:true,name:Chrome PDF Viewer},{enabled:true,name:Shockwave Flash,path:C:\\Users\\DayanStudios\\AppData\\Local\\Google\\Chrome\\Application\\19.0.1084.52\\gcswf32.dll,version:11,2,202,235},{enabled:true,name:Shockwave Flash,path:C:\\Windows\\SysWOW64\\Macromed\\Flash\\NPSWF32.dll,version:11,1,102,62},{enabled:true,name:Flash},{enabled:true,name:Norton Confidential,path:C:\\Users\\DayanStudios\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\mkfokfffehpeedafpekjeddnmnjhmcmk\\2012.5.3.7_0\\npcoplgn.dll,version:2012.5.3.7},{enabled:true,name:Norton Confidential},{enabled:true,name:Adobe Acrobat,path:C:\\Program Files (x86)\\Adobe\\Acrobat 10.0\\Acrobat\\Air\\nppdf32.dll,version:10.1.2.45},{enabled:false,name:Adobe Acrobat},{enabled:true,name:Java Deployment Toolkit 6.0.300.12,path:C:\\Program Files (x86)\\Java\\jre6\\bin\\new_plugin\\npdeployJava1.dll,version:6.0.300.12},{enabled:true,name:Java Platform SE 6 U30,path:C:\\Program Files (x86)\\Java\\jre6\\bin\\new_plugin\\npjp2.dll,version:6.0.300.12},{enabled:true,name:Java},{enabled:true,name:QuickTime Plug-in 7.7.1,path:C:\\Program Files (x86)\\QuickTime\\plugins\\npqtplugin.dll,version:7.7.1 (1680.42)},{enabled:true,name:QuickTime Plug-in 7.7.1,path:C:\\Program Files (x86)\\QuickTime\\plugins\\npqtplugin2.dll,version:7.7.1 (1680.42)},{enabled:true,name:QuickTime Plug-in 7.7.1,path:C:\\Program Files (x86)\\QuickTime\\plugins\\npqtplugin3.dll,version:7.7.1 (1680.42)},{enabled:true,name:QuickTime Plug-in 7.7.1,path:C:\\Program Files (x86)\\QuickTime\\plugins\\npqtplugin4.dll,version:7.7.1 (1680.42)},{enabled:true,name:QuickTime Plug-in 7.7.1,path:C:\\Program Files (x86)\\QuickTime\\plugins\\npqtplugin5.dll,version:7.7.1 (1680.42)},{enabled:true,name:QuickTime Plug-in 7.7.1,path:C:\\Program Files (x86)\\QuickTime\\plugins\\npqtplugin6.dll,version:7.7.1 (1680.42)},{enabled:true,name:QuickTime Plug-in 7.7.1,path:C:\\Program Files (x86)\\QuickTime\\plugins\\npqtplugin7.dll,version:7.7.1 (1680.42)},{enabled:true,name:QuickTime},{enabled:true,name:Google Talk Plugin,path:C:\\Users\\DayanStudios\\AppData\\Roaming\\Mozilla\\plugins\\npgoogletalk.dll,version:2.8.7.6830},{enabled:true,name:Google Talk Plugin Video Accelerator,path:C:\\Users\\DayanStudios\\AppData\\Roaming\\Mozilla\\plugins\\npgtpo3dautoplugin.dll,version:0,1,44,15},{enabled:true,name:Google Talk Plugin},{enabled:true,name:Microsoft Office 2010,path:C:\\PROGRA~2\\MICROS~1\\Office14\\NPAUTHZ.DLL,version:14.0.4730.1010},{enabled:true,name:Microsoft Office 2010,path:C:\\PROGRA~2\\MICROS~1\\Office14\\NPSPWRAP.DLL,version:14.0.4761.1000},{enabled:true,name:Microsoft Office},{enabled:true,name:WacomTabletPlugin,path:C:\\Program Files (x86)\\TabletPlugins\\npWacomTabletPlugin.dll,version:2.0.0.4},{enabled:true,name:WacomTabletPlugin},{enabled:true,name: Wacom Dynamic Link Library,path:C:\\Program Files (x86)\\TabletPlugins\\npwacom.dll,version:1,1,0,10},{enabled:true,name: Wacom Dynamic Link Library},{enabled:true,name:WildTangent Games App Presence Detector,path:C:\\Program Files (x86)\\WildTangent Games\\App\\BrowserIntegration\\Registered\\0\\NP_wtapp.dll,version:4.0.5.4},{enabled:true,name:WildTangent Games App Presence Detector},{enabled:true,name:Windows Live™ Photo Gallery,path:C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll,version:15.4.3538.0513_ship.wlx.w4m4 (ship)},{enabled:true,name:Windows Live™ Photo Gallery},{enabled:true,name:iTunes Application Detector,path:C:\\Program Files (x86)\\iTunes\\Mozilla Plugins\\npitunes.dll,version:1.0.1.1},{enabled:true,name:iTunes Application Detector},{enabled:true,name:Google Update,path:C:\\Users\\DayanStudios\\AppData\\Local\\Google\\Update\\1.3.21.111\\npGoogleUpdate3.dll,version:1.3.21.111},{enabled:true,name:Google Update},{enabled:true,name:Shockwave for Director,path:C:\\Windows\\system32\\Adobe\\Director\\np32dsw.dll,version:11.6.1r629},{enabled:true,name:Shockwave},{enabled:true,name:Silverlight Plug-In,path:c:\\Program Files (x86)\\Microsoft Silverlight\\4.1.10111.0\\npctrl.dll,version:4.1.10111.0},{enabled:true,name:Silverlight}]},profile:{avatar_index:0,content_settings:{pref_version:1},exited_cleanly:true,name:First user,password_manager_enabled:false},session:{restore_on_startup:4,restore_on_startup_migrated:true,urls_to_restore_on_startup:[http://search.condui...owledged_types:[Bookmarks,Preferences,Passwords,Autofill Profiles,Autofill,Themes,Typed URLs,Extensions,Encryption keys,Search Engines,Sessions,Apps,App Notifications],app_notifications:true,apps:true,autofill:true,autofill_profile:true,bookmarks:true,extensions:true,keep_everything_synced:false,passwords:false,preferences:true,search_engines:true,suppress_start:false,themes:true,typed_urls:true},sync_promo:{show_ntp_bubble:false,startup_count:1,user_skipped:true,view_count:
CHR - homepage: http://search.yahoo....r=spigot-yhp-ch
CHR - Extension: \x54\x75beSa\x76e\x72 = C:\Users\DayanStudios\AppData\Local\Google\Chrome\User Data\Default\Extensions\aggiiclaiamajehmlfpkjmlbadmkledi\0.26_0\
CHR - Extension: \x54\x75beSa\x76e\x72 = C:\Users\DayanStudios\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: \x54\x75beSa\x76e\x72 = C:\Users\DayanStudios\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: No name found = C:\Users\DayanStudios\AppData\Local\Google\Chrome\User Data\Default\Extensions\fliacamcdcfemghfnaekoojeliaifleg\9.0_0\
CHR - Extension: \x54\x75beSa\x76e\x72 = C:\Users\DayanStudios\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbnbkjocmknnifdpllfjjphhdjfopofl\1.7_0\
CHR - Extension: \x54\x75beSa\x76e\x72 = C:\Users\DayanStudios\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.3.7_0\
CHR - Extension: \x54\x75beSa\x76e\x72 = C:\Users\DayanStudios\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.4.6_0\
CHR - Extension: \x54\x75beSa\x76e\x72 = C:\Users\DayanStudios\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
O1 HOSTS File: ([2012/07/04 21:32:46 | 000,001,308 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 lm.licenses.adobe.com
O2:64bit: - BHO: (FoodBuzz) - {1C6E034D-B4B6-4D96-94B5-4163A5EB2195} - C:\Program Files (x86)\FoodBuzz\Extension\adxloader64.dll ()
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Vuze Remote Toolbar) - {05478A66-EDB6-4A22-A870-A5987F80A7DA} - C:\Program Files (x86)\Vuze Remote Toolbar\IE\7.5\vuzeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (FoodBuzz) - {1C6E034D-B4B6-4D96-94B5-4163A5EB2195} - C:\Program Files (x86)\FoodBuzz\Extension\adxloader.dll ()
O2 - BHO: (Slick Savings) - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - C:\Users\DayanStudios\AppData\Roaming\Slick Savings\Coupons.dll (Spigot, Inc.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll (Symantec Corporation)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (TubeSaver) - {8126319b-dc72-4c94-ab85-0ec9985fc040} - C:\Program Files (x86)\TubeSaver\131.dll (TubeSaver)
O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.5.0.2\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {05478A66-EDB6-4A22-A870-A5987F80A7DA} - C:\Program Files (x86)\Vuze Remote Toolbar\IE\7.5\vuzeToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.5.0.2\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1930E38A-DEEF-4CF4-9BFB-9C4EA3689A9D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPQuickWebProxy] C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe ()
O4 - HKCU..\Run: [Adobe Acrobat Synchronizer] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [FBMaintenance] C:\Program Files (x86)\FoodBuzz\Update\FBMaintenance.exe (FBMaintenance)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - Startup: C:\Users\DayanStudios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\DayanStudios\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://hp.digitalriv..._US&keywords=%w
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Find Software on HP Download Store (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: alipay.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: alipay.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: alisoft.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: alisoft.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: taobao.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: taobao.com ([]https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.10.2)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.10.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51FB2BC7-0B85-401D-BDEE-15DE9F3F5EAC}: DhcpNameServer = 75.75.76.76 75.75.75.75
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{91C5EC0B-9527-4AA1-A830-42281824A61E}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll (AVG Secure Search)
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{6b426271-d8cf-11e1-a89a-ec9a74565259}\Shell - "" = AutoRun
O33 - MountPoints2\{6b426271-d8cf-11e1-a89a-ec9a74565259}\Shell\AutoRun\command - "" = H:\LapNetWizard.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/09/03 17:15:49 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\DayanStudios\Desktop\OTL.exe
[2013/08/31 00:15:13 | 000,000,000 | ---D | C] -- C:\Users\DayanStudios\AppData\Local\FlvtoYoutubeDownloader
[2013/08/30 19:17:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze Remote Toolbar
[2013/08/30 19:17:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2013/08/30 19:17:43 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/08/29 22:28:25 | 000,000,000 | ---D | C] -- C:\Users\DayanStudios\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FoodBuzz
[2013/08/29 22:28:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FoodBuzz
[2013/08/29 22:28:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TubeSaver
[2013/08/29 21:49:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader
[2013/08/29 21:49:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Flvto Youtube Downloader
[2013/08/17 11:38:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/08/11 23:30:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/08/11 23:29:41 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/08/11 23:29:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/08/11 23:29:41 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/08/11 23:29:41 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/08/11 23:24:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013/08/11 23:24:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2013/08/07 13:16:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/08/04 20:24:20 | 000,000,000 | ---D | C] -- C:\Users\DayanStudios\AppData\Local\Slick Savings
[2013/08/04 20:24:19 | 000,000,000 | ---D | C] -- C:\Users\DayanStudios\AppData\Roaming\Slick Savings
[2013/08/04 20:24:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/09/03 17:35:01 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1961690247-547489951-2682193388-1002UA.job
[2013/09/03 17:29:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/09/03 17:20:56 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/03 17:20:56 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/03 17:15:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DayanStudios\Desktop\OTL.exe
[2013/09/03 17:14:18 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\TubeSaver Update.job
[2013/09/03 17:12:55 | 000,000,440 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_AUG2013_TB_rmv.job
[2013/09/03 17:12:54 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_AUG2013_TB_rel.job
[2013/09/03 17:12:54 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_MAY2013_TB_rel.job
[2013/09/03 17:12:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/03 17:12:35 | 2800,803,840 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/03 16:16:50 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1961690247-547489951-2682193388-1002Core.job
[2013/09/02 17:09:03 | 000,237,177 | ---- | M] () -- C:\Users\DayanStudios\AppData\Roaming\vso_ts_preview.xml
[2013/09/01 01:17:31 | 000,000,360 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDayanStudios.job
[2013/08/30 19:17:59 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/08/30 19:17:59 | 000,660,318 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/08/30 19:17:59 | 000,121,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/08/29 21:50:06 | 000,002,115 | ---- | M] () -- C:\Users\Public\Desktop\Flvto Youtube Downloader.lnk
[2013/08/22 00:01:38 | 000,001,456 | ---- | M] () -- C:\Users\DayanStudios\AppData\Local\Adobe Save for Web 12.0 Prefs
[2013/08/14 16:06:07 | 000,003,725 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
[2013/08/14 16:05:55 | 000,045,856 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013/08/13 05:29:30 | 010,173,672 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/08/11 23:30:34 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/08/11 23:24:50 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013/08/07 13:15:38 | 000,773,050 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/08/04 20:24:01 | 000,001,848 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk
[2013/08/04 20:24:01 | 000,001,848 | ---- | M] () -- C:\Users\DayanStudios\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/08/29 22:28:08 | 000,000,386 | ---- | C] () -- C:\Windows\tasks\TubeSaver Update.job
[2013/08/29 21:50:01 | 000,002,115 | ---- | C] () -- C:\Users\Public\Desktop\Flvto Youtube Downloader.lnk
[2013/08/26 11:20:15 | 000,000,390 | ---- | C] () -- C:\Windows\tasks\AVG-Secure-Search-Update_AUG2013_TB_rel.job
[2013/08/26 11:20:13 | 000,000,440 | ---- | C] () -- C:\Windows\tasks\AVG-Secure-Search-Update_AUG2013_TB_rmv.job
[2013/08/11 23:30:34 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/08/11 23:24:50 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013/06/27 17:19:49 | 000,003,725 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
[2013/03/28 21:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013/03/28 21:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013/03/28 20:38:08 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013/03/28 20:38:08 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/11/27 01:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/06/21 15:16:32 | 000,000,132 | ---- | C] () -- C:\Users\DayanStudios\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/06/08 11:27:55 | 000,000,132 | ---- | C] () -- C:\Users\DayanStudios\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
[2012/03/12 20:46:11 | 000,151,552 | ---- | C] () -- C:\Windows\KMSEmulator.exe
[2012/03/09 21:44:39 | 000,237,177 | ---- | C] () -- C:\Users\DayanStudios\AppData\Roaming\vso_ts_preview.xml
[2012/02/07 23:09:29 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/02/07 23:09:21 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/02/05 18:43:13 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys
[2012/02/03 23:25:19 | 000,001,456 | ---- | C] () -- C:\Users\DayanStudios\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/01/23 22:30:14 | 000,000,025 | -H-- | C] () -- C:\ProgramData\.811261211181235583101118113995
[2011/12/17 03:51:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/12/17 03:49:30 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2011/12/17 03:45:14 | 000,773,050 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/09/12 17:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/09/06 15:34:28 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
========== ZeroAccess Check ==========
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 00:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/26 23:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/06/27 17:57:09 | 000,000,000 | ---D | M] -- C:\Users\DayanStudios\AppData\Roaming\Ableton
[2012/12/17 00:39:05 | 000,000,000 | ---D | M] -- C:\Users\DayanStudios\AppData\Roaming\Amazon
[2013/09/01 02:05:23 | 000,000,000 | ---D | M] -- C:\Users\DayanStudios\AppData\Roaming\Azureus
[2012/02/01 11:40:22 | 000,000,000 | ---D | M] -- C:\Users\DayanStudios\AppData\Roaming\bppenu11
[2013/01/25 11:31:47 | 000,000,000 | ---D | M] -- C:\Users\DayanStudios\AppData\Roaming\calibre
[2013/06/01 09:28:25 | 000,000,000 | ---D | M] -- C:\Users\DayanStudios\AppData\Roaming\Canon
[2012/05/04 19:57:07 | 000,000,000 | ---D | M] -- C:\Users\DayanStudios\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/12/29 09:49:11 | 000,000,000 | ---D | M] -- C:\Users\DayanStudios\AppData\Roaming\ChordChartWizard
[2012/09/27 22:55:26 | 000,000,000 | ---D | M] -- C:\Users\DayanStudios\AppData\Roaming\ColorCop
[2012/09/23 15:24:31 | 000,000,000 | ---D | M] -- C:\Users\DayanStudios\AppData\Roaming\com.dbala.bbdesign.ihpuploader.8F9216641BAF5920B5A7B4C198556E7E71B1FC0F.1
[2012/01/26 19:21:26 | 000,000,000 | ---D | M] -- C:\Users\DayanStudios\AppData\Roaming\com.elance.tracker
[2013/09/03 17:14:12 | 000,000,000 | ---D | M] -- C:\Users\DayanStudios\AppData\Roaming\Dropbox
[2012/01/23 22:30:36 | 000,000,000 | ---D | M] -- C:\Users\DayanStudios\AppData\Roaming\Final Draft
[2013/05/06 19:34:55 | 000,000,000 | ---D | M] -- C:\Users\DayanStudios\AppData\Roaming\Firestorm
[2013/01/22 13:09:11 | 000,000,000 | ---D | M] -- C:\Users\DayanStudios\AppData\Roaming\FlvtoConverter
[2012/02/16 13:16:03 | 000,000,000 | ---D | M] -- C:\Users\DayanStudios\AppData\Roaming\ImgBurn
[2012/01/25 11:25:51 | 000,000,000 | ---D | M] -- C:\Users\DayanStudios\AppData\Roaming\IndigoRose
[2012/08/13 01:15:28 | 000,000,000 | ---D | M] -- C:\Users\DayanStudios\AppData\Roaming\MoveFab
[2012/02/07 23:09:19 | 000,000,000 | ---D | M] -- C:\Users\DayanStudios\AppData\Roaming\PunkBuster
[2012/07/21 21:55:07 | 000,000,000 | ---D | M] -- C:\Users\DayanStudios\AppData\Roaming\SecondLife
[2013/08/04 20:24:19 | 000,000,000 | ---D | M] -- C:\Users\DayanStudios\AppData\Roaming\Slick Savings
[2012/06/26 11:44:16 | 000,000,000 | ---D | M] -- C:\Users\DayanStudios\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/01/18 23:26:42 | 000,000,000 | ---D | M] -- C:\Users\DayanStudios\AppData\Roaming\Synaptics
[2013/09/02 17:09:04 | 000,000,000 | ---D | M] -- C:\Users\DayanStudios\AppData\Roaming\Vso
[2013/02/21 12:36:28 | 000,000,000 | ---D | M] -- C:\Users\DayanStudios\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
< End of report >