Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

low/no memory error suspect malware [Closed] [Solved]


  • This topic is locked This topic is locked

#1
kate720

kate720

    Member

  • Member
  • PipPip
  • 19 posts
Dear Geeks to Go,

Thank you so much for this service.

I am intermittently getting the error message "you are running low on disk space" with a link to a program to clear some space on the hard drive When I ran it today I actually had less space afterwards. The error message went from saying I only had 8M to 0 (its a 300GB hard drive). Then it seemed to improve after I ran the OTL Scan, I had difficulty reproducing the error. The first few times it happened I started stripping out unnecessary files and than I started moving large files, like photos and videos to an external hard drive, but the message still pops up frequently enough that I only use my PC if I absolutely HAVE to. I have attached the OTL scan file. Please let me know if you need additional information. Thank you for your help.

Best regards,
Kate
  • 0

Advertisements


#2
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Hello and welcome to Geeks to Go! My nickname is Pystryker :) , and I will be helping you with your issue today.

Please note: I am currently in training and all my fixes must be approved by my teacher before being posted. This gives you the advantage of having two people working to solve your problems.

Before we get started, I have a few things I need to go over with you

  • Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process.
  • Please subscribe to this topic. By subscribing, the board will notify you when a new reply is added to your topic. You can find instructions on how to do that by clicking here.

  • If any of your security programs give you a warning about any tool I ask you to use, please do not worry. All the links and tools I provide to you will be safe.

  • Please read through my instructions carefully and completely before executing them.
  • Please make sure that all the programs I ask you to download are downloaded to and run from your Desktop.
  • Please make sure you print out these instructions so that you will be able to refer to them while working on your machine. Part of the solution(s) to your problem may involve us working in Safe Mode and you will need them to go by.
  • Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
  • Please read through my instructions carefully and make sure you complete them from start to finish. I will make sure that I lay the instructions out in a step by step order to make them easy to follow
  • This is a complicated process. It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
  • Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
  • Please make sure you reply within 3 days to my responses, if there is no reply within 3 days, the topic will be closed and you will need to request the topic be reopened.
  • Before we get started, please remember we will do our best to get your machine repaired. However, there are some cases where the only solution is a reformat and reinstall of the operating system. This is a worst case scenario though.
  • It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine. Therefore, I highly recommend you backup any critical personal files on your machine before we start.
  • If possible, please have your original Windows installation disks handy, just in case.
  • If you have any questions at all, please don't hesitate to ask. There's no such thing as a stupid question when dealing with malware.
  • If you are unsure of an instruction I give you, or if something unexepected occurs, Do NOT proceed! Stop and ask for clarification of the instruction or tell me what occurred.
  • Please copy and paste the contents of any requested logs in your replies. Do not attach the log files in your replies unless requested to do so.
  • Please remember, the fixes are for your machine and your machine ONLY!



Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future

Please be patient while I am analyzing your logs. I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way. :)

Now, let's get started, shall we? :thumbsup:


Hello :) I need to see the log from your initial OTL scan. There is also a second log, called Extras.txt that should be in the same location where you ran OTL from.

Please post both of those logs (do not attach them) and we'll get started getting rid of the malware. :thumbsup:

Things I need to see in your next post:

OTL Log

Extras Log

  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#4
kate720

kate720

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
The following log was created on 11/12/13 When I tried to rerun the program today it returned a blank text file...twice. This is all that was returned when I ran it on 11/12, no "extra's file that I could identify.

I am using the "quick scan" and leaving all the default settings. Please advise if I should be doing otherwise.

Thank you for your help,
Kate



OTL logfile created on: 11/12/2013 10:18:29 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Alonso Alienware\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 0.88 Gb Available Physical Memory | 32.17% Memory free
2.81 Gb Paging File | 0.84 Gb Available in Paging File | 29.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.08 Gb Total Space | 0.01 Gb Free Space | 0.00% Space Free | Partition Type: NTFS

Computer Name: ALONSOALIENWARE | User Name: Alonso Alienware | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/12 10:17:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alonso Alienware\Desktop\OTL (1).exe
PRC - [2013/10/29 16:19:57 | 000,241,360 | ---- | M] (Total Defense, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\CAAMSvc.exe
PRC - [2013/10/14 08:33:12 | 000,237,960 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
PRC - [2013/10/09 20:02:12 | 001,621,512 | ---- | M] (Total Defense, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\casc.exe
PRC - [2013/10/09 20:02:09 | 000,257,544 | ---- | M] (Total Defense, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
PRC - [2013/10/09 20:02:09 | 000,208,392 | ---- | M] (Total Defense, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe
PRC - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/10/08 19:02:45 | 000,844,752 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/09/23 16:15:18 | 007,342,592 | ---- | M] (Google Inc.) -- C:\Users\Alonso Alienware\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
PRC - [2013/09/15 13:34:06 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2013/09/14 02:38:54 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2013/09/14 02:27:52 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe
PRC - [2013/09/03 22:09:34 | 002,763,152 | ---- | M] () -- C:\Windows\System32\svcprs32.exe
PRC - [2013/09/03 22:01:18 | 003,213,712 | ---- | M] () -- C:\Windows\System32\mdmcls32.exe
PRC - [2013/06/22 14:26:32 | 034,199,872 | ---- | M] (SlimWare Utilities, Inc.) -- C:\Program Files\DriverUpdate\DriverUpdate.exe
PRC - [2013/05/24 19:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Users\Alonso Alienware\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/05/13 14:33:02 | 001,693,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
PRC - [2013/05/13 14:33:02 | 001,113,296 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
PRC - [2013/01/18 09:21:02 | 000,873,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013/01/18 09:21:00 | 001,821,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013/01/18 07:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/11/22 21:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/10/09 11:30:28 | 000,032,368 | ---- | M] (Sanford, L.P.) -- C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe
PRC - [2012/08/23 11:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2011/06/01 18:06:40 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2011/05/30 03:01:26 | 000,222,544 | ---- | M] (Computer Associates International, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe
PRC - [2011/05/06 13:07:18 | 000,460,144 | ---- | M] () -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
PRC - [2011/05/06 12:58:52 | 001,085,440 | ---- | M] () -- C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe
PRC - [2011/04/04 11:42:28 | 000,662,096 | ---- | M] (CA) -- C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe
PRC - [2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/01/23 18:47:42 | 000,770,728 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\lxecmon.exe
PRC - [2010/08/23 19:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/07/08 13:21:52 | 000,025,824 | ---- | M] (Memeo) -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
PRC - [2010/01/18 10:27:10 | 000,139,944 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\ezprint.exe
PRC - [2010/01/07 14:36:50 | 000,598,696 | ---- | M] ( ) -- C:\Windows\System32\lxeccoms.exe


========== Modules (No Company Name) ==========

MOD - [2013/10/09 20:02:12 | 000,589,824 | ---- | M] () -- C:\Program Files\CA\CA Internet Security Suite\log4cplusU.dll
MOD - [2013/10/08 19:02:43 | 000,415,184 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll
MOD - [2013/10/08 19:02:41 | 004,055,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll
MOD - [2013/10/08 19:01:50 | 000,698,832 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
MOD - [2013/10/08 19:01:49 | 000,099,792 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\libegl.dll
MOD - [2013/10/08 19:01:47 | 001,604,560 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
MOD - [2013/09/23 16:03:42 | 000,344,064 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
MOD - [2013/09/23 16:03:22 | 000,231,936 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
MOD - [2013/09/23 16:02:32 | 000,253,440 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
MOD - [2013/09/23 16:01:52 | 000,117,248 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
MOD - [2013/09/14 00:51:02 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll
MOD - [2013/09/14 00:50:36 | 001,242,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll
MOD - [2013/07/14 15:33:45 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/03/13 15:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/01/10 15:01:44 | 000,026,624 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll
MOD - [2013/01/10 15:01:26 | 010,683,392 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
MOD - [2013/01/10 15:01:24 | 001,681,408 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
MOD - [2013/01/10 15:01:22 | 007,741,952 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
MOD - [2013/01/10 15:01:20 | 002,248,192 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
MOD - [2012/11/13 18:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/04/28 17:57:46 | 000,091,520 | ---- | M] () -- C:\Program Files\SOS Online Backup\ClientApi.dll
MOD - [2011/01/23 18:47:42 | 000,770,728 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\lxecmon.exe
MOD - [2010/04/05 04:56:17 | 002,203,803 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\epwizres.dll
MOD - [2010/04/01 11:24:28 | 001,159,168 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\lxecdrs.dll
MOD - [2010/04/01 11:23:27 | 000,389,120 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\lxecscw.dll
MOD - [2010/01/18 10:27:10 | 000,139,944 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\ezprint.exe
MOD - [2009/05/27 11:16:52 | 000,192,512 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\lxecdatr.dll
MOD - [2009/04/07 13:25:27 | 000,409,600 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\iptk.dll
MOD - [2009/03/30 06:37:47 | 000,094,208 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\epoemdll.dll
MOD - [2009/03/30 06:37:46 | 000,045,056 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\epstring.dll
MOD - [2009/03/30 06:37:28 | 000,708,608 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\epwizard.dll
MOD - [2009/03/30 06:35:40 | 000,159,744 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\customui.dll
MOD - [2009/03/30 06:35:22 | 000,061,440 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\epfunct.dll
MOD - [2009/03/30 06:35:17 | 000,118,784 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\eputil.dll
MOD - [2009/03/30 06:35:05 | 000,139,264 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\imagutil.dll
MOD - [2009/03/09 23:43:49 | 000,155,648 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\lxeccaps.dll
MOD - [2009/03/02 08:25:47 | 000,151,552 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\lxecptp.dll
MOD - [2009/02/20 02:48:43 | 000,023,552 | ---- | M] () -- C:\Windows\System32\LXECsmr.dll
MOD - [2009/02/20 02:48:03 | 000,299,008 | ---- | M] () -- C:\Windows\System32\LXECsm.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe WUSB54GS.exe -- (WUSB54GSSVC)
SRV - File not found [Auto | Stopped] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
SRV - [2013/11/10 09:48:40 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/30 14:25:56 | 000,566,696 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/10/29 16:19:57 | 000,241,360 | ---- | M] (Total Defense, Inc.) [Auto | Running] -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\CAAMSvc.exe -- (CAAMSvc)
SRV - [2013/10/09 20:02:09 | 000,257,544 | ---- | M] (Total Defense, Inc.) [On_Demand | Running] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2013/10/09 20:02:09 | 000,208,392 | ---- | M] (Total Defense, Inc.) [Auto | Running] -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV - [2013/10/09 19:20:29 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/09/05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/03 22:09:34 | 002,763,152 | ---- | M] () [Auto | Running] -- C:\Windows\System32\svcprs32.exe -- (WinSvchostManager)
SRV - [2013/09/03 22:01:18 | 003,213,712 | ---- | M] () [Auto | Running] -- C:\Windows\System32\mdmcls32.exe -- (WinExtManager)
SRV - [2013/05/26 23:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/02/25 23:22:34 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/01/18 07:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/10/09 11:30:28 | 000,032,368 | ---- | M] (Sanford, L.P.) [Auto | Running] -- C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe -- (DymoPnpService)
SRV - [2012/08/23 11:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/08/12 02:01:50 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/06/27 22:58:16 | 000,804,536 | ---- | M] (Acronis) [Disabled | Stopped] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011/06/13 21:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2011/06/01 18:06:40 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011/05/30 03:01:26 | 000,222,544 | ---- | M] (Computer Associates International, Inc.) [Auto | Running] -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe -- (CAISafe)
SRV - [2011/05/06 13:07:18 | 000,460,144 | ---- | M] () [Auto | Running] -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2011/05/06 12:58:52 | 001,085,440 | ---- | M] () [Auto | Running] -- C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe -- (FlipShareServer)
SRV - [2011/04/04 11:42:28 | 000,662,096 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe -- (UmxEngine)
SRV - [2010/08/23 19:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/07/23 11:24:48 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Nuance\dgnsvc.exe -- (DragonSvc)
SRV - [2010/07/08 13:21:52 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2010/04/14 19:08:06 | 000,193,192 | ---- | M] () [Disabled | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxecserv.exe -- (lxecCATSCustConnectService)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)


========== Driver Services (SafeList) ==========

DRV - [2013/11/12 07:55:47 | 000,013,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2013/02/25 23:22:06 | 008,939,296 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012/10/12 15:33:50 | 000,064,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2012/09/09 10:22:09 | 000,009,072 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\15434 -- (15434)
DRV - [2012/06/11 10:06:35 | 000,107,088 | ---- | M] (CA) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\KmxFw.sys -- (KmxFw)
DRV - [2011/10/27 15:07:50 | 000,170,064 | ---- | M] (Total Defense) [File_System | Boot | Running] -- C:\Windows\System32\drivers\KmxAMRT.sys -- (KmxAMRT)
DRV - [2011/10/26 11:51:22 | 000,083,536 | ---- | M] (CA) [File_System | System | Running] -- C:\Windows\System32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2011/09/06 21:04:20 | 000,152,656 | ---- | M] (CA) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KmxCF.sys -- (KmxCF)
DRV - [2011/09/06 21:04:20 | 000,066,128 | ---- | M] (CA) [Kernel | System | Running] -- C:\Windows\System32\drivers\KmxFilter.sys -- (KmxFilter)
DRV - [2011/09/06 21:03:38 | 000,081,488 | ---- | M] (CA) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KmxSbx.sys -- (KmxSbx)
DRV - [2011/09/06 21:03:38 | 000,063,056 | ---- | M] (CA) [File_System | System | Running] -- C:\Windows\System32\drivers\KmxFile.sys -- (KmxFile)
DRV - [2011/09/06 21:03:36 | 000,331,344 | ---- | M] (CA) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2011/07/07 18:21:28 | 000,139,880 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2011/03/09 21:29:18 | 000,006,656 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\iPodDrv.sys -- (iPodDrv)
DRV - [2010/11/20 16:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 16:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 16:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010/11/09 14:35:30 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2009/07/13 19:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2008/03/11 15:18:56 | 000,068,762 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jl2005c.sys -- (JL2005C)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6C 31 B8 10 2E DF CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{37847AED-F900-4C3A-A265-AD9AFC040383}: "URL" = http://www.google.co...&rlz=1I7ADRA_en
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....sa&d=2012-07-29 10:57:27&v=12.1.0.21&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@dymo.com/DymoLabelFramework: C:\Program Files\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll ( Sanford L.P.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Alonso Alienware\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Alonso Alienware\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Users\Alonso Alienware\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\Firefox [2013/10/10 05:38:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013/07/12 17:50:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/11/10 09:48:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/08/10 16:39:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alonso Alienware\AppData\Roaming\mozilla\Extensions
[2011/08/10 16:39:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alonso Alienware\AppData\Roaming\mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}
[2013/10/06 10:31:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alonso Alienware\AppData\Roaming\mozilla\Firefox\Profiles\5f7x20jf.default\extensions
[2013/04/01 14:33:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alonso Alienware\AppData\Roaming\mozilla\Firefox\Profiles\ncd3cekb.default\extensions
[2013/07/07 20:04:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alonso Alienware\AppData\Roaming\mozilla\Firefox\Profiles\ncd3cekb.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}
[2012/06/11 16:53:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alonso Alienware\AppData\Roaming\mozilla\Firefox\Profiles\y5kumroa.default\extensions
[2012/06/11 16:53:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alonso Alienware\AppData\Roaming\mozilla\Firefox\Profiles\y5kumroa.default\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
[2011/08/10 16:39:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alonso Alienware\AppData\Roaming\mozilla\SeaMonkey\Profiles\t2j50o79.default\extensions
[2011/08/10 16:39:12 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Alonso Alienware\AppData\Roaming\mozilla\SeaMonkey\Profiles\t2j50o79.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/08/10 16:39:12 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Users\Alonso Alienware\AppData\Roaming\mozilla\SeaMonkey\Profiles\t2j50o79.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2011/08/10 16:39:12 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Users\Alonso Alienware\AppData\Roaming\mozilla\SeaMonkey\Profiles\t2j50o79.default\extensions\[email protected]
[2013/11/10 09:48:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/11/10 09:48:31 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/11/10 09:48:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/11/10 09:48:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/11/10 09:48:41 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/07/29 09:56:54 | 000,003,752 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2013/06/06 16:16:03 | 000,003,725 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\safeguard-secure-search.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/ig
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: doubletwist Plugin 1, 3, 0, 0 (Enabled) = C:\Program Files\Common Files\doubleTwist\NPPodcast.dll
CHR - plugin: DYMO Label Framework (Enabled) = C:\Program Files\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Yahoo!\Common\npyaxmpb.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: AmazonMP3DownloaderPlugin (Enabled) = C:\Users\Alonso Alienware\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.16 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpplugin.dll
CHR - Extension: FLV Runner = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahilkiibpgjnonbhdfkkgjddddmapala\10.21.1.507_0\
CHR - Extension: FLV Runner = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahilkiibpgjnonbhdfkkgjddddmapala\10.22.0.588_0\
CHR - Extension: FLV Runner = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahilkiibpgjnonbhdfkkgjddddmapala\10.22.0.588_0\nativeMessaging\nmHost
CHR - Extension: Google Docs = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Tasks (by Google) = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmglolhoplikcoamfgjgammjbgchgjdd\1.0_0\
CHR - Extension: Pandora = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl\1.0_0\
CHR - Extension: iCloud Bookmarks = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah\1.0.24_0\
CHR - Extension: Total Defense Anti-Phishing Toolbar = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpdpkkpdlooddakbebmkeeegehfjdnih\2.2.0.33_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: WhiteSmoke New = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi\10.21.1.507_0\
CHR - Extension: WhiteSmoke New = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi\10.22.0.588_0\
CHR - Extension: WhiteSmoke New = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi\10.22.0.588_0\nativeMessaging\nmHost
CHR - Extension: Skype Click to Call = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\
CHR - Extension: Google Dictionary (by Google) = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.19_0\
CHR - Extension: Google Wallet = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Google Wallet = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Cork Board = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\omedpokkgakfifajbapagggilbcenaga\1.0_0\
CHR - Extension: Evernote Web Clipper = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.0.3_0\
CHR - Extension: Gmail = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/08/25 08:33:19 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Total Defense Anti-Phishing Toolbar Helper) - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (Total Defense, Inc.)
O2 - BHO: (PodcastBHO Class) - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Total Defense Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (Total Defense, Inc.)
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll File not found
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Total Defense Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (Total Defense, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (Total Defense, Inc.)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark Pro800-Pro900 Series\ezprint.exe ()
O4 - HKLM..\Run: [lxecmon.exe] C:\Program Files\Lexmark Pro800-Pro900 Series\lxecmon.exe ()
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [MusicManager] C:\Users\Alonso Alienware\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Google Inc.)
O4 - Startup: C:\Users\Alonso Alienware\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Alonso Alienware\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\VetRedir.dll (Computer Associates International, Inc.)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} http://site.ebrary.c...s/ebraryRdr.cab (Infotl Control)
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech....Detection32.cab (Device Detection)
O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} https://qcmailb.qc.cuny.edu/dwa85W.cab (IBM Lotus iNotes 8.5 Control)
O16 - DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} http://intel-drv-cdn...reqlab_srlx.cab (System Requirements Lab Class)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.goo...7/uploader2.cab (UploadListView Class)
O16 - DPF: {75AA409D-05F9-4F27-BD53-C7339D4B1D0A} https://qcmaila.qc.cuny.edu/dwa85W.cab (IBM Lotus iNotes 8.5 Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} http://panda-plugin..../p3dactivex.cab (P3DActiveX Control)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://meetdbm.webe...bex/ieatgpc.cab (GpcContainer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.13.180 167.206.13.181
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1CB5F1A-B3E8-479A-981F-E5942786106E}: DhcpNameServer = 167.206.13.180 167.206.13.181
O18 - Protocol\Handler\biblioscape - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\lzdhtml - No CLSID value found
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\Windows\System32\UmxSbxExw.dll (CA)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PFW: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\ExplorerFrame.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Alonso Alienware\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\Alonso Alienware\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/12 10:16:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Alonso Alienware\Desktop\OTL (1).exe
[2013/11/10 09:48:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/11/01 13:06:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/11/01 13:05:07 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/10/29 10:20:34 | 000,000,000 | ---D | C] -- C:\Users\Alonso Alienware\Documents\How to
[2013/10/29 10:20:33 | 000,000,000 | ---D | C] -- C:\Users\Alonso Alienware\Documents\New folder
[2013/10/24 14:07:20 | 000,000,000 | ---D | C] -- C:\Users\Alonso Alienware\Documents\BJA Writings
[2013/10/22 07:31:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverUpdate
[2013/10/22 07:31:12 | 000,000,000 | ---D | C] -- C:\Program Files\DriverUpdate
[2013/10/22 07:31:02 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers
[2013/10/21 18:06:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/10/21 17:46:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[20 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[20 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/11/12 10:27:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3628686094-2783285445-329609012-1000UA.job
[2013/11/12 10:20:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/12 10:17:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alonso Alienware\Desktop\OTL (1).exe
[2013/11/12 10:01:00 | 000,000,314 | ---- | M] () -- C:\Windows\tasks\DSite.job
[2013/11/12 09:31:06 | 000,000,462 | ---- | M] () -- C:\Windows\tasks\SOS Online Backup - [email protected]
[2013/11/12 08:52:03 | 000,000,093 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Roaming\WB.CFG
[2013/11/12 08:52:03 | 000,000,006 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Roaming\WBPU-TTL.DAT
[2013/11/12 08:03:31 | 000,020,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/12 08:03:31 | 000,020,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/12 07:56:37 | 000,000,416 | ---- | M] () -- C:\Windows\tasks\DriverUpdate Startup.job
[2013/11/12 07:55:47 | 000,013,464 | ---- | M] () -- C:\Windows\System32\drivers\SWDUMon.sys
[2013/11/12 07:53:56 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2013/11/12 07:53:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/12 07:53:38 | 2214,240,256 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/11 19:43:24 | 005,816,017 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k0
[2013/11/11 19:43:24 | 000,285,196 | ---- | M] () -- C:\Windows\System32\drivers\KmxAgent.asc
[2013/11/11 19:43:24 | 000,000,309 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k0
[2013/11/11 19:43:24 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k7
[2013/11/11 19:43:24 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k6
[2013/11/11 19:43:24 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k5
[2013/11/11 19:43:24 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k4
[2013/11/11 19:43:24 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k3
[2013/11/11 19:43:24 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k2
[2013/11/11 19:43:24 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k1
[2013/11/11 19:43:24 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k7
[2013/11/11 19:43:24 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k6
[2013/11/11 19:43:24 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k5
[2013/11/11 19:43:24 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k4
[2013/11/11 19:43:24 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k3
[2013/11/11 19:43:24 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k2
[2013/11/11 19:43:24 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k1
[2013/11/11 13:27:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3628686094-2783285445-329609012-1000Core.job
[2013/11/04 19:09:14 | 000,660,296 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/11/04 19:09:14 | 000,121,224 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/11/01 13:06:34 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/10/22 07:31:13 | 000,002,457 | ---- | M] () -- C:\Users\Public\Desktop\DriverUpdate.lnk
[2013/10/16 19:55:54 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/10/14 10:00:55 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/14 10:00:55 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[20 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[20 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/10/22 07:31:47 | 000,000,416 | ---- | C] () -- C:\Windows\tasks\DriverUpdate Startup.job
[2013/10/22 07:31:13 | 000,002,457 | ---- | C] () -- C:\Users\Public\Desktop\DriverUpdate.lnk
[2013/10/09 20:09:10 | 001,424,904 | ---- | C] () -- C:\Windows\System32\cfgmig32.dll
[2013/10/09 20:08:52 | 001,755,536 | ---- | C] () -- C:\Windows\System32\winsflt.dll
[2013/10/09 20:08:51 | 003,213,712 | ---- | C] () -- C:\Windows\System32\mdmcls32.exe
[2013/07/29 11:01:05 | 000,000,093 | ---- | C] () -- C:\Users\Alonso Alienware\AppData\Roaming\WB.CFG
[2013/06/16 09:04:03 | 000,000,006 | ---- | C] () -- C:\Users\Alonso Alienware\AppData\Roaming\WBPU-TTL.DAT
[2013/04/18 18:07:00 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013/04/18 18:06:46 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2013/04/18 18:06:46 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2013/04/18 18:06:46 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2013/04/18 18:06:46 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2013/01/31 13:11:39 | 000,000,862 | ---- | C] () -- C:\Users\Alonso Alienware\AppData\Local\recently-used.xbel
[2013/01/03 17:09:48 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/06/11 16:44:03 | 000,000,007 | ---- | C] () -- C:\Windows\System32\mkghj.dll
[2012/06/11 09:18:18 | 002,763,152 | ---- | C] () -- C:\Windows\System32\svcprs32.exe
[2012/06/11 09:18:17 | 004,110,736 | ---- | C] () -- C:\Windows\System32\win32cpr.dll
[2012/06/11 09:18:15 | 000,100,752 | ---- | C] () -- C:\Windows\System32\winsfinst.exe
[2012/04/08 22:14:58 | 000,000,605 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/03/02 01:54:58 | 000,004,076 | ---- | C] () -- C:\Users\Alonso Alienware\.ganttproject
[2011/11/22 11:35:08 | 000,013,464 | ---- | C] () -- C:\Windows\System32\drivers\SWDUMon.sys
[2011/11/22 11:30:13 | 000,150,996 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2011/08/26 07:57:50 | 000,000,600 | ---- | C] () -- C:\Users\Alonso Alienware\AppData\Local\PUTTY.RND
[2011/06/29 16:36:01 | 000,002,875 | ---- | C] () -- C:\Users\Alonso Alienware\AppData\Roaming\SAS7_000.DAT
[2010/09/18 08:13:42 | 000,000,118 | ---- | C] () -- C:\Users\Alonso Alienware\AppData\Roaming\MTC-savedfolder.dat
[2010/02/26 19:23:04 | 000,000,127 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2010/02/17 16:35:17 | 000,000,000 | ---- | C] () -- C:\Users\Alonso Alienware\ipodApps
[2010/02/11 11:39:28 | 000,000,760 | ---- | C] () -- C:\Users\Alonso Alienware\AppData\Roaming\setup_ldm.iss
[2009/07/31 21:44:59 | 000,177,664 | ---- | C] () -- C:\Users\Alonso Alienware\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2013/02/19 19:07:45 | 008,612,066 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Temp\{4AB72539-E2BF-4696-AF85-6E45B2EDCA6E}\iTunes_Music_Library.xmls348.u_{B3CBD2A2-A121-4228-8F8F-9A0030B98944}.u
[2013/07/29 19:27:18 | 008,919,280 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Temp\{4AB72539-E2BF-4696-AF85-6E45B2EDCA6E}\iTunes_Music_Library.xmls3c4.u_{64A62B54-16C7-40FF-B402-5406F34CC25E}.u
[2013/02/19 19:07:45 | 008,612,066 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Temp\{A998113F-7CFB-4E03-8BE1-A6CE1F8C01B8}\iTunes_Music_Library.xmls348.u_{DB898613-E549-46C8-9985-32794E4D588A}.u
[2013/07/29 19:27:18 | 008,919,280 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Temp\{A998113F-7CFB-4E03-8BE1-A6CE1F8C01B8}\iTunes_Music_Library.xmls3c4.u_{75E8C918-F16E-47E6-98DE-C22BAFE68A68}.u
[2013/02/19 19:07:45 | 008,612,066 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Temp\{CE72D338-E2AA-46EB-A2A6-8C565B0DEBE0}\iTunes_Music_Library.xmls348.u_{7CE6C3B9-568E-45FC-AE7F-71109526E524}.u
[2013/07/29 19:27:18 | 008,919,280 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Temp\{CE72D338-E2AA-46EB-A2A6-8C565B0DEBE0}\iTunes_Music_Library.xmls3c4.u_{0BBB57E4-3A02-46D2-8E2A-EE1C2CC03FD2}.u
[2009/07/13 23:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 16:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 20:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/09/26 11:08:44 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\.minecraft
[2011/08/10 16:36:00 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Acronis
[2011/08/10 16:36:02 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Amazon
[2011/08/10 16:38:53 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Broderbund
[2011/08/10 16:38:53 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\BSD
[2011/08/10 16:38:53 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\CBS Interactive
[2012/11/06 10:32:27 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\CompuClever
[2013/05/28 14:12:17 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\DirectLife
[2013/11/12 07:57:26 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Dropbox
[2013/05/28 15:01:13 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\DSite
[2011/08/19 11:47:26 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Easeware
[2011/08/10 16:38:54 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\FCTB000000001
[2012/02/13 14:42:28 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\FileZilla
[2011/08/10 16:38:55 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Flip Video
[2011/08/10 16:38:57 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\FreeImageConverter
[2011/08/18 21:28:49 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\GetRightToGo
[2011/08/10 16:38:57 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Individual Software
[2011/08/10 16:38:58 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Leadertech
[2013/08/21 17:50:58 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Memeo
[2011/08/10 16:39:12 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\NCH Swift Sound
[2011/08/10 16:39:12 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Nuance
[2011/10/12 12:58:53 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\OpenCandy
[2011/08/10 16:39:12 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\OpenOffice.org
[2011/08/10 16:39:13 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\OverDrive
[2011/08/10 16:39:13 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Palm
[2011/10/12 14:50:57 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Sammsoft
[2013/08/21 17:50:59 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Seagate
[2011/08/10 16:39:15 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Serif
[2011/08/10 15:42:48 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Spearit
[2011/08/10 16:39:15 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Stardock
[2011/08/18 19:34:31 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\SystemRequirementsLab
[2011/08/10 16:39:17 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\TechSmith
[2011/08/10 16:39:17 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Uniblue
[2011/08/10 16:39:17 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Unity
[2011/08/10 16:39:17 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\webex
[2011/08/10 16:39:18 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Winff
[2011/08/10 16:39:18 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Wolfram Research
[2013/05/28 15:03:32 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Zip Opener Packages

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2011/08/18 13:54:56 | 000,135,260 | ---- | M] ()(C:\Windows\System32\??7AEI.exe.000003.dmp) -- C:\Windows\System32\蚈7AEI.exe.000003.dmp
[2011/08/18 13:54:56 | 000,135,260 | ---- | C] ()(C:\Windows\System32\??7AEI.exe.000003.dmp) -- C:\Windows\System32\蚈7AEI.exe.000003.dmp
[2011/08/18 13:54:56 | 000,000,977 | ---- | M] ()(C:\Windows\System32\??7aei.exe.000002.xml) -- C:\Windows\System32\蚈7aei.exe.000002.xml
[2011/08/18 13:54:53 | 000,126,548 | ---- | M] ()(C:\Windows\System32\??7AEI.exe.000002.dmp) -- C:\Windows\System32\蚈7AEI.exe.000002.dmp
[2011/08/18 13:54:53 | 000,000,977 | ---- | C] ()(C:\Windows\System32\??7aei.exe.000002.xml) -- C:\Windows\System32\蚈7aei.exe.000002.xml
[2011/08/18 13:54:44 | 000,126,548 | ---- | C] ()(C:\Windows\System32\??7AEI.exe.000002.dmp) -- C:\Windows\System32\蚈7AEI.exe.000002.dmp

========== Alternate Data Streams ==========

@Alternate Data Stream - 236 bytes -> C:\ProgramData\TEMP:0FF263E8

< End of report >
  • 0

#5
kate720

kate720

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
This is a follow up...

I was able to run the scan successfully. I needed to select Run as Administrator. I have had this issue on some programs since I upgraded to windows 7 for windows Xp a few years ago. Still only seeing one file returned (no extras file). New OTL content below
-----------------------------------------------------------------------------------

OTL logfile created on: 11/12/2013 10:18:29 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Alonso Alienware\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 0.88 Gb Available Physical Memory | 32.17% Memory free
2.81 Gb Paging File | 0.84 Gb Available in Paging File | 29.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.08 Gb Total Space | 0.01 Gb Free Space | 0.00% Space Free | Partition Type: NTFS

Computer Name: ALONSOALIENWARE | User Name: Alonso Alienware | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/12 10:17:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alonso Alienware\Desktop\OTL (1).exe
PRC - [2013/10/29 16:19:57 | 000,241,360 | ---- | M] (Total Defense, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\CAAMSvc.exe
PRC - [2013/10/14 08:33:12 | 000,237,960 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
PRC - [2013/10/09 20:02:12 | 001,621,512 | ---- | M] (Total Defense, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\casc.exe
PRC - [2013/10/09 20:02:09 | 000,257,544 | ---- | M] (Total Defense, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
PRC - [2013/10/09 20:02:09 | 000,208,392 | ---- | M] (Total Defense, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe
PRC - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/10/08 19:02:45 | 000,844,752 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/09/23 16:15:18 | 007,342,592 | ---- | M] (Google Inc.) -- C:\Users\Alonso Alienware\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
PRC - [2013/09/15 13:34:06 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2013/09/14 02:38:54 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2013/09/14 02:27:52 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe
PRC - [2013/09/03 22:09:34 | 002,763,152 | ---- | M] () -- C:\Windows\System32\svcprs32.exe
PRC - [2013/09/03 22:01:18 | 003,213,712 | ---- | M] () -- C:\Windows\System32\mdmcls32.exe
PRC - [2013/06/22 14:26:32 | 034,199,872 | ---- | M] (SlimWare Utilities, Inc.) -- C:\Program Files\DriverUpdate\DriverUpdate.exe
PRC - [2013/05/24 19:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Users\Alonso Alienware\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/05/13 14:33:02 | 001,693,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
PRC - [2013/05/13 14:33:02 | 001,113,296 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
PRC - [2013/01/18 09:21:02 | 000,873,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013/01/18 09:21:00 | 001,821,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013/01/18 07:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/11/22 21:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/10/09 11:30:28 | 000,032,368 | ---- | M] (Sanford, L.P.) -- C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe
PRC - [2012/08/23 11:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2011/06/01 18:06:40 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2011/05/30 03:01:26 | 000,222,544 | ---- | M] (Computer Associates International, Inc.) -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe
PRC - [2011/05/06 13:07:18 | 000,460,144 | ---- | M] () -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
PRC - [2011/05/06 12:58:52 | 001,085,440 | ---- | M] () -- C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe
PRC - [2011/04/04 11:42:28 | 000,662,096 | ---- | M] (CA) -- C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe
PRC - [2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/01/23 18:47:42 | 000,770,728 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\lxecmon.exe
PRC - [2010/08/23 19:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/07/08 13:21:52 | 000,025,824 | ---- | M] (Memeo) -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
PRC - [2010/01/18 10:27:10 | 000,139,944 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\ezprint.exe
PRC - [2010/01/07 14:36:50 | 000,598,696 | ---- | M] ( ) -- C:\Windows\System32\lxeccoms.exe


========== Modules (No Company Name) ==========

MOD - [2013/10/09 20:02:12 | 000,589,824 | ---- | M] () -- C:\Program Files\CA\CA Internet Security Suite\log4cplusU.dll
MOD - [2013/10/08 19:02:43 | 000,415,184 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll
MOD - [2013/10/08 19:02:41 | 004,055,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll
MOD - [2013/10/08 19:01:50 | 000,698,832 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
MOD - [2013/10/08 19:01:49 | 000,099,792 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\libegl.dll
MOD - [2013/10/08 19:01:47 | 001,604,560 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
MOD - [2013/09/23 16:03:42 | 000,344,064 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
MOD - [2013/09/23 16:03:22 | 000,231,936 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
MOD - [2013/09/23 16:02:32 | 000,253,440 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
MOD - [2013/09/23 16:01:52 | 000,117,248 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
MOD - [2013/09/14 00:51:02 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll
MOD - [2013/09/14 00:50:36 | 001,242,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll
MOD - [2013/07/14 15:33:45 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/03/13 15:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/01/10 15:01:44 | 000,026,624 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll
MOD - [2013/01/10 15:01:26 | 010,683,392 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
MOD - [2013/01/10 15:01:24 | 001,681,408 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
MOD - [2013/01/10 15:01:22 | 007,741,952 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
MOD - [2013/01/10 15:01:20 | 002,248,192 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
MOD - [2012/11/13 18:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/04/28 17:57:46 | 000,091,520 | ---- | M] () -- C:\Program Files\SOS Online Backup\ClientApi.dll
MOD - [2011/01/23 18:47:42 | 000,770,728 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\lxecmon.exe
MOD - [2010/04/05 04:56:17 | 002,203,803 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\epwizres.dll
MOD - [2010/04/01 11:24:28 | 001,159,168 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\lxecdrs.dll
MOD - [2010/04/01 11:23:27 | 000,389,120 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\lxecscw.dll
MOD - [2010/01/18 10:27:10 | 000,139,944 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\ezprint.exe
MOD - [2009/05/27 11:16:52 | 000,192,512 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\lxecdatr.dll
MOD - [2009/04/07 13:25:27 | 000,409,600 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\iptk.dll
MOD - [2009/03/30 06:37:47 | 000,094,208 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\epoemdll.dll
MOD - [2009/03/30 06:37:46 | 000,045,056 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\epstring.dll
MOD - [2009/03/30 06:37:28 | 000,708,608 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\epwizard.dll
MOD - [2009/03/30 06:35:40 | 000,159,744 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\customui.dll
MOD - [2009/03/30 06:35:22 | 000,061,440 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\epfunct.dll
MOD - [2009/03/30 06:35:17 | 000,118,784 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\eputil.dll
MOD - [2009/03/30 06:35:05 | 000,139,264 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\imagutil.dll
MOD - [2009/03/09 23:43:49 | 000,155,648 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\lxeccaps.dll
MOD - [2009/03/02 08:25:47 | 000,151,552 | ---- | M] () -- C:\Program Files\Lexmark Pro800-Pro900 Series\lxecptp.dll
MOD - [2009/02/20 02:48:43 | 000,023,552 | ---- | M] () -- C:\Windows\System32\LXECsmr.dll
MOD - [2009/02/20 02:48:03 | 000,299,008 | ---- | M] () -- C:\Windows\System32\LXECsm.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe WUSB54GS.exe -- (WUSB54GSSVC)
SRV - File not found [Auto | Stopped] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
SRV - [2013/11/10 09:48:40 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/30 14:25:56 | 000,566,696 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/10/29 16:19:57 | 000,241,360 | ---- | M] (Total Defense, Inc.) [Auto | Running] -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\CAAMSvc.exe -- (CAAMSvc)
SRV - [2013/10/09 20:02:09 | 000,257,544 | ---- | M] (Total Defense, Inc.) [On_Demand | Running] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2013/10/09 20:02:09 | 000,208,392 | ---- | M] (Total Defense, Inc.) [Auto | Running] -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV - [2013/10/09 19:20:29 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/09/05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/03 22:09:34 | 002,763,152 | ---- | M] () [Auto | Running] -- C:\Windows\System32\svcprs32.exe -- (WinSvchostManager)
SRV - [2013/09/03 22:01:18 | 003,213,712 | ---- | M] () [Auto | Running] -- C:\Windows\System32\mdmcls32.exe -- (WinExtManager)
SRV - [2013/05/26 23:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/02/25 23:22:34 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/01/18 07:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/10/09 11:30:28 | 000,032,368 | ---- | M] (Sanford, L.P.) [Auto | Running] -- C:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe -- (DymoPnpService)
SRV - [2012/08/23 11:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/08/12 02:01:50 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/06/27 22:58:16 | 000,804,536 | ---- | M] (Acronis) [Disabled | Stopped] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011/06/13 21:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2011/06/01 18:06:40 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011/05/30 03:01:26 | 000,222,544 | ---- | M] (Computer Associates International, Inc.) [Auto | Running] -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe -- (CAISafe)
SRV - [2011/05/06 13:07:18 | 000,460,144 | ---- | M] () [Auto | Running] -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2011/05/06 12:58:52 | 001,085,440 | ---- | M] () [Auto | Running] -- C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe -- (FlipShareServer)
SRV - [2011/04/04 11:42:28 | 000,662,096 | ---- | M] (CA) [Auto | Running] -- C:\Program Files\CA\SharedComponents\TMEngine\UmxEngine.exe -- (UmxEngine)
SRV - [2010/08/23 19:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/07/23 11:24:48 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Nuance\dgnsvc.exe -- (DragonSvc)
SRV - [2010/07/08 13:21:52 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2010/04/14 19:08:06 | 000,193,192 | ---- | M] () [Disabled | Stopped] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxecserv.exe -- (lxecCATSCustConnectService)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)


========== Driver Services (SafeList) ==========

DRV - [2013/11/12 07:55:47 | 000,013,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2013/02/25 23:22:06 | 008,939,296 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012/10/12 15:33:50 | 000,064,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2012/09/09 10:22:09 | 000,009,072 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\15434 -- (15434)
DRV - [2012/06/11 10:06:35 | 000,107,088 | ---- | M] (CA) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\KmxFw.sys -- (KmxFw)
DRV - [2011/10/27 15:07:50 | 000,170,064 | ---- | M] (Total Defense) [File_System | Boot | Running] -- C:\Windows\System32\drivers\KmxAMRT.sys -- (KmxAMRT)
DRV - [2011/10/26 11:51:22 | 000,083,536 | ---- | M] (CA) [File_System | System | Running] -- C:\Windows\System32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2011/09/06 21:04:20 | 000,152,656 | ---- | M] (CA) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KmxCF.sys -- (KmxCF)
DRV - [2011/09/06 21:04:20 | 000,066,128 | ---- | M] (CA) [Kernel | System | Running] -- C:\Windows\System32\drivers\KmxFilter.sys -- (KmxFilter)
DRV - [2011/09/06 21:03:38 | 000,081,488 | ---- | M] (CA) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KmxSbx.sys -- (KmxSbx)
DRV - [2011/09/06 21:03:38 | 000,063,056 | ---- | M] (CA) [File_System | System | Running] -- C:\Windows\System32\drivers\KmxFile.sys -- (KmxFile)
DRV - [2011/09/06 21:03:36 | 000,331,344 | ---- | M] (CA) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2011/07/07 18:21:28 | 000,139,880 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2011/03/09 21:29:18 | 000,006,656 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\iPodDrv.sys -- (iPodDrv)
DRV - [2010/11/20 16:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 16:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 16:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010/11/09 14:35:30 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2009/07/13 19:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2008/03/11 15:18:56 | 000,068,762 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jl2005c.sys -- (JL2005C)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6C 31 B8 10 2E DF CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{37847AED-F900-4C3A-A265-AD9AFC040383}: "URL" = http://www.google.co...&rlz=1I7ADRA_en
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....sa&d=2012-07-29 10:57:27&v=12.1.0.21&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@dymo.com/DymoLabelFramework: C:\Program Files\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll ( Sanford L.P.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Alonso Alienware\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Alonso Alienware\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Users\Alonso Alienware\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\Firefox [2013/10/10 05:38:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013/07/12 17:50:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/11/10 09:48:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/08/10 16:39:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alonso Alienware\AppData\Roaming\mozilla\Extensions
[2011/08/10 16:39:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alonso Alienware\AppData\Roaming\mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}
[2013/10/06 10:31:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alonso Alienware\AppData\Roaming\mozilla\Firefox\Profiles\5f7x20jf.default\extensions
[2013/04/01 14:33:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alonso Alienware\AppData\Roaming\mozilla\Firefox\Profiles\ncd3cekb.default\extensions
[2013/07/07 20:04:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alonso Alienware\AppData\Roaming\mozilla\Firefox\Profiles\ncd3cekb.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}
[2012/06/11 16:53:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alonso Alienware\AppData\Roaming\mozilla\Firefox\Profiles\y5kumroa.default\extensions
[2012/06/11 16:53:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alonso Alienware\AppData\Roaming\mozilla\Firefox\Profiles\y5kumroa.default\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
[2011/08/10 16:39:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alonso Alienware\AppData\Roaming\mozilla\SeaMonkey\Profiles\t2j50o79.default\extensions
[2011/08/10 16:39:12 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Alonso Alienware\AppData\Roaming\mozilla\SeaMonkey\Profiles\t2j50o79.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011/08/10 16:39:12 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Users\Alonso Alienware\AppData\Roaming\mozilla\SeaMonkey\Profiles\t2j50o79.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2011/08/10 16:39:12 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Users\Alonso Alienware\AppData\Roaming\mozilla\SeaMonkey\Profiles\t2j50o79.default\extensions\[email protected]
[2013/11/10 09:48:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/11/10 09:48:31 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/11/10 09:48:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/11/10 09:48:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/11/10 09:48:41 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/07/29 09:56:54 | 000,003,752 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2013/06/06 16:16:03 | 000,003,725 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\safeguard-secure-search.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/ig
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: doubletwist Plugin 1, 3, 0, 0 (Enabled) = C:\Program Files\Common Files\doubleTwist\NPPodcast.dll
CHR - plugin: DYMO Label Framework (Enabled) = C:\Program Files\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Yahoo!\Common\npyaxmpb.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: AmazonMP3DownloaderPlugin (Enabled) = C:\Users\Alonso Alienware\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.16 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpplugin.dll
CHR - Extension: FLV Runner = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahilkiibpgjnonbhdfkkgjddddmapala\10.21.1.507_0\
CHR - Extension: FLV Runner = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahilkiibpgjnonbhdfkkgjddddmapala\10.22.0.588_0\
CHR - Extension: FLV Runner = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahilkiibpgjnonbhdfkkgjddddmapala\10.22.0.588_0\nativeMessaging\nmHost
CHR - Extension: Google Docs = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Tasks (by Google) = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmglolhoplikcoamfgjgammjbgchgjdd\1.0_0\
CHR - Extension: Pandora = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl\1.0_0\
CHR - Extension: iCloud Bookmarks = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah\1.0.24_0\
CHR - Extension: Total Defense Anti-Phishing Toolbar = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpdpkkpdlooddakbebmkeeegehfjdnih\2.2.0.33_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: WhiteSmoke New = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi\10.21.1.507_0\
CHR - Extension: WhiteSmoke New = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi\10.22.0.588_0\
CHR - Extension: WhiteSmoke New = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi\10.22.0.588_0\nativeMessaging\nmHost
CHR - Extension: Skype Click to Call = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\
CHR - Extension: Google Dictionary (by Google) = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.19_0\
CHR - Extension: Google Wallet = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Google Wallet = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Cork Board = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\omedpokkgakfifajbapagggilbcenaga\1.0_0\
CHR - Extension: Evernote Web Clipper = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.0.3_0\
CHR - Extension: Gmail = C:\Users\Alonso Alienware\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/08/25 08:33:19 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Total Defense Anti-Phishing Toolbar Helper) - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (Total Defense, Inc.)
O2 - BHO: (PodcastBHO Class) - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Total Defense Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (Total Defense, Inc.)
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll File not found
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Total Defense Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (Total Defense, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (Total Defense, Inc.)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark Pro800-Pro900 Series\ezprint.exe ()
O4 - HKLM..\Run: [lxecmon.exe] C:\Program Files\Lexmark Pro800-Pro900 Series\lxecmon.exe ()
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [MusicManager] C:\Users\Alonso Alienware\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Google Inc.)
O4 - Startup: C:\Users\Alonso Alienware\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Alonso Alienware\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\VetRedir.dll (Computer Associates International, Inc.)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} http://site.ebrary.c...s/ebraryRdr.cab (Infotl Control)
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech....Detection32.cab (Device Detection)
O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} https://qcmailb.qc.cuny.edu/dwa85W.cab (IBM Lotus iNotes 8.5 Control)
O16 - DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} http://intel-drv-cdn...reqlab_srlx.cab (System Requirements Lab Class)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.goo...7/uploader2.cab (UploadListView Class)
O16 - DPF: {75AA409D-05F9-4F27-BD53-C7339D4B1D0A} https://qcmaila.qc.cuny.edu/dwa85W.cab (IBM Lotus iNotes 8.5 Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} http://panda-plugin..../p3dactivex.cab (P3DActiveX Control)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://meetdbm.webe...bex/ieatgpc.cab (GpcContainer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.13.180 167.206.13.181
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1CB5F1A-B3E8-479A-981F-E5942786106E}: DhcpNameServer = 167.206.13.180 167.206.13.181
O18 - Protocol\Handler\biblioscape - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\lzdhtml - No CLSID value found
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\Windows\System32\UmxSbxExw.dll (CA)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PFW: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\ExplorerFrame.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Alonso Alienware\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\Alonso Alienware\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/12 10:16:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Alonso Alienware\Desktop\OTL (1).exe
[2013/11/10 09:48:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/11/01 13:06:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/11/01 13:05:07 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/10/29 10:20:34 | 000,000,000 | ---D | C] -- C:\Users\Alonso Alienware\Documents\How to
[2013/10/29 10:20:33 | 000,000,000 | ---D | C] -- C:\Users\Alonso Alienware\Documents\New folder
[2013/10/24 14:07:20 | 000,000,000 | ---D | C] -- C:\Users\Alonso Alienware\Documents\BJA Writings
[2013/10/22 07:31:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverUpdate
[2013/10/22 07:31:12 | 000,000,000 | ---D | C] -- C:\Program Files\DriverUpdate
[2013/10/22 07:31:02 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers
[2013/10/21 18:06:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/10/21 17:46:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[20 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[20 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/11/12 10:27:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3628686094-2783285445-329609012-1000UA.job
[2013/11/12 10:20:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/12 10:17:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alonso Alienware\Desktop\OTL (1).exe
[2013/11/12 10:01:00 | 000,000,314 | ---- | M] () -- C:\Windows\tasks\DSite.job
[2013/11/12 09:31:06 | 000,000,462 | ---- | M] () -- C:\Windows\tasks\SOS Online Backup - [email protected]
[2013/11/12 08:52:03 | 000,000,093 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Roaming\WB.CFG
[2013/11/12 08:52:03 | 000,000,006 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Roaming\WBPU-TTL.DAT
[2013/11/12 08:03:31 | 000,020,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/12 08:03:31 | 000,020,496 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/12 07:56:37 | 000,000,416 | ---- | M] () -- C:\Windows\tasks\DriverUpdate Startup.job
[2013/11/12 07:55:47 | 000,013,464 | ---- | M] () -- C:\Windows\System32\drivers\SWDUMon.sys
[2013/11/12 07:53:56 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2013/11/12 07:53:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/12 07:53:38 | 2214,240,256 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/11 19:43:24 | 005,816,017 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k0
[2013/11/11 19:43:24 | 000,285,196 | ---- | M] () -- C:\Windows\System32\drivers\KmxAgent.asc
[2013/11/11 19:43:24 | 000,000,309 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k0
[2013/11/11 19:43:24 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k7
[2013/11/11 19:43:24 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k6
[2013/11/11 19:43:24 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k5
[2013/11/11 19:43:24 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k4
[2013/11/11 19:43:24 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k3
[2013/11/11 19:43:24 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k2
[2013/11/11 19:43:24 | 000,000,085 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k1
[2013/11/11 19:43:24 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k7
[2013/11/11 19:43:24 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k6
[2013/11/11 19:43:24 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k5
[2013/11/11 19:43:24 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k4
[2013/11/11 19:43:24 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k3
[2013/11/11 19:43:24 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k2
[2013/11/11 19:43:24 | 000,000,049 | ---- | M] () -- C:\Windows\System32\drivers\kmxzone.u2k1
[2013/11/11 13:27:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3628686094-2783285445-329609012-1000Core.job
[2013/11/04 19:09:14 | 000,660,296 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/11/04 19:09:14 | 000,121,224 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/11/01 13:06:34 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/10/22 07:31:13 | 000,002,457 | ---- | M] () -- C:\Users\Public\Desktop\DriverUpdate.lnk
[2013/10/16 19:55:54 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/10/14 10:00:55 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/14 10:00:55 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[20 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[20 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/10/22 07:31:47 | 000,000,416 | ---- | C] () -- C:\Windows\tasks\DriverUpdate Startup.job
[2013/10/22 07:31:13 | 000,002,457 | ---- | C] () -- C:\Users\Public\Desktop\DriverUpdate.lnk
[2013/10/09 20:09:10 | 001,424,904 | ---- | C] () -- C:\Windows\System32\cfgmig32.dll
[2013/10/09 20:08:52 | 001,755,536 | ---- | C] () -- C:\Windows\System32\winsflt.dll
[2013/10/09 20:08:51 | 003,213,712 | ---- | C] () -- C:\Windows\System32\mdmcls32.exe
[2013/07/29 11:01:05 | 000,000,093 | ---- | C] () -- C:\Users\Alonso Alienware\AppData\Roaming\WB.CFG
[2013/06/16 09:04:03 | 000,000,006 | ---- | C] () -- C:\Users\Alonso Alienware\AppData\Roaming\WBPU-TTL.DAT
[2013/04/18 18:07:00 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013/04/18 18:06:46 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2013/04/18 18:06:46 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2013/04/18 18:06:46 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2013/04/18 18:06:46 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2013/01/31 13:11:39 | 000,000,862 | ---- | C] () -- C:\Users\Alonso Alienware\AppData\Local\recently-used.xbel
[2013/01/03 17:09:48 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/06/11 16:44:03 | 000,000,007 | ---- | C] () -- C:\Windows\System32\mkghj.dll
[2012/06/11 09:18:18 | 002,763,152 | ---- | C] () -- C:\Windows\System32\svcprs32.exe
[2012/06/11 09:18:17 | 004,110,736 | ---- | C] () -- C:\Windows\System32\win32cpr.dll
[2012/06/11 09:18:15 | 000,100,752 | ---- | C] () -- C:\Windows\System32\winsfinst.exe
[2012/04/08 22:14:58 | 000,000,605 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/03/02 01:54:58 | 000,004,076 | ---- | C] () -- C:\Users\Alonso Alienware\.ganttproject
[2011/11/22 11:35:08 | 000,013,464 | ---- | C] () -- C:\Windows\System32\drivers\SWDUMon.sys
[2011/11/22 11:30:13 | 000,150,996 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2011/08/26 07:57:50 | 000,000,600 | ---- | C] () -- C:\Users\Alonso Alienware\AppData\Local\PUTTY.RND
[2011/06/29 16:36:01 | 000,002,875 | ---- | C] () -- C:\Users\Alonso Alienware\AppData\Roaming\SAS7_000.DAT
[2010/09/18 08:13:42 | 000,000,118 | ---- | C] () -- C:\Users\Alonso Alienware\AppData\Roaming\MTC-savedfolder.dat
[2010/02/26 19:23:04 | 000,000,127 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2010/02/17 16:35:17 | 000,000,000 | ---- | C] () -- C:\Users\Alonso Alienware\ipodApps
[2010/02/11 11:39:28 | 000,000,760 | ---- | C] () -- C:\Users\Alonso Alienware\AppData\Roaming\setup_ldm.iss
[2009/07/31 21:44:59 | 000,177,664 | ---- | C] () -- C:\Users\Alonso Alienware\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2013/02/19 19:07:45 | 008,612,066 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Temp\{4AB72539-E2BF-4696-AF85-6E45B2EDCA6E}\iTunes_Music_Library.xmls348.u_{B3CBD2A2-A121-4228-8F8F-9A0030B98944}.u
[2013/07/29 19:27:18 | 008,919,280 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Temp\{4AB72539-E2BF-4696-AF85-6E45B2EDCA6E}\iTunes_Music_Library.xmls3c4.u_{64A62B54-16C7-40FF-B402-5406F34CC25E}.u
[2013/02/19 19:07:45 | 008,612,066 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Temp\{A998113F-7CFB-4E03-8BE1-A6CE1F8C01B8}\iTunes_Music_Library.xmls348.u_{DB898613-E549-46C8-9985-32794E4D588A}.u
[2013/07/29 19:27:18 | 008,919,280 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Temp\{A998113F-7CFB-4E03-8BE1-A6CE1F8C01B8}\iTunes_Music_Library.xmls3c4.u_{75E8C918-F16E-47E6-98DE-C22BAFE68A68}.u
[2013/02/19 19:07:45 | 008,612,066 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Temp\{CE72D338-E2AA-46EB-A2A6-8C565B0DEBE0}\iTunes_Music_Library.xmls348.u_{7CE6C3B9-568E-45FC-AE7F-71109526E524}.u
[2013/07/29 19:27:18 | 008,919,280 | ---- | M] () -- C:\Users\Alonso Alienware\AppData\Local\Temp\{CE72D338-E2AA-46EB-A2A6-8C565B0DEBE0}\iTunes_Music_Library.xmls3c4.u_{0BBB57E4-3A02-46D2-8E2A-EE1C2CC03FD2}.u
[2009/07/13 23:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 16:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 20:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/09/26 11:08:44 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\.minecraft
[2011/08/10 16:36:00 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Acronis
[2011/08/10 16:36:02 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Amazon
[2011/08/10 16:38:53 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Broderbund
[2011/08/10 16:38:53 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\BSD
[2011/08/10 16:38:53 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\CBS Interactive
[2012/11/06 10:32:27 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\CompuClever
[2013/05/28 14:12:17 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\DirectLife
[2013/11/12 07:57:26 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Dropbox
[2013/05/28 15:01:13 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\DSite
[2011/08/19 11:47:26 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Easeware
[2011/08/10 16:38:54 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\FCTB000000001
[2012/02/13 14:42:28 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\FileZilla
[2011/08/10 16:38:55 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Flip Video
[2011/08/10 16:38:57 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\FreeImageConverter
[2011/08/18 21:28:49 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\GetRightToGo
[2011/08/10 16:38:57 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Individual Software
[2011/08/10 16:38:58 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Leadertech
[2013/08/21 17:50:58 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Memeo
[2011/08/10 16:39:12 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\NCH Swift Sound
[2011/08/10 16:39:12 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Nuance
[2011/10/12 12:58:53 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\OpenCandy
[2011/08/10 16:39:12 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\OpenOffice.org
[2011/08/10 16:39:13 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\OverDrive
[2011/08/10 16:39:13 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Palm
[2011/10/12 14:50:57 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Sammsoft
[2013/08/21 17:50:59 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Seagate
[2011/08/10 16:39:15 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Serif
[2011/08/10 15:42:48 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Spearit
[2011/08/10 16:39:15 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Stardock
[2011/08/18 19:34:31 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\SystemRequirementsLab
[2011/08/10 16:39:17 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\TechSmith
[2011/08/10 16:39:17 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Uniblue
[2011/08/10 16:39:17 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Unity
[2011/08/10 16:39:17 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\webex
[2011/08/10 16:39:18 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Winff
[2011/08/10 16:39:18 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Wolfram Research
[2013/05/28 15:03:32 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Zip Opener Packages

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2011/08/18 13:54:56 | 000,135,260 | ---- | M] ()(C:\Windows\System32\??7AEI.exe.000003.dmp) -- C:\Windows\System32\蚈7AEI.exe.000003.dmp
[2011/08/18 13:54:56 | 000,135,260 | ---- | C] ()(C:\Windows\System32\??7AEI.exe.000003.dmp) -- C:\Windows\System32\蚈7AEI.exe.000003.dmp
[2011/08/18 13:54:56 | 000,000,977 | ---- | M] ()(C:\Windows\System32\??7aei.exe.000002.xml) -- C:\Windows\System32\蚈7aei.exe.000002.xml
[2011/08/18 13:54:53 | 000,126,548 | ---- | M] ()(C:\Windows\System32\??7AEI.exe.000002.dmp) -- C:\Windows\System32\蚈7AEI.exe.000002.dmp
[2011/08/18 13:54:53 | 000,000,977 | ---- | C] ()(C:\Windows\System32\??7aei.exe.000002.xml) -- C:\Windows\System32\蚈7aei.exe.000002.xml
[2011/08/18 13:54:44 | 000,126,548 | ---- | C] ()(C:\Windows\System32\??7AEI.exe.000002.dmp) -- C:\Windows\System32\蚈7AEI.exe.000002.dmp

========== Alternate Data Streams ==========

@Alternate Data Stream - 236 bytes -> C:\ProgramData\TEMP:0FF263E8

< End of report >
  • 0

#6
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Hello, and thank you for the log. :) I'm currently working on a fix for you, but we're going to need to try and clear some disk space so the tools I need you to download will be able to run. Right now, you have no space open. If possible, we need about 25% space open. Can you move some files or delete some files to open some space?
  • 0

#7
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Once you have cleared some space, let's get to work. Please follow the steps below :)




Step 1: Disable Chrome Plugin

  • There are some plugins in Chrome that need to be disabled, please follow the instructions below to disable them.
  • Start Chrome and type this into the address bar: chrome:plugins
  • This will display a page of all the installed plugins. Please disable the plugin below by clicking the word Disable.
Doubletwist


  • Once you have disabled this plugin, click on Extensions in the top left corner of the browser.
  • This will display a list of extensions installed in Chrome.
  • Remove the extension below by clicking the Trash Can icon next to it.
White Smoke

Once you have disabled the plugin and deleted the extension, you can close the window.


Step 2: OTL Fix


Let's run an OTL fix:

Warning: This fix is to be used on this system and this system ONLY. Using this fix on any other machine other than yours can seriously damage it.

Be advised that when the fix commences, it will shut down all running processes and you may lose the dektop and icons, they will return on reboot.

Run OTL

  • Copy the text in the quote box below (do not copy the word "quote") and paste in the in the box marked Custom Scans/Fixes as shown in the graphic below.

Posted Image

:Commands
[createrestorepoint]

:OTL
FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll File not found
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll File not found
[2013/10/22 07:31:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverUpdate
[2013/10/22 07:31:12 | 000,000,000 | ---D | C] -- C:\Program Files\DriverUpdate
[2013/10/22 07:31:02 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers
[2013/11/12 07:56:37 | 000,000,416 | ---- | M] () -- C:\Windows\tasks\DriverUpdate Startup.job
[2013/10/22 07:31:47 | 000,000,416 | ---- | C] () -- C:\Windows\tasks\DriverUpdate Startup.job
[2013/10/22 07:31:13 | 000,002,457 | ---- | C] () -- C:\Users\Public\Desktop\DriverUpdate.lnk
[2011/10/12 12:58:53 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\OpenCandy
[2011/08/10 16:39:17 | 000,000,000 | ---D | M] -- C:\Users\Alonso Alienware\AppData\Roaming\Uniblue
[2011/08/18 13:54:56 | 000,135,260 | ---- | M] ()(C:\Windows\System32\??7AEI.exe.000003.dmp) -- C:\Windows\System32\??7AEI.exe.000003.dmp
[2011/08/18 13:54:56 | 000,135,260 | ---- | C] ()(C:\Windows\System32\??7AEI.exe.000003.dmp) -- C:\Windows\System32\??7AEI.exe.000003.dmp
[2011/08/18 13:54:56 | 000,000,977 | ---- | M] ()(C:\Windows\System32\??7aei.exe.000002.xml) -- C:\Windows\System32\??7aei.exe.000002.xml
[2011/08/18 13:54:53 | 000,126,548 | ---- | M] ()(C:\Windows\System32\??7AEI.exe.000002.dmp) -- C:\Windows\System32\??7AEI.exe.000002.dmp
[2011/08/18 13:54:53 | 000,000,977 | ---- | C] ()(C:\Windows\System32\??7aei.exe.000002.xml) -- C:\Windows\System32\??7aei.exe.000002.xml
[2011/08/18 13:54:44 | 000,126,548 | ---- | C] ()(C:\Windows\System32\??7AEI.exe.000002.dmp) -- C:\Windows\System32\??7AEI.exe.000002.dmp
@Alternate Data Stream - 236 bytes -> C:\ProgramData\TEMP:0FF263E8

:Commands
[emptytemp]



  • Click the Run Fix button at the top of the OTL control panel.
  • Let the program run until it's finished and then reboot the computer.
  • Once your machine has rebooted, a log will open. Please post that log in your next reply.

If you have any problems, questions, or need further explanation, please post a message in this thread and I will get back to you asap.


Step 3: AdwCleaner


Download ADWcleaner by clicking here. Please save it to your Desktop


Posted Image

  • Double click (Vista and 7 Users)right click the adwcleaner.exe file and click Run as Adminstrator and accept the UAC prompt to run AdwCleaner
  • Close any open windows or browsers.
  • Pause your Anti-Virus program if it is running.
  • Once it starts, click on the Scan button.
  • Let the scan complete itself. This may take a few minutes.
  • Once the scan has finished, click the Clean button. When finished, it will ask to reboot. Please reboot.
  • When the machine has rebooted, a log will be produced. Please copy/paste that in your next reply. Here's how:
  • Click the Report button and the log will open. Copy and Paste the contents of the log file into your next reply.
This report is also saved at C:\AdwCleaner[R0].txt

Step 4: Junkware Removal Tool

Posted Image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


Step 5: OTL Quick Scan

  • Start OTL and click the Quick Scan button.
  • When it's finished, it will produce a log. Please post it in your next reply.



Things I need to see in your next post:

  • OTL Fix Log
  • AdwCleaner Log
  • Junkware Removal Log
  • OTL Quick Scan Log

  • 0

#8
kate720

kate720

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Thank you for the instructions. I started moving pics and video to an external hard drive. I will need a day or so to confirm they transferred correctly. (I moved over 8000 images) Barring incident, I should be able to complete the tasks listed and return the files by end of day Thursday (Eastern Standard time). Warmest regards 😊
  • 0

#9
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Sounds good :) :thumbsup:
  • 0

#10
kate720

kate720

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Sorry about the delay but I am running into a problem. You asked that I clear about 25% of the disk space. I know I have about 300 GB of total space on the hard drive, so I would need to clear about 75GB. I started today with 999M free. I deleted/moved thousands of digital images,about 200 video clips, a few programs, and most of my documents. I don't know how it could be that I only freed up 4.75 GB! When I do a search of the c drive by file size it looks like the biggest files I have are music and apps. I had hoped not to have to move/delete my Itunes library since I've had trouble restoring that in the past. Besides, I have most of these files on my Ipad which has 32 GB so I can't imagine all the files could take up much more that that on the PC. The largest file on my C drive is just over 16M. Honestly I don't know what is taking up all my space. There are some strange looking files that I don't recognize, but I don't want to delete them because I don't know what they do. I will not be able to work on this again until Monday. I would welcome any suggestions for identifying more files I can delete. Thank you for your help. Have a great weekend!

Warmest Regards,
Kate

PS I Will PM you what I am seeing.
  • 0

Advertisements


#11
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

Sorry about the delay but I am running into a problem. You asked that I clear about 25% of the disk space. I know I have about 300 GB of total space on the hard drive, so I would need to clear about 75GB. I started today with 999M free. I deleted/moved thousands of digital images,about 200 video clips, a few programs, and most of my documents. I don't know how it could be that I only freed up 4.75 GB! When I do a search of the c drive by file size it looks like the biggest files I have are music and apps. I had hoped not to have to move/delete my Itunes library since I've had trouble restoring that in the past. Besides, I have most of these files on my Ipad which has 32 GB so I can't imagine all the files could take up much more that that on the PC. The largest file on my C drive is just over 16M. Honestly I don't know what is taking up all my space. There are some strange looking files that I don't recognize, but I don't want to delete them because I don't know what they do. I will not be able to work on this again until Monday. I would welcome any suggestions for identifying more files I can delete. Thank you for your help. Have a great weekend!

Warmest Regards,
Kate

PS I Will PM you what I am seeing.



Hi, I will consult with my teacher about what we can do to clear some space. I have some ideas, but need to clear it first. But please only post in the thread and do not PM. It helps to keep everything in the thread so I can access it all here. :)
  • 0

#12
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Hi, I have some work for you. :)

Step 1: Download TFC

Let's run TFC and clean out your temp folders and see if that will open some space.

Download TFC by OldTimer to your desktop
  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.


Step 2: Run WinDirStat



Please download and install WinDirStat.
  • Click on the desktop icon to run the program.
  • Click on Individual Drives and then click on C: (or whichever drive is your Main Drive)
  • Click on OK
  • When the pacmen have finished there will be a graphic display of your drive.
  • Place your cursor on the divider line between the text above and the color graph below and drag downwards to expand the upper portion of the resultant image produced.
  • Please create a screen shot and attach or upload the image to your next post so I can have a look



Run these 2 and let's see how much space we have now. :)

Hope you have a great weekend as well. :) :thumbsup:
  • 0

#13
kate720

kate720

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Thank you, I will try that and post the results on Monday
:mellow:
  • 0

#14
kate720

kate720

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
WOW!!! That is incredible! 177GB Free after running TFC

I have a screen shot of the results of the WinDirStat, but I don't see an option to upload or attach in a post. Please advise.

Thank you!
  • 0

#15
kate720

kate720

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
I figured out how to attach the file :wacko:

Thanks!

Attached Thumbnails

  • BJAWinDirStat112513.png
  • WinDirStat112513.png

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP