Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

My Computers running slow. [Solved]

Started by mikey1988 , Sep 11 2013 06:43 PM

This topic is locked

#1
mikey1988

Posted 11 September 2013 - 06:43 PM

Member

Member
13 posts

Really I just wanted to know if there was anything bad on my computer. Here's my OTL scan. Is there anyhting I can do to speed up my computer?

OTL logfile created on: 9/11/2013 5:15:34 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Michael Affinito\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.60 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 53.36% Memory free
7.21 Gb Paging File | 5.23 Gb Available in Paging File | 72.50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 442.12 Gb Total Space | 364.36 Gb Free Space | 82.41% Space Free | Partition Type: NTFS
Drive D: | 19.48 Gb Total Space | 2.11 Gb Free Space | 10.85% Space Free | Partition Type: NTFS
Drive E: | 3.96 Gb Total Space | 1.08 Gb Free Space | 27.23% Space Free | Partition Type: FAT32

Computer Name: MA | User Name: Michael Affinito | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/09/11 17:13:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Michael Affinito\Downloads\OTL.exe
PRC - [2013/09/10 23:12:42 | 001,862,024 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
PRC - [2013/09/10 17:40:43 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/08/14 11:10:26 | 003,291,008 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/06/27 16:11:08 | 020,097,696 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2013/05/11 03:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/05/07 23:18:34 | 000,097,056 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
PRC - [2012/10/15 15:37:42 | 000,525,240 | ---- | M] (NDS Technologies) -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
PRC - [2012/10/15 15:37:38 | 006,442,920 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
PRC - [2012/08/10 16:48:50 | 000,197,536 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2012/03/05 13:38:38 | 000,578,944 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2012/03/05 13:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/10/06 19:19:16 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/09/29 12:33:42 | 000,169,528 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
PRC - [2011/09/20 11:53:26 | 000,148,768 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
PRC - [2011/08/19 14:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2010/12/27 16:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
PRC - [2010/12/10 18:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2010/03/26 03:07:42 | 000,091,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\msftesql.exe
PRC - [2010/03/23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2007/03/30 18:59:16 | 000,673,280 | ---- | M] () -- C:\Program Files (x86)\Common Files\Primavera Common\BackgroundAgent\PrmBackgroundAgent.exe

========== Modules (No Company Name) ==========

MOD - [2013/09/11 16:56:02 | 000,128,512 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\_elementtree.pyd
MOD - [2013/09/11 16:56:01 | 000,557,056 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\pysqlite2._sqlite.pyd
MOD - [2013/09/11 16:56:01 | 000,098,816 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\win32api.pyd
MOD - [2013/09/11 16:56:01 | 000,044,032 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\_socket.pyd
MOD - [2013/09/11 16:56:01 | 000,026,624 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\_multiprocessing.pyd
MOD - [2013/09/11 16:56:01 | 000,022,528 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\win32ts.pyd
MOD - [2013/09/11 16:56:00 | 000,320,512 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\win32com.shell.shell.pyd
MOD - [2013/09/11 16:56:00 | 000,070,656 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\wx._html2.pyd
MOD - [2013/09/11 16:55:59 | 000,805,888 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\wx._gdi_.pyd
MOD - [2013/09/11 16:55:59 | 000,011,264 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\win32crypt.pyd
MOD - [2013/09/11 16:55:58 | 000,504,832 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\windows._cacheinvalidation.pyd
MOD - [2013/09/11 16:55:58 | 000,087,040 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\_ctypes.pyd
MOD - [2013/09/11 16:55:58 | 000,017,408 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\win32profile.pyd
MOD - [2013/09/11 16:55:57 | 000,735,232 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\wx._misc_.pyd
MOD - [2013/09/11 16:55:57 | 000,364,544 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\pythoncom27.dll
MOD - [2013/09/11 16:55:56 | 001,175,040 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\wx._core_.pyd
MOD - [2013/09/11 16:55:56 | 000,110,080 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\PyWinTypes27.dll
MOD - [2013/09/11 16:55:56 | 000,108,544 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\win32security.pyd
MOD - [2013/09/11 16:55:55 | 001,153,024 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\_ssl.pyd
MOD - [2013/09/11 16:55:55 | 000,025,600 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\win32pdh.pyd
MOD - [2013/09/11 16:55:54 | 000,811,008 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\wx._windows_.pyd
MOD - [2013/09/11 16:55:54 | 000,711,680 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\_hashlib.pyd
MOD - [2013/09/11 16:55:54 | 000,122,368 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\wx._wizard.pyd
MOD - [2013/09/11 16:55:54 | 000,119,808 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\win32file.pyd
MOD - [2013/09/11 16:55:54 | 000,038,912 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\win32inet.pyd
MOD - [2013/09/11 16:55:54 | 000,035,840 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\win32process.pyd
MOD - [2013/09/11 16:55:53 | 001,062,400 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\wx._controls_.pyd
MOD - [2013/09/11 16:55:53 | 000,686,080 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\unicodedata.pyd
MOD - [2013/09/11 16:55:53 | 000,127,488 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\pyexpat.pyd
MOD - [2013/09/11 16:55:53 | 000,018,432 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\win32event.pyd
MOD - [2013/09/11 16:55:53 | 000,010,240 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI35442\select.pyd
MOD - [2013/09/10 23:12:41 | 016,177,544 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
MOD - [2013/09/10 17:40:39 | 003,551,640 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/09/07 04:10:05 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2012/10/15 15:39:00 | 000,091,536 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\z.dll
MOD - [2012/10/15 15:38:54 | 000,273,824 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\ndsLogStore.dll
MOD - [2012/10/15 15:38:52 | 001,402,784 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\libxml2-2.dll
MOD - [2012/10/15 15:38:34 | 000,688,560 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\libgstreamer-0.10.dll
MOD - [2012/10/15 15:37:54 | 007,123,880 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\gsttspplugin.dll
MOD - [2012/10/15 15:37:38 | 006,442,920 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
MOD - [2012/10/15 15:37:32 | 002,203,048 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\DrmSingleton.dll
MOD - [2012/05/30 20:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/05/30 20:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/09/20 11:52:38 | 001,085,216 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2011/07/06 00:08:26 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/07/05 11:27:04 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010/10/11 02:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/11/17 19:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2013/09/11 12:19:53 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/10 17:40:41 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/08/28 14:47:18 | 000,563,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/08/14 11:10:26 | 003,291,008 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/06/21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/11 03:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/05/07 23:18:34 | 000,097,056 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2012/09/27 12:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/08/10 16:48:50 | 000,197,536 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2012/03/05 13:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/12/27 16:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2010/12/10 18:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$PRIMAVERA)
SRV - [2010/10/12 10:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/26 03:07:42 | 000,091,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\msftesql.exe -- (msftesql$PRIMAVERA)
SRV - [2010/03/23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/03/30 18:59:16 | 000,673,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Primavera Common\BackgroundAgent\PrmBackgroundAgent.exe -- (PrmBackAgent)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/06/14 05:58:23 | 004,729,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/14 13:11:03 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/10/14 13:11:03 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/09/20 18:36:50 | 000,620,584 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2011/09/20 18:36:50 | 000,133,672 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2011/09/20 18:36:50 | 000,089,640 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwdpan.sys -- (BTWDPAN)
DRV:64bit: - [2011/09/20 18:36:44 | 000,178,728 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011/09/20 18:36:44 | 000,167,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2011/09/20 18:36:44 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2011/09/20 18:36:44 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011/08/19 12:29:32 | 000,391,728 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/07/06 00:50:28 | 009,359,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/07/05 23:32:20 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/04/16 03:37:50 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/04/16 03:37:50 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011/03/05 00:16:20 | 000,436,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/02/15 11:37:10 | 000,335,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2010/12/16 12:06:46 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/20 20:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 20:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010/11/20 20:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 20:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 20:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/07/28 09:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/03/23 13:29:46 | 000,304,784 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010/02/08 08:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 14:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 14:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 14:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 13:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/11/16 18:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2304FA72-8CF7-46CD-8FC8-45EF9A14010F}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=CPNTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=CPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {cef81415-2059-4dd5-9829-1aef3cf27f4f} - C:\Program Files (x86)\KeyBar_2.1\prxtbKeyB.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {60C1105D-7552-4607-87CA-E9DC56C83965}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/...q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{2304FA72-8CF7-46CD-8FC8-45EF9A14010F}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=CPNTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=CPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT3309656
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/...q={searchTerms}
IE - HKCU\..\URLSearchHook: {cef81415-2059-4dd5-9829-1aef3cf27f4f} - C:\Program Files (x86)\KeyBar_2.1\prxtbKeyB.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {60C1105D-7552-4607-87CA-E9DC56C83965}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/...q={searchTerms}
IE - HKCU\..\SearchScopes\{60C1105D-7552-4607-87CA-E9DC56C83965}: "URL" = http://search.condui...4171077116&UM=2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..CT3309656.browser.search.defaultthis.engineName: "true"
FF - prefs.js..browser.search.defaultthis.engineName: "KeyBar 2.1 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "google.com"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - prefs.js..keyword.URL: "http://search.condui...214323&UM=2&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nds.com/PCShowPlugin: C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\npPCShowPlugin.dll File not found
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Michael Affinito\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Michael Affinito\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Michael Affinito\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Michael Affinito\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Michael Affinito\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/09/10 17:40:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/09/10 17:40:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/09/01 16:27:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Extensions
[2013/09/10 16:47:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions
[2013/09/10 16:47:12 | 000,000,000 | ---D | M] (KeyBar 2.1) -- C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}
[2013/09/10 16:35:27 | 000,000,997 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\searchplugins\conduit.xml
[2012/09/25 12:27:30 | 000,002,399 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\searchplugins\Web Search.xml
[2013/09/10 17:40:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/09/10 17:40:12 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/09/10 17:40:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/09/10 17:40:11 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/09/10 17:40:46 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\Application\29.0.1547.66\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Michael Affinito\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: KeyBar 2.1 = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\
CHR - Extension: Untitled = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\kinnkbkddbidjhimllaahodhenbnibin\1.0_0\
CHR - Extension: FVD Video Downloader = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.4.1_0\
CHR - Extension: Skype Click to Call = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.11.0.13348_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\

O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (KeyBar 2.1 Toolbar) - {cef81415-2059-4dd5-9829-1aef3cf27f4f} - C:\Program Files (x86)\KeyBar_2.1\prxtbKeyB.dll (Conduit Ltd.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (KeyBar 2.1 Toolbar) - {cef81415-2059-4dd5-9829-1aef3cf27f4f} - C:\Program Files (x86)\KeyBar_2.1\prxtbKeyB.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (KeyBar 2.1 Toolbar) - {CEF81415-2059-4DD5-9829-1AEF3CF27F4F} - C:\Program Files (x86)\KeyBar_2.1\prxtbKeyB.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPQuickWebProxy] C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [3EF6D3D0B6181F6F56C815FC740FC4D5133DA3D4._service_run] "C:\Users\Michael Affinito\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service File not found
O4 - HKCU..\Run: [ConduitFloatingPlugin_ihogoofdaifgdkdilopkeahfcnifkajn] C:\Program Files (x86)\Conduit\CT3309656\plugins\TBVerifier.dll (Conduit Ltd.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [PCShowServer] C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe (NDS Technologies)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://hp.digitalriv..._US&keywords=%w
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Find Software on HP Download Store (Microsoft Corporation)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F550CDCD-3F56-4B09-B1EF-FCC1965CF8B8}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{71cd55f7-07fb-11e2-8c32-c01885d0907c}\Shell - "" = AutoRun
O33 - MountPoints2\{71cd55f7-07fb-11e2-8c32-c01885d0907c}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/09/11 14:23:27 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/09/10 17:40:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/09/10 16:44:20 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\Documents\chopped up
[2013/09/10 16:40:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2013/09/10 16:40:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Conduit
[2013/09/10 16:40:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeyBar_2.1
[2013/09/10 16:40:10 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Local\Conduit
[2013/09/10 16:38:31 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Local\CRE
[2013/09/10 16:38:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2013/09/10 16:36:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
[2013/09/10 16:35:29 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Roaming\SearchProtect
[2013/09/10 16:33:46 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Roaming\DVDVideoSoft
[2013/09/10 16:33:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2013/09/10 16:33:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2013/09/10 16:31:55 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Local\Programs
[2013/09/10 14:16:53 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Local\{5F3918AF-4D5C-4019-957B-36FC02CEBE18}
[2013/09/09 21:53:58 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\Desktop\simpleviewer_231
[2013/09/09 21:49:19 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\Documents\Extracted Files
[2013/09/09 21:44:26 | 003,070,808 | ---- | C] (PKWARE, Inc.) -- C:\Users\Michael Affinito\Desktop\ZIPReader.exe
[2013/09/08 17:19:39 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Local\Macromedia
[2013/09/08 01:21:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/09/07 03:15:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT

========== Files - Modified Within 30 Days ==========

[2013/09/11 17:19:04 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/09/11 16:55:45 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/11 16:53:37 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/11 16:53:37 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/11 16:51:59 | 000,835,068 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/09/11 16:51:59 | 000,704,424 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/09/11 16:51:59 | 000,132,620 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/09/11 16:45:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/11 16:45:42 | 000,313,592 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/09/11 16:45:26 | 2902,646,784 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/11 16:30:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2983651559-1869103183-3296704676-1001UA.job
[2013/09/11 16:29:00 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/11 16:11:34 | 000,411,274 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Michael A Harrell Resume.pdf
[2013/09/11 13:29:01 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2983651559-1869103183-3296704676-1001Core.job
[2013/09/11 13:10:17 | 000,002,619 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Jens Gallery.html
[2013/09/11 12:20:00 | 000,001,847 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Jens Web Page.html
[2013/09/11 12:13:10 | 000,001,654 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Jens Contact.html
[2013/09/11 12:12:55 | 000,001,654 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Jens About.html
[2013/09/11 12:06:39 | 000,002,999 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Species Gallery.html
[2013/09/11 09:59:12 | 000,002,021 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Species Video.html
[2013/09/10 23:24:33 | 000,000,149 | ---- | M] () -- C:\Users\Michael Affinito\Documents\test.html
[2013/09/10 22:34:59 | 000,002,173 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Species Music.html
[2013/09/10 20:13:43 | 000,002,100 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Species Calendar.html
[2013/09/10 17:41:53 | 000,000,183 | ---- | M] () -- C:\Users\Michael Affinito\Documents\playlist.m3u
[2013/09/10 16:48:08 | 001,381,600 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Chopped up.mp3
[2013/09/10 16:47:39 | 015,219,766 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Chopped up.wav
[2013/09/10 16:40:59 | 000,000,009 | ---- | M] () -- C:\END
[2013/09/10 16:29:40 | 000,001,793 | ---- | M] () -- C:\Users\Michael Affinito\Documents\The Species.html
[2013/09/10 13:46:05 | 000,015,713 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Blood.jpg
[2013/09/10 13:19:30 | 001,411,172 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Chopped up.m4a
[2013/09/09 21:44:10 | 003,070,808 | ---- | M] (PKWARE, Inc.) -- C:\Users\Michael Affinito\Desktop\ZIPReader.exe
[2013/09/09 20:49:09 | 000,001,589 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Specie Music.html
[2013/09/09 20:48:47 | 000,001,589 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Music.html
[2013/09/09 16:00:31 | 000,000,531 | ---- | M] () -- C:\Users\Michael Affinito\Documents\html test.html
[2013/09/08 23:13:50 | 000,000,056 | ---- | M] () -- C:\Users\Michael Affinito\Documents\species style.css
[2013/09/06 10:09:20 | 000,309,261 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Project Bid 1013.pdf
[2013/09/05 16:02:01 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMA$.job

========== Files Created - No Company Name ==========

[2013/09/11 16:11:26 | 000,411,274 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Michael A Harrell Resume.pdf
[2013/09/11 12:09:30 | 000,001,654 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Jens Contact.html
[2013/09/11 12:09:12 | 000,001,654 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Jens About.html
[2013/09/11 12:08:48 | 000,002,619 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Jens Gallery.html
[2013/09/10 23:08:40 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/09/10 20:59:44 | 000,000,149 | ---- | C] () -- C:\Users\Michael Affinito\Documents\test.html
[2013/09/10 17:40:25 | 000,000,183 | ---- | C] () -- C:\Users\Michael Affinito\Documents\playlist.m3u
[2013/09/10 16:49:11 | 001,381,600 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Chopped up.mp3
[2013/09/10 16:49:03 | 015,219,766 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Chopped up.wav
[2013/09/10 16:34:18 | 000,000,009 | ---- | C] () -- C:\END
[2013/09/10 16:03:00 | 000,002,021 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Species Video.html
[2013/09/10 13:46:04 | 000,015,713 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Blood.jpg
[2013/09/10 13:20:38 | 001,411,172 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Chopped up.m4a
[2013/09/10 12:46:17 | 000,073,332 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Mike fish.JPG
[2013/09/10 11:59:44 | 001,042,251 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Grandpa Munster.JPG
[2013/09/09 23:28:17 | 002,170,519 | ---- | C] () -- C:\Users\Michael Affinito\Documents\HitchHiker.JPG
[2013/09/09 22:12:32 | 001,116,915 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Sugar High.JPG
[2013/09/09 20:50:26 | 000,002,100 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Species Calendar.html
[2013/09/09 20:49:50 | 000,002,173 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Species Music.html
[2013/09/09 20:49:09 | 000,001,589 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Specie Music.html
[2013/09/09 20:48:47 | 000,001,589 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Music.html
[2013/09/09 19:23:31 | 000,002,999 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Species Gallery.html
[2013/09/09 16:00:31 | 000,000,531 | ---- | C] () -- C:\Users\Michael Affinito\Documents\html test.html
[2013/09/08 23:13:50 | 000,000,056 | ---- | C] () -- C:\Users\Michael Affinito\Documents\species style.css
[2013/09/08 23:03:54 | 000,001,793 | ---- | C] () -- C:\Users\Michael Affinito\Documents\The Species.html
[2013/09/08 17:18:29 | 000,001,847 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Jens Web Page.html
[2013/09/05 21:14:54 | 000,309,261 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Project Bid 1013.pdf
[2012/09/24 15:56:33 | 000,786,412 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/09/06 16:31:59 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/06/14 06:09:19 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

========== ZeroAccess Check ==========

[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/09/25 11:06:19 | 000,000,000 | ---D | M] -- C:\Users\Michael Affinito\AppData\Roaming\Canneverbe Limited
[2013/09/10 16:41:35 | 000,000,000 | ---D | M] -- C:\Users\Michael Affinito\AppData\Roaming\DVDVideoSoft
[2012/09/25 09:13:02 | 000,000,000 | ---D | M] -- C:\Users\Michael Affinito\AppData\Roaming\Easy Burning Software
[2012/09/25 09:13:02 | 000,000,000 | ---D | M] -- C:\Users\Michael Affinito\AppData\Roaming\EasyBurningSoftware
[2013/09/10 16:33:46 | 000,000,000 | ---D | M] -- C:\Users\Michael Affinito\AppData\Roaming\OpenCandy
[2013/09/10 16:40:38 | 000,000,000 | ---D | M] -- C:\Users\Michael Affinito\AppData\Roaming\SearchProtect
[2012/09/01 13:48:14 | 000,000,000 | ---D | M] -- C:\Users\Michael Affinito\AppData\Roaming\Synaptics
[2012/09/30 15:06:01 | 000,000,000 | ---D | M] -- C:\Users\Michael Affinito\AppData\Roaming\Windows Live Writer

========== Purity Check ==========

< End of report >

#2
23red

Posted 11 September 2013 - 07:43 PM

Trusted Helper

Malware Removal
1,797 posts

Hi mikey1988

I'm 23red, and It'll be my pleasure to assist you with your problem.

I am currently reviewing your log. In the meantime, I'd be grateful if you would note the following:

• As I am currently in training, I will be helping you under the supervision of our Expert Teachers. As such, there will likely be a delay between posts.

• Please make sure to carefully read every post completely before doing anything.

• If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask! It's not a problem!

• Please do not run any other scans or other software on your computer unless asked as it may make this repair more difficult.

• Please stick with me until all malware is gone from your system. This is not an instant process, just because you no longer see any symptoms it does not necessarily mean your system is clear of malware. Logs do take time to go thru, please be patient with me.

• Please save my instructions as a text file on your desktop, or print them out, as you may not be able to access this thread at times.

• Thanks for your understanding and patience. I'll be back with you as soon as possible!

Really I just wanted to know if there was anything bad on my computer. Here's my OTL scan. Is there anyhting I can do to speed up my computer?

Short answer to both questions, yes and yes. Thank you for the OTL log, any chance you still have the Extras.txt that came with it? Please post it if you do. It will be useful as well.
And I'll get working on a fix for you to submit to my instructor for approval

#3
mikey1988

Posted 11 September 2013 - 11:37 PM

Member

Topic Starter
Member
13 posts

I just did a superanti spyware scan and fix so let me send you the files again. Thanks

OTL logfile created on: 9/11/2013 9:38:22 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Michael Affinito\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.60 Gb Total Physical Memory | 1.16 Gb Available Physical Memory | 32.31% Memory free
7.21 Gb Paging File | 4.34 Gb Available in Paging File | 60.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 442.12 Gb Total Space | 363.82 Gb Free Space | 82.29% Space Free | Partition Type: NTFS
Drive D: | 19.48 Gb Total Space | 2.11 Gb Free Space | 10.85% Space Free | Partition Type: NTFS
Drive E: | 3.96 Gb Total Space | 1.08 Gb Free Space | 27.23% Space Free | Partition Type: FAT32

Computer Name: MA | User Name: Michael Affinito | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/09/11 21:37:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Michael Affinito\Downloads\OTL.exe
PRC - [2013/09/10 23:12:42 | 001,862,024 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
PRC - [2013/09/10 17:40:43 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/08/14 11:10:26 | 003,291,008 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/06/27 16:11:08 | 020,097,696 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2013/05/11 03:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/05/07 23:18:34 | 002,852,640 | ---- | M] (Conduit) -- C:\Users\Michael Affinito\AppData\Roaming\SearchProtect\bin\cltmng.exe
PRC - [2013/05/07 23:18:34 | 000,097,056 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
PRC - [2012/10/15 15:37:42 | 000,525,240 | ---- | M] (NDS Technologies) -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
PRC - [2012/10/15 15:37:38 | 006,442,920 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
PRC - [2012/08/10 16:48:50 | 000,197,536 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2012/03/05 13:38:38 | 000,578,944 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2012/03/05 13:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/10/06 19:19:16 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/09/29 12:33:42 | 000,169,528 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
PRC - [2011/09/20 11:53:26 | 000,148,768 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
PRC - [2011/08/19 14:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2010/12/27 16:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
PRC - [2010/12/10 18:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2010/03/26 03:07:42 | 000,091,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\msftesql.exe
PRC - [2010/03/23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2007/03/30 18:59:16 | 000,673,280 | ---- | M] () -- C:\Program Files (x86)\Common Files\Primavera Common\BackgroundAgent\PrmBackgroundAgent.exe

========== Modules (No Company Name) ==========

MOD - [2013/09/11 18:20:01 | 000,557,056 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\pysqlite2._sqlite.pyd
MOD - [2013/09/11 18:20:01 | 000,320,512 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\win32com.shell.shell.pyd
MOD - [2013/09/11 18:20:01 | 000,128,512 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\_elementtree.pyd
MOD - [2013/09/11 18:20:01 | 000,098,816 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\win32api.pyd
MOD - [2013/09/11 18:20:01 | 000,044,032 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\_socket.pyd
MOD - [2013/09/11 18:20:01 | 000,026,624 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\_multiprocessing.pyd
MOD - [2013/09/11 18:20:01 | 000,022,528 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\win32ts.pyd
MOD - [2013/09/11 18:20:00 | 001,175,040 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\wx._core_.pyd
MOD - [2013/09/11 18:20:00 | 000,805,888 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\wx._gdi_.pyd
MOD - [2013/09/11 18:20:00 | 000,735,232 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\wx._misc_.pyd
MOD - [2013/09/11 18:20:00 | 000,504,832 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\windows._cacheinvalidation.pyd
MOD - [2013/09/11 18:20:00 | 000,364,544 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\pythoncom27.dll
MOD - [2013/09/11 18:20:00 | 000,110,080 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\PyWinTypes27.dll
MOD - [2013/09/11 18:20:00 | 000,108,544 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\win32security.pyd
MOD - [2013/09/11 18:20:00 | 000,087,040 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\_ctypes.pyd
MOD - [2013/09/11 18:20:00 | 000,070,656 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\wx._html2.pyd
MOD - [2013/09/11 18:20:00 | 000,017,408 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\win32profile.pyd
MOD - [2013/09/11 18:20:00 | 000,011,264 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\win32crypt.pyd
MOD - [2013/09/11 18:19:59 | 001,153,024 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\_ssl.pyd
MOD - [2013/09/11 18:19:59 | 001,062,400 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\wx._controls_.pyd
MOD - [2013/09/11 18:19:59 | 000,811,008 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\wx._windows_.pyd
MOD - [2013/09/11 18:19:59 | 000,711,680 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\_hashlib.pyd
MOD - [2013/09/11 18:19:59 | 000,686,080 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\unicodedata.pyd
MOD - [2013/09/11 18:19:59 | 000,127,488 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\pyexpat.pyd
MOD - [2013/09/11 18:19:59 | 000,122,368 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\wx._wizard.pyd
MOD - [2013/09/11 18:19:59 | 000,119,808 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\win32file.pyd
MOD - [2013/09/11 18:19:59 | 000,038,912 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\win32inet.pyd
MOD - [2013/09/11 18:19:59 | 000,035,840 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\win32process.pyd
MOD - [2013/09/11 18:19:59 | 000,025,600 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\win32pdh.pyd
MOD - [2013/09/11 18:19:59 | 000,018,432 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\win32event.pyd
MOD - [2013/09/11 18:19:59 | 000,010,240 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI32882\select.pyd
MOD - [2013/09/10 23:12:41 | 016,177,544 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
MOD - [2013/09/10 17:40:39 | 003,551,640 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/09/08 01:21:17 | 000,016,808 | ---- | M] () -- C:\Program Files (x86)\Java\jre7\bin\jp2native.dll
MOD - [2013/09/07 04:10:05 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/01/31 01:22:04 | 002,952,016 | -HS- | M] () -- \\?\C:\ProgramData\Microsoft\PlayReady\Cache\S-1-5-21-2983651559-1869103183-3296704676-1001\MSPRindiv01.key
MOD - [2012/10/15 15:39:00 | 000,091,536 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\z.dll
MOD - [2012/10/15 15:38:54 | 000,273,824 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\ndsLogStore.dll
MOD - [2012/10/15 15:38:52 | 001,402,784 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\libxml2-2.dll
MOD - [2012/10/15 15:38:34 | 000,688,560 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\libgstreamer-0.10.dll
MOD - [2012/10/15 15:37:54 | 007,123,880 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\gsttspplugin.dll
MOD - [2012/10/15 15:37:38 | 006,442,920 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
MOD - [2012/10/15 15:37:32 | 002,203,048 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\DrmSingleton.dll
MOD - [2012/05/30 20:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/05/30 20:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/05/23 13:12:02 | 000,143,120 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2011/09/20 11:52:38 | 001,085,216 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2011/07/06 00:08:26 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/07/05 11:27:04 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010/10/11 02:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/11/17 19:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2013/09/11 12:19:53 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/10 17:40:41 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/08/28 14:47:18 | 000,563,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/08/14 11:10:26 | 003,291,008 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/06/21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/11 03:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/05/07 23:18:34 | 000,097,056 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2012/09/27 12:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/08/10 16:48:50 | 000,197,536 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2012/03/05 13:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/12/27 16:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2010/12/10 18:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$PRIMAVERA)
SRV - [2010/10/12 10:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/26 03:07:42 | 000,091,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\msftesql.exe -- (msftesql$PRIMAVERA)
SRV - [2010/03/23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/03/30 18:59:16 | 000,673,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Primavera Common\BackgroundAgent\PrmBackgroundAgent.exe -- (PrmBackAgent)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/06/14 05:58:23 | 004,729,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/14 13:11:03 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/10/14 13:11:03 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/09/20 18:36:50 | 000,620,584 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2011/09/20 18:36:50 | 000,133,672 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2011/09/20 18:36:50 | 000,089,640 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwdpan.sys -- (BTWDPAN)
DRV:64bit: - [2011/09/20 18:36:44 | 000,178,728 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011/09/20 18:36:44 | 000,167,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2011/09/20 18:36:44 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2011/09/20 18:36:44 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011/08/19 12:29:32 | 000,391,728 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/07/22 09:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 14:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/07/06 00:50:28 | 009,359,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/07/05 23:32:20 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/04/16 03:37:50 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/04/16 03:37:50 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011/03/05 00:16:20 | 000,436,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/02/15 11:37:10 | 000,335,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2010/12/16 12:06:46 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/20 20:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 20:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010/11/20 20:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 20:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 20:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/07/28 09:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/03/23 13:29:46 | 000,304,784 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010/02/08 08:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 14:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 14:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 14:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 13:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/11/16 18:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2304FA72-8CF7-46CD-8FC8-45EF9A14010F}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=CPNTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=CPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {cef81415-2059-4dd5-9829-1aef3cf27f4f} - C:\Program Files (x86)\KeyBar_2.1\prxtbKeyB.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {60C1105D-7552-4607-87CA-E9DC56C83965}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/...q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{2304FA72-8CF7-46CD-8FC8-45EF9A14010F}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=CPNTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=CPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT3309656
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/...q={searchTerms}
IE - HKCU\..\URLSearchHook: {cef81415-2059-4dd5-9829-1aef3cf27f4f} - C:\Program Files (x86)\KeyBar_2.1\prxtbKeyB.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {60C1105D-7552-4607-87CA-E9DC56C83965}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/...q={searchTerms}
IE - HKCU\..\SearchScopes\{60C1105D-7552-4607-87CA-E9DC56C83965}: "URL" = http://search.condui...4171077116&UM=2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..CT3309656.browser.search.defaultthis.engineName: "true"
FF - prefs.js..browser.search.defaultthis.engineName: "KeyBar 2.1 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "google.com"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - prefs.js..keyword.URL: "http://search.condui...214323&UM=2&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nds.com/PCShowPlugin: C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\npPCShowPlugin.dll File not found
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Michael Affinito\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Michael Affinito\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Michael Affinito\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Michael Affinito\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Michael Affinito\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Michael Affinito\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/09/10 17:40:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/09/10 17:40:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/09/01 16:27:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Extensions
[2013/09/10 16:47:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions
[2013/09/10 16:47:12 | 000,000,000 | ---D | M] (KeyBar 2.1) -- C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}
[2013/09/10 16:35:27 | 000,000,997 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\searchplugins\conduit.xml
[2012/09/25 12:27:30 | 000,002,399 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\searchplugins\Web Search.xml
[2013/09/10 17:40:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/09/10 17:40:12 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/09/10 17:40:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/09/10 17:40:11 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/09/10 17:40:46 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\Application\29.0.1547.66\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Michael Affinito\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: KeyBar 2.1 = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\
CHR - Extension: Untitled = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\kinnkbkddbidjhimllaahodhenbnibin\1.0_0\
CHR - Extension: FVD Video Downloader = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.4.1_0\
CHR - Extension: Skype Click to Call = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.11.0.13348_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\

O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (KeyBar 2.1 Toolbar) - {cef81415-2059-4dd5-9829-1aef3cf27f4f} - C:\Program Files (x86)\KeyBar_2.1\prxtbKeyB.dll (Conduit Ltd.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (KeyBar 2.1 Toolbar) - {cef81415-2059-4dd5-9829-1aef3cf27f4f} - C:\Program Files (x86)\KeyBar_2.1\prxtbKeyB.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (KeyBar 2.1 Toolbar) - {CEF81415-2059-4DD5-9829-1AEF3CF27F4F} - C:\Program Files (x86)\KeyBar_2.1\prxtbKeyB.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPQuickWebProxy] C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [3EF6D3D0B6181F6F56C815FC740FC4D5133DA3D4._service_run] "C:\Users\Michael Affinito\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service File not found
O4 - HKCU..\Run: [ConduitFloatingPlugin_ihogoofdaifgdkdilopkeahfcnifkajn] C:\Program Files (x86)\Conduit\CT3309656\plugins\TBVerifier.dll (Conduit Ltd.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [PCShowServer] C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe (NDS Technologies)
O4 - HKCU..\Run: [SearchProtect] C:\Users\Michael Affinito\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://hp.digitalriv..._US&keywords=%w
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Find Software on HP Download Store (Microsoft Corporation)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F550CDCD-3F56-4B09-B1EF-FCC1965CF8B8}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{71cd55f7-07fb-11e2-8c32-c01885d0907c}\Shell - "" = AutoRun
O33 - MountPoints2\{71cd55f7-07fb-11e2-8c32-c01885d0907c}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/09/11 20:51:21 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Roaming\Unity
[2013/09/11 20:41:09 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Local\Unity
[2013/09/11 17:33:28 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Roaming\SUPERAntiSpyware.com
[2013/09/11 17:32:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013/09/11 17:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2013/09/11 17:32:48 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/09/11 14:23:27 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/09/10 17:40:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/09/10 16:44:20 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\Documents\chopped up
[2013/09/10 16:40:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2013/09/10 16:40:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Conduit
[2013/09/10 16:40:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeyBar_2.1
[2013/09/10 16:40:10 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Local\Conduit
[2013/09/10 16:38:31 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Local\CRE
[2013/09/10 16:38:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2013/09/10 16:36:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
[2013/09/10 16:35:29 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Roaming\SearchProtect
[2013/09/10 16:33:46 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Roaming\DVDVideoSoft
[2013/09/10 16:33:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2013/09/10 16:33:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2013/09/10 16:31:55 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Local\Programs
[2013/09/10 14:16:53 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Local\{5F3918AF-4D5C-4019-957B-36FC02CEBE18}
[2013/09/09 21:53:58 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\Desktop\simpleviewer_231
[2013/09/09 21:49:19 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\Documents\Extracted Files
[2013/09/09 21:44:26 | 003,070,808 | ---- | C] (PKWARE, Inc.) -- C:\Users\Michael Affinito\Desktop\ZIPReader.exe
[2013/09/08 17:19:39 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Local\Macromedia
[2013/09/08 01:21:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/09/07 03:15:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT

========== Files - Modified Within 30 Days ==========

[2013/09/11 21:29:01 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2983651559-1869103183-3296704676-1001UA.job
[2013/09/11 21:29:01 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/11 21:19:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/09/11 18:50:38 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/11 18:50:38 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/11 18:43:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/11 18:19:59 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/11 17:52:36 | 000,835,068 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/09/11 17:52:36 | 000,704,424 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/09/11 17:52:36 | 000,132,620 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/09/11 17:47:43 | 2902,646,784 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/11 17:32:54 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/09/11 16:45:42 | 000,313,592 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/09/11 16:11:34 | 000,411,274 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Michael A Harrell Resume.pdf
[2013/09/11 13:29:01 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2983651559-1869103183-3296704676-1001Core.job
[2013/09/11 13:10:17 | 000,002,619 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Jens Gallery.html
[2013/09/11 12:20:00 | 000,001,847 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Jens Web Page.html
[2013/09/11 12:13:10 | 000,001,654 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Jens Contact.html
[2013/09/11 12:12:55 | 000,001,654 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Jens About.html
[2013/09/11 12:06:39 | 000,002,999 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Species Gallery.html
[2013/09/11 09:59:12 | 000,002,021 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Species Video.html
[2013/09/10 23:24:33 | 000,000,149 | ---- | M] () -- C:\Users\Michael Affinito\Documents\test.html
[2013/09/10 22:34:59 | 000,002,173 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Species Music.html
[2013/09/10 20:13:43 | 000,002,100 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Species Calendar.html
[2013/09/10 17:41:53 | 000,000,183 | ---- | M] () -- C:\Users\Michael Affinito\Documents\playlist.m3u
[2013/09/10 16:48:08 | 001,381,600 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Chopped up.mp3
[2013/09/10 16:47:39 | 015,219,766 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Chopped up.wav
[2013/09/10 16:40:59 | 000,000,009 | ---- | M] () -- C:\END
[2013/09/10 16:29:40 | 000,001,793 | ---- | M] () -- C:\Users\Michael Affinito\Documents\The Species.html
[2013/09/10 13:46:05 | 000,015,713 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Blood.jpg
[2013/09/10 13:19:30 | 001,411,172 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Chopped up.m4a
[2013/09/09 21:44:10 | 003,070,808 | ---- | M] (PKWARE, Inc.) -- C:\Users\Michael Affinito\Desktop\ZIPReader.exe
[2013/09/09 20:49:09 | 000,001,589 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Specie Music.html
[2013/09/09 20:48:47 | 000,001,589 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Music.html
[2013/09/09 16:00:31 | 000,000,531 | ---- | M] () -- C:\Users\Michael Affinito\Documents\html test.html
[2013/09/08 23:13:50 | 000,000,056 | ---- | M] () -- C:\Users\Michael Affinito\Documents\species style.css
[2013/09/06 10:09:20 | 000,309,261 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Project Bid 1013.pdf
[2013/09/05 16:02:01 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMA$.job

========== Files Created - No Company Name ==========

[2013/09/11 17:32:54 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/09/11 16:11:26 | 000,411,274 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Michael A Harrell Resume.pdf
[2013/09/11 12:09:30 | 000,001,654 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Jens Contact.html
[2013/09/11 12:09:12 | 000,001,654 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Jens About.html
[2013/09/11 12:08:48 | 000,002,619 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Jens Gallery.html
[2013/09/10 23:08:40 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/09/10 20:59:44 | 000,000,149 | ---- | C] () -- C:\Users\Michael Affinito\Documents\test.html
[2013/09/10 17:40:25 | 000,000,183 | ---- | C] () -- C:\Users\Michael Affinito\Documents\playlist.m3u
[2013/09/10 16:49:11 | 001,381,600 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Chopped up.mp3
[2013/09/10 16:49:03 | 015,219,766 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Chopped up.wav
[2013/09/10 16:34:18 | 000,000,009 | ---- | C] () -- C:\END
[2013/09/10 16:03:00 | 000,002,021 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Species Video.html
[2013/09/10 13:46:04 | 000,015,713 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Blood.jpg
[2013/09/10 13:20:38 | 001,411,172 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Chopped up.m4a
[2013/09/10 12:46:17 | 000,073,332 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Mike fish.JPG
[2013/09/10 11:59:44 | 001,042,251 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Grandpa Munster.JPG
[2013/09/09 23:28:17 | 002,170,519 | ---- | C] () -- C:\Users\Michael Affinito\Documents\HitchHiker.JPG
[2013/09/09 22:12:32 | 001,116,915 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Sugar High.JPG
[2013/09/09 20:50:26 | 000,002,100 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Species Calendar.html
[2013/09/09 20:49:50 | 000,002,173 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Species Music.html
[2013/09/09 20:49:09 | 000,001,589 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Specie Music.html
[2013/09/09 20:48:47 | 000,001,589 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Music.html
[2013/09/09 19:23:31 | 000,002,999 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Species Gallery.html
[2013/09/09 16:00:31 | 000,000,531 | ---- | C] () -- C:\Users\Michael Affinito\Documents\html test.html
[2013/09/08 23:13:50 | 000,000,056 | ---- | C] () -- C:\Users\Michael Affinito\Documents\species style.css
[2013/09/08 23:03:54 | 000,001,793 | ---- | C] () -- C:\Users\Michael Affinito\Documents\The Species.html
[2013/09/08 17:18:29 | 000,001,847 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Jens Web Page.html
[2013/09/05 21:14:54 | 000,309,261 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Project Bid 1013.pdf
[2012/09/24 15:56:33 | 000,786,412 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/09/06 16:31:59 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/06/14 06:09:19 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

========== ZeroAccess Check ==========

[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/09/25 11:06:19 | 000,000,000 | ---D | M] -- C:\Users\Michael Affinito\AppData\Roaming\Canneverbe Limited
[2013/09/10 16:41:35 | 000,000,000 | ---D | M] -- C:\Users\Michael Affinito\AppData\Roaming\DVDVideoSoft
[2012/09/25 09:13:02 | 000,000,000 | ---D | M] -- C:\Users\Michael Affinito\AppData\Roaming\Easy Burning Software
[2012/09/25 09:13:02 | 000,000,000 | ---D | M] -- C:\Users\Michael Affinito\AppData\Roaming\EasyBurningSoftware
[2013/09/10 16:33:46 | 000,000,000 | ---D | M] -- C:\Users\Michael Affinito\AppData\Roaming\OpenCandy
[2013/09/10 16:40:38 | 000,000,000 | ---D | M] -- C:\Users\Michael Affinito\AppData\Roaming\SearchProtect
[2012/09/01 13:48:14 | 000,000,000 | ---D | M] -- C:\Users\Michael Affinito\AppData\Roaming\Synaptics
[2013/09/11 20:51:21 | 000,000,000 | ---D | M] -- C:\Users\Michael Affinito\AppData\Roaming\Unity
[2012/09/30 15:06:01 | 000,000,000 | ---D | M] -- C:\Users\Michael Affinito\AppData\Roaming\Windows Live Writer

========== Purity Check ==========

< End of report >

OTL Extras logfile created on: 9/11/2013 9:38:22 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Michael Affinito\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.60 Gb Total Physical Memory | 1.16 Gb Available Physical Memory | 32.31% Memory free
7.21 Gb Paging File | 4.34 Gb Available in Paging File | 60.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 442.12 Gb Total Space | 363.82 Gb Free Space | 82.29% Space Free | Partition Type: NTFS
Drive D: | 19.48 Gb Total Space | 2.11 Gb Free Space | 10.85% Space Free | Partition Type: NTFS
Drive E: | 3.96 Gb Total Space | 1.08 Gb Free Space | 27.23% Space Free | Partition Type: FAT32

Computer Name: MA | User Name: Michael Affinito | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\Hewlett-Packard\HP Application Assistant\HPAA.exe %1 (Hewlett Packard Company)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\Hewlett-Packard\HP Application Assistant\HPAA.exe %1 (Hewlett Packard Company)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12485372-E6AD-4BE5-8C0C-4155A1E56ABA}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{12789139-0520-467D-8F33-AB4CF46D0D43}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{205E7830-019F-45AD-9FEC-754B780C3187}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{28618BBA-B248-47CE-A843-A727EF470957}" = lport=137 | protocol=17 | dir=in | app=system |
"{293D92EE-91DC-4929-8EBF-B2D5BF9D7C82}" = rport=137 | protocol=17 | dir=out | app=system |
"{35423435-DD88-4383-B906-52DFDB293ACE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{38668FEA-6BED-4A4A-BF44-766208170429}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3A0A0123-92CF-4C3F-A554-2AC411829617}" = lport=138 | protocol=17 | dir=in | app=system |
"{3B99F076-6F2E-4A5B-B564-85A8D5FC69B3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{430FB1BB-CAE5-48D4-828C-5EA4D4D0AD18}" = rport=10243 | protocol=6 | dir=out | app=system |
"{74CD0647-B11B-4D3E-ADAB-AE24B3A30FCE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7B6A7938-FC13-402D-AD8A-8FC8B1D4B523}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{7F5B89A8-FD20-42D6-B8C1-D338D4105610}" = rport=139 | protocol=6 | dir=out | app=system |
"{8EA9791B-2FF6-49E7-AFCA-F5F35075A0B2}" = lport=139 | protocol=6 | dir=in | app=system |
"{8F859F70-828D-4158-BA8C-75AC75FFA491}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A47580BB-27E9-49A3-94AB-695760C6379F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A9B9550E-9814-4031-BD35-52B739324B36}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BAECA16D-E263-4F00-B289-EA94DC028E36}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{BF4DCBF6-CCB1-4E21-9716-93BCE269FBA6}" = rport=445 | protocol=6 | dir=out | app=system |
"{D338A86D-2C64-4264-9EE3-AA71DDFBFA7F}" = lport=445 | protocol=6 | dir=in | app=system |
"{D3875090-2DAA-4664-8BEB-190AA8CDCBDE}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{DCF89A60-9B57-4F89-9C5F-C7D25E50A3DF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E576FC78-B68E-49EE-BFDA-5C5C346A3FCD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E6DC9085-40E8-4F5C-A60D-E09737579DFF}" = rport=138 | protocol=17 | dir=out | app=system |
"{EC64AC86-3DF0-4535-982C-4528B4A84F9E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FDC26B39-25E2-448D-9249-BF63B951D51A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02436A9E-5581-48C4-9C97-4BA8C4CFE695}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0827D08F-9696-4F83-9E51-092C497A26FD}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{088846CE-F263-4B76-AB91-2F0180BF85E1}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{09D2C572-C1EE-4EF7-85C9-B1D7A7AEAED0}" = protocol=1 | dir=in | [email protected],-28543 |
"{0AB9EA5B-0FB5-45C3-8593-1A05F0EB6CF6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1E1A4C2A-A6E1-4D05-9F41-AB54F88DBBA5}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{217B7638-B721-4397-B249-E2C709C83168}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{255A0E12-31B6-4FC2-91E9-F124F6D09615}" = protocol=1 | dir=out | [email protected],-28544 |
"{27E2AD31-D824-4E29-B7BE-68DF7061803B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{2AB61BE7-1676-4A8D-B092-A5543D0FD7EB}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2DAF37B4-2C4C-4FBA-8888-5944B1BC206F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{2DCBD813-9818-4625-BE03-6CCE93230AA1}" = dir=in | app=c:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe |
"{34769C61-53A6-4121-A16A-F762BEE454B3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3552DAEA-D92C-4FE3-875C-6DDBDB12169A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{36C56FB7-4716-471A-9D1F-553530A0EC99}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{3BCFEDB9-5ED2-4578-A843-0B7F7287B0D3}" = protocol=58 | dir=in | [email protected],-28545 |
"{4771D0A0-D5B7-467F-9E06-AA22CAACDD67}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{48E34E3F-A1CB-4688-9A5D-7C4F23372ADA}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{4AC6FA6F-4890-446D-B015-F59F27B73570}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4E8A94D1-3CB9-4DF1-9CED-3879BE5F06A0}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4F6E7579-FA07-4D4F-897F-62F463B616DF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{4FDB6569-7254-41FC-8452-699BA451A3F4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{52E41CA0-41DE-41DA-9741-7EE294092218}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
"{53190F23-EEFE-485A-9FCD-2FB65C09E0D2}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{625BD8F0-4FFF-4050-872F-652720DFE6E8}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{626FA2B7-F7D1-413B-BD74-03C8692C44BD}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{6462E1DF-58F6-4B3B-8B95-C8B4B10EA285}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{6C9939E6-3A77-458A-9A5A-7D5FA09F5C89}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{72395696-2B1F-4D53-BD7E-EBEE8267BD9A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{72C1BD35-9619-40A0-8AED-D18A194DF8E7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{8224AE4F-AC50-4D65-A918-E371EAA38C74}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{8BF6C226-5C7E-4519-98FE-805F4619E8DE}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{8CC7B177-38FC-49B4-A2C4-4AAEC52AC695}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8FB1CFFF-3CD3-4461-A21E-24C92A078285}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{94286525-1AD9-43D0-8D5B-E43E67BD35A7}" = protocol=6 | dir=out | app=system |
"{976176F4-770E-450D-B990-F8C595BC0990}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A6749648-D515-4FB3-8FC8-A0B88B8B62E6}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpdevicedetection3.exe |
"{AB4E4C9F-F548-4695-9CEB-A59E872A030B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AB946E24-BF5E-4F95-A67C-C7711A12C20A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{B1C8FCE8-2502-4BBF-A7A7-010C0EA9B90D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BCED1DC3-C50D-4FD3-A6E5-FB932370A8A8}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{BE5148B5-8283-41D8-8398-076F80B8AD80}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{BE672EC9-08A4-4612-A8C1-19316AECABD4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C1253ED8-F99D-4B06-BB4B-A882CAA69808}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{C375037D-D135-4EAE-8461-4EF0AE8B1B4C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D9F99C9D-3DFB-4259-9726-70695C95A9B8}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1637\agent.exe |
"{DC3047AD-4FA9-4816-B7E8-507428985733}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{DCD22B22-04BA-4D3B-A979-A310FE999115}" = dir=in | app=c:\program files\hp\hp deskjet 3050a j611 series\bin\devicesetup.exe |
"{E02F4D27-2D8D-4C68-A92A-7A489E583C2C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{E21AFC58-7EEE-4AAB-A609-70CF026972DD}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{E6F2F709-14EF-46A7-B820-E745A5FCC83C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E7A3AAA3-EE63-48BA-BF19-5A054E1458DF}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
"{E923E1E3-2CAD-4E5D-8B61-7809A3BAFD52}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EA0D1916-D5E7-42F0-AE36-C577F92E9245}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{EFEF23E7-EEC9-4F8D-B348-134CAC788319}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F2E84AF3-7502-44A3-821D-F7FF93F0008A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\killingfloor\system\killingfloor.exe |
"{F3EE2799-7C49-4623-84C7-4DBE13E1E98B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F9744823-EC06-41EA-90DE-67A2FCE8F19D}" = protocol=58 | dir=out | [email protected],-28546 |
"TCP Query User{3BFFD1BC-D605-4E1E-9535-462C6A6DFA1F}C:\program files (x86)\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"UDP Query User{539F0A97-2110-4D31-8D27-64691B8B281F}C:\program files (x86)\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{45DA9E62-D2BD-81D6-80FD-F57E2FEB00A8}" = AMD Fuel
"{467D5E81-8349-4892-9E81-C3674ED8E451}" = Cisco Systems VPN Client 5.0.07.0290
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{562608FE-2051-4488-BF22-8CE4C03046AC}" = HP Security Assistant
"{57DD35E9-D9BB-4089-BB05-EF933C586CB3}" = Broadcom InConcert Maestro
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FE78439-7CAA-45FE-A808-2D7A0FC98643}" = iTunes
"{6032497A-4479-462B-ADB8-A0A372BB9A23}" = HP Application Assistant
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}" = Broadcom Bluetooth Software
"{704C0303-D20C-45AF-BD2B-556EAF31BE09}" = iCloud
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
"{B3C4ADC9-637E-DDD9-A66C-782AE5E2E667}" = ATI Catalyst Install Manager
"{B636C9B9-A3F2-4DCE-ADCC-72E095018385}" = Microsoft SQL Server VSS Writer
"{BF1E75D0-E7AF-4BEA-9FBC-567F0C54BDF9}" = HP Launch Box
"{C075E733-EA9C-AAAC-A95B-0D987A3C3266}" = ccc-utility64
"{C40D6727-57FE-4671-B51A-69B0F21F44B5}" = Microsoft SQL Server Management Studio Express
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DC27906A-5898-02B7-8D19-2617A7B85E09}" = AMD Media Foundation Decoders
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FB555BCF-9202-4886-9203-88C9A210D727}" = HP Deskjet 3050A J611 series Basic Device Software
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics TouchPad Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{045D5A51-F07E-4350-8642-B85772A2876B}" = SketchUp Pro 8
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05273A09-55BF-AB2D-DD22-D98690309C28}" = CCC Help Portuguese
"{0612A263-0976-324B-BEA9-82F01CA7370F}" = CCC Help Finnish
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34866446-F784-B458-40BA-672A7D546591}" = CCC Help German
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}" = opensource
"{391E468C-D459-7278-D506-01A5CA340E97}" = CCC Help Swedish
"{39B1BCF0-5D12-A5F8-616F-F31B3355C913}" = CCC Help Danish
"{39FCC6B7-FFF5-4075-A5E8-B5CEBD54C331}" = HP Documentation
"{3F71B6A1-B563-0FC9-12A0-D9897AC6BE45}" = CCC Help Czech
"{41298BF3-DF6B-449C-BFB7-83663ECB5108}" = HP QuickWeb
"{438DE441-C9B0-AEBB-907E-3D09E620FE62}" = CCC Help Japanese
"{43D1B973-3D12-42ba-9E6E-56A8FEFF5250}" = DIRECTV Player
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{45E31E25-3F02-AFF2-EBC8-ACECE264E126}" = CCC Help Hungarian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{53B17A98-5BF0-40BC-AAFF-850A357975AC}" = HP Quick Launch
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{584413CB-336A-EC10-BDA1-210DC882895D}" = CCC Help Russian
"{58D379F7-62BC-4748-8237-FE071ECE797C}" = Microsoft SQL Server 2005 Tools
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{741006D1-7B2B-4E33-B2B0-831F282EEF64}" = Blio
"{741F5171-235B-F5B0-6590-F4BB53B76D36}" = CCC Help Dutch
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7971B0A3-2A0E-C212-257C-DF308908E62E}" = CCC Help English
"{7DDBDDCD-651C-F923-DED6-7DA7049F06CA}" = Catalyst Control Center InstallProxy
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7E799992-5DA0-4A1A-9443-B1836B063FEC}" = HP Power Manager
"{83772A97-05A6-3528-897E-097CE0A92BFF}" = CCC Help Greek
"{83B3CCC5-4C76-9873-66AD-08FF11723C90}" = CCC Help Spanish
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_BASICR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_BASICR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_BASICR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_BASICR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_BASICR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_BASICR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_BASICR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_BASICR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_BASICR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_BASICR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_BASICR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0013-0000-0000-0000000FF1CE}" = Microsoft Office Basic 2007
"{91120000-0013-0000-0000-0000000FF1CE}_BASICR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97DDCAB8-B770-4089-A10F-67568069D78A}" = HP Deskjet 3050A J611 series Help
"{983F7138-0BB4-418B-973B-84EE71001422}" = Primavera 6.0
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9EF417DB-7CAE-E311-06EE-DB828439677C}" = Catalyst Control Center Localization All
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{AD7B5622-C999-C9C8-26E4-6EEAFEC3065C}" = Catalyst Control Center Graphics Previews Common
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B0F9497C-52B4-4686-8E73-74D866BBDF59}" = Microsoft SQL Server 2005 (PRIMAVERA)
"{B1BC0AC7-EFC8-930E-474E-6EE4FAD46367}" = CCC Help Chinese Standard
"{B1E51748-B432-20BF-D875-5BE7FCB9DD0C}" = CCC Help Polish
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B86CCC49-ED61-F1C2-47E2-9A817FAAABC8}" = CCC Help Thai
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C2D4CD4A-AE20-40B3-8726-8ED1C03E8C15}" = Google Drive
"{C376EBB6-4079-197E-1A15-005FDA8CACB3}" = CCC Help Chinese Traditional
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CC5878A9-FB51-90A0-633E-65123F136283}" = AMD VISION Engine Control Center
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CDC1661D-4EEC-E4A8-4B57-96C89E97DAD7}" = CCC Help Norwegian
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFB4E432-A339-1D85-1B5D-98572E65DE95}" = CCC Help French
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = HP Recovery Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E60E35BD-8A1F-3CF9-5EB7-49DF5FACE9AD}" = CCC Help Korean
"{E96CAA2A-0244-4A2A-8403-0C3C9534778B}" = ESU for Microsoft Windows 7 SP1
"{EB38C3E0-4863-3123-9114-5BE86EC8E5C7}" = Google Talk Plugin
"{EB4CD629-A912-6D02-B562-C43EFED96680}" = CCC Help Turkish
"{ED1BD69A-07E3-418C-91F1-D856582581BF}" = HP On Screen Display
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F30403FF-0146-4633-AAC5-D5CD5C50AE70}" = Catalyst Control Center - Branding
"{F4F82474-C548-2814-32FD-34D372AC189E}" = CCC Help Italian
"{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}" = HP Setup
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.3
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"BASICR" = Microsoft Office Basic 2007
"Diablo III" = Diablo III
"Free Studio_is1" = Free Studio version 2013
"IECT3309656" = KeyBar 2.1 Toolbar for IE
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{983F7138-0BB4-418B-973B-84EE71001422}" = Primavera 6.0
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 23.0.1 (x86 en-US)" = Mozilla Firefox 23.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"SearchProtect" = Search Protect by conduit
"Steam App 1250" = Killing Floor
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WTA-04d75abf-63ed-4d1f-9755-c39c658e343b" = Poker Superstars III
"WTA-18731067-0ebf-4f05-8a81-f1b909bd9bc6" = Bejeweled 3
"WTA-28f9d177-058b-4bc1-badf-5c567b2f981e" = Plants vs. Zombies - Game of the Year
"WTA-32f15186-31b3-49d7-82e2-51ecacb89e7c" = FATE
"WTA-34fe126c-f607-49c2-bef1-da4d89eae246" = John Deere Drive Green
"WTA-37a8a6c7-cc87-457b-9c87-e66364a41401" = Farm Frenzy
"WTA-3d1eb84a-acc1-4297-be4a-30da9c2580cf" = Polar Golfer
"WTA-4cd444fc-c44e-41f9-94e3-bfe4a473b3a1" = Virtual Villagers 4 - The Tree of Life
"WTA-4d4673cd-82ab-4d47-9fa2-26d012c035a1" = RollerCoaster Tycoon 3: Platinum
"WTA-4f8d6ce1-c3a1-4350-88f5-0f971b14fdd5" = Cradle of Rome 2
"WTA-4fb4bf30-5f9e-42d8-8927-33e9db7db9a8" = Torchlight
"WTA-641cee75-d9df-47ff-8390-82b05ec507b6" = Dora's World Adventure
"WTA-68130830-3f2e-4876-922f-33bb7c649597" = Zuma's Revenge
"WTA-7268b3d8-8f92-44cb-bf49-d452ddd37e3d" = Hoyle Card Games
"WTA-764b173b-40c4-4248-91eb-bc4a6772a32d" = Jewel Quest Mysteries: The Seventh Gate Collector's Edition
"WTA-7a39f062-ad78-4681-8cba-1045fb524db2" = Chuzzle Deluxe
"WTA-97af4e4a-5905-4702-acd8-dadf83eb002d" = Farmscapes
"WTA-a45595e6-854a-44fe-a462-2186a2fad86e" = Luxor HD
"WTA-a6250714-9168-4318-bb4d-99f334c0b191" = Final Drive Fury
"WTA-b2666182-f787-4701-a8e8-e57bb7d368ab" = Mah Jong Medley
"WTA-c346b29c-0300-4bf7-b248-fcdef0ce3e30" = Jewel Match 3
"WTA-d9568f83-0331-482c-9671-67da1f1a67f1" = Letters from Nowhere 2
"WTA-e6542445-e145-4da9-b4db-fe4c5589ecb3" = Polar Bowler
"WTA-e99f12a0-14dc-43c6-9766-06f25d6f4a65" = Penguins!
"WTA-eba654d1-57ca-4b4b-9f5a-1ae4c37133fb" = The Treasures of Mystery Island: The Ghost Ship
"WTA-f21c7e79-6d63-431c-8123-6b2f86989d35" = Blackhawk Striker 2

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Screencast-O-Matic" = Screencast-O-Matic
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6/12/2013 4:21:25 AM | Computer Name = MA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2325

Error - 6/12/2013 4:21:26 AM | Computer Name = MA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 6/12/2013 4:21:26 AM | Computer Name = MA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3323

Error - 6/12/2013 4:21:26 AM | Computer Name = MA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3323

Error - 6/12/2013 4:21:27 AM | Computer Name = MA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 6/12/2013 4:21:27 AM | Computer Name = MA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4399

Error - 6/12/2013 4:21:27 AM | Computer Name = MA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4399

Error - 6/12/2013 4:21:28 AM | Computer Name = MA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 6/12/2013 4:21:28 AM | Computer Name = MA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5398

Error - 6/12/2013 4:21:28 AM | Computer Name = MA | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5398

[ Hewlett-Packard Events ]
Error - 10/24/2012 4:38:59 AM | Computer Name = MA | Source = HPSF.exe | ID = 4000
Description =

Error - 10/24/2012 4:40:54 AM | Computer Name = MA | Source = HPSF.exe | ID = 4000
Description =

Error - 10/24/2012 4:41:16 AM | Computer Name = MA | Source = HPSF.exe | ID = 4000
Description =

Error - 10/29/2012 1:22:28 AM | Computer Name = MA | Source = HPSF.exe | ID = 4000
Description =

Error - 11/4/2012 3:34:51 PM | Computer Name = MA | Source = HPSF.exe | ID = 4000
Description =

Error - 11/4/2012 8:57:32 PM | Computer Name = MA | Source = HPSF.exe | ID = 4000
Description =

Error - 11/4/2012 8:59:14 PM | Computer Name = MA | Source = HPSF.exe | ID = 4000
Description =

Error - 11/11/2012 4:19:30 PM | Computer Name = MA | Source = HPSF.exe | ID = 4000
Description =

Error - 11/20/2012 3:28:34 PM | Computer Name = MA | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 3690
Ram
Utilization: 50 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()

Error - 11/22/2012 6:42:53 AM | Computer Name = MA | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 3690
Ram
Utilization: TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()

[ HP Software Framework Events ]
Error - 9/10/2012 1:35:31 PM | Computer Name = MA | Source = CaslWmi | ID = 5
Description = 2012/09/10 10:35:31.874|000008B8|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 9/16/2012 2:51:08 PM | Computer Name = MA | Source = CaslWmi | ID = 5
Description = 2012/09/16 11:51:08.942|000005B0|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 9/23/2012 6:24:45 PM | Computer Name = MA | Source = CaslWmi | ID = 5
Description = 2012/09/23 15:24:45.019|00001C74|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 10/1/2012 3:30:27 AM | Computer Name = MA | Source = CaslWmi | ID = 5
Description = 2012/10/01 00:30:27.044|00000FF0|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 10/8/2012 3:54:45 AM | Computer Name = MA | Source = CaslWmi | ID = 5
Description = 2012/10/08 00:54:45.865|00000D80|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 10/14/2012 7:16:52 PM | Computer Name = MA | Source = CaslWmi | ID = 5
Description = 2012/10/14 16:16:52.667|00001CF0|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 10/14/2012 7:19:31 PM | Computer Name = MA | Source = CaslWmi | ID = 5
Description = 2012/10/14 16:19:31.103|00001268|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 10/24/2012 2:58:50 AM | Computer Name = MA | Source = CaslWmi | ID = 5
Description = 2012/10/23 23:58:50.069|00002024|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 10/24/2012 2:59:03 AM | Computer Name = MA | Source = CaslWmi | ID = 5
Description = 2012/10/23 23:59:03.008|00002134|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

Error - 11/4/2012 3:35:14 PM | Computer Name = MA | Source = CaslWmi | ID = 5
Description = 2012/11/04 11:35:14.513|00000EC0|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state

[ OSession Events ]
Error - 3/4/2013 3:26:58 PM | Computer Name = MA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 137
seconds with 120 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 5/10/2013 12:43:37 PM | Computer Name = MA | Source = DCOM | ID = 10010
Description =

Error - 5/20/2013 3:15:50 PM | Computer Name = MA | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x800f0902: Security Update for Internet Explorer 9 for Windows 7 for
x64-based Systems (KB2847204).

Error - 5/20/2013 3:46:00 PM | Computer Name = MA | Source = DCOM | ID = 10010
Description =

Error - 5/25/2013 1:24:27 PM | Computer Name = MA | Source = DCOM | ID = 10010
Description =

Error - 5/26/2013 6:27:57 AM | Computer Name = MA | Source = DCOM | ID = 10010
Description =

Error - 5/26/2013 3:28:08 PM | Computer Name = MA | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Steam
Client Service service to connect.

Error - 5/26/2013 3:28:08 PM | Computer Name = MA | Source = Service Control Manager | ID = 7000
Description = The Steam Client Service service failed to start due to the following
error: %%1053

Error - 5/30/2013 5:14:46 PM | Computer Name = MA | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.

Error - 6/2/2013 9:45:15 PM | Computer Name = MA | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ShellHWDetection service.

Error - 6/4/2013 8:45:31 PM | Computer Name = MA | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ShellHWDetection service.

< End of report >

#4
23red

Posted 13 September 2013 - 10:33 AM

Trusted Helper

Malware Removal
1,797 posts

Hi mikey1988

First, can you please move OTL to your Desktop. It works best from there. Thanks!

Let's get started:

Step 1.
Uninstall Programs

Please go to Start ~> Control Panel ~> Programs and Features and remove the following if present:

KeyBar 2.1 Toolbar for IE
SearchProtect" = Search Protect by conduit
Anything you see with Conduit or Search Protect in the title

Step 2.
OTL Fix

Please right click on Posted Image

Run as Administrator, accept UAC prompts.

Under Posted Image

in the textbox at the bottom, please paste in the following text:

:Commands
[CreateRestorePoint]
:OTL
PRC - [2013/05/07 23:18:34 | 000,097,056 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
PRC - [2013/05/07 23:18:34 | 002,852,640 | ---- | M] (Conduit) -- C:\Users\Michael Affinito\AppData\Roaming\SearchProtect\bin\cltmng.exe
SRV - [2013/05/07 23:18:34 | 000,097,056 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe -- (CltMngSvc)
IE:64bit: - HKLM\..\SearchScopes\{2304FA72-8CF7-46CD-8FC8-45EF9A14010F}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=CPNTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=CPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKLM\..\URLSearchHook: {cef81415-2059-4dd5-9829-1aef3cf27f4f} - C:\Program Files (x86)\KeyBar_2.1\prxtbKeyB.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {60C1105D-7552-4607-87CA-E9DC56C83965}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/...q={searchTerms}
IE - HKLM\..\SearchScopes\{2304FA72-8CF7-46CD-8FC8-45EF9A14010F}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=CPNTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=CPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT3309656
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/...q={searchTerms}
IE - HKCU\..\URLSearchHook: {cef81415-2059-4dd5-9829-1aef3cf27f4f} - C:\Program Files (x86)\KeyBar_2.1\prxtbKeyB.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {60C1105D-7552-4607-87CA-E9DC56C83965}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/...q={searchTerms}
IE - HKCU\..\SearchScopes\{60C1105D-7552-4607-87CA-E9DC56C83965}: "URL" = http://search.condui...4171077116&UM=2
FF - prefs.js..browser.search.defaultthis.engineName: "KeyBar 2.1 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..keyword.URL: "http://search.condui...214323&UM=2&q="
[2013/09/10 16:47:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions
[2013/09/10 16:47:12 | 000,000,000 | ---D | M] (KeyBar 2.1) -- C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}
[2013/09/10 16:35:27 | 000,000,997 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\searchplugins\conduit.xml
[2012/09/25 12:27:30 | 000,002,399 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\searchplugins\Web Search.xml
CHR - Extension: KeyBar 2.1 = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\
O2 - BHO: (KeyBar 2.1 Toolbar) - {cef81415-2059-4dd5-9829-1aef3cf27f4f} - C:\Program Files (x86)\KeyBar_2.1\prxtbKeyB.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (KeyBar 2.1 Toolbar) - {cef81415-2059-4dd5-9829-1aef3cf27f4f} - C:\Program Files (x86)\KeyBar_2.1\prxtbKeyB.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (KeyBar 2.1 Toolbar) - {CEF81415-2059-4DD5-9829-1AEF3CF27F4F} - C:\Program Files (x86)\KeyBar_2.1\prxtbKeyB.dll (Conduit Ltd.)
O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKCU..\Run: [3EF6D3D0B6181F6F56C815FC740FC4D5133DA3D4._service_run] "C:\Users\Michael Affinito\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service File not found
O4 - HKCU..\Run: [ConduitFloatingPlugin_ihogoofdaifgdkdilopkeahfcnifkajn] C:\Program Files (x86)\Conduit\CT3309656\plugins\TBVerifier.dll (Conduit Ltd.)
[2013/09/10 16:40:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Conduit
[2013/09/10 16:40:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeyBar_2.1
[2013/09/10 16:40:10 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Local\Conduit
[2013/09/10 16:38:31 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Local\CRE
[2013/09/10 16:38:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2013/09/10 16:36:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
[2013/09/10 16:35:29 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Roaming\SearchProtect
[2013/09/10 14:16:53 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Local\{5F3918AF-4D5C-4019-957B-36FC02CEBE18}
[2013/09/10 16:40:59 | 000,000,009 | ---- | M] () -- C:\END
:Files
C:\Program Files (x86)\SearchProtect

Step 3.
ADWCleaner

Please download AdwCleaner from here to your Desktop.

• Right click the Posted Image

and chooseRun as Administrator

• Once it opens Posted Image

• Click the Scan button

• Let AdwCleaner run thru.....

• Once scan completes, it will open a window as such:

Posted Image

• Select

• It will remove all it finds.

• Once done it will ask to reboot, please allow this...

• On reboot a log will be produced for you open on your desktop. It is also copied to C:\ADWCleaner[XX].txt. Please post the log in your next post.

Step 4.
Junkware Removal Tool

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts before you start.

• Run the tool by double-clicking it. Note: If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select Run as Administrator

• The tool will open and start scanning your system, after you press any key to start

Posted Image

Please post the log it produces as well.

Step 5.
Fresh OTL Scan

• Please right click on Posted Image

Run as Administrator, accept UAC prompts.

• Make sure all other windows are closed and to let it run uninterrupted.

• Please check the box next to Scan All Users.

• Please also check the boxes next to Purity Check and Lop Check

• Under Posted Image

in the textbox at the bottom, please paste in the following text:

netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
dir C:\ /S /A:L /C
[CREATERESTOREPOINT]

•Click the Posted Image

button. Do not change any settings unless otherwise told to do so. The scan wont take long.

•When the scan completes, it will open a notepad window ~ OTL.Txt. This is saved in the same location as OTL ~ Desktop

•Please copy (Edit ~> Select All, Edit ~> Copy) the log in your next reply.

Step 6.
SecurityCheck by Screen317:

Please then download Security Check by screen317.

•Save it to your Desktop.

•Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.

•A Notepad document should open automatically called checkup.txt; please also post the contents of that document.

When you return, please:
1. ADWCleaner log
2. JRT log
3. OTL fix log
4. Fresh OTL log
5. SecurityCheck Log
6. Please let me know what issues you are currently experiencing.

#5
mikey1988

Posted 13 September 2013 - 02:00 PM

Member

Topic Starter
Member
13 posts

Thanks 23red nothing seems to be going awry now. The security check log was aborted it said this was an unsupported operating system. Here's my log files in order.

First Heres the AWD Cleaner report

# AdwCleaner v3.003 - Report created 13/09/2013 at 10:54:32
# Updated 07/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Michael Affinito - MA
# Running from : C:\Users\Michael Affinito\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\MICHAE~1\AppData\Local\Temp\Smartbar
Folder Deleted : C:\Users\Michael Affinito\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Michael Affinito\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Michael Affinito\AppData\LocalLow\KeyBar_2.1
Folder Deleted : C:\Users\Michael Affinito\AppData\Roaming\OpenCandy

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3309656
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{81E5A932-9182-43BE-AD98-0137FC7D8FFD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CEF81415-2059-4DD5-9829-1AEF3CF27F4F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{81E5A932-9182-43BE-AD98-0137FC7D8FFD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CEF81415-2059-4DD5-9829-1AEF3CF27F4F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{81E5A932-9182-43BE-AD98-0137FC7D8FFD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83FFF945-BD52-4E51-8DA0-A66887D202A2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5C2A8A4-709A-4CAC-A4E5-811397FC0708}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\KeyBar_2.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Description
Key Deleted : HKLM\Software\KeyBar_2.1

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v23.0.1 (en-US)

[ File : C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\prefs.js ]

Line Deleted : user_pref("CT3309656.FF19Solved", "true");
Line Deleted : user_pref("CT3309656.UserID", "UN23768064989214323");
Line Deleted : user_pref("CT3309656.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3309656.fullUserID", "UN23768064989214323.IN.20130910163515");
Line Deleted : user_pref("CT3309656.installDate", "10/09/2013 16:35:24");
Line Deleted : user_pref("CT3309656.installSessionId", "{BEB5D3C0-6C38-442C-AB63-05E12323F07C}");
Line Deleted : user_pref("CT3309656.installSp", "TRUE");
Line Deleted : user_pref("CT3309656.installerVersion", "1.6.1.2");
Line Deleted : user_pref("CT3309656.keyword", "true");
Line Deleted : user_pref("CT3309656.originalHomepage", "hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=US&userid=2d8f4abf-0f7b-4fa7-93d9-e44969674688&searchtype=hp");
Line Deleted : user_pref("CT3309656.originalSearchAddressUrl", "hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=US&userid=2d8f4abf-0f7b-4fa7-93d9-e44969674688&searchtype=ds&q=");
Line Deleted : user_pref("CT3309656.originalSearchEngine", "");
Line Deleted : user_pref("CT3309656.originalSearchEngineName", "");
Line Deleted : user_pref("CT3309656.searchRevert", "false");
Line Deleted : user_pref("CT3309656.searchUserMode", "2");
Line Deleted : user_pref("CT3309656.smartbar.homepage", "true");
Line Deleted : user_pref("CT3309656.versionFromInstaller", "10.20.0.13");
Line Deleted : user_pref("CT3309656.xpeMode", "0");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3309656&octid=CT3309656&SearchSource=61&CUI=UN23768064989214323&UM=2&UP=SPF84C43BD-E32B-4F1D-A6FA-4C8957AB0FA8");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=US&userid=2d8f4abf-0f7b-4fa7-93d9-e44969674688&searchtype=ds&q=");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3309656&octid=CT3309656&SearchSource=61&CUI=UN23768064989214323&UM=2&UP=SPF84C43BD-E32B-4F1D-A6FA-4C8957AB0FA8");
Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3309656");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3309656&CUI=UN23768064989214323&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3309656&octid=CT3309656&SearchSource[...]
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3309656&SearchSource=2&CUI=UN23768064989214323&UM=2&q=");
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3309656");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3309656");
Line Deleted : user_pref("smartbar.machineId", "WEVJIYVSLREVD3F7UJV5ID4JIVIXCEIFYZVM+KSJSGYKUBSKQA7SOPNU+NKMT1NCKYJ12RMJWEL8VEJKXSMYFG");
Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3309656&CUI=UN23768064989214323&UM=2&SearchSource=13");

-\\ Google Chrome v

[ File : C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [7854 octets] - [13/09/2013 10:49:44]
AdwCleaner[S0].txt - [7346 octets] - [13/09/2013 10:54:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7406 octets] ##########

Here's the JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.0 (09.12.2013:1)
OS: Windows 7 Home Premium x64
Ran by Michael Affinito on Fri 09/13/2013 at 11:05:19.38
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}

~~~ Files

~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Michael Affinito\appdata\local\{027B1235-245C-4804-8293-4CAC2586C680}
Successfully deleted: [Empty Folder] C:\Users\Michael Affinito\appdata\local\{2A7B2791-4187-4D3D-992E-039BD1296D32}
Successfully deleted: [Empty Folder] C:\Users\Michael Affinito\appdata\local\{43CD0D62-9290-4C6F-94D9-75EC548D5689}
Successfully deleted: [Empty Folder] C:\Users\Michael Affinito\appdata\local\{4DEBF4B9-0A4D-4BFE-93E9-37A9174C5CA7}
Successfully deleted: [Empty Folder] C:\Users\Michael Affinito\appdata\local\{5D2358F4-15D6-4125-9176-CF7CC567E7E5}
Successfully deleted: [Empty Folder] C:\Users\Michael Affinito\appdata\local\{BD5EA1C6-2BF7-49E0-9873-D8ECEAE3B56E}
Successfully deleted: [Empty Folder] C:\Users\Michael Affinito\appdata\local\{CF6DF390-FB3B-48E5-BDB1-D8912B3D875D}

~~~ FireFox

Emptied folder: C:\Users\Michael Affinito\AppData\Roaming\mozilla\firefox\profiles\zmrlwlpe.default\minidumps [5 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 09/13/2013 at 11:21:39.23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Here's the OTL fix log

========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
No active process named CltMngSvc.exe was found!
No active process named cltmng.exe was found!
Error: No service named CltMngSvc was found to stop!
Service\Driver key CltMngSvc not found.
File C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2304FA72-8CF7-46CD-8FC8-45EF9A14010F}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2304FA72-8CF7-46CD-8FC8-45EF9A14010F}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d43b3890-80c7-4010-a95d-1e77b5924dc3}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{cef81415-2059-4dd5-9829-1aef3cf27f4f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\ deleted successfully.
C:\Program Files (x86)\KeyBar_2.1\prxtbKeyB.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2304FA72-8CF7-46CD-8FC8-45EF9A14010F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2304FA72-8CF7-46CD-8FC8-45EF9A14010F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d43b3890-80c7-4010-a95d-1e77b5924dc3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{cef81415-2059-4dd5-9829-1aef3cf27f4f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\ not found.
File C:\Program Files (x86)\KeyBar_2.1\prxtbKeyB.dll not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{60C1105D-7552-4607-87CA-E9DC56C83965}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{60C1105D-7552-4607-87CA-E9DC56C83965}\ not found.
Prefs.js: "KeyBar 2.1 Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.condui...={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "http://search.condui...214323&UM=2&q=" removed from keyword.URL
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\Plugins folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\modules folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\META-INF folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\lib folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\defaults\preferences folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\defaults folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\components folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\sl folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\lib\jquery.jscrollpane folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\lib\jquery.alerts\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\lib\jquery.alerts folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\lib folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\core folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\WEATHER\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\WEATHER\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\WEATHER folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\TWITTER\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\TWITTER\img folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\TWITTER folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\SEARCH\view\style folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\SEARCH\view\script folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\SEARCH\view folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\SEARCH\resources folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\SEARCH\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\SEARCH\Css folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\SEARCH\buildSettings folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\SEARCH folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\PRICE_GONG\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\PRICE_GONG\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\Optimizer\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\Optimizer folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\NOTIFICATION\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\NOTIFICATION\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\MULTI_RSS\img folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\MULTI_RSS\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ui\menu\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ui\menu\img folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ui\menu\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ui\menu folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ui\gf\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ui\gf\img folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ui\gf\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ui\gf folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ui\gadgetFrame folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ui\dlg\ftd\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ui\dlg\ftd folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ui\dlg folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ui folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\sp\spsd\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\sp\spsd folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\sp\spbd\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\sp\spbd folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\sp\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\sp folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\options\js\resources folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\options\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\options\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\options\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\options folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\msd folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\api folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ac\res folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ac\img folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ac\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ac folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\aboutBox\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\aboutBox\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\aboutBox folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\logic\uninstall\dialog\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\logic\uninstall\dialog\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\logic\uninstall\dialog\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\logic\uninstall\dialog folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\logic\uninstall folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\logic folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656 folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f} folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions folder moved successfully.
Folder C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\ not found.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\searchplugins\conduit.xml moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\searchplugins\Web Search.xml moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\_locales\en folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\_locales folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\toolbarImages folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\sl folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\lib\jquery.jscrollpane folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\lib\jquery.alerts\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\lib\jquery.alerts folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\lib folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\core folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\WEATHER\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\WEATHER\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\WEATHER folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\TWITTER\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\TWITTER\img folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\TWITTER folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\SEARCH\view\style folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\SEARCH\view\script folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\SEARCH\view folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\SEARCH\resources folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\SEARCH\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\SEARCH\Css folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\SEARCH\buildSettings folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\SEARCH folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\RADIO_PLAYER\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\PRICE_GONG\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\PRICE_GONG\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\Optimizer\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\Optimizer folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\NOTIFICATION\images\light folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\NOTIFICATION\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\NOTIFICATION\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\MULTI_RSS\img folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\MULTI_RSS\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\HIGHLIGHTER\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ui\menu\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ui\menu\img folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ui\menu\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ui\menu folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ui\gf\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ui\gf\img folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ui\gf\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ui\gf folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ui\gadgetFrame folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ui\dlg\ftd\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ui\dlg\ftd folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ui\dlg folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ui folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\sp\spsd\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\sp\spsd folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\sp\spbd\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\sp\spbd folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\sp\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\sp folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\options\js\resources folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\options\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\options\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\options\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\options folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\msd folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\api folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ac\res folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ac\img folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ac\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ac folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\aboutBox\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\aboutBox\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\aboutBox folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\Search\plugins folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\Search\NewTabPages\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\Search\NewTabPages\img folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\Search\NewTabPages\html folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\Search\NewTabPages\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\Search\NewTabPages\API folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\Search\NewTabPages folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\Search\html folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\Search folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\plugins folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\js\toolbarAPI folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\js\tabs\back folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\js\tabs folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\js\options folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\js\lib folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0 folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\ not found.
File C:\Program Files (x86)\KeyBar_2.1\prxtbKeyB.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{cef81415-2059-4dd5-9829-1aef3cf27f4f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\ not found.
File C:\Program Files (x86)\KeyBar_2.1\prxtbKeyB.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CEF81415-2059-4DD5-9829-1AEF3CF27F4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CEF81415-2059-4DD5-9829-1AEF3CF27F4F}\ not found.
File C:\Program Files (x86)\KeyBar_2.1\prxtbKeyB.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtectAll not found.
File C:\Program Files (x86)\SearchProtect\bin\cltmng.exe not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\3EF6D3D0B6181F6F56C815FC740FC4D5133DA3D4._service_run deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ConduitFloatingPlugin_ihogoofdaifgdkdilopkeahfcnifkajn deleted successfully.
C:\Program Files (x86)\Conduit\CT3309656\plugins\TBVerifier.dll moved successfully.
C:\ProgramData\Conduit\IE\CT3309656 folder moved successfully.
C:\ProgramData\Conduit\IE folder moved successfully.
C:\ProgramData\Conduit folder moved successfully.
C:\Program Files (x86)\KeyBar_2.1 folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Conduit\CT3309656 folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Conduit folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\CRE folder moved successfully.
C:\Program Files (x86)\Conduit\CT3309656\plugins folder moved successfully.
C:\Program Files (x86)\Conduit\CT3309656 folder moved successfully.
C:\Program Files (x86)\Conduit\Community Alerts folder moved successfully.
C:\Program Files (x86)\Conduit folder moved successfully.
Folder C:\Program Files (x86)\SearchProtect\ not found.
C:\Users\Michael Affinito\AppData\Roaming\SearchProtect\ffprotect\Dialogs folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\SearchProtect\ffprotect folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\SearchProtect folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\{5F3918AF-4D5C-4019-957B-36FC02CEBE18} folder moved successfully.
C:\END moved successfully.
========== FILES ==========
File\Folder C:\Program Files (x86)\SearchProtect not found.

OTL by OldTimer - Version 3.2.69.0 log created on 09132013_104229

Here's a fresh OTL scan

OTL logfile created on: 9/13/2013 11:27:51 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Michael Affinito\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.60 Gb Total Physical Memory | 2.26 Gb Available Physical Memory | 62.72% Memory free
7.21 Gb Paging File | 5.57 Gb Available in Paging File | 77.27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 442.12 Gb Total Space | 364.20 Gb Free Space | 82.38% Space Free | Partition Type: NTFS
Drive D: | 19.48 Gb Total Space | 2.11 Gb Free Space | 10.85% Space Free | Partition Type: NTFS
Drive E: | 3.96 Gb Total Space | 1.08 Gb Free Space | 27.23% Space Free | Partition Type: FAT32

Computer Name: MA | User Name: Michael Affinito | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/09/11 21:37:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Michael Affinito\Desktop\OTL.exe
PRC - [2013/09/10 17:40:43 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/08/14 11:10:26 | 003,291,008 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/06/27 16:11:08 | 020,097,696 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2013/05/11 03:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/10/15 15:37:42 | 000,525,240 | ---- | M] (NDS Technologies) -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
PRC - [2012/10/15 15:37:38 | 006,442,920 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
PRC - [2012/08/10 16:48:50 | 000,197,536 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2012/03/05 13:38:38 | 000,578,944 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2012/03/05 13:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/10/06 19:19:16 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/09/29 12:33:42 | 000,169,528 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
PRC - [2011/09/20 11:53:26 | 000,148,768 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
PRC - [2011/08/19 14:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2010/12/27 16:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
PRC - [2010/12/10 18:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2010/03/26 03:07:42 | 000,091,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\msftesql.exe
PRC - [2010/03/23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2007/03/30 18:59:16 | 000,673,280 | ---- | M] () -- C:\Program Files (x86)\Common Files\Primavera Common\BackgroundAgent\PrmBackgroundAgent.exe

========== Modules (No Company Name) ==========

MOD - [2013/09/13 10:58:17 | 000,128,512 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\_elementtree.pyd
MOD - [2013/09/13 10:58:16 | 000,557,056 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\pysqlite2._sqlite.pyd
MOD - [2013/09/13 10:58:16 | 000,320,512 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\win32com.shell.shell.pyd
MOD - [2013/09/13 10:58:16 | 000,098,816 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\win32api.pyd
MOD - [2013/09/13 10:58:16 | 000,044,032 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\_socket.pyd
MOD - [2013/09/13 10:58:16 | 000,026,624 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\_multiprocessing.pyd
MOD - [2013/09/13 10:58:16 | 000,022,528 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\win32ts.pyd
MOD - [2013/09/13 10:58:15 | 000,805,888 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\wx._gdi_.pyd
MOD - [2013/09/13 10:58:15 | 000,070,656 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\wx._html2.pyd
MOD - [2013/09/13 10:58:15 | 000,011,264 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\win32crypt.pyd
MOD - [2013/09/13 10:58:14 | 000,504,832 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\windows._cacheinvalidation.pyd
MOD - [2013/09/13 10:58:14 | 000,364,544 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\pythoncom27.dll
MOD - [2013/09/13 10:58:14 | 000,087,040 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\_ctypes.pyd
MOD - [2013/09/13 10:58:14 | 000,017,408 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\win32profile.pyd
MOD - [2013/09/13 10:58:13 | 000,735,232 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\wx._misc_.pyd
MOD - [2013/09/13 10:58:13 | 000,110,080 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\PyWinTypes27.dll
MOD - [2013/09/13 10:58:12 | 001,175,040 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\wx._core_.pyd
MOD - [2013/09/13 10:58:12 | 000,108,544 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\win32security.pyd
MOD - [2013/09/13 10:58:11 | 001,153,024 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\_ssl.pyd
MOD - [2013/09/13 10:58:11 | 000,811,008 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\wx._windows_.pyd
MOD - [2013/09/13 10:58:11 | 000,711,680 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\_hashlib.pyd
MOD - [2013/09/13 10:58:11 | 000,122,368 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\wx._wizard.pyd
MOD - [2013/09/13 10:58:11 | 000,119,808 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\win32file.pyd
MOD - [2013/09/13 10:58:11 | 000,035,840 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\win32process.pyd
MOD - [2013/09/13 10:58:11 | 000,025,600 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\win32pdh.pyd
MOD - [2013/09/13 10:58:10 | 001,062,400 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\wx._controls_.pyd
MOD - [2013/09/13 10:58:10 | 000,686,080 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\unicodedata.pyd
MOD - [2013/09/13 10:58:10 | 000,127,488 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\pyexpat.pyd
MOD - [2013/09/13 10:58:10 | 000,038,912 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\win32inet.pyd
MOD - [2013/09/13 10:58:10 | 000,018,432 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\win32event.pyd
MOD - [2013/09/13 10:58:10 | 000,010,240 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\Temp\_MEI37802\select.pyd
MOD - [2013/09/10 17:40:39 | 003,551,640 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/09/07 04:10:05 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2012/10/15 15:39:00 | 000,091,536 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\z.dll
MOD - [2012/10/15 15:38:54 | 000,273,824 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\ndsLogStore.dll
MOD - [2012/10/15 15:38:52 | 001,402,784 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\libxml2-2.dll
MOD - [2012/10/15 15:38:34 | 000,688,560 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\libgstreamer-0.10.dll
MOD - [2012/10/15 15:37:54 | 007,123,880 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\gsttspplugin.dll
MOD - [2012/10/15 15:37:38 | 006,442,920 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
MOD - [2012/10/15 15:37:32 | 002,203,048 | ---- | M] () -- C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\DrmSingleton.dll
MOD - [2012/05/30 20:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/05/30 20:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/05/23 13:12:02 | 000,143,120 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2011/09/20 11:52:38 | 001,085,216 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2011/07/06 00:08:26 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/07/05 11:27:04 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010/10/11 02:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/11/17 19:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2013/09/11 12:19:53 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/10 17:40:41 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/08/28 14:47:18 | 000,563,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/08/14 11:10:26 | 003,291,008 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/06/21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/05/11 03:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/27 12:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/08/10 16:48:50 | 000,197,536 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2012/03/05 13:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/12/27 16:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2010/12/10 18:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$PRIMAVERA)
SRV - [2010/10/12 10:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/26 03:07:42 | 000,091,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\MSSQL\Primavera\MSSQL.1\MSSQL\Binn\msftesql.exe -- (msftesql$PRIMAVERA)
SRV - [2010/03/23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/03/30 18:59:16 | 000,673,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Primavera Common\BackgroundAgent\PrmBackgroundAgent.exe -- (PrmBackAgent)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/06/14 05:58:23 | 004,729,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/14 13:11:03 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/10/14 13:11:03 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/09/20 18:36:50 | 000,620,584 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2011/09/20 18:36:50 | 000,133,672 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
DRV:64bit: - [2011/09/20 18:36:50 | 000,089,640 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwdpan.sys -- (BTWDPAN)
DRV:64bit: - [2011/09/20 18:36:44 | 000,178,728 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011/09/20 18:36:44 | 000,167,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2011/09/20 18:36:44 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2011/09/20 18:36:44 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011/08/19 12:29:32 | 000,391,728 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/07/22 09:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 14:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/07/06 00:50:28 | 009,359,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/07/05 23:32:20 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/04/16 03:37:50 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/04/16 03:37:50 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011/03/05 00:16:20 | 000,436,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/02/15 11:37:10 | 000,335,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2010/12/16 12:06:46 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/20 20:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 20:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010/11/20 20:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 20:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 20:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/07/28 09:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/03/23 13:29:46 | 000,304,784 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010/02/08 08:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 14:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 14:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 14:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 13:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/11/16 18:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2983651559-1869103183-3296704676-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-2983651559-1869103183-3296704676-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-2983651559-1869103183-3296704676-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-2983651559-1869103183-3296704676-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-2983651559-1869103183-3296704676-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKU\S-1-5-21-2983651559-1869103183-3296704676-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\S-1-5-21-2983651559-1869103183-3296704676-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2983651559-1869103183-3296704676-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2983651559-1869103183-3296704676-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nds.com/PCShowPlugin: C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\npPCShowPlugin.dll File not found
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Michael Affinito\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Michael Affinito\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Michael Affinito\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Michael Affinito\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Michael Affinito\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Michael Affinito\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/09/10 17:40:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/09/10 17:40:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/09/01 16:27:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Extensions
[2013/09/10 17:40:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/09/10 17:40:12 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/09/10 17:40:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/09/10 17:40:11 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/09/10 17:40:46 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\Application\29.0.1547.66\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Michael Affinito\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: Untitled = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\kinnkbkddbidjhimllaahodhenbnibin\1.0_0\
CHR - Extension: FVD Video Downloader = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.4.1_0\
CHR - Extension: Skype Click to Call = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.11.0.13348_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\

O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPQuickWebProxy] C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2983651559-1869103183-3296704676-1001..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-2983651559-1869103183-3296704676-1001..\Run: [PCShowServer] C:\Users\Michael Affinito\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe (NDS Technologies)
O4 - HKU\S-1-5-21-2983651559-1869103183-3296704676-1001..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-2983651559-1869103183-3296704676-1001..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2983651559-1869103183-3296704676-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://hp.digitalriv..._US&keywords=%w
O7 - HKU\S-1-5-21-2983651559-1869103183-3296704676-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Find Software on HP Download Store (Microsoft Corporation)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F550CDCD-3F56-4B09-B1EF-FCC1965CF8B8}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{71cd55f7-07fb-11e2-8c32-c01885d0907c}\Shell - "" = AutoRun
O33 - MountPoints2\{71cd55f7-07fb-11e2-8c32-c01885d0907c}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[CREATERESTOREPOINT]
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/09/13 11:05:13 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/09/13 11:02:48 | 001,029,509 | ---- | C] (Thisisu) -- C:\Users\Michael Affinito\Desktop\JRT.exe
[2013/09/13 10:48:20 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/09/13 10:42:29 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/09/11 21:36:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Michael Affinito\Desktop\OTL.exe
[2013/09/11 20:51:21 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Roaming\Unity
[2013/09/11 20:41:09 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Local\Unity
[2013/09/11 17:33:28 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Roaming\SUPERAntiSpyware.com
[2013/09/11 17:32:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013/09/11 17:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2013/09/11 17:32:48 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/09/11 14:40:47 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/09/11 14:40:46 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/09/11 14:40:44 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/09/11 14:40:44 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/09/11 14:40:44 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/09/11 14:40:44 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/09/11 14:40:44 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/09/11 14:40:43 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/09/11 14:40:43 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/09/11 14:40:43 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/09/11 14:40:43 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/09/11 14:40:40 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/09/11 14:40:39 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/09/11 14:40:39 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/09/11 14:40:38 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/09/10 17:40:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/09/10 16:44:20 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\Documents\chopped up
[2013/09/10 16:40:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2013/09/10 16:33:46 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Roaming\DVDVideoSoft
[2013/09/10 16:33:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2013/09/10 16:33:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2013/09/10 16:31:55 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Local\Programs
[2013/09/10 15:47:46 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2013/09/10 15:47:33 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/09/10 15:47:31 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/09/10 15:47:30 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/09/10 15:47:30 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/09/10 15:47:28 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013/09/10 15:47:27 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/09/10 15:47:26 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013/09/10 15:47:25 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013/09/10 15:47:25 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013/09/10 15:47:25 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013/09/10 15:47:24 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013/09/10 15:47:24 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013/09/10 15:47:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013/09/10 15:47:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013/09/10 15:47:23 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/09/10 15:47:23 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/09/10 15:47:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/09/10 15:47:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/09/10 15:47:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/09/10 15:47:22 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/09/10 15:47:22 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/09/10 15:47:22 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/09/10 15:47:22 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/09/10 15:47:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/09/10 15:47:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/09/10 15:47:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/09/10 15:47:21 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/09/10 15:47:21 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/09/10 15:47:21 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/09/10 15:47:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/09/10 15:47:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/09/10 15:47:20 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/09/10 15:47:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/09/10 15:47:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/09/10 15:47:20 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/09/10 15:47:19 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/09/10 15:47:19 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/09/10 15:47:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/09/10 15:47:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/09/10 15:47:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/09/10 15:47:19 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/09/10 15:47:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/09/10 15:47:18 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/09/10 15:47:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/09/10 15:47:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/09/10 15:47:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/09/10 15:47:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/09/10 15:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/09/10 15:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/09/10 15:47:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/09/10 15:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/09/10 15:47:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/09/10 15:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/09/10 15:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/09/10 15:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/09/10 15:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/09/10 15:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/09/10 15:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/09/10 15:47:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/09/10 15:47:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/09/10 15:47:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/09/10 15:47:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/09/10 15:47:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/09/10 15:47:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/09/10 15:47:14 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/09/10 15:47:14 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/09/10 15:47:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/09/10 15:47:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/09/10 15:47:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/09/10 15:47:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/09/10 15:47:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/09/10 15:47:12 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/09/10 15:47:12 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/09/10 15:47:12 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013/09/10 15:47:12 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2013/09/10 15:47:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/09/10 15:47:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/09/10 15:46:47 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013/09/09 21:53:58 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\Desktop\simpleviewer_231
[2013/09/09 21:49:19 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\Documents\Extracted Files
[2013/09/09 21:44:26 | 003,070,808 | ---- | C] (PKWARE, Inc.) -- C:\Users\Michael Affinito\Desktop\ZIPReader.exe
[2013/09/08 17:19:39 | 000,000,000 | ---D | C] -- C:\Users\Michael Affinito\AppData\Local\Macromedia
[2013/09/08 01:21:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/09/08 01:21:40 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/09/08 01:21:31 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/09/08 01:21:31 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/09/08 01:21:31 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/09/07 03:15:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/09/05 15:13:46 | 001,472,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/09/05 15:13:45 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013/09/05 15:13:43 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013/09/05 15:13:32 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/09/05 15:13:30 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013/09/05 15:13:29 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll

========== Files - Modified Within 30 Days ==========

[2013/09/13 11:29:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2983651559-1869103183-3296704676-1001UA.job
[2013/09/13 11:29:00 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/13 11:19:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/09/13 11:06:01 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/13 11:06:01 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/13 11:03:25 | 000,835,068 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/09/13 11:03:25 | 000,704,424 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/09/13 11:03:25 | 000,132,620 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/09/13 11:03:16 | 001,029,509 | ---- | M] (Thisisu) -- C:\Users\Michael Affinito\Desktop\JRT.exe
[2013/09/13 10:58:04 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/13 10:57:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/13 10:57:26 | 2902,646,784 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/13 10:47:28 | 001,037,278 | ---- | M] () -- C:\Users\Michael Affinito\Desktop\AdwCleaner.exe
[2013/09/12 13:29:04 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2983651559-1869103183-3296704676-1001Core.job
[2013/09/12 09:27:12 | 000,002,637 | ---- | M] () -- C:\Users\Michael Affinito\Desktop\Microsoft Office Excel 2007.lnk
[2013/09/11 21:37:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Michael Affinito\Desktop\OTL.exe
[2013/09/11 17:32:54 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/09/11 16:45:42 | 000,313,592 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/09/11 16:11:34 | 000,411,274 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Michael A Harrell Resume.pdf
[2013/09/11 13:10:17 | 000,002,619 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Jens Gallery.html
[2013/09/11 12:20:00 | 000,001,847 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Jens Web Page.html
[2013/09/11 12:19:51 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/09/11 12:19:51 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/09/11 12:13:10 | 000,001,654 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Jens Contact.html
[2013/09/11 12:12:55 | 000,001,654 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Jens About.html
[2013/09/11 12:06:39 | 000,002,999 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Species Gallery.html
[2013/09/11 09:59:12 | 000,002,021 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Species Video.html
[2013/09/10 23:24:33 | 000,000,149 | ---- | M] () -- C:\Users\Michael Affinito\Documents\test.html
[2013/09/10 22:34:59 | 000,002,173 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Species Music.html
[2013/09/10 20:13:43 | 000,002,100 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Species Calendar.html
[2013/09/10 17:41:53 | 000,000,183 | ---- | M] () -- C:\Users\Michael Affinito\Documents\playlist.m3u
[2013/09/10 16:48:08 | 001,381,600 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Chopped up.mp3
[2013/09/10 16:47:39 | 015,219,766 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Chopped up.wav
[2013/09/10 16:29:40 | 000,001,793 | ---- | M] () -- C:\Users\Michael Affinito\Documents\The Species.html
[2013/09/10 13:46:05 | 000,015,713 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Blood.jpg
[2013/09/10 13:19:30 | 001,411,172 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Chopped up.m4a
[2013/09/09 21:44:10 | 003,070,808 | ---- | M] (PKWARE, Inc.) -- C:\Users\Michael Affinito\Desktop\ZIPReader.exe
[2013/09/09 20:49:09 | 000,001,589 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Specie Music.html
[2013/09/09 20:48:47 | 000,001,589 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Music.html
[2013/09/09 16:00:31 | 000,000,531 | ---- | M] () -- C:\Users\Michael Affinito\Documents\html test.html
[2013/09/08 23:13:50 | 000,000,056 | ---- | M] () -- C:\Users\Michael Affinito\Documents\species style.css
[2013/09/08 01:21:22 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/09/08 01:21:15 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/09/08 01:21:15 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/09/08 01:21:14 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/09/08 01:21:12 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013/09/08 01:21:12 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013/09/06 10:09:20 | 000,309,261 | ---- | M] () -- C:\Users\Michael Affinito\Documents\Project Bid 1013.pdf
[2013/09/05 16:02:01 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMA$.job

========== Files Created - No Company Name ==========

[2013/09/13 10:46:54 | 001,037,278 | ---- | C] () -- C:\Users\Michael Affinito\Desktop\AdwCleaner.exe
[2013/09/11 17:32:54 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/09/11 16:11:26 | 000,411,274 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Michael A Harrell Resume.pdf
[2013/09/11 12:09:30 | 000,001,654 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Jens Contact.html
[2013/09/11 12:09:12 | 000,001,654 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Jens About.html
[2013/09/11 12:08:48 | 000,002,619 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Jens Gallery.html
[2013/09/10 23:08:40 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/09/10 20:59:44 | 000,000,149 | ---- | C] () -- C:\Users\Michael Affinito\Documents\test.html
[2013/09/10 17:40:25 | 000,000,183 | ---- | C] () -- C:\Users\Michael Affinito\Documents\playlist.m3u
[2013/09/10 16:49:11 | 001,381,600 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Chopped up.mp3
[2013/09/10 16:49:03 | 015,219,766 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Chopped up.wav
[2013/09/10 16:03:00 | 000,002,021 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Species Video.html
[2013/09/10 13:46:04 | 000,015,713 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Blood.jpg
[2013/09/10 13:20:38 | 001,411,172 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Chopped up.m4a
[2013/09/10 12:46:17 | 000,073,332 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Mike fish.JPG
[2013/09/10 11:59:44 | 001,042,251 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Grandpa Munster.JPG
[2013/09/09 23:28:17 | 002,170,519 | ---- | C] () -- C:\Users\Michael Affinito\Documents\HitchHiker.JPG
[2013/09/09 22:12:32 | 001,116,915 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Sugar High.JPG
[2013/09/09 20:50:26 | 000,002,100 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Species Calendar.html
[2013/09/09 20:49:50 | 000,002,173 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Species Music.html
[2013/09/09 20:49:09 | 000,001,589 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Specie Music.html
[2013/09/09 20:48:47 | 000,001,589 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Music.html
[2013/09/09 19:23:31 | 000,002,999 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Species Gallery.html
[2013/09/09 16:00:31 | 000,000,531 | ---- | C] () -- C:\Users\Michael Affinito\Documents\html test.html
[2013/09/08 23:13:50 | 000,000,056 | ---- | C] () -- C:\Users\Michael Affinito\Documents\species style.css
[2013/09/08 23:03:54 | 000,001,793 | ---- | C] () -- C:\Users\Michael Affinito\Documents\The Species.html
[2013/09/08 17:18:29 | 000,001,847 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Jens Web Page.html
[2013/09/05 21:14:54 | 000,309,261 | ---- | C] () -- C:\Users\Michael Affinito\Documents\Project Bid 1013.pdf
[2012/09/24 15:56:33 | 000,786,412 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/09/06 16:31:59 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/06/14 06:09:19 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

========== ZeroAccess Check ==========

[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/09/25 11:06:19 | 000,000,000 | ---D | M] -- C:\Users\Michael Affinito\AppData\Roaming\Canneverbe Limited
[2013/09/10 16:41:35 | 000,000,000 | ---D | M] -- C:\Users\Michael Affinito\AppData\Roaming\DVDVideoSoft
[2012/09/25 09:13:02 | 000,000,000 | ---D | M] -- C:\Users\Michael Affinito\AppData\Roaming\Easy Burning Software
[2012/09/25 09:13:02 | 000,000,000 | ---D | M] -- C:\Users\Michael Affinito\AppData\Roaming\EasyBurningSoftware
[2012/09/01 13:48:14 | 000,000,000 | ---D | M] -- C:\Users\Michael Affinito\AppData\Roaming\Synaptics
[2013/09/11 20:51:21 | 000,000,000 | ---D | M] -- C:\Users\Michael Affinito\AppData\Roaming\Unity
[2012/09/30 15:06:01 | 000,000,000 | ---D | M] -- C:\Users\Michael Affinito\AppData\Roaming\Windows Live Writer

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009/07/13 22:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/13 22:08:49 | 000,024,182 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/09/03 18:43:19 | 000,000,900 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2983651559-1869103183-3296704676-1001Core.job
[2012/09/03 18:43:33 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2983651559-1869103183-3296704676-1001UA.job
[2012/09/26 13:14:40 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012/09/26 13:14:40 | 000,000,918 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012/11/12 16:16:34 | 000,000,330 | ---- | C] () -- C:\Windows\Tasks\HPCeeScheduleForMA$.job
[2013/09/10 23:08:40 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< >

< >

========== Base Services ==========
SRV:64bit: - [2009/07/13 18:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2013/02/26 22:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/13 18:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010/11/20 20:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/20 20:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2011/11/16 23:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 18:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 18:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/04 15:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013/07/08 22:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013/07/08 21:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/20 20:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/20 20:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 20:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011/10/14 12:59:22 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/13 18:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 18:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 18:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/13 18:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010/11/20 20:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/07/13 18:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 18:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 18:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 18:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 18:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012/10/03 10:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/13 18:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011/10/14 13:06:01 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/02/10 23:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2011/11/16 23:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/13 18:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/20 20:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/20 20:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/20 20:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2011/11/16 23:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/07/13 18:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/11/20 20:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/20 20:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 20:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/20 20:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/20 20:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 20:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/13 18:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/04/30 22:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/20 20:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/20 20:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/20 20:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/20 20:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/11/20 20:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/20 20:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/20 20:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/20 20:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/20 20:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/13 18:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/02 15:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/20 20:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/13 18:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/20 20:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/10/14 13:00:12 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/10/14 13:00:12 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/10/14 13:00:12 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/10/14 13:00:12 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 20:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/10/14 13:00:13 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/10/14 13:00:13 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 20:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: SERVICES >
[2009/06/10 14:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.CFG >
[2012/09/23 21:43:36 | 000,603,848 | R--- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0\services.cfg
[2013/05/11 03:37:26 | 000,558,990 | ---- | M] () MD5=FE8FB005031C2574E990DAC1F9F5ACF8 -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Services\Services.cfg

< MD5 for: SERVICES.DAT >
[2013/09/07 19:23:53 | 000,002,632 | ---- | M] () MD5=C4CCA8EB41B89E98EF1930EE42997010 -- C:\Users\Michael Affinito\AppData\Local\Temp\jrt\services.dat

< MD5 for: SERVICES.EXE >
[2009/07/13 18:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 18:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2010/11/21 00:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2010/11/21 00:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.LNK >
[2009/07/13 21:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/13 21:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2009/06/10 13:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/10 13:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >
[2010/11/21 00:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/10 13:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2010/11/21 00:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 14:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2010/11/21 00:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 13:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2010/11/21 00:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 14:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PTXML >
[2009/07/13 13:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 13:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: SVCHOST.EXE >
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 20:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 20:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 20:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 20:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 20:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 20:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< dir C:\ /S /A:L /C >
Volume in drive C has no label.
Volume Serial Number is 4491-7378
Directory of C:\
07/13/2009 10:08 PM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\Program Files (x86)\Evernote
10/14/2011 01:38 PM <SYMLINKD> Evernote3.5 [C:\Program Files (x86)\Evernote\Evernote]
0 File(s) 0 bytes
Directory of C:\ProgramData
07/13/2009 10:08 PM <JUNCTION> Application Data [C:\ProgramData]
07/13/2009 10:08 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/13/2009 10:08 PM <JUNCTION> Documents [C:\Users\Public\Documents]
07/13/2009 10:08 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/13/2009 10:08 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/13/2009 10:08 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
07/13/2009 10:08 PM <SYMLINKD> All Users [C:\ProgramData]
07/13/2009 10:08 PM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
07/13/2009 10:08 PM <JUNCTION> Application Data [C:\ProgramData]
07/13/2009 10:08 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/13/2009 10:08 PM <JUNCTION> Documents [C:\Users\Public\Documents]
07/13/2009 10:08 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/13/2009 10:08 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/13/2009 10:08 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
07/13/2009 10:08 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
07/13/2009 10:08 PM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
07/13/2009 10:08 PM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
07/13/2009 10:08 PM <JUNCTION> My Documents [C:\Users\Default\Documents]
07/13/2009 10:08 PM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/13/2009 10:08 PM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/13/2009 10:08 PM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/13/2009 10:08 PM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/13/2009 10:08 PM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/13/2009 10:08 PM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
07/13/2009 10:08 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
07/13/2009 10:08 PM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/13/2009 10:08 PM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
07/13/2009 10:08 PM <JUNCTION> My Music [C:\Users\Default\Music]
07/13/2009 10:08 PM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
07/13/2009 10:08 PM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Michael Affinito
09/01/2012 01:41 PM <JUNCTION> Application Data [C:\Users\Michael Affinito\AppData\Roaming]
09/01/2012 01:41 PM <JUNCTION> Cookies [C:\Users\Michael Affinito\AppData\Roaming\Microsoft\Windows\Cookies]
09/01/2012 01:41 PM <JUNCTION> Local Settings [C:\Users\Michael Affinito\AppData\Local]
09/01/2012 01:41 PM <JUNCTION> My Documents [C:\Users\Michael Affinito\Documents]
09/01/2012 01:41 PM <JUNCTION> NetHood [C:\Users\Michael Affinito\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
09/01/2012 01:41 PM <JUNCTION> PrintHood [C:\Users\Michael Affinito\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
09/01/2012 01:41 PM <JUNCTION> Recent [C:\Users\Michael Affinito\AppData\Roaming\Microsoft\Windows\Recent]
09/01/2012 01:41 PM <JUNCTION> SendTo [C:\Users\Michael Affinito\AppData\Roaming\Microsoft\Windows\SendTo]
09/01/2012 01:41 PM <JUNCTION> Start Menu [C:\Users\Michael Affinito\AppData\Roaming\Microsoft\Windows\Start Menu]
09/01/2012 01:41 PM <JUNCTION> Templates [C:\Users\Michael Affinito\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Michael Affinito\AppData\Local
09/01/2012 01:41 PM <JUNCTION> Application Data [C:\Users\Michael Affinito\AppData\Local]
09/01/2012 01:41 PM <JUNCTION> History [C:\Users\Michael Affinito\AppData\Local\Microsoft\Windows\History]
09/01/2012 01:41 PM <JUNCTION> Temporary Internet Files [C:\Users\Michael Affinito\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Michael Affinito\Documents
09/01/2012 01:41 PM <JUNCTION> My Music [C:\Users\Michael Affinito\Music]
09/01/2012 01:41 PM <JUNCTION> My Pictures [C:\Users\Michael Affinito\Pictures]
09/01/2012 01:41 PM <JUNCTION> My Videos [C:\Users\Michael Affinito\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
07/13/2009 10:08 PM <JUNCTION> My Music [C:\Users\Public\Music]
07/13/2009 10:08 PM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
07/13/2009 10:08 PM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
51 Dir(s) 391,573,790,720 bytes free

< End of report >

And finally heres the Security check log

UNSUPPORTED OPERATING SYSTEM! ABORTED!

Edited by mikey1988, 13 September 2013 - 02:02 PM.

#6
23red

Posted 13 September 2013 - 06:53 PM

Trusted Helper

Malware Removal
1,797 posts

Hi mikey1988

Thanks for the logs :thumbsup:

I'm checking through them now.
For the SecurityCheck log, could you please restart the computer and then try the tool. A reboot seems to help it 'support the operating system' Let me know how it goes. Thank you.

#7
mikey1988

Posted 13 September 2013 - 08:07 PM

Member

Topic Starter
Member
13 posts

Looks like it worked this time. Here's the log

Results of screen317's Security Check version 0.99.73
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 25
Adobe Flash Player 11.8.800.168
Adobe Reader XI
Mozilla Firefox (23.0.1)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 3%
````````````````````End of Log``````````````````````

#8
23red

Posted 13 September 2013 - 08:27 PM

Trusted Helper

Malware Removal
1,797 posts

Awesome

Thank you!
I'll be back with more instructions as soon as I can

#9
23red

Posted 14 September 2013 - 06:30 PM

Trusted Helper

Malware Removal
1,797 posts

Hi mikey1988

Logs are looking excellent :thumbsup:

A little more cleanup to do:

Step 1.
Windows Sidebar Advice:

It is no longer advisable to have this feature enabled as outline in the below Microsoft article:-

Vulnerabilities in Gadgets could allow remote code execution

I advise you to download and run the Disable Windows Sidebar and Gadgets Fixtit Utility to rectify this.

Step 2.

OTL Fix

Please right click on Posted Image

on your Desktop and select Run as Administrator, please accept UAC prompts.

Under Posted Image

in the textbox at the bottom, please paste in the following text:

:Commands
[CREATERESTOREPOINT]
:OTL
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
:Files
ipconfig /flushdns /c
netsh advfirewall reset /c
netsh advfirewall set allprofiles state on /c
:Commands
[EmptyTemp]

• Push the Posted Image

button.

• OTL may ask to reboot the machine. Please do so if asked.

• A massage box will pop~up

Posted Image

• Click the OK button and a report will open.

• If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date of the tool run).

• Copy and Paste that report in your next reply, please

Step 3.

Malwarebytes' Anti-Malware

Please download Malwarebytes' Anti-Malware from here or here.

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish, so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy & Paste the entire report in your next reply.

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so.

Step 4.
Run ESET Online Scanner:

I'd like you go to ESET and run an online scan. Once you get there, you will however need to disable your current installed Anti-Virus, how to do so can be read here.

Note: Optimized for Internet Explorer, you can use Chrome or Mozilla FireFox for this scan.

You will need to to right-click on the either the Internet Explorer or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

•Please go here then click on:
Posted Image

•A new window will open:

Posted Image

Select the option YES, I accept the Terms of Use then click on:

Posted Image

•When prompted allow the Add-On/Active X to install.

Posted Image

•Uncheck the box beside Remove Found Threats

•Check the box Scan archives.

•Now click on Advanced Settings and select the following:

•Scan for potentially unwanted applications

•Scan for potentially unsafe applications

•Enable Anti-Stealth Technology

•Now click on: Posted Image

•The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.

•When completed the Online Scan will begin automatically. The scan may take several hours.

•Wait for the scan to finish. Do not touch either the Mouse or keyboard during the scan. Otherwise it may stall.

When The Scan is Complete:

1. If No Threats Were Found:
•Put a checkmark in Uninstall application on close
•Close the program
•Report to me that nothing was found

2. If Threats Were Found:
•Click on list of threats found
•Click on export to text file and save it to the desktop as ESET SCAN.txt
•Click on Back
•Put a checkmark in Uninstall application on close Be sure you have saved the file first
•Click on Finish
•Close the program

Please post a copy of the ESET file when you return.

When you return, please:
1. OTL fix log
2. Malwarebytes log
3. ESET log
4. Answer to the question: How is your computer running?

#10
mikey1988

Posted 16 September 2013 - 06:47 PM

Member

Topic Starter
Member
13 posts

My computer seems to be running faster. I no longer have the annoying tool bars on my browser anymore or the constant switching of the homepage around problem. The ESET log failed to load on my computer for some reason, I wasn't able to uninstall the ESET application or save the log. It said I had 4 threats and the page asked if I wanted to buy the 30 day trial. I tried it a couple times going through the instructions each time. Here's the other logs though. Thanks again for the help.

Here's the OTL fix log

========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
No active process named CltMngSvc.exe was found!
No active process named cltmng.exe was found!
Error: No service named CltMngSvc was found to stop!
Service\Driver key CltMngSvc not found.
File C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2304FA72-8CF7-46CD-8FC8-45EF9A14010F}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2304FA72-8CF7-46CD-8FC8-45EF9A14010F}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d43b3890-80c7-4010-a95d-1e77b5924dc3}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{cef81415-2059-4dd5-9829-1aef3cf27f4f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\ deleted successfully.
C:\Program Files (x86)\KeyBar_2.1\prxtbKeyB.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2304FA72-8CF7-46CD-8FC8-45EF9A14010F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2304FA72-8CF7-46CD-8FC8-45EF9A14010F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d43b3890-80c7-4010-a95d-1e77b5924dc3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{cef81415-2059-4dd5-9829-1aef3cf27f4f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\ not found.
File C:\Program Files (x86)\KeyBar_2.1\prxtbKeyB.dll not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{60C1105D-7552-4607-87CA-E9DC56C83965}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{60C1105D-7552-4607-87CA-E9DC56C83965}\ not found.
Prefs.js: "KeyBar 2.1 Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.condui...={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "http://search.condui...214323&UM=2&q=" removed from keyword.URL
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\Plugins folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\modules folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\META-INF folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\lib folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\defaults\preferences folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\defaults folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\components folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\sl folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\lib\jquery.jscrollpane folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\lib\jquery.alerts\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\lib\jquery.alerts folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\lib folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\core folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\WEATHER\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\WEATHER\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\WEATHER folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\TWITTER\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\TWITTER\img folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\TWITTER folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\SEARCH\view\style folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\SEARCH\view\script folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\SEARCH\view folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\SEARCH\resources folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\SEARCH\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\SEARCH\Css folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\SEARCH\buildSettings folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\SEARCH folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\PRICE_GONG\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\PRICE_GONG\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\Optimizer\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\Optimizer folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\NOTIFICATION\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\NOTIFICATION\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\MULTI_RSS\img folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\MULTI_RSS\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\wa folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ui\menu\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ui\menu\img folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ui\menu\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ui\menu folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ui\gf\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ui\gf\img folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ui\gf\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ui\gf folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ui\gadgetFrame folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ui\dlg\ftd\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ui\dlg\ftd folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ui\dlg folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ui folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\sp\spsd\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\sp\spsd folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\sp\spbd\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\sp\spbd folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\sp\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\sp folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\options\js\resources folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\options\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\options\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\options\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\options folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\msd folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\api folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ac\res folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ac\img folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ac\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\ac folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\aboutBox\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\aboutBox\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al\aboutBox folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb\al folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\tb folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\logic\uninstall\dialog\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\logic\uninstall\dialog\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\logic\uninstall\dialog\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\logic\uninstall\dialog folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\logic\uninstall folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content\logic folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656\content folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome\CT3309656 folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\chrome folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f} folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions folder moved successfully.
Folder C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\extensions\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\ not found.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\searchplugins\conduit.xml moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\Mozilla\Firefox\Profiles\zmrlwlpe.default\searchplugins\Web Search.xml moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\_locales\en folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\_locales folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\toolbarImages folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\sl folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\lib\jquery.jscrollpane folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\lib\jquery.alerts\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\lib\jquery.alerts folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\lib folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\core folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\WEATHER\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\WEATHER\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\WEATHER folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\TWITTER\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\TWITTER\img folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\TWITTER folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\SEARCH\view\style folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\SEARCH\view\script folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\SEARCH\view folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\SEARCH\resources folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\SEARCH\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\SEARCH\Css folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\SEARCH\buildSettings folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\SEARCH folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\RADIO_PLAYER\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\PRICE_GONG\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\PRICE_GONG\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\Optimizer\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\Optimizer folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\NOTIFICATION\images\light folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\NOTIFICATION\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\NOTIFICATION\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\MULTI_RSS\img folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\MULTI_RSS\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\HIGHLIGHTER\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\wa folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ui\menu\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ui\menu\img folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ui\menu\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ui\menu folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ui\gf\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ui\gf\img folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ui\gf\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ui\gf folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ui\gadgetFrame folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ui\dlg\ftd\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ui\dlg\ftd folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ui\dlg folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ui folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\sp\spsd\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\sp\spsd folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\sp\spbd\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\sp\spbd folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\sp\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\sp folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\options\js\resources folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\options\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\options\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\options\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\options folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\msd folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\api folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ac\res folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ac\img folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ac\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\ac folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\aboutBox\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\aboutBox\images folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al\aboutBox folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb\al folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\tb folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\Search\plugins folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\Search\NewTabPages\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\Search\NewTabPages\img folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\Search\NewTabPages\html folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\Search\NewTabPages\css folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\Search\NewTabPages\API folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\Search\NewTabPages folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\Search\html folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\Search folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\plugins folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\js\toolbarAPI folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\js\tabs\back folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\js\tabs folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\js\options folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\js\lib folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0\js folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihogoofdaifgdkdilopkeahfcnifkajn\10.19.2.5_0 folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\ not found.
File C:\Program Files (x86)\KeyBar_2.1\prxtbKeyB.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{cef81415-2059-4dd5-9829-1aef3cf27f4f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cef81415-2059-4dd5-9829-1aef3cf27f4f}\ not found.
File C:\Program Files (x86)\KeyBar_2.1\prxtbKeyB.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CEF81415-2059-4DD5-9829-1AEF3CF27F4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CEF81415-2059-4DD5-9829-1AEF3CF27F4F}\ not found.
File C:\Program Files (x86)\KeyBar_2.1\prxtbKeyB.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtectAll not found.
File C:\Program Files (x86)\SearchProtect\bin\cltmng.exe not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\3EF6D3D0B6181F6F56C815FC740FC4D5133DA3D4._service_run deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ConduitFloatingPlugin_ihogoofdaifgdkdilopkeahfcnifkajn deleted successfully.
C:\Program Files (x86)\Conduit\CT3309656\plugins\TBVerifier.dll moved successfully.
C:\ProgramData\Conduit\IE\CT3309656 folder moved successfully.
C:\ProgramData\Conduit\IE folder moved successfully.
C:\ProgramData\Conduit folder moved successfully.
C:\Program Files (x86)\KeyBar_2.1 folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Conduit\CT3309656 folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\Conduit folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\CRE folder moved successfully.
C:\Program Files (x86)\Conduit\CT3309656\plugins folder moved successfully.
C:\Program Files (x86)\Conduit\CT3309656 folder moved successfully.
C:\Program Files (x86)\Conduit\Community Alerts folder moved successfully.
C:\Program Files (x86)\Conduit folder moved successfully.
Folder C:\Program Files (x86)\SearchProtect\ not found.
C:\Users\Michael Affinito\AppData\Roaming\SearchProtect\ffprotect\Dialogs folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\SearchProtect\ffprotect folder moved successfully.
C:\Users\Michael Affinito\AppData\Roaming\SearchProtect folder moved successfully.
C:\Users\Michael Affinito\AppData\Local\{5F3918AF-4D5C-4019-957B-36FC02CEBE18} folder moved successfully.
C:\END moved successfully.
========== FILES ==========
File\Folder C:\Program Files (x86)\SearchProtect not found.

OTL by OldTimer - Version 3.2.69.0 log created on 09132013_104229

And here's the malwarebytes log

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.14.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Michael Affinito :: MA [administrator]

Protection: Enabled

9/14/2013 9:37:28 PM
mbam-log-2013-09-14 (21-37-28).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 221105
Time elapsed: 7 minute(s), 51 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#11
23red

Posted 17 September 2013 - 07:56 AM

Trusted Helper

Malware Removal
1,797 posts

Hi mikey1988

Thanks for the logs :thumbsup:

It sounds as though ESET completed, can you check for me please if the ESET log is located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.

Copy and paste the log here if you are able to locate it.
Please let me know how it goes

#12
mikey1988

Posted 17 September 2013 - 03:21 PM

Member

Topic Starter
Member
13 posts

Cool found it here ya go.

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=8
# IEXPLORE.EXE=10.00.9200.16521 (win8_gdr_soc_ie.130216-2100)
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3bb0c0ecc5045c4d97db5519a302c55d
# engine=15132
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-09-15 06:37:52
# local_time=2013-09-14 11:37:52 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 0 130770522 0 0
# scanned=44774
# found=1
# cleaned=0
# scan_time=5928
sh=A4F319312C51671C3A95C478B1006769263996A9 ft=1 fh=886ae4ceae92d42e vn="a variant of Win32/OpenCandy.A application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Michael Affinito\AppData\Roaming\OpenCandy\435B6FCF2ECF4608AB2392B4D9B0D09C\OCBrowserHelper_1.0.3.85.dll.vir"
# version=8
# IEXPLORE.EXE=10.00.9200.16521 (win8_gdr_soc_ie.130216-2100)
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3bb0c0ecc5045c4d97db5519a302c55d
# engine=15132
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-09-15 12:42:41
# local_time=2013-09-15 05:42:41 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 0 130792411 0 0
# scanned=149405
# found=4
# cleaned=0
# scan_time=21846
sh=A4F319312C51671C3A95C478B1006769263996A9 ft=1 fh=886ae4ceae92d42e vn="a variant of Win32/OpenCandy.A application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Michael Affinito\AppData\Roaming\OpenCandy\435B6FCF2ECF4608AB2392B4D9B0D09C\OCBrowserHelper_1.0.3.85.dll.vir"
sh=5ECBBB9045FE2455FB3EFA512B13C47CEAE2EA07 ft=1 fh=7763d2a26d4adf77 vn="Win32/OpenCandy application" ac=I fn="C:\Users\Michael Affinito\Downloads\cdbxp_setup_4.4.2.3442 (1).exe"
sh=5ECBBB9045FE2455FB3EFA512B13C47CEAE2EA07 ft=1 fh=7763d2a26d4adf77 vn="Win32/OpenCandy application" ac=I fn="C:\Users\Michael Affinito\Downloads\cdbxp_setup_4.4.2.3442.exe"
sh=7488755D6B8AFA7B097EE9DAF6469D3B42958111 ft=1 fh=768cfff1ddabf5a1 vn="Win32/OpenCandy application" ac=I fn="C:\Users\Michael Affinito\Downloads\FreeStudio.exe"
# version=8
# IEXPLORE.EXE=10.00.9200.16521 (win8_gdr_soc_ie.130216-2100)
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3bb0c0ecc5045c4d97db5519a302c55d
# engine=15156
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-09-17 12:05:12
# local_time=2013-09-16 05:05:12 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 0 130919762 0 0
# scanned=149848
# found=4
# cleaned=0
# scan_time=17683
sh=A4F319312C51671C3A95C478B1006769263996A9 ft=1 fh=886ae4ceae92d42e vn="a variant of Win32/OpenCandy.A application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Michael Affinito\AppData\Roaming\OpenCandy\435B6FCF2ECF4608AB2392B4D9B0D09C\OCBrowserHelper_1.0.3.85.dll.vir"
sh=5ECBBB9045FE2455FB3EFA512B13C47CEAE2EA07 ft=1 fh=7763d2a26d4adf77 vn="Win32/OpenCandy application" ac=I fn="C:\Users\Michael Affinito\Downloads\cdbxp_setup_4.4.2.3442 (1).exe"
sh=5ECBBB9045FE2455FB3EFA512B13C47CEAE2EA07 ft=1 fh=7763d2a26d4adf77 vn="Win32/OpenCandy application" ac=I fn="C:\Users\Michael Affinito\Downloads\cdbxp_setup_4.4.2.3442.exe"
sh=7488755D6B8AFA7B097EE9DAF6469D3B42958111 ft=1 fh=768cfff1ddabf5a1 vn="Win32/OpenCandy application" ac=I fn="C:\Users\Michael Affinito\Downloads\FreeStudio.exe"

#13
23red

Posted 18 September 2013 - 09:48 AM

Trusted Helper

Malware Removal
1,797 posts

Hi mikey1988

Eset found 4 items. We'll use OTL to remove 3, the 4th is in AdwCleaner quarantine, so that one will be taken care of in due course.
The downloads in your downloads folder are not good. There are posted topics around the forum that may be of assistance to you in this area.

OTL Fix

Please right click on Posted Image

on your Desktop and select Run as Administrator, please accept UAC prompts.

Under Posted Image

in the textbox at the bottom, please paste in the following text:

:Commands
[CREATERESTOREPOINT]

:Files
C:\Users\Michael Affinito\Downloads\cdbxp_setup_4.4.2.3442 (1).exe
C:\Users\Michael Affinito\Downloads\cdbxp_setup_4.4.2.3442.exe
C:\Users\Michael Affinito\Downloads\FreeStudio.exe
[Reboot]

• Push the Posted Image

button.

• OTL may ask to reboot the machine. Please do so if asked.

• A massage box will pop~up

Posted Image

• Click the OK button and a report will open.

• When the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date of the tool run).

• Copy and Paste that report in your next reply, please.

Also, could you please post the OTL fix log located at in C:\_OTL\MovedFiles\09142013_hhmmss the first fixlog was inadvertantly posted. This would be for the fix in post #9

When you return, please
2 OTL fix logs

Thanks!

#14
mikey1988

Posted 19 September 2013 - 10:29 PM

Member

Topic Starter
Member
13 posts

K Here's the most recent OTL log

========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== FILES ==========
C:\Users\Michael Affinito\Downloads\cdbxp_setup_4.4.2.3442 (1).exe moved successfully.
C:\Users\Michael Affinito\Downloads\cdbxp_setup_4.4.2.3442.exe moved successfully.
C:\Users\Michael Affinito\Downloads\FreeStudio.exe moved successfully.
File\Folder [Reboot] not found.

OTL by OldTimer - Version 3.2.69.0 log created on 09182013_105414

and heres the one on the 14th

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Michael Affinito\Desktop\cmd.bat deleted successfully.
C:\Users\Michael Affinito\Desktop\cmd.txt deleted successfully.
< netsh advfirewall reset /c >
Ok.
C:\Users\Michael Affinito\Desktop\cmd.bat deleted successfully.
C:\Users\Michael Affinito\Desktop\cmd.txt deleted successfully.
< netsh advfirewall set allprofiles state on /c >
Ok.
C:\Users\Michael Affinito\Desktop\cmd.bat deleted successfully.
C:\Users\Michael Affinito\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Michael Affinito
->Temp folder emptied: 1933561492 bytes
->Temporary Internet Files folder emptied: 78896120 bytes
->Java cache emptied: 2543778 bytes
->FireFox cache emptied: 256990677 bytes
->Google Chrome cache emptied: 331307107 bytes
->Flash cache emptied: 16075 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 391488391 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42303946 bytes
RecycleBin emptied: 2724965 bytes

Total Files Cleaned = 2,899.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 09142013_210849

Files\Folders moved on Reboot...
C:\Users\Michael Affinito\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Michael Affinito\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...