Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Plugin and shockwave pop up errors, computer just generally slow to re


  • Please log in to reply

#1
shajoe44

shajoe44

    Member

  • Member
  • PipPipPip
  • 262 posts
I am getting tons of script and plugin pop up boxes and my laptop is generally running slow slow slow. What can I run to get my laptop running back to a more normal way?

Thanks
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

  • 0

#3
shajoe44

shajoe44

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 262 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-10-2013
Ran by Jerry (administrator) on JERRY-1A1033F2B on 03-11-2013 19:53:01
Running from C:\Documents and Settings\Jerry\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
() C:\WINDOWS\System32\WLTRYSVC.EXE
(Dell Inc.) C:\WINDOWS\System32\bcmwltry.exe
(AOL LLC) C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Nero AG) C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(SigmaTel, Inc.) C:\WINDOWS\stsystra.exe
(Dell Inc.) C:\WINDOWS\system32\WLTRAY.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(AOL LLC) C:\Program Files\Common Files\AOL\1246745595\ee\AOLSoftware.exe
(Logitech Inc.) C:\WINDOWS\system32\LVCOMSX.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
() C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\InfoMyCa.exe
() C:\Program Files\AVG SafeGuard toolbar\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\concentr.exe
(Spotify Ltd) C:\Program Files\Spotify\Data\SpotifyWebHelper.exe
(Motorola Mobility Inc.) C:\Program Files\Motorola Mobility\MotoCast\MotoCast.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\wfcrun32.exe
() C:\Program Files\Hawking\HWU8DD\HWU8DD.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Intuit Inc.) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Motorola Mobility LLC) C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola Mobility LLC) C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
() C:\Program Files\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe
(Microsoft Corporation) C:\WINDOWS\eHome\ehmsas.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Macrovision Corporation) c:\progra~1\common~1\instal~1\update~1\isuspm.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ehTray] - C:\WINDOWS\ehome\ehtray.exe [64512 2005-08-05] (Microsoft Corporation)
HKLM\...\Run: [ATICCC] - C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe [90112 2006-05-10] ()
HKLM\...\Run: [SigmatelSysTrayApp] - C:\WINDOWS\stsystra.exe [282624 2006-07-27] (SigmaTel, Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\WINDOWS\system32\WLTRAY.EXE [1347584 2005-12-19] (Dell Inc.)
HKLM\...\Run: [ISUSPM Startup] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [226224 2006-11-16] (Macrovision Corporation)
HKLM\...\Run: [ISUSScheduler] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [86960 2006-11-16] (Macrovision Corporation)
HKLM\...\Run: [HostManager] - C:\Program Files\Common Files\aol\1246745595\ee\aolsoftware.exe [41824 2008-06-24] (AOL LLC)
HKLM\...\Run: [hpqSRMon] - C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe [150016 2008-08-20] (Hewlett-Packard)
HKLM\...\Run: [WUSB54GPv4] - C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\InvokeSvc3.exe [24576 2004-04-19] ()
HKLM\...\Run: [LVCOMSX] - C:\WINDOWS\system32\LVCOMSX.EXE [221184 2005-07-19] (Logitech Inc.)
HKLM\...\Run: [AppleSyncNotifier] - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [vProt] - C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2404376 2013-10-02] ()
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [ConnectionCenter] - C:\Program Files\Citrix\ICA Client\concentr.exe [309184 2012-03-28] (Citrix Systems, Inc.)
HKLM\...\Run: [UserFaultCheck] - %systemroot%\system32\dumprep 0 -u
Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKCU\...\Run: [MotoCast] - C:\Program Files\Motorola Mobility\MotoCast\MotoLauncher.lnk [1704 2012-07-30] ()
HKCU\...\Run: [Spotify Web Helper] - C:\Program Files\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-09-15] (Spotify Ltd)
HKCU\...\Run: [replay_telecorder_skype] - C:\Program Files\Replay Telecorder for Skype\replay_telecorder_skype.exe [1954304 2012-06-20] (Applian Technologies Inc.)
HKCU\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-13] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Hawking Wireless Utility.lnk
ShortcutTarget: Hawking Wireless Utility.lnk -> C:\Program Files\Hawking\HWU8DD\HWU8DD.exe ()
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
URLSearchHook: HKCU - (No Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
URLSearchHook: HKCU - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search...p={searchTerms}
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg....fr&d=2013-09-02 21:57:47&v=17.0.1.12&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {47E12407-042F-40B8-A88A-39B781032C47} URL = http://search.aol.co...ionType=msie70a
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg....fr&d=2013-09-02 21:57:47&v=17.0.1.12&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {CB30BADD-D158-4145-9E69-A6E02BFF2C95} URL = http://search.yahoo....p={searchTerms}
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.0.1.12\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.0.1.12\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {49232000-16E4-426C-A231-62846947304B} https://wimpro.cce.h...ads/sysinfo.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {FC6703A7-5B7E-4f58-BE6D-2693AA3906AE} http://h30299.www3.h...hp.cab?1,0,0,94
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll (AVG Secure Search)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: hxxp://mysearch.avg.com/?cid={A892FE0E-65F0-48B7-A975-5089A3EC1996}&mid=814952a50bbb4550585ae758e2b3ff46-ea1f7e0eb4e87a0825372eb81bb2f7ace421139d&lang=en&ds=AVG&pr=fr&d=2013-09-02 21:57:47&v=15.6.1.2&pid=safeguard&sg=0&sap=hp
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll (AVG Technologies)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @movenetworks.com/Quantum Media Player - C:\Documents and Settings\Jerry\Application Data\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @movenetworks.com/Quantum Media Player - C:\Documents and Settings\Jerry\Application Data\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar\FireFoxExt\17.0.1.12
FF Extension: AVG SafeGuard toolbar - C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar\FireFoxExt\17.0.1.12
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Documents and Settings\Jerry\Application Data\Move Networks
FF Extension: Move Media Player - C:\Documents and Settings\Jerry\Application Data\Move Networks
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: hxxp://mysearch.avg.com/?cid={A892FE0E-65F0-48B7-A975-5089A3EC1996}&mid=814952a50bbb4550585ae758e2b3ff46-ea1f7e0eb4e87a0825372eb81bb2f7ace421139d&lang=en&ds=AVG&pr=fr&d=2013-01-28 13:54:53&v=15.2.0.5&pid=safeguard&sg=0&sap=hp
CHR RestoreOnStartup: "hxxp://mysearch.avg.com/?cid={A892FE0E-65F0-48B7-A975-5089A3EC1996}&mid=814952a50bbb4550585ae758e2b3ff46-ea1f7e0eb4e87a0825372eb81bb2f7ace421139d&lang=en&ds=AVG&pr=fr&d=2013-01-28 13:54:53&v=15.2.0.5&pid=safeguard&sg=0&sap=hp"
CHR HKLM\...\Chrome\Extension: [jbpkiefagocgkmemidfngdkamloieekf] - C:\Program Files\TornTV.com\torn11.crx
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar\ChromeExt\17.0.1.12\avg.crx
CHR HKLM\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Documents and Settings\Jerry\Local Settings\Application Data\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx

========================== Services (Whitelisted) =================

R2 AOL ACS; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [46640 2006-10-23] (AOL LLC)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.)
R2 DeviceMonitorService; C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe [87400 2012-06-05] (Nero AG)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Motorola Device Manager; C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-07-31] (Motorola Mobility LLC)
R2 vToolbarUpdater17.0.12; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [1734680 2013-10-02] (AVG Secure Search)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [1200128 2005-12-19] (Dell Inc.)
S3 AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [x]
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"
S2 vToolbarUpdater13.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [x]
S4 WUSB54GPv4SVC; "C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\WLService.exe" "WUSB54GPv4.exe" [x]

==================== Drivers (Whitelisted) ====================

S3 appliand; C:\Windows\System32\DRIVERS\appliand.sys [28256 2011-06-25] (Applian Technologies Inc.)
R3 appliandMP; C:\Windows\System32\DRIVERS\appliand.sys [28256 2011-06-25] (Applian Technologies Inc.)
R1 ASPI32; C:\Windows\System32\Drivers\ASPI32.sys [16877 2002-07-17] (Adaptec)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120632 2013-09-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [209208 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [145720 2013-09-02] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22840 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [223032 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102200 2013-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-10-02] (AVG Technologies)
R3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl5.sys [424320 2005-11-02] (Broadcom Corporation)
S3 CamDrL; C:\Windows\System32\DRIVERS\Camdrl.sys [326656 2004-10-08] (Logitech Inc.)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrv.sys [22312 2009-02-12] (EldoS Corporation)
S3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36640 2010-09-15] ()
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [53184 2007-06-27] (FTDI Ltd.)
S3 GTNDIS5; C:\WINDOWS\system32\GTNDIS5.SYS [15872 2003-09-25] (Printing Communications Assoc., Inc. (PCAUSA))
S3 IrBus; C:\Windows\System32\DRIVERS\IrBus.sys [46848 2013-07-16] (Microsoft Corporation)
S3 LVUSBSta; C:\Windows\System32\drivers\lvusbsta.sys [22016 2005-05-27] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R2 MDC8021X; C:\Windows\System32\DRIVERS\mdc8021x.sys [15781 2004-05-26] (Meetinghouse Data Communications)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 PRISM_A02; C:\Windows\System32\DRIVERS\WUSB20XP.sys [339488 2004-01-07] (Cisco-Linksys, LLC.)
S3 sonypvs1; C:\Windows\System32\DRIVERS\sonypvs1.sys [102220 2002-10-15] (Sony Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [717296 2009-11-11] ()
R3 STHDA; C:\Windows\System32\drivers\sthda.sys [1171464 2006-07-27] (SigmaTel, Inc.)
U3 TrueSight; C:\WINDOWS\system32\drivers\TrueSight.sys [15616 2013-01-05] ()
R3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
S3 ZD1211BU(Hawking); C:\Windows\System32\DRIVERS\zd1211Bu.sys [402432 2005-10-28] (ZyDAS Technology Corporation)
R3 ZDPSp50; C:\Windows\System32\Drivers\ZDPSp50.sys [17664 2004-10-25] (Printing Communications Assoc., Inc. (PCAUSA))
S3 dgderdrv; System32\drivers\dgderdrv.sys [x]
S4 IntelIde; No ImagePath
S3 motccgp; system32\DRIVERS\motccgp.sys [x]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [x]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created Files and Folders ========

2013-11-03 19:52 - 2013-11-03 19:52 - 00000000 ____D C:\FRST
2013-11-03 19:48 - 2013-11-03 19:48 - 01089445 _____ (Farbar) C:\Documents and Settings\Jerry\Desktop\FRST.exe
2013-10-21 17:35 - 2013-10-21 17:35 - 00000000 ____D C:\Documents and Settings\Jerry\Application Data\AVG2014
2013-10-21 17:25 - 2013-10-21 17:25 - 00000702 _____ C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
2013-10-21 17:20 - 2013-11-01 14:33 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG2014
2013-10-21 17:06 - 2013-10-23 19:29 - 00000000 ____D C:\Documents and Settings\Jerry\Local Settings\Application Data\Avg2014
2013-10-15 11:06 - 2013-10-15 11:07 - 00000000 ____D C:\Documents and Settings\Jerry\Desktop\New Folder
2013-10-13 20:44 - 2013-10-13 20:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-13 20:41 - 2013-10-13 20:41 - 00131088 _____ C:\WINDOWS\KB2862335.log
2013-10-13 20:41 - 2013-10-13 20:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-13 20:16 - 2013-10-13 20:16 - 00010626 _____ C:\WINDOWS\KB2884256.log
2013-10-13 20:16 - 2013-10-13 20:16 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2884256$
2013-10-13 20:16 - 2013-10-13 20:16 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$
2013-10-13 20:15 - 2013-10-13 20:16 - 00010977 _____ C:\WINDOWS\KB2868038.log
2013-10-13 20:10 - 2013-10-13 20:13 - 00012148 _____ C:\WINDOWS\KB2879017-IE8.log
2013-10-13 20:10 - 2013-10-13 20:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-13 20:08 - 2013-10-13 20:08 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2013-10-13 19:48 - 2013-10-13 20:44 - 00134908 _____ C:\WINDOWS\KB2847311.log
2013-10-13 19:43 - 2013-07-02 21:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2013-10-13 19:36 - 2013-07-16 19:58 - 00123008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys
2013-10-13 19:36 - 2013-07-16 19:58 - 00046848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irbus.sys
2013-10-13 19:34 - 2013-08-08 19:55 - 00144128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2013-10-13 19:34 - 2013-08-08 19:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2013-10-13 19:34 - 2009-03-18 06:02 - 00030336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2013-10-07 19:41 - 2013-10-28 19:41 - 00000462 _____ C:\WINDOWS\Tasks\Motorola Device Manager Engine.job
2013-10-07 19:41 - 2013-10-07 19:41 - 00000478 _____ C:\WINDOWS\Tasks\Motorola Device Manager Update.job
2013-10-07 19:40 - 2013-10-07 19:40 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Motorola Device Manager

==================== One Month Modified Files and Folders =======

2013-11-03 19:57 - 2013-01-15 21:41 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-03 19:52 - 2013-11-03 19:52 - 00000000 ____D C:\FRST
2013-11-03 19:48 - 2013-11-03 19:48 - 01089445 _____ (Farbar) C:\Documents and Settings\Jerry\Desktop\FRST.exe
2013-11-03 19:00 - 2013-05-23 13:24 - 00000884 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-03 17:43 - 2010-10-19 13:01 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2013-11-03 16:57 - 2009-05-19 21:10 - 00032548 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-03 15:24 - 2009-05-19 21:02 - 01925063 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-03 15:02 - 2013-03-17 18:35 - 00169406 _____ C:\WINDOWS\setupapi.log
2013-11-03 14:51 - 2009-05-19 16:52 - 00000582 _____ C:\WINDOWS\wiadebug.log
2013-11-01 20:00 - 2013-05-23 13:24 - 00000880 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-01 14:33 - 2013-10-21 17:20 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG2014
2013-10-29 19:19 - 2011-07-19 20:49 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-10-28 19:41 - 2013-10-07 19:41 - 00000462 _____ C:\WINDOWS\Tasks\Motorola Device Manager Engine.job
2013-10-27 10:50 - 2009-07-05 18:36 - 00000000 ____D C:\Program Files\SPC Invoice
2013-10-27 10:49 - 2010-02-04 15:16 - 00000000 ____D C:\Documents and Settings\Jerry\My Documents\TurboTax
2013-10-27 10:42 - 2012-05-13 15:07 - 00000000 ____D C:\Documents and Settings\Jerry\.gstreamer-0.10
2013-10-27 10:42 - 2012-05-13 14:59 - 00000000 ____D C:\Documents and Settings\Jerry\Application Data\MotoCast
2013-10-27 10:40 - 2013-02-02 11:33 - 00002393 _____ C:\Documents and Settings\All Users\Desktop\TurboTax 2012.lnk
2013-10-27 10:38 - 2009-05-19 16:52 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-10-27 10:34 - 2009-05-19 21:10 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-10-27 10:32 - 2009-05-19 22:43 - 00524288 _____ C:\WINDOWS\system32\config\ACEEvent.evt
2013-10-27 09:10 - 2010-10-13 11:44 - 00149504 _____ C:\Documents and Settings\Jerry\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-27 09:03 - 2013-10-03 10:39 - 00002785 _____ C:\Documents and Settings\Jerry\Desktop\FlextimePlayer.lnk
2013-10-27 09:01 - 2013-10-03 10:39 - 00000000 ____D C:\Documents and Settings\Jerry\Start Menu\Programs\FlextimePlayer
2013-10-23 22:41 - 2009-05-19 16:48 - 00317741 _____ C:\WINDOWS\setupact.log
2013-10-23 19:29 - 2013-10-21 17:06 - 00000000 ____D C:\Documents and Settings\Jerry\Local Settings\Application Data\Avg2014
2013-10-21 18:02 - 2012-02-06 22:01 - 00333450 ____C C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2013-10-21 18:02 - 2012-02-06 21:45 - 02596186 ____C C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-854245398-1844823847-682003330-1003-0.dat
2013-10-21 17:36 - 2009-05-20 00:01 - 00000000 ____D C:\Program Files\AVG
2013-10-21 17:35 - 2013-10-21 17:35 - 00000000 ____D C:\Documents and Settings\Jerry\Application Data\AVG2014
2013-10-21 17:33 - 2013-09-15 08:41 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2013-10-21 17:29 - 2012-10-17 23:37 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG2013
2013-10-21 17:25 - 2013-10-21 17:25 - 00000702 _____ C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
2013-10-16 19:33 - 2011-08-21 19:41 - 00000000 ____D C:\Documents and Settings\Jerry\Application Data\Spotify
2013-10-15 20:06 - 2009-05-19 20:58 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-10-15 11:07 - 2013-10-15 11:06 - 00000000 ____D C:\Documents and Settings\Jerry\Desktop\New Folder
2013-10-15 09:56 - 2009-05-29 21:23 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-15 09:56 - 2009-05-19 16:48 - 00341832 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-13 21:00 - 2011-02-22 18:23 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help
2013-10-13 20:52 - 2009-05-19 16:49 - 00557288 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-10-13 20:44 - 2013-10-13 20:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-13 20:44 - 2013-10-13 19:48 - 00134908 _____ C:\WINDOWS\KB2847311.log
2013-10-13 20:44 - 2009-05-19 21:27 - 00252968 ____C C:\WINDOWS\updspapi.log
2013-10-13 20:44 - 2009-05-19 16:49 - 02280937 ____C C:\WINDOWS\FaxSetup.log
2013-10-13 20:44 - 2009-05-19 16:49 - 01092141 ____C C:\WINDOWS\ocgen.log
2013-10-13 20:44 - 2009-05-19 16:49 - 01040807 ____C C:\WINDOWS\tsoc.log
2013-10-13 20:44 - 2009-05-19 16:49 - 00710876 ____C C:\WINDOWS\comsetup.log
2013-10-13 20:44 - 2009-05-19 16:49 - 00700422 ____C C:\WINDOWS\msmqinst.log
2013-10-13 20:44 - 2009-05-19 16:49 - 00481860 _____ C:\WINDOWS\iis6.log
2013-10-13 20:44 - 2009-05-19 16:49 - 00428982 ____C C:\WINDOWS\ntdtcsetup.log
2013-10-13 20:44 - 2009-05-19 16:49 - 00411884 ____C C:\WINDOWS\netfxocm.log
2013-10-13 20:44 - 2009-05-19 16:49 - 00255471 ____C C:\WINDOWS\plusoc.log
2013-10-13 20:44 - 2009-05-19 16:49 - 00251879 ____C C:\WINDOWS\MedCtrOC.log
2013-10-13 20:44 - 2009-05-19 16:49 - 00124453 ____C C:\WINDOWS\ehOCGen.log
2013-10-13 20:44 - 2009-05-19 16:49 - 00116642 ____C C:\WINDOWS\ocmsn.log
2013-10-13 20:44 - 2009-05-19 16:49 - 00114926 ____C C:\WINDOWS\tabletoc.log
2013-10-13 20:44 - 2009-05-19 16:49 - 00113775 ____C C:\WINDOWS\msgsocm.log
2013-10-13 20:44 - 2009-05-19 16:49 - 00001393 _____ C:\WINDOWS\imsins.log
2013-10-13 20:41 - 2013-10-13 20:41 - 00131088 _____ C:\WINDOWS\KB2862335.log
2013-10-13 20:41 - 2013-10-13 20:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-13 20:41 - 2009-05-19 16:49 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-10-13 20:40 - 2013-07-15 18:33 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-10-13 20:28 - 2009-05-26 20:07 - 78106760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-10-13 20:27 - 2010-06-06 17:44 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
2013-10-13 20:16 - 2013-10-13 20:16 - 00010626 _____ C:\WINDOWS\KB2884256.log
2013-10-13 20:16 - 2013-10-13 20:16 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2884256$
2013-10-13 20:16 - 2013-10-13 20:16 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$
2013-10-13 20:16 - 2013-10-13 20:15 - 00010977 _____ C:\WINDOWS\KB2868038.log
2013-10-13 20:13 - 2013-10-13 20:10 - 00012148 _____ C:\WINDOWS\KB2879017-IE8.log
2013-10-13 20:11 - 2013-01-04 21:13 - 00000000 ____D C:\WINDOWS\ie8updates
2013-10-13 20:10 - 2013-10-13 20:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-13 20:08 - 2013-10-13 20:08 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2013-10-08 16:59 - 2012-12-31 19:03 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-10-08 16:59 - 2011-07-03 16:12 - 00071048 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-10-07 20:56 - 2013-02-19 12:44 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-10-07 19:41 - 2013-10-07 19:41 - 00000478 _____ C:\WINDOWS\Tasks\Motorola Device Manager Update.job
2013-10-07 19:40 - 2013-10-07 19:40 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Motorola Device Manager
2013-10-07 19:40 - 2012-05-13 14:54 - 00000000 ____D C:\Program Files\Motorola Mobility

Some content of TEMP:
====================
C:\Documents and Settings\Jerry\Local Settings\temp\jna1153561773021157046.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna121027330912042564.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna1489532182927648293.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna1667785389965446276.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna1772088106274718788.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna2205028117884199717.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna2828780055434931076.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna3276740512115267485.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna3966648307123881714.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna3971085384375008801.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna4010617749476967361.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna4080217516193360685.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna4261162555391457085.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna4405660835658773977.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna4517099570993925651.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna4599898132529191696.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna5016098299024618763.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna5592637689808560019.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna5636322056642962990.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna5813913314061052759.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna5889446632500409551.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna6079734859873047156.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna6103345259383878270.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna6189571586425861430.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna6255581455549593489.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna6750963612071876518.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna6804060745337170518.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna6832390055072440214.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna6915083428304172956.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna691739139700065491.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna6942946593252680580.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna7167095101943786840.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna7263279646354992031.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna7689148474543973936.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna8138965920398806910.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna8240118754389717385.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna857446770482628139.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna8708234173510348205.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna8710671461984292417.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna8728767575821972430.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna912203405179557629.dll
C:\Documents and Settings\Jerry\Local Settings\temp\sqlite-3.6.20-sqlitejdbc.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 31-10-2013
Ran by Jerry at 2013-11-03 19:58:04
Running from C:\Documents and Settings\Jerry\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
Could not list Security Center items. Check WMI.


==================== Installed Programs ======================

µTorrent (Version: 3.3.0.29625)
32 Bit HP CIO Components Installer (Version: 3.1.1)
[email protected] ISO Burner (Version: 2.0.5)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader 9.5.2 (Version: 9.5.2)
Android Manager WiFi (Version: 10.10.846)
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support (Version: 2.3)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
Applian Director (Version: 1.1)
Applian Director (Version: 2.12)
ATI - Software Uninstall Utility (Version: 6.14.10.1014)
ATI Catalyst Control Center (Version: 1.2.2460.36742)
ATI Display Driver (Version: 8.282.2.1-060922a-036833C-Dell)
Auslogics Disk Defrag (Version: 3.6)
AVG 2014 (Version: 14.0.3615)
AVG 2014 (Version: 14.0.4158)
AVG 2014 (Version: 2014.0.4158)
AVG SafeGuard toolbar (Version: 17.0.1.12)
AviSynth 2.5
AVS Audio Converter 7
AVS DVD Copy 4.1.2.283 (Version: 4.1.2.283)
AVS Update Manager 1.0
AVS Video Converter 7
AVS4YOU Software Navigator 1.4
Broadcom 440x 10/100 Integrated Controller (Version: 8.06.11)
BufferChm (Version: 120.0.194.000)
BurnToDisk version 1.0 (Version: 1.0)
C309a (Version: 120.0.202.000)
Citrix online plug-in (Web) (Version: 12.3.0.8)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant HDA D110 MDC V.92 Modem
CoreAAC
Dell Resource CD (Version: 1.00.0000)
Dell Wireless WLAN Card (Version: 4.10.47.3)
Destination Component (Version: 110.0.0.0)
DeviceDiscovery (Version: 120.0.194.000)
DocProc (Version: 12.0.0.0)
Easy DVD Creator 2.4.5
ESET Online Scanner v3
Fax (Version: 120.0.194.000)
FlextimePlayer1.0.2 For WinXP (Version: 1.0.11)
FoxTab Audio Converter
FTDI USB Serial Converter Drivers
GOM ENCODER (Version: 1.0.0.24)
GOM Player (Version: 2.1.47.5133)
Google Earth (Version: 7.1.1.1888)
Google Update Helper (Version: 1.3.21.165)
GPBaseService2 (Version: 130.0.371.000)
Haali Media Splitter
Hawking Hi-Gain Wireless-G USB Dish Adapter (Version: 1.00.4323)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
HP Product Detection (Version: 11.14.0001)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.003.001.001)
HPDiagnosticAlert (Version: 1.00.0000)
HPPhotoSmartDiscLabel_PaperLabel (Version: 2.04.0000)
HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.04.0000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
hpphotosmartdisclabelplugin (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 120.0.194.000)
iTunes (Version: 10.3.1.55)
Java 7 Update 15 (Version: 7.0.150)
Java Auto Updater (Version: 2.1.9.0)
Logitech QuickCam Software (Version: 8.47.0000)
Logitech® Camera Driver
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MarketResearch (Version: 120.0.226.000)
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Security Update (KB2698035)
Microsoft .NET Framework 1.0 Security Update (KB2742607)
Microsoft .NET Framework 1.0 Security Update (KB2833951)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MobileMe Control Panel (Version: 3.1.6.0)
MotoCast (Version: 2.0.23)
MotoHelper MergeModules (Version: 1.2.0)
Motorola Device Manager (Version: 2.4.3)
Motorola Device Software Update (Version: 13.07.3101)
MOTOROLA MEDIA LINK (Version: 1.8.0021.0)
Motorola Mobile Drivers Installation 6.2.0 (Version: 6.2.0)
Move Media Player
Mozilla Firefox 24.0 (x86 en-US) (Version: 24.0)
Mozilla Maintenance Service (Version: 24.0)
Mplayer 0.6.9 (Version: 0.6.9)
MSN
MSVCSetup (Version: 1.00.0000)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Network (Version: 120.0.194.000)
Photo DVD Slideshow Pro 8.07 (Version: 8.07)
PowerDVD
PS_AIO_05_C309_Software_Min (Version: 120.0.206.000)
PSREdit500 Scanner Configuration Editor (Version: 1.90R4)
QuickTime (Version: 7.73.80.64)
Remo Recover for Android (Version: 2.0.0.8)
Replay Converter 3 (Version: 3.60)
Replay Converter 4 (Version: 4.40)
Replay Media Catcher 3.02 (Version: 3.02)
Replay Media Catcher 4 (4.4.5) (Version: 4.4.5)
Replay Media Splitter 2.2.1211.6 (Version: 2.2.1211.6)
Replay Music 5 (Version: 5.45)
Replay Telecorder for Skype 1.3.0.12 (Version: 1.3.0.12)
Replay Video Capture (Version: 3.1B)
Replay Video Capture 6 (Version: 6.0.6.1)
RonyaSoft CD DVD Label Maker 3.01 (Version: 3.01)
Roxio MyDVD 9 Studio (Version: 9.0.166)
Roxio MyDVD LE (Version: 6.1.6)
Roxio RecordNow Audio (Version: 2.0.4)
Roxio RecordNow Copy (Version: 2.0.4)
Roxio RecordNow Data (Version: 2.0.4)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.2300.0)
Scan (Version: 12.0.0.0)
SigmaTel Audio (Version: 5.10.4820.0)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 130.0.373.000)
Sonic Encoders (Version: 1.00)
Sonic Update Manager (Version: 3.0.0)
Sony USB Driver
Sothink Movie DVD Maker (Version: 3.5)
SPC Invoice 2.0
Spotify (HKCU Version: 0.8.3.222.g317ab79d)
Spotify (Version: 0.5.2)
Status (Version: 120.0.194.000)
Toolbox (Version: 120.0.194.000)
TrayApp (Version: 120.0.194.000)
TurboTax 2012 (Version: 2012.0)
TurboTax 2012 wgaiper (Version: 012.000.1371)
TurboTax 2012 WinPerFedFormset (Version: 012.000.2114)
TurboTax 2012 WinPerReleaseEngine (Version: 012.000.0451)
TurboTax 2012 WinPerTaxSupport (Version: 012.000.0179)
TurboTax 2012 wrapper (Version: 012.000.0127)
TurboTax 2012 wsciper (Version: 012.000.1335)
Uninstall AOL Emergency Connect Utility 1.0
UniTrunker (Version: 20)
UnloadSupport (Version: 11.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit Edition
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Video Padlock (Version: 1.20)
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 120.0.194.000)
Windows Driver Package - FTDI CDM Driver Package (06/27/2007 2.02.04) (Version: 06/27/2007 2.02.04)
Windows Driver Package - Ricoh Company Memorystick Host Controller (07/09/2005 1.00.01.12) (Version: 07/09/2005 1.00.01.12)
Windows Driver Package - Ricoh Company MMC Host Controller (07/14/2005 1.00.00.06) (Version: 07/14/2005 1.00.00.06)
Windows Driver Package - Ricoh Company xD-Picture Card/SmartMedia Host Controller (07/14/2005 1.00.02.04) (Version: 07/14/2005 1.00.02.04)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB925766
Windows XP Service Pack 3 (Version: 20080414.031525)
WinZip 16.5 (Version: 16.5.10095)
Wireless-G Portable USB Adapter
Xilisoft 3GP Video Converter 6 (Version: 6.5.2.0127)
Yahoo! Messenger

==================== Restore Points =========================

15-08-2013 02:25:43 Software Distribution Service 3.0
16-08-2013 01:01:43 Software Distribution Service 3.0
19-08-2013 14:41:09 Software Distribution Service 3.0
21-08-2013 01:11:26 Software Distribution Service 3.0
22-08-2013 04:25:24 Software Distribution Service 3.0
24-08-2013 01:01:13 Software Distribution Service 3.0
25-08-2013 01:00:46 Software Distribution Service 3.0
26-08-2013 23:54:53 Software Distribution Service 3.0
27-08-2013 00:19:25 Installed Motorola Device Manager
27-08-2013 01:00:29 Software Distribution Service 3.0
29-08-2013 01:18:47 Software Distribution Service 3.0
01-09-2013 23:57:02 Software Distribution Service 3.0
02-09-2013 01:02:08 Software Distribution Service 3.0
03-09-2013 01:00:43 Software Distribution Service 3.0
06-09-2013 00:13:13 Software Distribution Service 3.0
06-09-2013 00:58:51 Software Distribution Service 3.0
09-09-2013 23:34:08 Software Distribution Service 3.0
10-09-2013 01:00:39 Software Distribution Service 3.0
11-09-2013 14:02:11 Software Distribution Service 3.0
13-09-2013 01:01:29 Software Distribution Service 3.0
14-09-2013 13:23:28 Software Distribution Service 3.0
15-09-2013 04:17:53 Software Distribution Service 3.0
16-09-2013 04:35:24 Software Distribution Service 3.0
20-09-2013 22:07:48 Software Distribution Service 3.0
21-09-2013 01:00:41 Software Distribution Service 3.0
22-09-2013 01:00:40 Software Distribution Service 3.0
23-09-2013 01:02:52 Software Distribution Service 3.0
25-09-2013 01:29:23 Software Distribution Service 3.0
27-09-2013 00:21:30 Software Distribution Service 3.0
27-09-2013 01:00:41 Software Distribution Service 3.0
29-09-2013 23:40:00 Software Distribution Service 3.0
30-09-2013 01:00:44 Software Distribution Service 3.0
01-10-2013 02:19:17 Software Distribution Service 3.0
02-10-2013 01:00:42 Software Distribution Service 3.0
03-10-2013 14:41:58 Software Distribution Service 3.0
03-10-2013 15:36:56 Installed Microsoft Visual C++ 2005 Redistributable
03-10-2013 15:39:18 Installed FlextimePlayer1.0.2 For WinXP
04-10-2013 15:23:42 Software Distribution Service 3.0
07-10-2013 15:20:31 Software Distribution Service 3.0
08-10-2013 00:37:52 Installed Motorola Device Manager
08-10-2013 01:01:01 Software Distribution Service 3.0
09-10-2013 01:00:50 Software Distribution Service 3.0
14-10-2013 01:02:01 Software Distribution Service 3.0
15-10-2013 14:49:35 Software Distribution Service 3.0
16-10-2013 01:00:41 Software Distribution Service 3.0
17-10-2013 01:00:49 Software Distribution Service 3.0
21-10-2013 00:16:47 Software Distribution Service 3.0
21-10-2013 01:00:33 Software Distribution Service 3.0
21-10-2013 22:14:50 Installed AVG 2014
21-10-2013 22:19:31 Removed AVG 2013
21-10-2013 22:21:22 Installed AVG 2014
21-10-2013 22:32:16 Removed AVG 2013
22-10-2013 01:00:38 Software Distribution Service 3.0
23-10-2013 22:44:23 Software Distribution Service 3.0
24-10-2013 01:10:27 Software Distribution Service 3.0
25-10-2013 01:00:42 Software Distribution Service 3.0
26-10-2013 01:00:42 Software Distribution Service 3.0
27-10-2013 01:51:50 Software Distribution Service 3.0
28-10-2013 01:00:46 Software Distribution Service 3.0
29-10-2013 01:00:51 Software Distribution Service 3.0
01-11-2013 18:05:41 Software Distribution Service 3.0
03-11-2013 00:09:22 Software Distribution Service 3.0

==================== Hosts content: ==========================

2004-08-10 06:00 - 2013-01-04 10:15 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Motorola Device Manager Engine.job => C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe
Task: C:\WINDOWS\Tasks\Motorola Device Manager Update.job => C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe

==================== Loaded Modules (whitelisted) =============

2009-05-19 22:52 - 2005-12-19 08:08 - 00757760 _____ () C:\WINDOWS\System32\bcm1xsup.dll
2012-03-11 11:07 - 2012-03-11 11:07 - 00159744 _____ () C:\Program Files\Mega Codec Pack\Filters\Haali\mmfinfo.dll
2011-09-08 08:59 - 2011-09-08 08:59 - 00024576 _____ () C:\Program Files\Mega Codec Pack\Filters\Haali\mkunicode.dll
2012-06-05 10:47 - 2012-06-05 10:47 - 00128368 _____ () C:\Program Files\Motorola Media Link\Lite\liveupdatetactics.dll
2012-06-05 10:47 - 2012-06-05 10:47 - 00023904 _____ () C:\Program Files\Motorola Media Link\Lite\DbAccess.dll
2012-06-05 10:49 - 2012-06-05 10:49 - 00465672 _____ () C:\Program Files\Motorola Media Link\Lite\sqlite3.dll
2012-06-05 10:47 - 2012-06-05 10:47 - 00045408 _____ () C:\Program Files\Motorola Media Link\Lite\NAdvLog.dll
2012-06-05 10:48 - 2012-06-05 10:48 - 00034168 _____ () C:\Program Files\Motorola Media Link\Lite\NFileCacheDBAccess.dll
2012-01-16 21:43 - 2012-01-16 21:43 - 03391488 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_9a182f46\mscorlib.dll
2012-06-13 20:33 - 2012-06-13 20:33 - 03035136 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_e287bc6c\system.windows.forms.dll
2012-01-16 21:42 - 2012-01-16 21:42 - 01966080 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_4156815b\system.dll
2012-01-16 21:43 - 2012-01-16 21:43 - 02088960 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_068dbfa5\system.xml.dll
2012-06-13 20:35 - 2012-06-13 20:35 - 00843776 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_21fda135\system.drawing.dll
2009-10-17 07:42 - 2004-06-30 16:12 - 00077824 _____ () C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\Security.dll
2013-10-02 08:07 - 2013-10-02 08:04 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\log4cplusU.dll
2013-10-02 08:07 - 2013-10-02 08:04 - 00142360 _____ () C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\SiteSafety.dll
2013-10-27 10:36 - 2013-10-27 10:36 - 00203776 ____N () C:\Documents and Settings\Jerry\Local Settings\temp\WindowsAPI.dll5855232859470406977.lib
2013-01-07 15:15 - 2013-01-07 15:15 - 00509440 _____ () C:\Documents and Settings\Jerry\Local Settings\temp\sqlite-3.6.20-sqlitejdbc.dll
2013-10-27 10:38 - 2013-10-27 10:38 - 00311808 ____N () C:\Documents and Settings\Jerry\Local Settings\temp\WindowsFolderWatcher.dll6695851039559837285.lib
2013-10-27 10:39 - 2013-10-27 10:39 - 00159744 ____N () C:\Documents and Settings\Jerry\Local Settings\temp\ZumoLocalGateway.dll5916876329965924011.lib
2013-10-27 10:44 - 2013-10-27 10:44 - 00557056 ____N () C:\Documents and Settings\Jerry\Local Settings\temp\zumotaglib.dll218026867674566775.lib
2009-10-30 16:24 - 2005-09-21 20:39 - 00212992 _____ () C:\Program Files\Hawking\HWU8DD\dot1x_dll.dll
2009-10-30 16:24 - 2004-03-05 14:00 - 00155648 _____ () C:\Program Files\Hawking\HWU8DD\SSLEAY32.dll
2009-10-30 16:24 - 2004-03-05 14:00 - 00827392 _____ () C:\Program Files\Hawking\HWU8DD\LIBEAY32.dll
2009-10-30 16:24 - 2006-05-09 09:31 - 00045056 _____ () C:\Program Files\Hawking\HWU8DD\ZDWLAN.dll
2013-06-20 16:35 - 2013-06-20 16:35 - 00172032 _____ () C:\Program Files\Motorola Mobility\Motorola Device Manager\css_core.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00699392 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\libgstreamer-0.10.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 01396736 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\libxml2-2.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00085504 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\z.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00030208 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstadder.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00471552 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\liborc-0.4-0.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00253440 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\libgstbase-0.10.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00109568 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\libgstaudio-0.10.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00053760 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\libgstinterfaces-0.10.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00014848 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstadpcmdec.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00038400 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstaiff.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00018944 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstalaw.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00048640 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstalpha.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00126976 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\libgstcontroller-0.10.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00038912 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\libgstvideo-0.10.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00017920 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstalphacolor.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00020480 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstamrnb.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00248352 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\libopencore-amrnb.0.1.1.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00014848 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstamrwbdec.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00123947 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\libopencore-amrwb.0.1.1.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00015360 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstapetag.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00133120 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\libgsttag-0.10.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00098304 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\libgstpbutils-0.10.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00078848 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstaudioconvert.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00020480 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstaudiorate.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00052224 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstaudioresample.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00019456 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstauparse.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00032256 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstautoconvert.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00029184 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstautodetect.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00123904 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstavi.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00041984 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\libgstriff-0.10.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00212480 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstcoreelements.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00011776 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstcoreindexers.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00016896 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstcutter.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00086016 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstdecodebin2.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00091136 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstdshowdecwrapper.dll
2004-08-10 06:00 - 2008-04-13 19:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00073216 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstdshowsrcwrapper.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00026624 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstequalizer.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00187904 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstffmpegcolorspace.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00069120 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstflac.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00331264 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\libFLAC-8.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00023552 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\libogg-0.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 01694208 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstfluaacdec.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00122880 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstfluasfdemux.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 02009600 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstfluh264dec.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00033280 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstflumcaacenc.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00036864 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstflumch264enc.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00088064 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstflummssrc.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 01376256 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstflump3dec.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 01563136 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstflump3enc.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00363008 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstflumpeg2video.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00531968 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstflumpeg4video.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00119296 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstflumpegdemux.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00075776 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstflv.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00029696 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstgdp.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00018944 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\libgstdataprotocol-0.10.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00037888 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstgio.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00032256 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstid3demux.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00034304 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstid3tag.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00035840 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstinterleave.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00276480 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstisomp4.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00069632 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\libgstrtp-0.10.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00059904 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstjpeg.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00276992 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\libjpeg-8.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00019456 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstlevel.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00207872 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstmatroska.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00047616 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstmpegaudioparse.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00150528 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstmpegdemux.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00039936 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstmpegtsmux.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00024576 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstmpegvideoparse.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00015360 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstmulaw.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00020480 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstmultifile.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00025088 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstmultipart.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00132608 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstogg.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00029184 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstpng.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00190976 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\libpng14-14.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00035328 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstreplaygain.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00011264 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstshift.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00054784 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstsmpte.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00051712 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstsubparse.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00061952 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgsttypefindfunctions.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00059904 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstvideobox.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00032768 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstvideocrop.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00024576 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstvideorate.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00075776 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstvideoscale.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00034304 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstvolume.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00053760 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstvorbis.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00162304 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\libvorbis-0.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 01520128 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\libvorbisenc-2.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00050688 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstwavpack.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00196608 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\libwavpack-1.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00042496 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgstwavparse.dll
2012-07-25 21:08 - 2012-07-25 21:08 - 00013312 _____ () C:\Program Files\Motorola Mobility\MotoCast\bin\plugins\libgsty4menc.dll
2013-10-01 08:31 - 2013-10-01 08:32 - 03279768 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:C0789917
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:F4E28098
AlternateDataStreams: C:\Documents and Settings\Jerry\Desktop\ACC Game:Roxio EMC Stream
AlternateDataStreams: C:\Documents and Settings\Jerry\Desktop\Pictures:Roxio EMC Stream
AlternateDataStreams: C:\Documents and Settings\Jerry\My Documents\Aiseesoft Studio:Roxio EMC Stream
AlternateDataStreams: C:\Documents and Settings\Jerry\My Documents\Ask and Record Toolbar:Roxio EMC Stream
AlternateDataStreams: C:\Documents and Settings\Jerry\My Documents\Downloads:Roxio EMC Stream
AlternateDataStreams: C:\Documents and Settings\Jerry\My Documents\GomEncoder:Roxio EMC Stream
AlternateDataStreams: C:\Documents and Settings\Jerry\My Documents\GomPlayer:Roxio EMC Stream
AlternateDataStreams: C:\Documents and Settings\Jerry\My Documents\Landen.dmsd:Roxio EMC Stream
AlternateDataStreams: C:\Documents and Settings\Jerry\My Documents\My Recordings:Roxio EMC Stream

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Faulty Device Manager Devices =============

Name: Photosmart C309a series
Description: Photosmart C309a series
Class Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/02/2013 07:27:12 PM) (Source: NativeWrapper) (User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1722.5085kb28339411033643finstallx865.1.2600.2.3.0.2560

Error: (11/02/2013 07:26:41 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 1.1 - Update '{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log.

Error: (11/02/2013 07:26:29 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue.

Error: (11/01/2013 01:22:53 PM) (Source: NativeWrapper) (User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1722.5085kb28339411033643finstallx865.1.2600.2.3.0.2560

Error: (11/01/2013 01:22:04 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 1.1 - Update '{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log.

Error: (11/01/2013 01:21:30 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue.

Error: (11/01/2013 01:13:05 PM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.5512, faulting module unknown, version 0.0.0.0, fault address 0x00000001.
Processing media-specific event for [svchost.exe!ws!]

Error: (10/29/2013 09:46:20 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.5512, faulting module unknown, version 0.0.0.0, fault address 0x00000001.
Processing media-specific event for [svchost.exe!ws!]

Error: (10/28/2013 08:02:45 PM) (Source: NativeWrapper) (User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1722.5085kb28339411033643finstallx865.1.2600.2.3.0.2560

Error: (10/28/2013 08:02:42 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 1.1 - Update '{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log.


System errors:
=============
Error: (11/03/2013 06:54:17 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the avgwd service.

Error: (11/03/2013 06:43:52 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the avgwd service.

Error: (11/03/2013 06:14:11 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the Schedule service.

Error: (11/03/2013 05:01:52 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the avgwd service.

Error: (11/03/2013 04:41:34 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the Schedule service.

Error: (11/03/2013 03:24:27 PM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2833941).

Error: (11/03/2013 02:58:19 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the Spooler service.

Error: (11/03/2013 02:58:19 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the Spooler service.

Error: (11/03/2013 02:58:19 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the Spooler service.

Error: (11/03/2013 02:58:19 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the Spooler service.


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 81%
Total physical RAM: 893.97 MB
Available physical RAM: 161.23 MB
Total Pagefile: 2164.89 MB
Available Pagefile: 906.52 MB
Total Virtual: 2047.88 MB
Available Virtual: 1959.68 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.52 GB) (Free:9.5 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 75 GB) (Disk ID: E686F016)
Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS)

==================== End Of Log ============================
  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Download the attached fixlist.txt to the same location as FRST
Run FRST and press Fix
A fix log will be generated please post that

Clear the Java Cache by following the instructions on
http://www.java.com/...lugin_cache.xml

You do not have the latest Java.
First go into Control Panel, Add/Remove Software (XP) or Programs and Features (Vista/Win 7) and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
I see:
Java 7 Update 15 (Version: 7.0.150)

Java has been very vulnerable to infection so unless you absolutely need it you should not reinstall it.

If you feel you must have Java:
Get the latest Java at:
http://www.java.com/en/

Save it to your PC then close all browsers and install it. Do not let it install the yahoo toolbar or other foistware.
Once installed, go into Control Panel, Java, Security and set the slider to the Highest then OK.

Also uninstall Adobe Reader 9.5.2 then go to adobe.com and get the latest version of Reader. Before you tell it to download you need to uncheck the "Optional Software" that they try to foist on you. Ask toolbar or McAfeee Security Scan are usually what they offer.

Name: Photosmart C309a series
Description: Photosmart C309a series
Class Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


If you do not have the HP Photosmart any more then uninstall
HPPhotosmartEssential

Appears you have a bad install or two. Let's start with AVG:

AVG2014 is not happy:

Error: (11/03/2013 06:54:17 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the avgwd service.


I would download the AVG removal tool.
http://download.avg....6_2011_1184.exe

Download the free Avast:

http://www.avast.com/index
Click on Download then choose the free version. Uncheck the Chrome browser and the Google toolbar before downloading/installing. They will offer you the pay version but just stick to the basic for now.

Uninstall AVG. Run the AVG removal tool. Reboot and then install Avast.



Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application.

Reboot.


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.



Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a full minute then:

File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.


Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button - Do NOT press the large Start Download button on the upper left!) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.
  • 0

#5
shajoe44

shajoe44

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 262 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 31-10-2013
Ran by Jerry at 2013-11-04 10:03:14 Run:1
Running from C:\Documents and Settings\Jerry\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
URLSearchHook: HKCU - (No Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
URLSearchHook: HKCU - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search...p={searchTerms}
SearchScopes: HKCU - {CB30BADD-D158-4145-9E69-A6E02BFF2C95} URL = http://search.yahoo....p={searchTerms}
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKCU - No Name - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
S2 vToolbarUpdater13.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [x]
S3 dgderdrv; System32\drivers\dgderdrv.sys [x]
S4 IntelIde; No ImagePath
S3 motccgp; system32\DRIVERS\motccgp.sys [x]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [x]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [x]
C:\Documents and Settings\Jerry\Local Settings\temp\jna1153561773021157046.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna121027330912042564.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna1489532182927648293.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna1667785389965446276.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna1772088106274718788.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna2205028117884199717.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna2828780055434931076.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna3276740512115267485.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna3966648307123881714.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna3971085384375008801.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna4010617749476967361.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna4080217516193360685.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna4261162555391457085.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna4405660835658773977.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna4517099570993925651.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna4599898132529191696.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna5016098299024618763.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna5592637689808560019.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna5636322056642962990.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna5813913314061052759.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna5889446632500409551.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna6079734859873047156.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna6103345259383878270.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna6189571586425861430.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna6255581455549593489.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna6750963612071876518.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna6804060745337170518.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna6832390055072440214.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna6915083428304172956.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna691739139700065491.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna6942946593252680580.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna7167095101943786840.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna7263279646354992031.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna7689148474543973936.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna8138965920398806910.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna8240118754389717385.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna857446770482628139.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna8708234173510348205.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna8710671461984292417.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna8728767575821972430.dll
C:\Documents and Settings\Jerry\Local Settings\temp\jna912203405179557629.dll
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:C0789917
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:F4E28098


*****************

HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CB30BADD-D158-4145-9E69-A6E02BFF2C95} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{CB30BADD-D158-4145-9E69-A6E02BFF2C95} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} => Key deleted successfully.
HKCR\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully.
HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.
HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} => Key deleted successfully.
HKCR\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} => Value deleted successfully.
HKCR\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Value deleted successfully.
HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93} => Key deleted successfully.
HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} => Key deleted successfully.
HKCR\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => Key deleted successfully.
HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => Key deleted successfully.
HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2 => Key deleted successfully.
C:\WINDOWS\system32\npDeployJava1.dll => Moved successfully.
HKLM\Software\MozillaPlugins\@java.com/JavaPlugin => Key deleted successfully.
C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll => Moved successfully.
HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2 => Key deleted successfully.
C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll not found.
vToolbarUpdater13.2.0 => Service deleted successfully.
dgderdrv => Service deleted successfully.
IntelIde => Service deleted successfully.
motccgp => Service deleted successfully.
motccgpfl => Service deleted successfully.
MotoSwitchService => Service deleted successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna1153561773021157046.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna121027330912042564.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna1489532182927648293.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna1667785389965446276.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna1772088106274718788.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna2205028117884199717.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna2828780055434931076.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna3276740512115267485.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna3966648307123881714.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna3971085384375008801.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna4010617749476967361.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna4080217516193360685.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna4261162555391457085.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna4405660835658773977.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna4517099570993925651.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna4599898132529191696.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna5016098299024618763.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna5592637689808560019.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna5636322056642962990.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna5813913314061052759.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna5889446632500409551.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna6079734859873047156.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna6103345259383878270.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna6189571586425861430.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna6255581455549593489.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna6750963612071876518.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna6804060745337170518.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna6832390055072440214.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna6915083428304172956.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna691739139700065491.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna6942946593252680580.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna7167095101943786840.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna7263279646354992031.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna7689148474543973936.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna8138965920398806910.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna8240118754389717385.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna857446770482628139.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna8708234173510348205.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna8710671461984292417.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna8728767575821972430.dll => Moved successfully.
C:\Documents and Settings\Jerry\Local Settings\temp\jna912203405179557629.dll => Moved successfully.
C:\Documents and Settings\All Users\Application Data\TEMP => ":C0789917" ADS removed successfully.
C:\Documents and Settings\All Users\Application Data\TEMP => ":F4E28098" ADS removed successfully.

==== End of Fixlog ====

Vino's Event Viewer v01c run on Windows XP in English
Report run at 04/11/2013 11:43:53 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 04/11/2013 11:29:32 AM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: AVGIDSHX

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Process PID CPU Verified Signer
System Idle Process 0 94.53
AvastSvc.exe 420 2.34 (Verified) AVAST Software a.s.
procexp.exe 3664 1.56 (Verified) Microsoft Corporation
mbamservice.exe 1852 0.78 (Verified) Malwarebytes Corporation
Interrupts n/a 0.78
wuauclt.exe 2780 (Verified) Microsoft Windows Component Publisher
WLTRYSVC.EXE 392 (No signature was present in the subject)
WLTRAY.EXE 2668 (No signature was present in the subject) Dell Inc.
winlogon.exe 1296 (Verified) Microsoft Windows Component Publisher
wfcrun32.exe 3524 (Verified) Citrix Systems
vprot.exe 2272 (Verified) AVG Technologies
ToolbarUpdater.exe 2136 (Verified) AVG Technologies
System 4
svchost.exe 1264 (Verified) Microsoft Windows Component Publisher
svchost.exe 1316 (Verified) Microsoft Windows Component Publisher
svchost.exe 468 (Verified) Microsoft Windows Component Publisher
svchost.exe 1660 (Verified) Microsoft Windows Component Publisher
svchost.exe 448 (Verified) Microsoft Windows Component Publisher
svchost.exe 1544 (Verified) Microsoft Windows Component Publisher
svchost.exe 1620 (Verified) Microsoft Windows Component Publisher
svchost.exe 1700 (Verified) Microsoft Windows Component Publisher
svchost.exe 1760 (Verified) Microsoft Windows Component Publisher
svchost.exe 1888 (Verified) Microsoft Windows Component Publisher
svchost.exe 1004 (Verified) Microsoft Windows Component Publisher
svchost.exe 2088 (Verified) Microsoft Windows Component Publisher
svchost.exe 2108 (Verified) Microsoft Windows Component Publisher
svchost.exe 3708 (Verified) Microsoft Windows Component Publisher
svchost.exe 3568 (Verified) Microsoft Windows Component Publisher
stsystra.exe 3536 (No signature was present in the subject) SigmaTel, Inc.
SpotifyWebHelper.exe 2796 (Verified) Spotify AB
spoolsv.exe 936 (Verified) Microsoft Windows Component Publisher
smss.exe 764 (Verified) Microsoft Windows Component Publisher
services.exe 1340 (Verified) Microsoft Windows Component Publisher
NServiceEntry.exe 1188 (Verified) Nero AG
msmsgs.exe 2776 (Verified) Microsoft Windows Component Publisher
MotoHelperService.exe 216 (Verified) Motorola Mobility Inc.
MotoHelperAgent.exe 840 (Verified) Motorola Mobility Inc.
MDM.EXE 1936 (Verified) Microsoft Corporation
mbamscheduler.exe 1812 (Verified) Malwarebytes Corporation
mbamgui.exe 288 (Verified) Malwarebytes Corporation
LVCOMSX.EXE 324 (No signature was present in the subject) Logitech Inc.
lsass.exe 1352 (Verified) Microsoft Windows Component Publisher
issch.exe 244 (Verified) Macrovision Corporation
IntuitUpdateService.exe 1572 (Verified) Intuit
InfoMyCa.exe 1204 (No signature was present in the subject)
HWU8DD.exe 2892 (No signature was present in the subject)
hpqtra08.exe 3988 (Verified) Hewlett Packard
hpqste08.exe 3692 (No signature was present in the subject) Hewlett-Packard Co.
hpqgpc01.exe 2560 (No signature was present in the subject) Hewlett-Packard
hpqbam08.exe 3304 (No signature was present in the subject) Hewlett-Packard Co.
GrooveMonitor.exe 2640 (Verified) Microsoft Corporation
firefox.exe 5472 (Verified) Mozilla Corporation
explorer.exe 576 (Verified) Microsoft Windows Component Publisher
ehtray.exe 3504 (Verified) Microsoft Windows Publisher
ehmsas.exe 2520 (Verified) Microsoft Windows Publisher
csrss.exe 1268 (Verified) Microsoft Windows Component Publisher
concentr.exe 264 (Verified) Citrix Systems
CLI.exe 3908 (No signature was present in the subject) ATI Technologies Inc.
CLI.exe 2652 (No signature was present in the subject) ATI Technologies Inc.
BCMWLTRY.EXE 416 (No signature was present in the subject) Dell Inc.
AvastUI.exe 3364 (Verified) AVAST Software a.s.
ati2evxx.exe 1940 (Verified) Microsoft Windows Hardware Compatibility Publisher
ati2evxx.exe 1524 (Verified) Microsoft Windows Hardware Compatibility Publisher
AppleMobileDeviceService.exe 1060 (Verified) Apple Inc.
aolsoftware.exe 2492 (Verified) AOL LLC
AOLacsd.exe 1048 (Verified) AOL LLC
alg.exe 1344 (Verified) Microsoft Windows Component Publisher
  • 0

#6
shajoe44

shajoe44

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 262 posts
I attached the last file.

Attached Files


  • 0

#7
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Sorry for the delay. Guess I lost your reply.

Download OTL from
http://www.geekstogo...timers-list-it/
and Save it to your desktop.


Copy the text in the code box:

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg 
%systemroot%\*.jpg 
%systemroot%\*.png 
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav 
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x 
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
DMIcall.sys
beep.sys
Netshell.dll
netcfgx.dll
Netman.dll
connect.dll
mswsock.dll
mmswsock.dll 
/md5stop

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.


Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a full minute then:

File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.



What we are looking for are suspicious processes which have

1. No Description
2. No Company Name
3. Unable to Verify

Recommendation is to right click on and Suspend any process except System Idle, System and Interrupts
which meet all three of the above. Once all are suspended you can then right click and Kill Process.


1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.

Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application.

Reboot.

The disk check will run and will probably take an hour or more to finish.



1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron
  • 0

#8
shajoe44

shajoe44

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 262 posts
OTL logfile created on: 11/16/2013 6:30:53 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Jerry\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

893.97 Mb Total Physical Memory | 122.90 Mb Available Physical Memory | 13.75% Memory free
2.11 Gb Paging File | 1.17 Gb Available in Paging File | 55.13% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 6.59 Gb Free Space | 8.85% Space Free | Partition Type: NTFS

Computer Name: JERRY-1A1033F2B | User Name: Jerry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/16 18:25:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jerry\Desktop\OTL.exe
PRC - [2013/11/07 10:11:33 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/11/04 20:55:30 | 000,107,520 | ---- | M] () -- C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\dtupdate.exe
PRC - [2013/11/04 11:08:48 | 003,568,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/11/04 11:08:48 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/10/02 08:04:48 | 002,404,376 | ---- | M] () -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe
PRC - [2013/10/02 08:04:43 | 001,734,680 | ---- | M] (AVG Secure Search) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
PRC - [2013/09/15 08:18:10 | 001,104,384 | ---- | M] (Spotify Ltd) -- C:\Program Files\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013/07/31 10:44:44 | 000,137,528 | ---- | M] (Motorola Mobility LLC) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2013/07/31 10:38:20 | 000,698,680 | ---- | M] (Motorola Mobility LLC) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 13:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2012/06/05 10:48:30 | 000,087,400 | ---- | M] (Nero AG) -- C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
PRC - [2012/03/28 01:28:44 | 000,735,168 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\wfcrun32.exe
PRC - [2012/03/28 01:27:06 | 000,309,184 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\concentr.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/06/24 13:34:50 | 000,041,824 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\1246745595\ee\aolsoftware.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe
PRC - [2006/07/27 13:19:00 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006/05/09 09:31:36 | 000,483,328 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\HWU8DD.exe
PRC - [2006/01/02 16:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2005/07/19 16:32:18 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2004/06/14 15:16:18 | 000,045,056 | ---- | M] () -- C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\InfoMyCa.exe


========== Modules (No Company Name) ==========

MOD - [2013/11/16 13:28:11 | 002,141,184 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13111601\algo.dll
MOD - [2013/11/07 10:11:31 | 003,368,048 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/11/04 20:55:30 | 000,107,520 | ---- | M] () -- C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\dtupdate.exe
MOD - [2013/11/04 11:08:56 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/10/08 16:59:19 | 016,233,864 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
MOD - [2013/10/02 08:04:55 | 000,142,360 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\SiteSafety.dll
MOD - [2013/10/02 08:04:48 | 002,404,376 | ---- | M] () -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe
MOD - [2013/06/20 16:35:40 | 000,172,032 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\css_core.dll
MOD - [2012/06/13 20:35:10 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_21fda135\system.drawing.dll
MOD - [2012/06/13 20:33:38 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_e287bc6c\system.windows.forms.dll
MOD - [2012/06/13 20:27:39 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2012/06/05 10:49:18 | 000,465,672 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\sqlite3.dll
MOD - [2012/06/05 10:48:04 | 000,034,168 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\NFileCacheDBAccess.dll
MOD - [2012/06/05 10:47:56 | 000,045,408 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\NAdvLog.dll
MOD - [2012/06/05 10:47:38 | 000,128,368 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\LiveupdateTactics.dll
MOD - [2012/06/05 10:47:14 | 000,023,904 | ---- | M] () -- C:\Program Files\Motorola Media Link\Lite\DbAccess.dll
MOD - [2012/03/11 11:07:38 | 000,159,744 | ---- | M] () -- C:\Program Files\Mega Codec Pack\Filters\Haali\mmfinfo.dll
MOD - [2012/02/16 23:09:45 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\d7fbfc6836ce7e53486ddb79b598ca8d\System.ServiceProcess.ni.dll
MOD - [2012/02/16 23:08:00 | 013,325,312 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\a275181f49dcdf245ec6a9d9287bb6c6\System.Data.Entity.ni.dll
MOD - [2012/02/16 23:05:11 | 001,859,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web.Services\ce22f267e17c7749c6a0dd2aa3403484\System.Web.Services.ni.dll
MOD - [2012/02/16 23:03:01 | 000,762,368 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\01e360ed3a3cb2b0a3c47c7f3eb09e58\System.Runtime.Remoting.ni.dll
MOD - [2012/02/16 23:02:55 | 000,786,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\47a2b7b2fa872de3078d49d0a4c10cb2\System.EnterpriseServices.ni.dll
MOD - [2012/02/16 23:02:53 | 000,646,656 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\c3a03bb69e38f5ed9ebce72d48a722ef\System.Transactions.ni.dll
MOD - [2012/02/16 23:02:46 | 002,637,312 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\9db486997d651f0646a089ff6cfb605e\System.Runtime.Serialization.ni.dll
MOD - [2012/02/16 23:02:41 | 000,391,680 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8a6f500c40e3fa7da71110af6c0a60ac\System.Xml.Linq.ni.dll
MOD - [2012/02/15 21:13:29 | 000,729,088 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Security\09ee8d91e80e00991226aec062aa1e92\System.Security.ni.dll
MOD - [2012/02/15 21:13:20 | 000,980,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\363b05dd092178671e56531a9c4999b6\System.Configuration.ni.dll
MOD - [2012/02/15 21:13:10 | 005,618,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\21071fcc838660d96f10920c4c3cd206\System.Xml.ni.dll
MOD - [2012/02/15 21:12:59 | 006,798,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\97586cdb698c29ba95fd83e44a0c0ca6\System.Data.ni.dll
MOD - [2012/02/15 21:12:57 | 013,137,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f28df9c2988724883cf19532d7f9f151\System.Windows.Forms.ni.dll
MOD - [2012/02/15 21:12:49 | 007,054,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\a2b1103ad3d9f329e0c9164994137c81\System.Core.ni.dll
MOD - [2012/02/15 21:12:39 | 001,652,736 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\2ff57b810eb920860469184dd683cb8a\System.Drawing.ni.dll
MOD - [2012/02/15 21:12:31 | 009,090,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\3ff4657a86a0e14b4be577969e0ec762\System.ni.dll
MOD - [2012/01/16 21:43:31 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_9a182f46\mscorlib.dll
MOD - [2012/01/16 21:43:08 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_068dbfa5\system.xml.dll
MOD - [2012/01/16 21:42:26 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_4156815b\system.dll
MOD - [2012/01/16 21:41:45 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2012/01/16 21:41:42 | 001,269,760 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
MOD - [2012/01/16 21:41:36 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2011/10/12 20:31:21 | 000,145,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Numerics\d038332bf07a163f855200919ee678cc\System.Numerics.ni.dll
MOD - [2011/10/12 20:31:15 | 014,407,680 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\52f4f785f7cf45a64606a8e13c8cf04c\mscorlib.ni.dll
MOD - [2011/09/08 08:59:52 | 000,024,576 | ---- | M] () -- C:\Program Files\Mega Codec Pack\Filters\Haali\mkunicode.dll
MOD - [2009/05/19 21:26:49 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll
MOD - [2009/05/19 21:26:48 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2009/05/19 21:26:48 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2006/05/09 09:31:36 | 000,483,328 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\HWU8DD.exe
MOD - [2006/05/09 09:31:22 | 000,045,056 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\ZDWlan.dll
MOD - [2005/12/19 08:08:16 | 000,757,760 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll
MOD - [2005/09/21 20:39:52 | 000,212,992 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\dot1x_dll.dll
MOD - [2004/06/30 16:12:12 | 000,077,824 | ---- | M] () -- C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\Security.dll
MOD - [2004/06/14 15:16:18 | 000,045,056 | ---- | M] () -- C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\InfoMyCa.exe
MOD - [2004/03/05 14:00:58 | 000,155,648 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\ssleay32.dll
MOD - [2004/03/05 14:00:26 | 000,827,392 | ---- | M] () -- C:\Program Files\Hawking\HWU8DD\libeay32.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\WLService.exe WUSB54GPv4.exe -- (WUSB54GPv4SVC)
SRV - [2013/11/10 14:28:41 | 001,987,588 | ---- | M] (NCH Software) [On_Demand | Stopped] -- C:\Program Files\NCH Software\ExpressInvoice\expressinvoice.exe -- (ExpressInvoiceService)
SRV - [2013/11/07 10:11:32 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/11/04 20:55:30 | 000,107,520 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\dtupdate.exe -- (DefaultTabUpdate)
SRV - [2013/11/04 11:08:48 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/11/01 10:39:16 | 003,641,896 | ---- | M] (NCH Software) [On_Demand | Stopped] -- C:\Program Files\NCH Software\ExpressAccounts\expressaccounts.exe -- (ExpressAccountsService)
SRV - [2013/10/08 16:59:21 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/02 08:04:43 | 001,734,680 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe -- (vToolbarUpdater17.0.12)
SRV - [2013/07/31 10:44:44 | 000,137,528 | ---- | M] (Motorola Mobility LLC) [Auto | Running] -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2013/04/04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2012/06/05 10:48:30 | 000,087,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\avgidsshimx.sys -- (AVGIDSShim)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\avgidshx.sys -- (AVGIDSHX)
DRV - [2013/11/07 11:09:04 | 000,403,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswsp.sys -- (aswSP)
DRV - [2013/11/04 11:09:00 | 000,178,304 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/11/04 11:09:00 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/11/04 11:08:59 | 000,774,392 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/11/04 11:08:59 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/11/04 11:08:59 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2013/11/04 11:08:59 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/11/04 11:08:59 | 000,035,656 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013/10/02 08:04:56 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/09/25 19:57:14 | 000,120,632 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2013/09/02 09:28:00 | 000,223,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013/07/16 19:58:06 | 000,046,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irbus.sys -- (IrBus)
DRV - [2013/04/04 13:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/01/05 08:36:26 | 000,015,616 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\TrueSight.sys -- (TrueSight)
DRV - [2011/06/25 19:56:44 | 000,028,256 | ---- | M] (Applian Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\appliand.sys -- (appliandMP)
DRV - [2011/06/25 19:56:44 | 000,028,256 | ---- | M] (Applian Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\appliand.sys -- (appliand)
DRV - [2010/12/21 00:55:02 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010/12/21 00:55:02 | 000,110,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdserd.sys -- (sscdserd)
DRV - [2010/12/21 00:55:02 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2010/12/21 00:55:02 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2010/09/15 03:33:32 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/08/26 23:32:08 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010/08/26 23:32:08 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2010/08/26 23:32:08 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010/08/26 23:32:08 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2009/11/11 21:46:32 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009/02/12 14:11:24 | 000,022,312 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rsdrv.sys -- (ElRawDisk)
DRV - [2007/06/27 08:05:52 | 000,053,184 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2007/06/27 08:04:14 | 000,071,488 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2006/09/22 20:56:40 | 001,681,920 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/08/17 07:55:16 | 000,044,544 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/07/27 13:24:28 | 001,171,464 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/11/02 12:24:42 | 000,424,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2005/10/28 10:38:18 | 000,402,432 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZD1211BU.sys -- (ZD1211BU(Hawking)
DRV - [2005/07/14 17:58:14 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/05/27 08:31:28 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2004/10/25 12:40:58 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - [2004/10/08 10:59:12 | 000,326,656 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Camdrl.sys -- (CamDrL)
DRV - [2004/05/26 13:53:40 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X)
DRV - [2004/01/07 16:04:00 | 000,339,488 | ---- | M] (Cisco-Linksys, LLC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WUSB20XP.sys -- (PRISM_A02)
DRV - [2003/09/25 21:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)
DRV - [2003/01/10 16:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw)
DRV - [2002/10/15 21:41:06 | 000,102,220 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sonypvs1.sys -- (sonypvs1)
DRV - [2002/07/17 07:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\Aspi32.sys -- (ASPI32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {DA2AA864-2827-4BF0-A122-1E09EED913B4}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT3298566
IE - HKCU\..\URLSearchHook: {1122b43d-30ee-403f-9bfa-3cc99b0caddd} - C:\Program Files\MixiDJ_V30\prxtbMixi.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {DA2AA864-2827-4BF0-A122-1E09EED913B4}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{1959E2EA-7EE4-444D-AB03-9E3D92DC6CC2}: "URL" = http://search.condui...q={searchTerms}
IE - HKCU\..\SearchScopes\{47E12407-042F-40B8-A88A-39B781032C47}: "URL" = http://search.aol.co...ionType=msie70a
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://mysearch.avg....fr&d=2013-09-02 21:57:47&v=17.0.1.12&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{D22F180B-D74E-42C0-A82C-2C7DBA93B523}: "URL" = http://search.yahoo....45,20028,0,70,0
IE - HKCU\..\SearchScopes\{DA2AA864-2827-4BF0-A122-1E09EED913B4}: "URL" = http://search.condui...8325511870&UM=2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 192.168.*.*

========== FireFox ==========

FF - prefs.js..CT3298566.browser.search.defaultthis.engineName: "true"
FF - prefs.js..browser.search.defaultenginename: "MixiDJ V30 Customized Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "MixiDJ V30 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: ""
FF - prefs.js..browser.search.param.yahoo-fr: "w3i&type=W3i_DS,157,0_0,Search,20131145,20030,0,70,0"
FF - prefs.js..browser.search.selectedEngine: "MixiDJ V30 Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://clemson.scout...1-Laurel-Creek"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2006.53
FF - prefs.js..extensions.enabledAddons: %7B1122b43d-30ee-403f-9bfa-3cc99b0caddd%7D:10.22.3.518
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0
FF - prefs.js..keyword.URL: "http://search.condui...661315&UM=2&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Jerry\Application Data\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Jerry\Application Data\Move Networks\plugins\npqmp071705000014.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/07/02 21:12:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar\FireFoxExt\17.0.1.12 [2013/10/02 08:10:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/11/04 11:09:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/11/07 10:10:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/07 10:11:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Jerry\Application Data\Move Networks [2009/12/27 23:37:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/07/02 21:12:28 | 000,000,000 | ---D | M]

[2009/06/15 15:47:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jerry\Application Data\Mozilla\Extensions
[2013/11/16 17:35:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions
[2013/11/16 17:35:30 | 000,000,000 | ---D | M] (MixiDJ V30) -- C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\extensions\{1122b43d-30ee-403f-9bfa-3cc99b0caddd}
[2013/11/04 20:51:51 | 000,000,997 | ---- | M] () -- C:\Documents and Settings\Jerry\Application Data\Mozilla\Firefox\Profiles\ho1wugii.default-1361220106187\searchplugins\conduit.xml
[2013/11/07 10:10:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/11/07 10:11:34 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/11/04 11:09:01 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/03/28 01:04:52 | 000,124,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CCMSDK.dll
[2012/03/28 01:06:54 | 000,071,104 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2012/03/28 01:05:52 | 000,092,096 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2012/03/28 01:05:28 | 000,022,976 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2012/03/28 01:48:16 | 000,489,384 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2012/03/28 01:06:48 | 000,024,512 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
[2013/05/22 03:03:17 | 000,003,723 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\safeguard-secure-search.xml

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage:
CHR - Extension: No name found = C:\Documents and Settings\Jerry\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm\1.0.0.38\

O1 HOSTS File: ([2013/01/04 10:15:50 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O2 - BHO: (MixiDJ V30 Toolbar) - {1122b43d-30ee-403f-9bfa-3cc99b0caddd} - C:\Program Files\MixiDJ_V30\prxtbMixi.dll (Conduit Ltd.)
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Documents and Settings\Jerry\Application Data\defaulttab\defaulttab\DefaultTabBHO.dll (Search Results LLC.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.0.1.12\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\Documents and Settings\All Users\Application Data\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O3 - HKLM\..\Toolbar: (MixiDJ V30 Toolbar) - {1122b43d-30ee-403f-9bfa-3cc99b0caddd} - C:\Program Files\MixiDJ_V30\prxtbMixi.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.0.1.12\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (MixiDJ V30 Toolbar) - {1122B43D-30EE-403F-9BFA-3CC99B0CADDD} - C:\Program Files\MixiDJ_V30\prxtbMixi.dll (Conduit Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\aol\1246745595\ee\aolsoftware.exe (AOL LLC)
O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u File not found
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG SafeGuard toolbar\vprot.exe ()
O4 - HKLM..\Run: [WUSB54GPv4] C:\Program Files\Wireless-G Portable USB Adapter Wireless Network Monitor\InvokeSvc3.exe ()
O4 - HKCU..\Run: [MotoCast] C:\Program Files\Motorola Mobility\MotoCast\MotoLauncher.lnk ()
O4 - HKCU..\Run: [replay_telecorder_skype] C:\Program Files\Replay Telecorder for Skype\replay_telecorder_skype.exe (Applian Technologies Inc.)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Program Files\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Hawking Wireless Utility.lnk = C:\Program Files\Hawking\HWU8DD\HWU8DD.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - Reg Error: Value error. File not found
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} https://wimpro.cce.h...ads/sysinfo.cab (SysData Class)
O16 - DPF: {FC6703A7-5B7E-4f58-BE6D-2693AA3906AE} http://h30299.www3.h...hp.cab?1,0,0,94 (HP Content Update)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DBB19797-4C94-401C-9368-9219D9B431B7}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll (AVG Secure Search)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Jerry\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jerry\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/19 21:04:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\pdvcodec.dll (Matsushita Electric Industrial Co., Ltd.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\LVCodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/11/16 18:25:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jerry\Desktop\OTL.exe
[2013/11/16 18:02:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2013/11/10 14:30:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Start Menu\Programs\NCH Software Suite
[2013/11/10 14:30:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Start Menu\Programs\Business Related Programs
[2013/11/10 14:29:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NCH Software Suite
[2013/11/10 14:29:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Business Related Programs
[2013/11/10 14:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2013/11/10 14:28:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NCH Software
[2013/11/10 13:30:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/11/07 10:10:50 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/11/05 13:28:58 | 000,000,000 | ---D | C] -- C:\Program Files\GlobalMapper14
[2013/11/04 22:38:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Application Data\GlobalMapper
[2013/11/04 22:37:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Global Mapper
[2013/11/04 22:36:03 | 000,000,000 | ---D | C] -- C:\Program Files\GlobalMapper13
[2013/11/04 22:34:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Local Settings\Application Data\Downloaded Installations
[2013/11/04 21:59:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Local Settings\Application Data\FileViewPro
[2013/11/04 21:59:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\IsolatedStorage
[2013/11/04 21:59:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Application Data\IsolatedStorage
[2013/11/04 21:55:18 | 000,000,000 | ---D | C] -- C:\Spacekace
[2013/11/04 21:48:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Application Data\gtk-2.0
[2013/11/04 21:39:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\My Documents\gegl-0.0
[2013/11/04 21:39:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\.gimp-2.6
[2013/11/04 21:10:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\AVAST Software
[2013/11/04 20:55:36 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2013/11/04 20:55:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Application Data\defaulttab
[2013/11/04 20:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2013/11/04 20:52:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Local Settings\Application Data\MixiDJ_V30
[2013/11/04 20:52:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Conduit
[2013/11/04 20:52:53 | 000,000,000 | ---D | C] -- C:\Program Files\MixiDJ_V30
[2013/11/04 20:52:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Local Settings\Application Data\Conduit
[2013/11/04 20:51:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Application Data\SearchProtect
[2013/11/04 20:37:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Fighters
[2013/11/04 20:35:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\images
[2013/11/04 20:35:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\css
[2013/11/04 20:35:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\modules
[2013/11/04 20:35:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\html
[2013/11/04 20:35:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\js
[2013/11/04 20:35:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WeCareReminder
[2013/11/04 20:29:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
[2013/11/04 12:06:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Speccy
[2013/11/04 12:06:39 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2013/11/04 12:03:51 | 005,552,488 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\Jerry\Desktop\spsetup123.exe
[2013/11/04 11:22:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Application Data\AVAST Software
[2013/11/04 11:09:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avast
[2013/11/04 11:09:10 | 000,057,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/11/04 11:09:08 | 000,403,440 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsp.sys
[2013/11/04 11:09:07 | 000,774,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/11/04 11:09:07 | 000,070,384 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/11/04 11:09:07 | 000,035,656 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/11/04 11:09:06 | 000,054,832 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/11/04 11:09:02 | 000,269,216 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/11/04 11:08:57 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/11/04 11:07:51 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/11/04 11:06:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2013/11/04 10:45:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Local Settings\Application Data\AVG Secure Search
[2013/11/04 10:18:27 | 000,861,088 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013/11/03 19:52:15 | 000,000,000 | ---D | C] -- C:\FRST
[2013/11/03 19:48:33 | 001,089,445 | ---- | C] (Farbar) -- C:\Documents and Settings\Jerry\Desktop\FRST.exe
[2013/10/21 17:35:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Application Data\AVG2014
[2013/10/21 17:20:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2014
[2013/10/21 17:06:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jerry\Local Settings\Application Data\Avg2014

========== Files - Modified Within 30 Days ==========

[2013/11/16 18:25:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jerry\Desktop\OTL.exe
[2013/11/16 18:00:25 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/16 17:57:02 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/11/16 17:48:01 | 000,000,362 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/11/16 17:26:01 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/16 17:26:01 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_1013b_rel.job
[2013/11/16 17:26:00 | 000,000,400 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_1013b_rmv.job
[2013/11/16 17:25:53 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/11/16 17:25:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/11/10 14:31:30 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\expressinvoiceShakeIcon.job
[2013/11/10 14:30:25 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\ExpressAccountsSevenDays.job
[2013/11/10 14:30:03 | 000,000,859 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Express Accounts.lnk
[2013/11/10 14:29:43 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\expressinvoiceSevenDays.job
[2013/11/10 14:28:43 | 000,000,847 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Express Invoice.lnk
[2013/11/10 13:36:01 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/11/07 20:41:02 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\Motorola Device Manager Engine.job
[2013/11/07 11:09:04 | 000,403,440 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsp.sys
[2013/11/06 22:37:42 | 000,000,884 | RHS- | M] () -- C:\Documents and Settings\Jerry\ntuser.pol
[2013/11/06 20:41:01 | 000,000,478 | ---- | M] () -- C:\WINDOWS\tasks\Motorola Device Manager Update.job
[2013/11/05 13:37:25 | 000,002,359 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Global Mapper 14.lnk
[2013/11/05 13:30:19 | 000,000,009 | ---- | M] () -- C:\WINDOWS\System32\PROTOCOL.INI
[2013/11/04 21:49:15 | 000,006,886 | ---- | M] () -- C:\Documents and Settings\Jerry\Desktop\Nn+rkm+7.htm
[2013/11/04 21:37:21 | 000,000,830 | ---- | M] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2013/11/04 21:33:32 | 000,485,380 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/11/04 21:33:32 | 000,081,122 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/11/04 20:53:33 | 000,000,009 | ---- | M] () -- C:\END
[2013/11/04 12:06:49 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2013/11/04 12:04:25 | 005,552,488 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\Jerry\Desktop\spsetup123.exe
[2013/11/04 11:45:12 | 002,799,296 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\Jerry\Desktop\procexp.exe
[2013/11/04 11:38:38 | 000,061,440 | ---- | M] ( ) -- C:\Documents and Settings\Jerry\Desktop\VEW.exe
[2013/11/04 11:09:49 | 000,001,733 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2013/11/04 11:09:00 | 000,178,304 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/11/04 11:09:00 | 000,057,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/11/04 11:08:59 | 000,774,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/11/04 11:08:59 | 000,070,384 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/11/04 11:08:59 | 000,054,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/11/04 11:08:59 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/11/04 11:08:59 | 000,035,656 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/11/04 11:08:57 | 000,269,216 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/11/04 11:08:57 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/11/03 19:48:29 | 001,089,445 | ---- | M] (Farbar) -- C:\Documents and Settings\Jerry\Desktop\FRST.exe
[2013/11/01 13:50:34 | 000,077,385 | ---- | M] () -- C:\Documents and Settings\Jerry\Desktop\Moody Lawn Care Invoice 10000.pdf
[2013/10/29 19:19:12 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/10/29 17:31:59 | 000,564,361 | ---- | M] () -- C:\Documents and Settings\Jerry\Desktop\plug.jpg
[2013/10/27 10:40:33 | 000,002,393 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TurboTax 2012.lnk
[2013/10/27 09:10:16 | 000,149,504 | ---- | M] () -- C:\Documents and Settings\Jerry\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/10/27 09:03:19 | 000,002,785 | ---- | M] () -- C:\Documents and Settings\Jerry\Desktop\FlextimePlayer.lnk
[2013/10/21 17:25:12 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk

========== Files Created - No Company Name ==========

[2013/11/10 14:31:26 | 000,000,304 | ---- | C] () -- C:\WINDOWS\tasks\expressinvoiceShakeIcon.job
[2013/11/10 14:30:23 | 000,000,308 | ---- | C] () -- C:\WINDOWS\tasks\ExpressAccountsSevenDays.job
[2013/11/10 14:30:03 | 000,000,859 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Express Accounts.lnk
[2013/11/10 14:30:00 | 000,000,865 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Express Accounts.lnk
[2013/11/10 14:29:38 | 000,000,304 | ---- | C] () -- C:\WINDOWS\tasks\expressinvoiceSevenDays.job
[2013/11/10 14:28:43 | 000,000,853 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Express Invoice.lnk
[2013/11/10 14:28:43 | 000,000,847 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Express Invoice.lnk
[2013/11/10 13:36:00 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2013/11/10 13:35:50 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
[2013/11/05 22:37:08 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_1013b_rel.job
[2013/11/05 22:37:02 | 000,000,400 | ---- | C] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_1013b_rmv.job
[2013/11/05 13:30:19 | 000,002,359 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Global Mapper 14.lnk
[2013/11/04 22:37:07 | 000,000,009 | ---- | C] () -- C:\WINDOWS\System32\PROTOCOL.INI
[2013/11/04 21:49:26 | 000,006,886 | ---- | C] () -- C:\Documents and Settings\Jerry\Desktop\Nn+rkm+7.htm
[2013/11/04 20:55:39 | 000,000,884 | RHS- | C] () -- C:\Documents and Settings\Jerry\ntuser.pol
[2013/11/04 20:50:42 | 000,000,009 | ---- | C] () -- C:\END
[2013/11/04 20:35:21 | 000,000,830 | ---- | C] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2013/11/04 12:06:48 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Speccy.lnk
[2013/11/04 11:38:46 | 000,061,440 | ---- | C] ( ) -- C:\Documents and Settings\Jerry\Desktop\VEW.exe
[2013/11/04 11:09:49 | 000,001,733 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2013/11/04 11:09:34 | 000,000,362 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/11/04 11:09:09 | 000,178,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/11/04 11:09:08 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/11/01 13:50:34 | 000,077,385 | ---- | C] () -- C:\Documents and Settings\Jerry\Desktop\Moody Lawn Care Invoice 10000.pdf
[2013/10/29 17:31:59 | 000,564,361 | ---- | C] () -- C:\Documents and Settings\Jerry\Desktop\plug.jpg
[2013/10/21 17:25:12 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
[2013/05/29 23:21:41 | 000,003,734 | ---- | C] () -- C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
[2013/02/19 12:52:54 | 000,000,028 | ---- | C] () -- C:\WINDOWS\reimage.ini
[2013/01/05 08:36:26 | 000,015,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2012/10/25 17:07:28 | 003,973,120 | ---- | C] () -- C:\WINDOWS\System32\ffmpeg2.exe
[2012/04/15 22:44:21 | 000,001,008 | ---- | C] () -- C:\WINDOWS\hpomdl35.dat.temp
[2012/02/15 20:32:55 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/06 22:01:15 | 000,333,450 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/02/06 21:45:22 | 002,596,186 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-854245398-1844823847-682003330-1003-0.dat
[2012/02/06 19:38:25 | 000,000,744 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc
[2011/12/27 20:25:51 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Jerry\Application Data\$_hpcst$.hpc
[2011/12/01 22:16:08 | 000,000,067 | ---- | C] () -- C:\WINDOWS\Easy DVD Creator.INI
[2010/10/13 11:44:29 | 000,149,504 | ---- | C] () -- C:\Documents and Settings\Jerry\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/04 18:22:16 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Jerry\Local Settings\Application Data\fusioncache.dat
[2009/11/18 20:23:19 | 000,005,110 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\xqkcebzs.dik

========== ZeroAccess Check ==========

[2009/05/19 20:59:51 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012/08/30 15:29:36 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2013/01/05 08:47:32 | 000,016,573 | ---- | M] () -- C:\AdwCleaner[R1].txt
[2013/01/05 08:49:08 | 000,016,291 | ---- | M] () -- C:\AdwCleaner[S1].txt
[2010/11/16 21:22:00 | 000,002,006 | ---- | M] () -- C:\aqua_bitmap.cpp
[2009/05/19 21:04:18 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2009/05/19 20:54:57 | 000,000,209 | ---- | M] () -- C:\Boot.bak
[2013/01/04 08:44:28 | 000,000,325 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | R-S- | M] () -- C:\cmldr
[2009/05/19 21:04:18 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2013/11/04 20:53:33 | 000,000,009 | ---- | M] () -- C:\END
[2009/05/19 21:04:18 | 000,000,000 | R-S- | M] () -- C:\IO.SYS
[2012/12/20 16:52:40 | 000,028,772 | ---- | M] () -- C:\MP4debug.log
[2009/05/19 21:04:18 | 000,000,000 | R-S- | M] () -- C:\MSDOS.SYS
[2004/08/10 06:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/05/27 08:09:54 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2013/11/16 17:25:33 | 1409,286,144 | -HS- | M] () -- C:\pagefile.sys
[2013/09/15 23:44:27 | 001,002,424 | ---- | M] () -- C:\StarBurn.log
[2013/11/04 11:43:55 | 000,000,549 | ---- | M] () -- C:\VEW.txt

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/05/19 21:03:38 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 07:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008/10/17 13:55:18 | 000,321,536 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp696.dll
[2007/04/09 12:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008/07/06 05:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2013/11/04 11:08:57 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2013/03/04 19:17:36 | 000,001,714 | -H-- | M] () -- C:\Documents and Settings\Jerry\Application Data\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >
[2013/10/02 08:11:06 | 000,003,734 | ---- | M] () -- C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2009/05/19 16:47:41 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009/05/19 16:47:41 | 000,659,456 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009/05/19 16:47:41 | 000,901,120 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2009/05/27 08:21:16 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2013-11-12 18:47:53

< MD5 for: BEEP.SYS >
[2004/08/10 06:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\erdnt\cache\beep.sys
[2004/08/10 06:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\dllcache\beep.sys
[2004/08/10 06:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) MD5=DA1F27D85E0D1525F6621372E7B685E9 -- C:\WINDOWS\system32\drivers\beep.sys

< MD5 for: MSWSOCK.DLL >
[2008/06/20 12:41:10 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=097722F235A1FB698BF9234E01B52637 -- C:\WINDOWS\$NtServicePackUninstall$\mswsock.dll
[2008/06/20 12:36:11 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=1DFCA7713EA5A70D5D93B436AEA0317A -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[2008/06/20 12:46:57 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=832E4DD8964AB7ACC880B2837CB1ED20 -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[2008/06/20 11:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\erdnt\cache\mswsock.dll
[2008/06/20 11:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\system32\dllcache\mswsock.dll
[2008/06/20 11:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\system32\mswsock.dll
[2008/04/13 19:12:01 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=B4138E99236F0F57D4CF49BAE98A0746 -- C:\WINDOWS\ServicePackFiles\i386\mswsock.dll
[2008/06/20 12:43:05 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[2008/06/20 12:43:05 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll

< MD5 for: NETCFGX.DLL >
[2008/04/13 19:12:01 | 000,622,592 | ---- | M] (Microsoft Corporation) MD5=37A62C6092AADD2EFDE0468DD8818E99 -- C:\WINDOWS\ServicePackFiles\i386\netcfgx.dll
[2008/04/13 19:12:01 | 000,622,592 | ---- | M] (Microsoft Corporation) MD5=37A62C6092AADD2EFDE0468DD8818E99 -- C:\WINDOWS\system32\netcfgx.dll
[2004/08/10 06:00:00 | 000,622,080 | ---- | M] (Microsoft Corporation) MD5=E3AE8DC04643850D2DFD431443558B28 -- C:\WINDOWS\$NtServicePackUninstall$\netcfgx.dll

< MD5 for: NETMAN.DLL >
[2008/04/13 19:12:01 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=13E67B55B3ABD7BF3FE7AAE5A0F9A9DE -- C:\WINDOWS\erdnt\cache\netman.dll
[2008/04/13 19:12:01 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=13E67B55B3ABD7BF3FE7AAE5A0F9A9DE -- C:\WINDOWS\ServicePackFiles\i386\netman.dll
[2008/04/13 19:12:01 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=13E67B55B3ABD7BF3FE7AAE5A0F9A9DE -- C:\WINDOWS\system32\netman.dll
[2004/08/10 06:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=DAB9E6C7105D2EF49876FE92C524F565 -- C:\WINDOWS\$NtServicePackUninstall$\netman.dll

< MD5 for: NETSHELL.DLL >
[2008/04/13 19:12:02 | 001,703,936 | ---- | M] (Microsoft Corporation) MD5=062F837C1FBDB6A0A75F82EFC2EE8E74 -- C:\WINDOWS\ServicePackFiles\i386\netshell.dll
[2008/04/13 19:12:02 | 001,703,936 | ---- | M] (Microsoft Corporation) MD5=062F837C1FBDB6A0A75F82EFC2EE8E74 -- C:\WINDOWS\system32\netshell.dll
[2005/06/21 17:00:18 | 001,705,472 | ---- | M] (Microsoft Corporation) MD5=9BD086B1E1CB82A11B95F5BA613C4A4E -- C:\WINDOWS\$NtServicePackUninstall$\netshell.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\My Recordings:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\Landen.dmsd:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\GomPlayer:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\GomEncoder:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\Downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\Ask and Record Toolbar:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\My Documents\Aiseesoft Studio:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\Desktop\Pictures:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\Jerry\Desktop\ACC Game:Roxio EMC Stream

< End of report >
OTL Extras logfile created on: 11/16/2013 6:30:53 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Jerry\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

893.97 Mb Total Physical Memory | 122.90 Mb Available Physical Memory | 13.75% Memory free
2.11 Gb Paging File | 1.17 Gb Available in Paging File | 55.13% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 6.59 Gb Free Space | 8.85% Space Free | Partition Type: NTFS

Computer Name: JERRY-1A1033F2B | User Name: Jerry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe" = C:\Program Files\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe:*:Disabled:MotoCast-thumbnailer -- ()
"C:\Program Files\Motorola Mobility\MotoCast\MotoCast.exe" = C:\Program Files\Motorola Mobility\MotoCast\MotoCast.exe:*:Disabled:MotoCast -- (Motorola Mobility Inc.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Windows Explorer -- (Microsoft Corporation)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent Inc.)
"C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update v4 Shared Downloads Server -- (Intuit Inc.)
"C:\Program Files\AVG\AVG2014\avgnsx.exe" = C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgdiagex.exe" = C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostics 2014 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgmfapx.exe" = C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0228288D-975E-42F7-9993-E91A82E6BBD9}" = CWA Reminder by We-Care.com v4.1.24.3
"{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}" = Status
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio RecordNow Data
"{087A66B8-1F0F-4a8d-A649-0CFE276AA7C0}" = WebReg
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19a5dd5e-9675-41ef-b02a-5bdb53fb5557}" = C309a
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20EFC9AA-BBC1-4DFD-81FF-99654F71CBF8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Roxio MyDVD LE
"{28DB8373-C1BB-444F-A427-A55585A12ED7}" = Motorola Device Manager
"{29DBCB14-49ED-4906-A440-CBC27B761051}" = Roxio MyDVD 9 Studio
"{2A329FB6-389D-4396-A974-29656D6864AE}" = MarketResearch
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FC7287D-39DD-4A84-9806-D27D3CCDC51B}" = Citrix online plug-in (Web)
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{34049422-08A0-4A2D-91DB-F57BF0C7C799}" = Motorola Mobile Drivers Installation 6.2.0
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{378397D6-FD32-4092-A854-6A75CB7EDA46}" = MOTOROLA MEDIA LINK
"{3BF6B4CF-E6A1-45B3-9BC5-67213D146CB6}_is1" = Remo Recover for Android
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40E472D2-907F-4ED4-9819-AAF8DACEBB33}" = TurboTax 2012 wgaiper
"{47ECCB1F-2811-49C0-B6A7-26778639ABA0}" = 32 Bit HP CIO Components Installer
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4D304678-738E-42a0-931A-2B022F49DEB8}" = TrayApp
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4F94119D-1B71-400e-9F04-B4E5CEAE71F8}_is1" = Sothink Movie DVD Maker
"{5401CEE8-3C2D-4835-A802-213306537FF4}" = MotoCast
"{581CE7EA-A30D-0000-1211-088635773309}" = Hawking Hi-Gain Wireless-G USB Dish Adapter
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{676981B7-A2D9-49D0-9F4C-03018F131DA9}" = DocProc
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6EED4269-588D-45b8-A80C-26A9CA62EE4E}" = HPSSupply
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74A59732-4CFA-4E23-AC74-2F285C142F02}" = Global Mapper 14
"{7694E0B1-2332-448B-9235-929F84B41E3F}" = [email protected] ISO Burner
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{7E6066E6-8B5B-4100-B0FA-1D9E9B663CBA}" = iTunes
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87A9A9A9-FAB7-4224-9328-0FA2058C0FD5}" = Network
"{89EC099E-958D-462E-972C-385591946978}" = TurboTax 2012 WinPerFedFormset
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{926CC8AE-8414-43DF-8EB4-CF26D9C3C663}" =
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{97B9314B-134D-482B-A32E-1E6123BE0F64}" = Wireless-G Portable USB Adapter
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9D0F85-5658-4A5E-95A9-65F7DB2916EE}" = Broadcom 440x 10/100 Integrated Controller
"{9CCCFD9C-248F-47FE-9496-1680E3E5C163}" = Scan
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A8B1F076-965D-4663-A9D4-C2FB58A42AE4}" = TurboTax 2012 WinPerTaxSupport
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio RecordNow Audio
"{AC13BA3A-336B-45a4-B3FE-2D3058A7B533}" = Toolbox
"{AC6AE077-1566-4655-BE73-38A869C150DC}" = ATI Catalyst Control Center
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.05)
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio RecordNow Copy
"{B28635AB-1DF3-4F07-BFEA-975D911B549B}" = hpphotosmartdisclabelplugin
"{BAA712B8-403A-4114-AB3D-F4F733794C52}" = FlextimePlayer1.0.2 For WinXP
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logitech QuickCam Software
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C89FA20F-0236-424C-B7D8-8E5EEDC20E15}" = Motorola Device Software Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240D2}" = WinZip 16.5
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{d3c33f97-7936-4301-815f-2cf4ea5a467f}" = PS_AIO_05_C309_Software_Min
"{D3D090CA-ED56-46C5-A4E8-7AB251AD0AEF}" = UniTrunker
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D9D8F2CF-FE2D-4644-9762-01F916FE90A9}" = HPPhotoSmartDiscLabel_PaperLabel
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E83F5F27-43F3-4163-ABE5-F68C989286ED}" = TurboTax 2012 wrapper
"{EDE1736D-94BA-0200-0000-000000000000}" = Android Manager WiFi
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F014B696-28C5-4554-802F-A15380418F53}" = TurboTax 2012 WinPerReleaseEngine
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F6E63EBE-DFAC-4925-A343-531DCB4630AF}" = TurboTax 2012 wsciper
"{F769B78E-FF0E-4db5-95E2-9F4C8D6352FE}" = DeviceDiscovery
"{FCD9CD52-7222-4672-94A0-A722BA702FD0}" = Dell Resource CD
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"00BD1CD47675C125126C80095FCC12CFA4D311DB" = Windows Driver Package - FTDI CDM Driver Package (06/27/2007 2.02.04)
"3635FC5A3FE7DACCEF2123BDBDA808BA811B977B" = Windows Driver Package - Ricoh Company Memorystick Host Controller (07/09/2005 1.00.01.12)
"452416B030C25BAA383F3DA368FECD5D48FAE727" = Windows Driver Package - Ricoh Company xD-Picture Card/SmartMedia Host Controller (07/14/2005 1.00.02.04)
"A622B79B943ECA1F0AECF1FF5BE13D458F345EBB" = Windows Driver Package - FTDI CDM Driver Package (06/27/2007 2.02.04)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"Applian Director1.1" = Applian Director
"Applian Director2.12" = Applian Director
"ATI Display Driver" = ATI Display Driver
"Avast" = avast! Free Antivirus
"AVG SafeGuard toolbar" = AVG SafeGuard toolbar
"AviSynth" = AviSynth 2.5
"AVS Audio Converter_is1" = AVS Audio Converter 7
"AVS DVD Copy_is1" = AVS DVD Copy 4.1.2.283
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 7
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"BurnToDisk_is1" = BurnToDisk version 1.0
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"CoreAAC" = CoreAAC
"DefaultTab" = DefaultTab
"Easy DVD Creator_is1" = Easy DVD Creator 2.4.5
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"ExpressAccounts" = Express Accounts
"ExpressInvoice" = Express Invoice
"F631A62FA5E06534A0FE3637D75AAA5B1D3E4FB7" = Windows Driver Package - Ricoh Company MMC Host Controller (07/14/2005 1.00.00.06)
"FTDICOMM" = FTDI USB Serial Converter Drivers
"GOM ENCODER" = GOM ENCODER
"GOM Player" = GOM Player
"HaaliMkx" = Haali Media Splitter
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"ie8" = Windows Internet Explorer 8
"IECT3298566" = MixiDJ V30 Toolbar for IE
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 25.0 (x86 en-US)" = Mozilla Firefox 25.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mplayer" = Mplayer 0.6.9
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"Photo DVD Slideshow Professional" = Photo DVD Slideshow Pro 8.07
"PSREdit500.exe" = PSREdit500 Scanner Configuration Editor
"QcDrv" = Logitech® Camera Driver
"Replay Converter 3" = Replay Converter 3
"Replay Converter 4" = Replay Converter 4
"Replay Media Catcher 3.02" = Replay Media Catcher 3.02
"Replay Media Catcher 4" = Replay Media Catcher 4 (4.4.5)
"Replay Telecorder for Skype_is1" = Replay Telecorder for Skype 1.3.0.12
"Replay Video Capture3.1B" = Replay Video Capture
"Replay Video Capture6.0.6.1" = Replay Video Capture 6
"Replay_Media_Splitter_1.2" = Replay Media Splitter 2.2.1211.6
"ReplayMusic5.45" = Replay Music 5
"RonyaSoft CD DVD Label Maker" = RonyaSoft CD DVD Label Maker 3.01
"SPC Invoice_is1" = SPC Invoice 2.0
"Speccy" = Speccy
"Spotify" = Spotify
"TurboTax 2012" = TurboTax 2012
"uTorrent" = µTorrent
"Video Padlock1.20" = Video Padlock
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xilisoft 3GP Video Converter 6" = Xilisoft 3GP Video Converter 6
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FoxTab Audio Converter" = FoxTab Audio Converter
"Move Media Player" = Move Media Player
"Spotify" = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/10/2013 12:27:15 PM | Computer Name = JERRY-1A1033F2B | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 1.1 - Update '{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}'
could not be installed. Error code 1603. Additional information is available in
the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log.

Error - 11/10/2013 12:27:52 PM | Computer Name = JERRY-1A1033F2B | Source = NativeWrapper | ID = 5000
Description =

Error - 11/11/2013 10:44:15 AM | Computer Name = JERRY-1A1033F2B | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 5.1.2600.5512, faulting
module unknown, version 0.0.0.0, fault address 0x00a601a0.

Error - 11/11/2013 10:49:53 AM | Computer Name = JERRY-1A1033F2B | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source
could be found for product Microsoft .NET Framework 1.1. The Windows installer
cannot continue.

Error - 11/11/2013 10:49:59 AM | Computer Name = JERRY-1A1033F2B | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 1.1 - Update '{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}'
could not be installed. Error code 1603. Additional information is available in
the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log.

Error - 11/11/2013 10:50:18 AM | Computer Name = JERRY-1A1033F2B | Source = NativeWrapper | ID = 5000
Description =

Error - 11/12/2013 2:46:57 PM | Computer Name = JERRY-1A1033F2B | Source = MsiInstaller | ID = 11706
Description = Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source
could be found for product Microsoft .NET Framework 1.1. The Windows installer
cannot continue.

Error - 11/12/2013 2:47:11 PM | Computer Name = JERRY-1A1033F2B | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 1.1 - Update '{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}'
could not be installed. Error code 1603. Additional information is available in
the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log.

Error - 11/12/2013 2:47:27 PM | Computer Name = JERRY-1A1033F2B | Source = NativeWrapper | ID = 5000
Description =

Error - 11/16/2013 6:27:04 PM | Computer Name = JERRY-1A1033F2B | Source = PerfNet | ID = 2004
Description = Unable to open the Server service. Server performance data will not
be returned. Error code returned is in data DWORD 0.

[ System Events ]
Error - 11/11/2013 10:48:16 AM | Computer Name = JERRY-1A1033F2B | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the stisvc service.

Error - 11/11/2013 10:48:47 AM | Computer Name = JERRY-1A1033F2B | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the stisvc service.

Error - 11/11/2013 10:56:43 AM | Computer Name = JERRY-1A1033F2B | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on
Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2833941).

Error - 11/11/2013 12:44:07 PM | Computer Name = JERRY-1A1033F2B | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the SENS service.

Error - 11/12/2013 2:35:53 PM | Computer Name = JERRY-1A1033F2B | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.0.6 on
the Network Card with network address 0016CFC274A6.

Error - 11/12/2013 2:41:54 PM | Computer Name = JERRY-1A1033F2B | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Spooler service.

Error - 11/12/2013 2:47:42 PM | Computer Name = JERRY-1A1033F2B | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on
Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2833941).

Error - 11/13/2013 1:14:58 AM | Computer Name = JERRY-1A1033F2B | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the Spooler service.

Error - 11/16/2013 6:26:12 PM | Computer Name = JERRY-1A1033F2B | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring
the volume.

Error - 11/16/2013 6:28:03 PM | Computer Name = JERRY-1A1033F2B | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
AVGIDSHX


< End of report >
  • 0

#9
shajoe44

shajoe44

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 262 posts
Process PID CPU Verified Signer
System Idle Process 0 98.44
procexp.exe 2404 0.78 (Verified) Microsoft Corporation
Interrupts n/a 0.78
YahooAUService.exe 3516 (Verified) Yahoo! Inc.
wuauclt.exe 5208 (Verified) Microsoft Windows Component Publisher
wmiprvse.exe 212 (Verified) Microsoft Windows Component Publisher
WLTRYSVC.EXE 424 (No signature was present in the subject)
WLTRAY.EXE 288 (No signature was present in the subject) Dell Inc.
winlogon.exe 1288 (No signature was present in the subject) Microsoft Corporation
wfcrun32.exe 528 (Verified) Citrix Systems
vprot.exe 460 (Verified) AVG Technologies
ToolbarUpdater.exe 380 (Verified) AVG Technologies
System 4
svchost.exe 1660 (No signature was present in the subject) Microsoft Corporation
svchost.exe 2904 (No signature was present in the subject) Microsoft Corporation
svchost.exe 1548 (No signature was present in the subject) Microsoft Corporation
svchost.exe 2760 (No signature was present in the subject) Microsoft Corporation
svchost.exe 3200 (No signature was present in the subject) Microsoft Corporation
svchost.exe 2148 (No signature was present in the subject) Microsoft Corporation
svchost.exe 2092 (No signature was present in the subject) Microsoft Corporation
svchost.exe 1620 (Verified) Microsoft Windows Component Publisher
svchost.exe 1700 (No signature was present in the subject) Microsoft Corporation
svchost.exe 1852 (No signature was present in the subject) Microsoft Corporation
svchost.exe 1888 (Verified) Microsoft Windows Component Publisher
svchost.exe 920 (Verified) Microsoft Windows Component Publisher
svchost.exe 3436 (No signature was present in the subject) Microsoft Corporation
svchost.exe 3740 (No signature was present in the subject) Microsoft Corporation
svchost.exe 248 (No signature was present in the subject) Microsoft Corporation
stsystra.exe 216 (No signature was present in the subject) SigmaTel, Inc.
SpotifyWebHelper.exe 1568 (Verified) Spotify AB
spoolsv.exe 856 (No signature was present in the subject) Microsoft Corporation
smss.exe 1204 (No signature was present in the subject) Microsoft Corporation
services.exe 1332 (No signature was present in the subject) Microsoft Corporation
plugin-container.exe 5692 (Verified) Mozilla Corporation
plugin-container.exe 4420 (Verified) Mozilla Corporation
OTL.exe 1016 (No signature was present in the subject) OldTimer Tools
NServiceEntry.exe 416 (Verified) Nero AG
notepad.exe 4700 (Verified) Microsoft Windows Component Publisher
notepad.exe 3240 (Verified) Microsoft Windows Component Publisher
notepad.exe 3280 (No signature was present in the subject) Microsoft Corporation
msmsgs.exe 1792 (No signature was present in the subject) Microsoft Corporation
MotoHelperService.exe 2624 (Verified) Motorola Mobility Inc.
MotoHelperAgent.exe 2880 (Verified) Motorola Mobility Inc.
MDM.EXE 2576 (Verified) Microsoft Corporation
mbamservice.exe 2488 (Verified) Malwarebytes Corporation
mbamscheduler.exe 2408 (Verified) Malwarebytes Corporation
mbamgui.exe 2772 (Verified) Malwarebytes Corporation
LVCOMSX.EXE 540 (No signature was present in the subject) Logitech Inc.
lsass.exe 1344 (No signature was present in the subject) Microsoft Corporation
issch.exe 340 (Verified) Macrovision Corporation
IntuitUpdateService.exe 2276 (Verified) Intuit
InfoMyCa.exe 548 (No signature was present in the subject)
HWU8DD.exe 2064 (No signature was present in the subject)
hpqtra08.exe 2156 (Verified) Hewlett Packard
hpqste08.exe 1400 (No signature was present in the subject) Hewlett-Packard Co.
hpqgpc01.exe 980 (No signature was present in the subject) Hewlett-Packard
hpqbam08.exe 2392 (No signature was present in the subject) Hewlett-Packard Co.
GrooveMonitor.exe 756 (Verified) Microsoft Corporation
firefox.exe 3220 (Verified) Mozilla Corporation
explorer.exe 588 (No signature was present in the subject) Microsoft Corporation
ehtray.exe 2004 (No signature was present in the subject) Microsoft Corporation
ehmsas.exe 3844 (No signature was present in the subject) Microsoft Corporation
dtupdate.exe 384 (No signature was present in the subject) Search Results, LLC
csrss.exe 1260 (No signature was present in the subject) Microsoft Corporation
concentr.exe 700 (Verified) Citrix Systems
CLI.exe 220 (No signature was present in the subject) ATI Technologies Inc.
CLI.exe 2952 (No signature was present in the subject) ATI Technologies Inc.
BCMWLTRY.EXE 436 (No signature was present in the subject) Dell Inc.
AvastUI.exe 596 (Verified) AVAST Software a.s.
AvastSvc.exe 444 (Verified) AVAST Software a.s.
ati2evxx.exe 1928 (No signature was present in the subject) ATI Technologies Inc.
ati2evxx.exe 1528 (No signature was present in the subject) ATI Technologies Inc.
AppleMobileDeviceService.exe 1064 (Verified) Apple Inc.
aolsoftware.exe 364 (Verified) AOL LLC
AOLacsd.exe 1008 (Verified) AOL LLC
alg.exe 3696 (No signature was present in the subject) Microsoft Corporation
  • 0

#10
shajoe44

shajoe44

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 262 posts
Process PID CPU Verified Signer
System Idle Process 0 96.92
lsass.exe 1344 3.08 (Verified) Microsoft Windows Component Publisher
Interrupts n/a < 0.01
YahooAUService.exe 3516 (Verified) Yahoo! Inc.
wuauclt.exe 5208 (Verified) Microsoft Windows Component Publisher
wmiprvse.exe 5268 (Verified) Microsoft Windows Component Publisher
winlogon.exe 1288 (Verified) Microsoft Windows Component Publisher
wfcrun32.exe 528 (Verified) Citrix Systems
vprot.exe 460 (Verified) AVG Technologies
ToolbarUpdater.exe 380 (Verified) AVG Technologies
System 4
svchost.exe 1660 (Verified) Microsoft Windows Component Publisher
svchost.exe 2904 (Verified) Microsoft Windows Component Publisher
svchost.exe 1548 (Verified) Microsoft Windows Component Publisher
svchost.exe 2092 (Verified) Microsoft Windows Component Publisher
svchost.exe 2148 (Verified) Microsoft Windows Component Publisher
svchost.exe 1620 (Verified) Microsoft Windows Component Publisher
svchost.exe 1700 (Verified) Microsoft Windows Component Publisher
svchost.exe 1852 (Verified) Microsoft Windows Component Publisher
svchost.exe 1888 (Verified) Microsoft Windows Component Publisher
svchost.exe 920 (Verified) Microsoft Windows Component Publisher
svchost.exe 2760 (Verified) Microsoft Windows Component Publisher
svchost.exe 3200 (Verified) Microsoft Windows Component Publisher
svchost.exe 3436 (Verified) Microsoft Windows Component Publisher
svchost.exe 3740 (Verified) Microsoft Windows Component Publisher
svchost.exe 248 (Verified) Microsoft Windows Component Publisher
SpotifyWebHelper.exe 1568 (Verified) Spotify AB
spoolsv.exe 856 (Verified) Microsoft Windows Component Publisher
smss.exe 1204 (Verified) Microsoft Windows Component Publisher
services.exe 1332 (Verified) Microsoft Windows Component Publisher
procexp.exe 4468 (Verified) Microsoft Corporation
plugin-container.exe 4420 (Verified) Mozilla Corporation
plugin-container.exe 5692 (Verified) Mozilla Corporation
NServiceEntry.exe 416 (Verified) Nero AG
msmsgs.exe 1792 (Verified) Microsoft Windows Component Publisher
MotoHelperService.exe 2624 (Verified) Motorola Mobility Inc.
MotoHelperAgent.exe 2880 (Verified) Motorola Mobility Inc.
MDM.EXE 2576 (Verified) Microsoft Corporation
mbamservice.exe 2488 (Verified) Malwarebytes Corporation
mbamscheduler.exe 2408 (Verified) Malwarebytes Corporation
mbamgui.exe 2772 (Verified) Malwarebytes Corporation
issch.exe 340 (Verified) Macrovision Corporation
IntuitUpdateService.exe 2276 (Verified) Intuit
GrooveMonitor.exe 756 (Verified) Microsoft Corporation
firefox.exe 3220 (Verified) Mozilla Corporation
explorer.exe 588 (Verified) Microsoft Windows Component Publisher
ehtray.exe 2004 (Verified) Microsoft Windows Publisher
ehmsas.exe 3844 (Verified) Microsoft Windows Publisher
csrss.exe 1260 (Verified) Microsoft Windows Component Publisher
AvastUI.exe 596 (Verified) AVAST Software a.s.
AvastSvc.exe 444 (Verified) AVAST Software a.s.
ati2evxx.exe 1928 (Verified) Microsoft Windows Hardware Compatibility Publisher
ati2evxx.exe 1528 (Verified) Microsoft Windows Hardware Compatibility Publisher
AppleMobileDeviceService.exe 1064 (Verified) Apple Inc.
aolsoftware.exe 364 (Verified) AOL LLC
AOLacsd.exe 1008 (Verified) AOL LLC
alg.exe 3696 (Verified) Microsoft Windows Component Publisher



Vino's Event Viewer v01c run on Windows XP in English
Report run at 17/11/2013 5:50:21 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

Advertisements


#11
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Get Windows Repair all in one.

http://www.tweaking....all_in_one.html

Run it. You can skip to Step 4 or 5 which should give you the same picture as on the page. Make sure
you have these checked:

Reset Registry Permissions
Reset File Permissions
Register System Files
Repair WMI
Repair Windows Firewall
Repair Internet Explorer
Repair MDAC & MS Jet
Repair Hosts File
Remove Policies Set By Infections
Repair Icons
Repair Winsock & DNS Cache
Remove Temp Files
Repair Proxy Settings
Unhide Non System Files
Repair Windows Updates

Clear the alarms

Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application.

Reboot.




1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


I'm at a Microsoft conference this week so expect delays.

Please post the Output log in your next reply then repeat but select Application.
  • 0

#12
shajoe44

shajoe44

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 262 posts
Vino's Event Viewer v01c run on Windows XP in English
Report run at 19/11/2013 7:37:33 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 19/11/2013 7:23:47 PM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: AVGIDSHX

Log: 'System' Date/Time: 19/11/2013 7:23:47 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The Intuit Update Service v4 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 19/11/2013 7:23:47 PM
Type: error Category: 0
Event: 7009 Source: Service Control Manager
Timeout (30000 milliseconds) waiting for the Intuit Update Service v4 service to connect.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 19/11/2013 7:24:12 PM
Type: warning Category: 0
Event: 3 Source: Print
Printer HP Photosmart C309a series fax was deleted.

Log: 'System' Date/Time: 19/11/2013 7:24:08 PM
Type: warning Category: 0
Event: 4 Source: Print
Printer HP Photosmart C309a series fax is pending deletion.

Vino's Event Viewer v01c run on Windows XP in English
Report run at 19/11/2013 7:39:12 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 19/11/2013 7:22:36 PM
Type: error Category: 0
Event: 2004 Source: PerfNet
Unable to open the Server service. Server performance data will not be returned. Error code returned is in data DWORD 0.

Log: 'Application' Date/Time: 19/11/2013 7:21:59 PM
Type: error Category: 100
Event: 1004 Source: Application Error
Faulting application svchost.exe, version 5.1.2600.5512, faulting module unknown, version 0.0.0.0, fault address 0x00000000.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#13
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

Log: 'System' Date/Time: 19/11/2013 7:23:47 PM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: AVGIDSHX


Right click on My COmputer and select Manage then Device manager. Click on View then on Show Hidden Devices. Look in the right pane and find AVGIDSHX (Should have a yellow flag). Right click on it and Uninstall.

Log: 'System' Date/Time: 19/11/2013 7:23:47 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The Intuit Update Service v4 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 19/11/2013 7:23:47 PM
Type: error Category: 0
Event: 7009 Source: Service Control Manager
Timeout (30000 milliseconds) waiting for the Intuit Update Service v4 service to connect.


Start, Run, services.msc , OK. Find the Intuit Update Service v4 service and right click on it an select Properties then change the Startup Type: to Disabled. OK

Then:
Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application.

Reboot.




1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.



Please post the Output log in your next reply then repeat but select Application.
  • 0

#14
shajoe44

shajoe44

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 262 posts
Vino's Event Viewer v01c run on Windows XP in English
Report run at 26/11/2013 4:43:48 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 26/11/2013 4:40:03 PM
Type: error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: AVGIDSHX

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Vino's Event Viewer v01c run on Windows XP in English
Report run at 26/11/2013 4:49:40 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


I could not find the AVG thing you mentioned. It did not show up under device manager hidden files.
  • 0

#15
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
All Programs, Accessories, Command Prompt and then type:

sc  delete  AVGIDSHX

If that doesn't work to get rid of AVGIDSHX then

Copy the next two lines then go back to the Command Window and right click and Paste (or Edit then Paste) then hit Enter. Do you get any errors?


reg delete HKLM\System\CurrentControlSet\Services\AVGIDSHX
reg delete HKLM\System\CurrentControlSet\Enum\Root\LEGACY_AVGIDSHX
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP