First off, I have been so thankful for all of you and what you do. Over the years I have come back numerous times to gather knowledge and resources. I've also recommended you to many many people over the time I've gone to you myself, so thank you.
The problems I have been having (this is the first time I've ever actually had to post a thread and log...) have been very recent. Firefox is having notable problems, I started noticing something was off when I would type in my google toolbar, and be redirected to an AVG secure search. Got rid of that issue by deleting other toolbars from firefox, but it came back. So I uninstalled and reinstalled firefox completely. Now an app called "sendori" is redirecting my searches to websites that I do not wish to end up at. Sendori has also taken over Internet Explorer in some ways. Firefox is also having security certificate issues, telling me that sites like google and other sites do not have valid certificates, I'll make a permanent exception, but the notice comes back right away.
Another strange behaviour: Everytime I shut down windows it goes through 2 "updates" and takes a while to complete them, then when I turn my computer back on, it runs throught the same thing again.
I have created a restore point, run ERUNT, ATF cleaner, and malware bytes... After finding 1 bad file, now scans come up completely clean, but the problems persist.
Not sure when this started, but I did have to download and install my Intel HD Graphics driver to get my HDMI port working again, maybe it came with Driver Fusion, a program I downloaded to clean driver files out completely.
Thank You so much guys for being available to all of us out here in the interwebs!
-Aleckai
Here's the OTL log:
OTL logfile created on: 11/23/2013 11:57:09 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Alec\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.73 Gb Total Physical Memory | 0.99 Gb Available Physical Memory | 26.39% Memory free
7.47 Gb Paging File | 4.13 Gb Available in Paging File | 55.25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455.04 Gb Total Space | 103.89 Gb Free Space | 22.83% Space Free | Partition Type: NTFS
Computer Name: YOSHI | User Name: Alec | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/11/23 23:56:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alec\Desktop\OTL.exe
PRC - [2013/11/01 14:29:06 | 029,769,432 | ---- | M] (Dropbox, Inc.) -- C:\Users\Alec\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/10/11 19:43:20 | 001,140,736 | ---- | M] (Spotify Ltd) -- C:\Users\Alec\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013/10/09 10:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/10/07 11:50:28 | 000,120,096 | ---- | M] (Sendori, Inc.) -- C:\Program Files (x86)\Sendori\SendoriSvc.exe
PRC - [2013/10/07 11:50:28 | 000,083,232 | ---- | M] (Sendori, Inc.) -- C:\Program Files (x86)\Sendori\SendoriTray.exe
PRC - [2013/10/07 11:50:24 | 003,623,200 | ---- | M] (Sendori) -- C:\Program Files (x86)\Sendori\sndappv2.exe
PRC - [2013/10/07 11:50:24 | 000,022,304 | ---- | M] (sendori) -- C:\Program Files (x86)\Sendori\Sendori.Service.exe
PRC - [2013/10/05 22:09:13 | 000,310,352 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2013/08/30 18:26:24 | 000,452,768 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingBar.exe
PRC - [2013/08/30 18:26:24 | 000,267,936 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingApp.exe
PRC - [2013/08/30 18:26:24 | 000,240,288 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\SeaPort.EXE
PRC - [2013/08/30 18:26:24 | 000,141,984 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\bingsurrogate.exe
PRC - [2013/05/15 09:10:16 | 000,069,120 | ---- | M] () -- C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
PRC - [2013/05/09 00:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2013/05/09 00:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012/09/23 19:43:36 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/02/14 05:55:16 | 000,043,520 | R--- | M] () -- C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
PRC - [2010/03/03 13:42:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/03/03 13:41:58 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2006/12/19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
PRC - [2006/12/19 17:14:00 | 000,131,072 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\SysWOW64\SAgent4.exe
PRC - [2006/06/08 14:41:18 | 000,118,784 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files (x86)\Olympus\DeviceDetector\DevDtct2.exe
========== Modules (No Company Name) ==========
MOD - [2013/11/01 14:27:52 | 003,558,400 | ---- | M] () -- C:\Users\Alec\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013/08/23 11:01:44 | 025,100,288 | ---- | M] () -- C:\Users\Alec\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/05/15 09:10:16 | 000,069,120 | ---- | M] () -- C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
MOD - [2013/05/15 09:05:10 | 000,112,128 | ---- | M] () -- C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
MOD - [2013/02/13 22:57:45 | 013,199,360 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\39f4c7717661667c68f9af8c4f6402b9\System.Windows.Forms.ni.dll
MOD - [2013/01/12 17:33:59 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\5ea93652e4752c75bc6fbb195b4eb864\System.Runtime.Remoting.ni.dll
MOD - [2013/01/09 13:33:54 | 005,617,664 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll
MOD - [2013/01/09 13:33:50 | 001,667,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll
MOD - [2013/01/09 13:33:48 | 009,094,656 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll
MOD - [2013/01/09 13:33:42 | 014,412,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
MOD - [2011/02/14 05:55:16 | 000,043,520 | R--- | M] () -- C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
MOD - [2005/07/30 20:00:40 | 000,114,688 | ---- | M] () -- C:\Windows\SysWOW64\OdiOlDVR.dll
MOD - [2004/06/21 09:14:54 | 000,053,248 | ---- | M] () -- C:\Windows\SysWOW64\OdiAPI.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013/05/09 00:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/05/20 09:12:46 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2010/05/10 17:57:30 | 000,836,016 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\Toshiba\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2010/04/23 17:08:32 | 000,259,440 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2010/03/05 09:26:38 | 001,425,168 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2010/03/05 09:07:58 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2010/03/05 09:06:22 | 000,831,760 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2010/02/05 16:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/10/21 08:30:36 | 000,531,520 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2009/07/28 14:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/11/17 10:56:28 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/30 11:25:56 | 000,566,696 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/10/09 10:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/10/07 11:50:28 | 000,120,096 | ---- | M] (Sendori, Inc.) [Auto | Running] -- C:\Program Files (x86)\Sendori\SendoriSvc.exe -- (Application Sendori)
SRV - [2013/10/07 11:50:24 | 003,623,200 | ---- | M] (Sendori) [Auto | Running] -- C:\Program Files (x86)\Sendori\sndappv2.exe -- (sndappv2)
SRV - [2013/10/07 11:50:24 | 000,022,304 | ---- | M] (sendori) [Auto | Running] -- C:\Program Files (x86)\Sendori\Sendori.Service.exe -- (Service Sendori)
SRV - [2013/08/30 18:26:24 | 000,240,288 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\SeaPort.EXE -- (BBUpdate)
SRV - [2013/08/30 18:26:24 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BBSvc.EXE -- (BBSvc)
SRV - [2012/09/23 19:43:36 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/02/11 12:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/12/13 18:10:14 | 000,140,224 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\LG Electronics\LGE LTE Driver\LGVL600SVC.exe -- (LGE NDIS Connection Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 13:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/03 13:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/01/25 07:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2009/09/20 10:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006/12/19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)
SRV - [2006/12/19 17:14:00 | 000,131,072 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Windows\SysWOW64\SAgent4.exe -- (StatusAgent4)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/11/23 19:25:03 | 000,116,440 | ---- | M] (Malwarebytes Corporation) [Unknown (-1) | Unknown (-1) | Unknown] -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2013/08/22 02:03:51 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/08/22 02:03:51 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/08/22 02:03:51 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/05/09 00:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/05/09 00:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/05/09 00:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/05/09 00:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/05/09 00:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/06/22 02:01:00 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/30 10:18:58 | 000,159,232 | ---- | M] (HTC Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcusbnet.sys -- (htcusbnet)
DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/16 10:51:56 | 000,042,496 | ---- | M] (LG Electronics ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGELTEBus.sys -- (LGELTEBus)
DRV:64bit: - [2011/02/16 10:51:42 | 000,116,480 | ---- | M] (LG Electronics ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGELTEmdm.sys -- (LGELTEmdm)
DRV:64bit: - [2011/02/16 10:51:30 | 000,047,104 | ---- | M] (LG Electronics ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGELTEMux.sys -- (LGELTEMux)
DRV:64bit: - [2011/02/16 10:51:18 | 000,052,736 | ---- | M] (LG Electronics ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGELTENdis.sys -- (LGELTENdis)
DRV:64bit: - [2011/02/16 10:51:02 | 000,117,120 | ---- | M] (LG Electronics ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGELTEprt.sys -- (LGELTEprt)
DRV:64bit: - [2010/11/20 05:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 03:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 01:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/07/29 02:40:40 | 010,610,400 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/06/21 15:15:54 | 000,287,232 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/04/21 08:37:34 | 007,686,656 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2010/04/16 10:45:50 | 000,039,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010/03/24 12:55:56 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/03/11 19:17:42 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/02/26 15:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/24 10:10:18 | 000,181,248 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/02/24 10:10:16 | 000,078,336 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/01/14 14:59:36 | 000,295,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress)
DRV:64bit: - [2009/11/27 20:53:00 | 000,080,384 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdpe64.sys -- (risdpcie)
DRV:64bit: - [2009/09/29 12:20:06 | 000,022,528 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VNUSB.sys -- (VNUSB)
DRV:64bit: - [2009/09/17 11:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/08/13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/30 19:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 11:25:14 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 16:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 15:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/29 15:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009/06/29 09:25:22 | 000,034,880 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2009/06/19 18:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/11/11 13:42:00 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2008/11/11 13:42:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2008/11/11 13:42:00 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2008/07/29 04:47:00 | 001,075,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrxusb.sys -- (athrusb)
DRV:64bit: - [2008/01/31 08:24:32 | 000,093,184 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV:64bit: - [2005/03/18 14:35:28 | 000,031,744 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZDPSp50a64.sys -- (ZDPSp50a64)
DRV - [2010/12/20 17:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Unknown (-1) | Unknown (-1) | Unknown] -- C:\windows\SysWow64\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2006/04/07 16:06:38 | 000,038,496 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\VNUSB.sys -- (VNUSB)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {911FC0A6-6C54-4DEE-BA9A-47BFCB0C5904}
IE:64bit: - HKLM\..\SearchScopes\{911FC0A6-6C54-4DEE-BA9A-47BFCB0C5904}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSNA&bmod=TSNA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=TSNA&bmod=TSNA
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{049AAC3F-B993-4777-A2A1-1A0E9D5B3AEF}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSNA&bmod=TSNA
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=TSNA&bmod=TSNA
IE - HKCU\..\SearchScopes,DefaultScope = {049AAC3F-B993-4777-A2A1-1A0E9D5B3AEF}
IE - HKCU\..\SearchScopes\{049AAC3F-B993-4777-A2A1-1A0E9D5B3AEF}: "URL" = http://www.google.co...1I7TSNA_enUS389
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{460442E0-6FC5-493B-9AA6-4C2F5AABFEA8}: "URL" = http://www.google.co...ng}&rlz=1I7TSNA
IE - HKCU\..\SearchScopes\{77C32C66-B322-4710-A4CD-D3BF366417E2}: "URL" = http://search.avg.co...{language}&nt=1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Alec\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Alec\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Alec\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Alec\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Alec\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Alec\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\thehappycloud.com/HappyCloudPlugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/07/09 09:13:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013/08/22 02:03:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013/09/10 23:15:24 | 000,000,000 | ---D | M]
[2013/11/15 13:34:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/11/15 13:34:24 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/11/15 13:34:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013/11/15 13:34:24 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2013/11/23 16:51:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/11/15 13:34:23 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010/07/12 08:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - plugin: First user (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Error reading preferences file
CHR - Extension: YouTube = C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: YouTube = C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Google Search = C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet Service = C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: Gmail = C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\amd64\BingExt.dll (Microsoft Corporation.)
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe Acrobat Create PDF Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
O2 - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\amd64\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\Toshiba\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\Toshiba\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AutoEJCD_0ACE20FF] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Sendori Tray] C:\Program Files (x86)\Sendori\SendoriTray.exe (Sendori, Inc.)
O4 - HKLM..\Run: [TOSDCR] C:\Program Files (x86)\TOSHIBA\PasswordUtility\TOSDCR.exe ()
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe (TOSHIBA)
O4 - HKLM..\Run: [VMM Mode Selection] C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe ()
O4 - HKLM..\Run: [Wireless Adapter Manager] File not found
O4 - HKCU..\Run: [HP Officejet 6700 (NET)] C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Alec\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - Startup: C:\Users\Alec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Alec\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\OFFICE11\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\windows\SysWow64\Sendori.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\windows\SysWow64\Sendori.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\windows\SysWow64\Sendori.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\windows\SysWow64\Sendori.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\windows\SysWow64\Sendori.dll (Sendori)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: //@surf.mar@/ ([]money in Local intranet)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.0.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{051FCD4D-64CF-4A2C-9632-B30805A3D97E}: DhcpNameServer = 198.224.174.135 198.224.173.135
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5D0374FC-D619-499C-8679-0280D41D8308}: DhcpNameServer = 198.224.174.135 198.224.173.135
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B7435AE7-36C4-4A8C-B7B0-B3476C0BD594}: DhcpNameServer = 66.174.92.14 69.78.96.14
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E3229492-FCEA-481C-9310-19D24764002A}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{43cd2d61-2304-11e3-9d37-ed9f9f9a2e67}\Shell - "" = AutoRun
O33 - MountPoints2\{43cd2d61-2304-11e3-9d37-ed9f9f9a2e67}\Shell\AutoRun\command - "" = E:\TL-Bootstrap.exe
O33 - MountPoints2\{4dc59075-1753-11e3-9d7d-de4289cc7e44}\Shell - "" = AutoRun
O33 - MountPoints2\{4dc59075-1753-11e3-9d7d-de4289cc7e44}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O33 - MountPoints2\{75abb686-37c8-11e1-a3cb-002318c2d484}\Shell - "" = AutoRun
O33 - MountPoints2\{75abb686-37c8-11e1-a3cb-002318c2d484}\Shell\AutoRun\command - "" = D:\Setup.exe
O33 - MountPoints2\{81ee862e-0448-11e3-bedd-002314da293c}\Shell - "" = AutoRun
O33 - MountPoints2\{81ee862e-0448-11e3-bedd-002314da293c}\Shell\AutoRun\command - "" = E:\EMP_UDSe.exe /autorun
O33 - MountPoints2\{cec515c3-1979-11e2-952a-002318c2d484}\Shell - "" = AutoRun
O33 - MountPoints2\{cec515c3-1979-11e2-952a-002318c2d484}\Shell\AutoRun\command - "" = E:\TL-Bootstrap.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\TL-Bootstrap.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/11/23 23:56:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Alec\Desktop\OTL.exe
[2013/11/23 19:25:03 | 000,116,440 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2013/11/23 19:25:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013/11/23 19:24:28 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2013/11/23 19:24:14 | 000,000,000 | ---D | C] -- C:\Users\Alec\Desktop\mbar
[2013/11/23 16:59:33 | 012,576,792 | ---- | C] (Malwarebytes Corp.) -- C:\Users\Alec\Desktop\mbar-1.07.0.1007.exe
[2013/11/23 16:34:40 | 000,000,000 | ---D | C] -- C:\Users\Alec\Desktop\Old Firefox Data
[2013/11/22 23:59:21 | 000,000,000 | ---D | C] -- C:\windows\SysNative\SPReview
[2013/11/22 23:57:45 | 000,000,000 | ---D | C] -- C:\windows\SysNative\EventProviders
[2013/11/22 17:06:04 | 000,000,000 | ---D | C] -- C:\Users\Alec\AppData\Local\FileTypeAssistant
[2013/11/22 12:43:54 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\windows\SysNative\fms.dll
[2013/11/22 12:42:30 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\windows\SysWow64\fms.dll
[2013/11/22 12:00:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2013/11/22 12:00:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2013/11/22 11:56:14 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/21 23:12:17 | 000,000,000 | ---D | C] -- C:\Users\Alec\AppData\Local\TERA
[2013/11/21 19:57:56 | 000,325,920 | ---- | C] (Sendori) -- C:\windows\SysWow64\Sendori.dll
[2013/11/21 19:57:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Sendori
[2013/11/21 19:57:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sendori
[2013/11/21 02:29:04 | 000,000,000 | ---D | C] -- C:\Users\Alec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TERA
[2013/11/21 02:28:06 | 000,000,000 | ---D | C] -- C:\Users\Alec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Happy Cloud
[2013/11/21 02:27:58 | 000,000,000 | ---D | C] -- C:\ProgramData\HappyCloud
[2013/11/21 00:48:30 | 000,000,000 | ---D | C] -- C:\gravity
[2013/11/21 00:45:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013/11/21 00:45:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013/11/20 22:04:28 | 000,000,000 | ---D | C] -- C:\Users\Alec\AppData\Local\Warframe
[2013/11/20 20:33:12 | 000,000,000 | ---D | C] -- C:\Intel
[2013/11/15 13:34:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/11/02 16:37:33 | 000,000,000 | ---D | C] -- C:\Users\Alec\AppData\Local\{9E107C37-0E72-4C51-9182-E7568DA0501B}
[2013/10/27 20:37:15 | 000,000,000 | ---D | C] -- C:\Users\Alec\AppData\Roaming\Canon_Inc_IC
[2013/10/27 20:35:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2013/10/27 20:35:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Canon_Inc_IC
[2013/10/27 20:33:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Canon_Inc_IC
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Users\Alec\Desktop\*.tmp files -> C:\Users\Alec\Desktop\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/11/23 23:57:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/11/23 23:56:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alec\Desktop\OTL.exe
[2013/11/23 23:51:19 | 000,000,904 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-336262531-2899753654-4254831971-1000UA.job
[2013/11/23 23:51:08 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/23 23:50:55 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/11/23 19:25:03 | 000,116,440 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2013/11/23 19:24:28 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2013/11/23 17:43:01 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/23 16:59:33 | 012,576,792 | ---- | M] (Malwarebytes Corp.) -- C:\Users\Alec\Desktop\mbar-1.07.0.1007.exe
[2013/11/23 16:18:04 | 000,000,852 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-336262531-2899753654-4254831971-1000Core.job
[2013/11/23 12:29:49 | 000,015,792 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/23 12:29:49 | 000,015,792 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/23 11:58:55 | 000,785,500 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/11/23 11:58:55 | 000,664,688 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/11/23 11:58:55 | 000,123,386 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/11/23 11:51:42 | 005,112,496 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/11/23 11:51:08 | 3007,647,744 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/22 23:52:17 | 000,088,493 | ---- | M] () -- C:\Users\Alec\Desktop\bookmarks.html
[2013/11/22 18:38:12 | 000,001,941 | ---- | M] () -- C:\Users\Alec\Desktop\TERA.lnk
[2013/11/21 21:08:59 | 000,015,834 | ---- | M] () -- C:\windows\SysNative\results.xml
[2013/11/21 20:40:38 | 000,001,448 | ---- | M] () -- C:\Users\Alec\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/11/21 20:32:32 | 000,072,822 | ---- | M] () -- C:\windows\SysWow64\ieuinit.inf
[2013/11/21 20:32:32 | 000,072,822 | ---- | M] () -- C:\windows\SysNative\ieuinit.inf
[2013/11/08 12:32:43 | 000,001,047 | ---- | M] () -- C:\Users\Alec\Desktop\Dropbox.lnk
[2013/11/08 12:31:31 | 000,001,057 | ---- | M] () -- C:\Users\Alec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/11/07 23:49:29 | 551,711,506 | ---- | M] () -- C:\windows\MEMORY.DMP
[2013/10/29 18:28:14 | 000,000,031 | ---- | M] () -- C:\windows\SysNative\bbcap.err
[2013/10/28 08:59:16 | 000,006,148 | -H-- | M] () -- C:\Users\Public\Documents\.DS_Store
[2013/10/27 20:39:03 | 000,001,166 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Users\Alec\Desktop\*.tmp files -> C:\Users\Alec\Desktop\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/11/22 23:52:16 | 000,088,493 | ---- | C] () -- C:\Users\Alec\Desktop\bookmarks.html
[2013/11/22 12:46:54 | 000,347,904 | ---- | C] () -- C:\windows\SysNative\systemsf.ebd
[2013/11/22 12:40:59 | 000,010,429 | ---- | C] () -- C:\windows\SysNative\ScavengeSpace.xml
[2013/11/22 12:39:53 | 000,105,559 | ---- | C] () -- C:\windows\SysWow64\RacRules.xml
[2013/11/22 12:39:53 | 000,105,559 | ---- | C] () -- C:\windows\SysNative\RacRules.xml
[2013/11/22 12:38:46 | 000,001,041 | ---- | C] () -- C:\windows\SysWow64\tcpbidi.xml
[2013/11/21 23:11:55 | 000,001,941 | ---- | C] () -- C:\Users\Alec\Desktop\TERA.lnk
[2013/11/21 20:40:38 | 000,001,420 | ---- | C] () -- C:\Users\Alec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013/11/21 20:32:32 | 000,072,822 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf
[2013/11/21 20:32:32 | 000,072,822 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf
[2013/11/08 12:32:43 | 000,001,047 | ---- | C] () -- C:\Users\Alec\Desktop\Dropbox.lnk
[2013/11/08 12:31:31 | 000,001,057 | ---- | C] () -- C:\Users\Alec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/10/28 08:59:15 | 000,006,148 | -H-- | C] () -- C:\Users\Public\Documents\.DS_Store
[2013/10/27 20:39:03 | 000,001,166 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk
[2013/09/17 17:36:14 | 000,004,522 | ---- | C] () -- C:\Users\Alec\AppData\Roaming\CamStudio.cfg
[2013/09/17 17:36:13 | 000,000,408 | ---- | C] () -- C:\Users\Alec\AppData\Roaming\CamShapes.ini
[2013/09/17 17:36:13 | 000,000,408 | ---- | C] () -- C:\Users\Alec\AppData\Roaming\CamLayout.ini
[2013/09/17 17:36:13 | 000,000,052 | ---- | C] () -- C:\Users\Alec\AppData\Roaming\Camdata.ini
[2013/09/06 16:53:31 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/06/10 21:05:40 | 001,174,979 | ---- | C] () -- C:\windows\unins000.exe
[2012/09/08 13:51:37 | 000,000,000 | ---- | C] () -- C:\windows\PowerReg.dat
[2012/07/02 10:31:24 | 000,779,716 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/05/15 09:03:10 | 000,040,089 | ---- | C] () -- C:\windows\unins000.dat
[2012/05/14 03:20:16 | 000,000,000 | ---- | C] () -- C:\windows\VL600ZV8_SW_Upgrade_Tool.INI
[2012/02/10 16:13:31 | 000,000,848 | ---- | C] () -- C:\Users\Alec\.recently-used.xbel
[2011/12/16 23:38:45 | 000,000,000 | ---- | C] () -- C:\Users\Alec\AppData\Local\{A4F01EB1-0559-4DFD-98B8-E68C2EEF5C3F}
[2011/08/02 23:37:20 | 000,000,000 | ---- | C] () -- C:\Users\Alec\AppData\Local\{C147FE85-E73B-47CC-92F3-261391E00F0D}
[2011/03/12 10:42:23 | 000,027,926 | ---- | C] () -- C:\Users\Alec\N2HBRHMT.torrent
[2011/03/11 01:04:31 | 000,029,034 | ---- | C] () -- C:\Users\Alec\N1HBRMHV.torrent
[2010/07/24 23:56:48 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
========== ZeroAccess Check ==========
[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 21:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 20:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/11/09 23:14:00 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\.minecraft
[2011/02/03 09:37:21 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\AVG10
[2012/05/15 14:37:31 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\BitTorrent
[2013/10/29 19:47:29 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\Blueberry
[2013/10/27 20:33:35 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\Canon
[2013/10/27 20:37:15 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\Canon_Inc_IC
[2013/09/07 11:07:36 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/06/20 20:33:05 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/10/11 10:44:29 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\com.adobe.formscentral.FormsCentralForAcrobat
[2012/10/04 17:23:55 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\com.ynab.YNAB4.LiveCaptive
[2013/11/23 11:59:08 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\Dropbox
[2011/06/28 19:01:59 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\eBookPro6
[2010/10/21 00:45:41 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\eMusic
[2010/09/24 21:40:36 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\Epson
[2012/07/02 10:40:11 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\GameSalad
[2010/11/23 13:28:56 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\GrabPro
[2012/02/10 16:12:45 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\gtk-2.0
[2011/07/16 20:13:11 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\ImTOO
[2013/09/17 17:48:28 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\LogSys
[2012/06/21 13:08:22 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\Orbit
[2011/06/20 21:43:35 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\PACE Anti-Piracy
[2013/09/06 18:06:28 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\PDAppFlex
[2010/11/23 13:30:04 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\ProgSense
[2013/10/11 10:34:35 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\SolidDocuments
[2013/11/13 12:10:18 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\Spotify
[2011/06/20 22:02:05 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010/07/24 22:03:11 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\Toshiba
[2013/10/14 19:54:08 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\Tracker Software
[2013/10/02 20:12:37 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\Unity
[2010/07/24 21:50:07 | 000,000,000 | ---D | M] -- C:\Users\Alec\AppData\Roaming\WinBatch
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 961 bytes -> C:\Users\Alec\AppData\Local\Temp:IPK37MQ42PXGMLfVTFs0Gi6j
@Alternate Data Stream - 60 bytes -> C:\Users\Public\Documents\.DS_Store:AFP_AfpInfo
< End of report >
Edited by Aleckai3, 24 November 2013 - 02:33 AM.