Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

My homepage keeps changing [Solved]


  • This topic is locked This topic is locked

#1
passingthru

passingthru

    Member

  • Member
  • PipPip
  • 56 posts
My original post in the "Web Browsers and Email" forum:

"I keep setting up my homepage in firefox, but something keeps changing it to the yahoo searchpage. My Advanced Systemcare 7 caught a program in the act of changing my homepage and CLAIMS to have stopped it. However, it never bothered to tell me what that program was.(really stupid) Later on, I open my Firefox again and once again my homepage is back to being the yahoo searchpage.

1) Why didn't Advanced Systemcare stop it when it clearly stated that it did?

2) How do I fix this?"


I was told to make a new post in this forum and download OTL by OldTimer and set up a log, here it is:

"OTL.Txt-Notepad"

OTL logfile created on: 12/10/2013 10:59:55 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Larry Valencia\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.94 Gb Total Physical Memory | 1.63 Gb Available Physical Memory | 41.25% Memory free
7.88 Gb Paging File | 5.03 Gb Available in Paging File | 63.85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 400.42 Gb Free Space | 85.99% Space Free | Partition Type: NTFS

Computer Name: LARRYSPC | User Name: Larry Valencia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/12/10 22:48:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Larry Valencia\Downloads\OTL.exe
PRC - [2013/11/29 11:57:02 | 002,273,056 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2013/11/29 11:56:51 | 001,370,912 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013/11/28 11:16:24 | 000,070,352 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
PRC - [2013/11/28 09:58:20 | 002,327,248 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
PRC - [2013/11/21 18:08:27 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
PRC - [2013/11/15 19:55:38 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/11/14 06:55:37 | 001,028,384 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013/11/14 04:29:54 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2013/11/11 10:23:02 | 002,098,880 | ---- | M] () -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
PRC - [2013/11/11 08:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/11/08 15:55:14 | 001,383,232 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2013/11/08 15:51:20 | 000,807,800 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
PRC - [2013/10/28 11:39:32 | 002,283,296 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
PRC - [2013/10/25 18:19:44 | 000,763,680 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
PRC - [2013/10/25 12:07:24 | 002,151,200 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
PRC - [2013/10/25 12:07:00 | 000,878,368 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
PRC - [2013/08/14 15:19:24 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe


========== Modules (No Company Name) ==========

MOD - [2013/11/21 18:08:26 | 016,237,448 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
MOD - [2013/11/15 19:55:34 | 003,363,952 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\madexcept_.bpl
MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\maddisAsm_.bpl
MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\madbasic_.bpl
MOD - [2013/01/15 18:47:56 | 000,893,248 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/11/29 11:56:40 | 015,128,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013/11/15 19:34:42 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/10/23 17:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/10/23 17:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/10/20 02:23:22 | 006,254,152 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2013/09/24 11:53:32 | 000,164,056 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2013/11/29 11:56:51 | 001,370,912 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013/11/28 11:16:24 | 000,070,352 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe -- (CLPSLauncher)
SRV - [2013/11/28 09:58:20 | 002,327,248 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe -- (GeekBuddyRSP)
SRV - [2013/11/21 18:08:27 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/15 19:55:37 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/11/11 10:23:02 | 002,098,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2013/11/11 08:59:20 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/11/08 15:51:20 | 000,807,800 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2013/10/25 12:07:24 | 002,151,200 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2013/10/25 12:07:00 | 000,878,368 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe -- (AdvancedSystemCareService7)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/08/14 15:19:24 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/11/13 14:54:08 | 000,883,928 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2013/11/13 14:27:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/11/13 14:27:35 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/11/13 14:27:35 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/11/13 14:24:56 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/10/30 12:03:12 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/10/07 00:17:38 | 000,014,888 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hmd.sys -- (HMD)
DRV:64bit: - [2013/09/27 09:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/09/24 11:54:12 | 000,023,168 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd)
DRV:64bit: - [2013/06/16 07:38:15 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/05/21 17:25:36 | 000,099,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2013/05/07 02:00:18 | 000,037,976 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | System | Running] -- C:\Windows\SysNative\drivers\CFRMD.sys -- (CFRMD)
DRV:64bit: - [2013/04/26 05:24:56 | 000,786,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2013/04/26 05:24:56 | 000,368,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2013/03/14 16:34:46 | 000,046,568 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT)
DRV:64bit: - [2012/08/20 04:38:12 | 000,416,072 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2012/08/20 04:38:12 | 000,138,568 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/09/09 16:45:30 | 001,660,480 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2011/05/13 18:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/11/18 09:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2010/11/01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nmd.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo....r=spigot-yhp-ie
IE - HKCU\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.2\iobitappsToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {2908B4FE-4CE5-43EE-9C05-B89EA4D1680C}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{2908B4FE-4CE5-43EE-9C05-B89EA4D1680C}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{68016248-0999-4EF0-AF80-5638D7B99F76}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo!"
FF - prefs.js..browser.search.selectedEngine: "Yahoo!"
FF - prefs.js..browser.startup.homepage: "http://search.yahoo....=spigot-yhp-ff"
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21
FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.7
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - prefs.js..keyword.URL: "http://search.yahoo....8484&ilc=12&p="


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/11/14 04:30:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ [2013/11/23 02:20:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/11/14 04:30:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/11/28 20:49:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/11/12 20:07:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/12 20:07:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/11/28 20:49:06 | 000,000,000 | ---D | M]

[2013/11/12 20:12:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Larry Valencia\AppData\Roaming\Mozilla\Extensions
[2013/12/10 03:35:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Larry Valencia\AppData\Roaming\Mozilla\Firefox\Profiles\t6hker2i.default\extensions
[2013/11/13 14:23:37 | 000,000,000 | ---D | M] (Start Page) -- C:\Users\Larry Valencia\AppData\Roaming\Mozilla\Firefox\Profiles\t6hker2i.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}
[2013/11/21 16:40:08 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Larry Valencia\AppData\Roaming\Mozilla\Firefox\Profiles\t6hker2i.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013/11/13 14:09:29 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\Larry Valencia\AppData\Roaming\Mozilla\Firefox\Profiles\t6hker2i.default\extensions\[email protected]
[2013/12/10 03:35:52 | 000,000,000 | ---D | M] ("PrivDog") -- C:\Users\Larry Valencia\AppData\Roaming\Mozilla\Firefox\Profiles\t6hker2i.default\extensions\[email protected]
[2013/12/04 03:51:03 | 000,535,138 | ---- | M] () (No name found) -- C:\Users\Larry Valencia\AppData\Roaming\Mozilla\Firefox\Profiles\t6hker2i.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/11/20 07:57:49 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Larry Valencia\AppData\Roaming\Mozilla\Firefox\Profiles\t6hker2i.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/11/13 14:08:21 | 000,000,905 | ---- | M] () -- C:\Users\Larry Valencia\AppData\Roaming\Mozilla\Firefox\Profiles\t6hker2i.default\searchplugins\yahoo_ff.xml
File not found (No name found) -- C:\PROGRAM FILES (X86)\IOBIT APPS TOOLBAR\FF

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
O2:64bit: - BHO: (DVDVideoSoft IE Extension) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O2 - BHO: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.2\iobitappsToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (DVDVideoSoft IE Extension) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O3:64bit: - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.2\iobitappsToolbarIE64.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.2\iobitappsToolbarIE.dll (Spigot, Inc.)
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (COMODO)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ComodoFSFirefox] C:\Program Files (x86)\AdTrustMedia\PrivDog\FinalizeSetup.exe ()
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [tvncontrol] C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
O4 - HKCU..\Run: [Advanced SystemCare 7] C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe (IObit)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{21976E3B-7507-47E2-86DF-618CF09D10CB}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5CFB8AAE-C4F7-49B5-B1FC-A95C0548703D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5CFB8AAE-C4F7-49B5-B1FC-A95C0548703D}: NameServer = 156.154.70.22,156.154.71.22
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{025c7632-4bd2-11e3-9f1c-94dbc9968a57}\Shell - "" = AutoRun
O33 - MountPoints2\{025c7632-4bd2-11e3-9f1c-94dbc9968a57}\Shell\AutoRun\command - "" = E:\HPLauncher.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/12/03 01:21:08 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Local\NVIDIA Corporation
[2013/12/01 23:35:03 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2013/12/01 21:10:02 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\Documents\BioWare
[2013/12/01 21:09:58 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Local\NVIDIA
[2013/12/01 21:05:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013/12/01 20:48:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3
[2013/12/01 20:31:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013/12/01 20:17:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mass Effect 2
[2013/12/01 20:17:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2013/11/29 03:04:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013/11/28 21:06:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/11/28 21:05:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/11/28 21:05:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2013/11/28 21:05:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013/11/28 21:03:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/11/28 21:02:55 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Local\Microsoft Help
[2013/11/28 21:02:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013/11/28 21:02:32 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013/11/28 20:53:20 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Local\HP
[2013/11/28 20:50:23 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2013/11/28 20:50:23 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Roaming\HP
[2013/11/28 20:48:39 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2013/11/28 20:47:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2013/11/28 20:47:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2013/11/28 20:46:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2013/11/28 20:46:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2013/11/28 20:46:13 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2013/11/28 20:45:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2013/11/28 20:44:57 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2013/11/28 11:24:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\COMODO
[2013/11/23 08:40:00 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Roaming\NVIDIA
[2013/11/23 02:40:15 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\Documents\DVDVideoSoft
[2013/11/23 02:21:15 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Roaming\DVDVideoSoftIEHelpers
[2013/11/23 02:21:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2013/11/23 02:20:10 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Roaming\DVDVideoSoft
[2013/11/23 02:20:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2013/11/23 02:20:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2013/11/21 17:35:11 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\dwhelper
[2013/11/20 10:17:35 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Local\{88E715B1-C894-4DBF-AA06-8A6FCC9B3B19}
[2013/11/19 21:08:25 | 002,103,040 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2013/11/19 21:08:19 | 027,644,160 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioVnA64.dll
[2013/11/19 21:08:19 | 005,751,576 | ---- | C] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICAPOlfx.dll
[2013/11/19 21:08:19 | 003,714,304 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioVnN64.dll
[2013/11/19 21:08:19 | 001,286,400 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxSpeechAPO64.dll
[2013/11/19 21:08:19 | 000,929,080 | ---- | C] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICAPOSettingsIPC.dll
[2013/11/19 21:08:18 | 014,152,960 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll
[2013/11/19 21:08:18 | 002,036,992 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2013/11/19 21:08:18 | 001,921,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
[2013/11/19 21:08:18 | 001,345,280 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO5064.dll
[2013/11/19 21:08:18 | 001,012,992 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2013/11/19 21:08:17 | 006,217,904 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPP64A.dll
[2013/11/19 21:08:17 | 001,938,608 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPD64A.dll
[2013/11/19 21:08:17 | 000,501,184 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2013/11/19 21:08:17 | 000,487,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2013/11/19 21:08:17 | 000,415,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2013/11/19 21:08:17 | 000,313,520 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPO64A.dll
[2013/11/19 21:08:17 | 000,260,272 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPA64.dll
[2013/11/19 21:08:16 | 000,113,576 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2013/11/17 19:06:51 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Local\{1B5B1EDE-9D36-4317-8C83-3683900C94AE}
[2013/11/15 21:51:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2013/11/15 21:11:41 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Local\ElevatedDiagnostics
[2013/11/15 20:57:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
[2013/11/15 20:57:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mouse and Keyboard Center
[2013/11/15 20:33:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2013/11/15 19:55:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/11/15 19:55:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/11/15 04:34:49 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Local\Apple Computer
[2013/11/14 05:05:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013/11/14 05:05:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2013/11/14 05:05:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013/11/14 05:04:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013/11/14 05:04:27 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Local\Apple
[2013/11/14 05:04:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013/11/14 05:04:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013/11/14 04:30:48 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Roaming\RealNetworks
[2013/11/14 04:30:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealNetworks
[2013/11/14 04:30:28 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2013/11/14 04:30:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2013/11/14 04:29:55 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2013/11/14 04:29:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2013/11/14 04:28:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2013/11/14 03:05:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/11/14 00:40:35 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Roaming\Real
[2013/11/14 00:40:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
[2013/11/13 17:16:59 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Roaming\Macromedia
[2013/11/13 17:16:59 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Local\Macromedia
[2013/11/13 17:16:59 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Roaming\Adobe
[2013/11/13 17:16:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2013/11/13 17:16:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2013/11/13 17:14:01 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Local\Adobe
[2013/11/13 16:50:21 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Roaming\ArcSoft Backup Application
[2013/11/13 16:47:40 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Roaming\U3
[2013/11/13 16:44:09 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Roaming\vlc
[2013/11/13 16:42:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/11/13 16:41:45 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2013/11/13 14:56:17 | 000,722,688 | ---- | C] (DTS, Inc.) -- C:\Windows\SysNative\sltech64.dll
[2013/11/13 14:56:17 | 000,244,480 | ---- | C] (TODO: <Company name>) -- C:\Windows\SysNative\slprp64.dll
[2013/11/13 14:56:16 | 001,014,016 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\slcnt64.dll
[2013/11/13 14:56:16 | 000,897,792 | ---- | C] (DTS, Inc.) -- C:\Windows\SysNative\sl3apo64.dll
[2013/11/13 14:56:16 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2013/11/13 14:56:16 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2013/11/13 14:56:16 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2013/11/13 14:56:16 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2013/11/13 14:56:15 | 004,933,328 | ---- | C] (ASUSTeKcomputer.Inc Inc) -- C:\Windows\SysNative\RTKSMlfx.dll
[2013/11/13 14:56:15 | 000,848,184 | ---- | C] (ASUSTeKcomputer.Inc Inc) -- C:\Windows\SysNative\RTKSMSettingsIPC.dll
[2013/11/13 14:56:13 | 007,164,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2013/11/13 14:56:13 | 000,907,008 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO2064.dll
[2013/11/13 14:56:13 | 000,662,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2013/11/13 14:56:13 | 000,434,960 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2013/11/13 14:56:13 | 000,141,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2013/11/13 14:56:13 | 000,124,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2013/11/13 14:56:13 | 000,075,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2013/11/13 14:56:12 | 001,084,160 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO4064.dll
[2013/11/13 14:56:12 | 000,790,272 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysWow64\MaxxAudioAPOShell.dll
[2013/11/13 14:56:12 | 000,663,296 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2013/11/13 14:56:12 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2013/11/13 14:56:11 | 002,743,328 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2013/11/13 14:56:11 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2013/11/13 14:56:11 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2013/11/13 14:56:11 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2013/11/13 14:56:11 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2013/11/13 14:56:11 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2013/11/13 14:56:11 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2013/11/13 14:56:11 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2013/11/13 14:56:11 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2013/11/13 14:56:11 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2013/11/13 14:56:11 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2013/11/13 14:56:11 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2013/11/13 14:56:11 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2013/11/13 14:54:08 | 000,883,928 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2013/11/13 14:39:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
[2013/11/13 14:28:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/11/13 14:28:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/11/13 14:28:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/11/13 14:23:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2013/11/13 14:23:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2013/11/13 14:23:07 | 000,027,456 | ---- | C] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe
[2013/11/13 14:09:31 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Roaming\Apple Computer
[2013/11/13 14:09:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
[2013/11/13 14:09:27 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2013/11/13 14:08:43 | 000,000,000 | ---D | C] -- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
[2013/11/13 14:08:39 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Roaming\IObit
[2013/11/13 14:08:39 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2013/11/13 14:08:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
[2013/11/13 14:08:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2013/11/13 14:08:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2013/11/13 14:08:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot
[2013/11/13 14:08:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit Apps Toolbar
[2013/11/13 12:27:47 | 000,000,000 | -H-D | C] -- C:\VTRoot
[2013/11/13 00:59:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/11/13 00:59:24 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/11/13 00:59:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/11/13 00:58:43 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Local\Programs
[2013/11/13 00:46:34 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Roaming\Malwarebytes
[2013/11/13 00:46:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/11/12 21:56:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2013/11/12 21:56:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013/11/12 20:45:56 | 000,000,000 | --SD | C] -- C:\ProgramData\Shared Space
[2013/11/12 20:45:48 | 000,000,000 | ---D | C] -- C:\Program Files\AdTrustMedia
[2013/11/12 20:45:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AdTrustMedia
[2013/11/12 20:45:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Adtrustmedia
[2013/11/12 20:45:39 | 000,000,000 | ---D | C] -- C:\ProgramData\COMODO
[2013/11/12 20:45:35 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2013/11/12 20:45:31 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Local\Comodo
[2013/11/12 20:45:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2013/11/12 20:45:29 | 000,057,096 | ---- | C] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll
[2013/11/12 20:45:29 | 000,048,392 | ---- | C] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll
[2013/11/12 20:45:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo
[2013/11/12 20:45:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader
[2013/11/12 20:31:49 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Program Files\notepad.exe
[2013/11/12 20:22:13 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Local\Diagnostics
[2013/11/12 20:12:19 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Roaming\Mozilla
[2013/11/12 20:12:19 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Local\Mozilla
[2013/11/12 20:07:36 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/11/12 20:07:17 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/11/12 14:33:44 | 000,000,000 | R--D | C] -- C:\Users\Larry Valencia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/11/12 14:33:44 | 000,000,000 | R--D | C] -- C:\Users\Larry Valencia\Searches
[2013/11/12 14:33:44 | 000,000,000 | R--D | C] -- C:\Users\Larry Valencia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/11/12 14:33:43 | 000,000,000 | -H-D | C] -- C:\Users\Larry Valencia\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/11/12 14:33:28 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Roaming\Identities
[2013/11/12 14:33:20 | 000,000,000 | R--D | C] -- C:\Users\Larry Valencia\Contacts
[2013/11/12 14:33:19 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Local\VirtualStore
[2013/11/12 14:33:14 | 000,000,000 | -HSD | C] -- C:\Users\Larry Valencia\AppData\Local\Temporary Internet Files
[2013/11/12 14:33:14 | 000,000,000 | -HSD | C] -- C:\Users\Larry Valencia\Templates
[2013/11/12 14:33:14 | 000,000,000 | -HSD | C] -- C:\Users\Larry Valencia\Start Menu
[2013/11/12 14:33:14 | 000,000,000 | -HSD | C] -- C:\Users\Larry Valencia\SendTo
[2013/11/12 14:33:14 | 000,000,000 | -HSD | C] -- C:\Users\Larry Valencia\Recent
[2013/11/12 14:33:14 | 000,000,000 | -HSD | C] -- C:\Users\Larry Valencia\PrintHood
[2013/11/12 14:33:14 | 000,000,000 | -HSD | C] -- C:\Users\Larry Valencia\NetHood
[2013/11/12 14:33:14 | 000,000,000 | -HSD | C] -- C:\Users\Larry Valencia\Documents\My Videos
[2013/11/12 14:33:14 | 000,000,000 | -HSD | C] -- C:\Users\Larry Valencia\Documents\My Pictures
[2013/11/12 14:33:14 | 000,000,000 | -HSD | C] -- C:\Users\Larry Valencia\Documents\My Music
[2013/11/12 14:33:14 | 000,000,000 | -HSD | C] -- C:\Users\Larry Valencia\My Documents
[2013/11/12 14:33:14 | 000,000,000 | -HSD | C] -- C:\Users\Larry Valencia\Local Settings
[2013/11/12 14:33:14 | 000,000,000 | -HSD | C] -- C:\Users\Larry Valencia\AppData\Local\History
[2013/11/12 14:33:14 | 000,000,000 | -HSD | C] -- C:\Users\Larry Valencia\Cookies
[2013/11/12 14:33:14 | 000,000,000 | -HSD | C] -- C:\Users\Larry Valencia\Application Data
[2013/11/12 14:33:14 | 000,000,000 | -HSD | C] -- C:\Users\Larry Valencia\AppData\Local\Application Data
[2013/11/12 14:33:13 | 000,000,000 | --SD | C] -- C:\Users\Larry Valencia\AppData\Roaming\Microsoft
[2013/11/12 14:33:13 | 000,000,000 | R--D | C] -- C:\Users\Larry Valencia\Videos
[2013/11/12 14:33:13 | 000,000,000 | R--D | C] -- C:\Users\Larry Valencia\Saved Games
[2013/11/12 14:33:13 | 000,000,000 | R--D | C] -- C:\Users\Larry Valencia\Pictures
[2013/11/12 14:33:13 | 000,000,000 | R--D | C] -- C:\Users\Larry Valencia\Music
[2013/11/12 14:33:13 | 000,000,000 | R--D | C] -- C:\Users\Larry Valencia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/11/12 14:33:13 | 000,000,000 | R--D | C] -- C:\Users\Larry Valencia\Links
[2013/11/12 14:33:13 | 000,000,000 | R--D | C] -- C:\Users\Larry Valencia\Favorites
[2013/11/12 14:33:13 | 000,000,000 | R--D | C] -- C:\Users\Larry Valencia\Downloads
[2013/11/12 14:33:13 | 000,000,000 | R--D | C] -- C:\Users\Larry Valencia\Documents
[2013/11/12 14:33:13 | 000,000,000 | R--D | C] -- C:\Users\Larry Valencia\Desktop
[2013/11/12 14:33:13 | 000,000,000 | R--D | C] -- C:\Users\Larry Valencia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/11/12 14:33:13 | 000,000,000 | -H-D | C] -- C:\Users\Larry Valencia\AppData
[2013/11/12 14:33:13 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Local\Temp
[2013/11/12 14:33:13 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Local\Microsoft
[2013/11/12 14:33:13 | 000,000,000 | ---D | C] -- C:\Users\Larry Valencia\AppData\Roaming\Media Center Programs
[2013/11/12 14:32:59 | 000,000,000 | -HSD | C] -- C:\Recovery
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/12/10 22:53:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/12/09 06:12:44 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/12/09 06:12:44 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/12/09 06:12:23 | 000,782,470 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/12/09 06:12:23 | 000,662,384 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/12/09 06:12:23 | 000,122,252 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/12/09 06:05:43 | 000,000,302 | ---- | M] () -- C:\Windows\tasks\Driver Booster Update.job
[2013/12/09 06:05:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/12/09 06:05:03 | 3172,769,792 | -HS- | M] () -- C:\hiberfil.sys
[2013/12/09 06:04:29 | 000,000,000 | ---- | M] () -- C:\asc_rdflag
[2013/12/09 00:37:25 | 000,002,216 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
[2013/12/02 02:12:07 | 000,000,878 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/12/01 23:42:08 | 000,313,744 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/01 23:36:31 | 000,774,248 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/12/01 21:06:34 | 000,001,358 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2013/12/01 20:48:35 | 000,001,193 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2013/12/01 20:48:35 | 000,001,181 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[2013/11/28 20:50:16 | 000,165,449 | ---- | M] () -- C:\Windows\hpoins28.dat
[2013/11/28 20:49:41 | 000,002,174 | ---- | M] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2013/11/28 20:48:53 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2013/11/28 20:48:37 | 000,001,322 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2013/11/28 20:48:11 | 000,002,106 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2013/11/28 11:24:24 | 000,002,020 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2013/11/28 11:24:24 | 000,002,020 | ---- | M] () -- C:\Users\Public\Desktop\GeekBuddy.lnk
[2013/11/25 21:19:12 | 000,001,191 | ---- | M] () -- C:\Users\Public\Desktop\Driver Booster.lnk
[2013/11/23 02:21:09 | 000,001,250 | ---- | M] () -- C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
[2013/11/19 21:08:25 | 002,103,040 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2013/11/19 21:08:20 | 000,681,905 | ---- | M] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2013/11/19 21:08:19 | 027,644,160 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioVnA64.dll
[2013/11/19 21:08:19 | 014,152,960 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll
[2013/11/19 21:08:19 | 005,751,576 | ---- | M] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICAPOlfx.dll
[2013/11/19 21:08:19 | 003,714,304 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioVnN64.dll
[2013/11/19 21:08:19 | 001,286,400 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxSpeechAPO64.dll
[2013/11/19 21:08:19 | 000,929,080 | ---- | M] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICAPOSettingsIPC.dll
[2013/11/19 21:08:18 | 002,036,992 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2013/11/19 21:08:18 | 001,921,792 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
[2013/11/19 21:08:18 | 001,345,280 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO5064.dll
[2013/11/19 21:08:18 | 001,012,992 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2013/11/19 21:08:17 | 006,217,904 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPP64A.dll
[2013/11/19 21:08:17 | 001,938,608 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPD64A.dll
[2013/11/19 21:08:17 | 000,501,184 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2013/11/19 21:08:17 | 000,487,360 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2013/11/19 21:08:17 | 000,415,680 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2013/11/19 21:08:17 | 000,313,520 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPO64A.dll
[2013/11/19 21:08:17 | 000,260,272 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPA64.dll
[2013/11/19 21:08:16 | 000,113,576 | ---- | M] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2013/11/15 19:34:44 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/11/15 19:34:42 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/11/14 06:55:27 | 000,061,216 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013/11/14 06:55:27 | 000,053,024 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013/11/14 06:55:25 | 000,357,152 | ---- | M] () -- C:\Windows\SysNative\NvIFROpenGL.dll
[2013/11/14 06:55:25 | 000,314,656 | ---- | M] () -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2013/11/14 06:55:25 | 000,023,754 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2013/11/14 06:38:02 | 000,043,216 | ---- | M] (COMODO) -- C:\Windows\SysNative\cmdcsr.dll
[2013/11/14 05:05:24 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013/11/14 04:46:53 | 000,002,124 | ---- | M] () -- C:\Users\Larry Valencia\Desktop\Microsoft Security Essentials.lnk
[2013/11/14 04:30:33 | 000,001,275 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2013/11/14 04:29:55 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2013/11/13 14:56:55 | 000,000,000 | -H-- | M] () -- C:\ProgramData\DP45977C.lfl
[2013/11/13 14:56:17 | 000,722,688 | ---- | M] (DTS, Inc.) -- C:\Windows\SysNative\sltech64.dll
[2013/11/13 14:56:17 | 000,244,480 | ---- | M] (TODO: <Company name>) -- C:\Windows\SysNative\slprp64.dll
[2013/11/13 14:56:16 | 005,681,192 | ---- | M] () -- C:\Windows\SysNative\drivers\rtvienna.dat
[2013/11/13 14:56:16 | 001,014,016 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\slcnt64.dll
[2013/11/13 14:56:16 | 000,897,792 | ---- | M] (DTS, Inc.) -- C:\Windows\SysNative\sl3apo64.dll
[2013/11/13 14:56:16 | 000,221,024 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2013/11/13 14:56:16 | 000,081,248 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2013/11/13 14:56:16 | 000,078,688 | ---- | M] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2013/11/13 14:56:16 | 000,074,064 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2013/11/13 14:56:15 | 004,933,328 | ---- | M] (ASUSTeKcomputer.Inc Inc) -- C:\Windows\SysNative\RTKSMlfx.dll
[2013/11/13 14:56:15 | 000,848,184 | ---- | M] (ASUSTeKcomputer.Inc Inc) -- C:\Windows\SysNative\RTKSMSettingsIPC.dll
[2013/11/13 14:56:13 | 007,164,176 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2013/11/13 14:56:13 | 000,907,008 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO2064.dll
[2013/11/13 14:56:13 | 000,662,784 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2013/11/13 14:56:13 | 000,434,960 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2013/11/13 14:56:13 | 000,141,584 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2013/11/13 14:56:13 | 000,124,176 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2013/11/13 14:56:13 | 000,075,024 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2013/11/13 14:56:12 | 001,084,160 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO4064.dll
[2013/11/13 14:56:12 | 000,790,272 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysWow64\MaxxAudioAPOShell.dll
[2013/11/13 14:56:12 | 000,663,296 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2013/11/13 14:56:12 | 000,603,984 | ---- | M] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2013/11/13 14:56:11 | 002,743,328 | ---- | M] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2013/11/13 14:56:11 | 001,756,264 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2013/11/13 14:56:11 | 001,568,360 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2013/11/13 14:56:11 | 001,486,952 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2013/11/13 14:56:11 | 000,728,680 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2013/11/13 14:56:11 | 000,712,296 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2013/11/13 14:56:11 | 000,693,352 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2013/11/13 14:56:11 | 000,605,496 | ---- | M] () -- C:\Windows\SysNative\audioLibVc.dll
[2013/11/13 14:56:11 | 000,491,112 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2013/11/13 14:56:11 | 000,432,744 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2013/11/13 14:56:11 | 000,428,648 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2013/11/13 14:56:11 | 000,242,792 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2013/11/13 14:56:11 | 000,242,792 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2013/11/13 14:56:11 | 000,241,768 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2013/11/13 14:56:11 | 000,109,848 | ---- | M] () -- C:\Windows\SysNative\AcpiServiceVnA64.dll
[2013/11/13 14:54:08 | 000,883,928 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2013/11/13 14:26:20 | 000,000,003 | ---- | M] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/11/13 14:09:29 | 000,001,224 | ---- | M] () -- C:\Users\Public\Desktop\Uninstaller.lnk
[2013/11/13 12:27:45 | 000,002,528 | ---- | M] () -- C:\Windows\SysNative\drivers\fvstore.dat
[2013/11/13 00:59:26 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/12 21:57:03 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/11/12 21:17:35 | 000,001,947 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2013/11/12 20:59:49 | 000,057,096 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll
[2013/11/12 20:59:49 | 000,048,392 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll
[2013/11/12 20:46:28 | 000,001,906 | ---- | M] () -- C:\Users\Public\Desktop\Virtual Comodo Dragon.lnk
[2013/11/12 20:46:27 | 000,000,600 | ---- | M] () -- C:\Users\Public\Desktop\Shared Space.lnk
[2013/11/12 20:45:31 | 000,001,127 | ---- | M] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2013/11/12 15:25:18 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013/11/12 15:25:18 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013/11/12 14:35:07 | 000,001,448 | ---- | M] () -- C:\Users\Larry Valencia\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/11/11 10:01:58 | 003,467,927 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/12/09 06:04:29 | 000,000,000 | ---- | C] () -- C:\asc_rdflag
[2013/12/01 21:06:34 | 000,001,358 | ---- | C] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2013/12/01 21:02:40 | 000,774,248 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/12/01 21:00:26 | 000,357,152 | ---- | C] () -- C:\Windows\SysNative\NvIFROpenGL.dll
[2013/12/01 21:00:26 | 000,314,656 | ---- | C] () -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2013/12/01 20:48:35 | 000,001,193 | ---- | C] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2013/12/01 20:48:35 | 000,001,181 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster 3.lnk
[2013/11/28 20:49:41 | 000,002,174 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2013/11/28 20:48:53 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2013/11/28 20:48:37 | 000,001,322 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2013/11/28 20:48:11 | 000,002,106 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2013/11/28 20:45:15 | 000,165,449 | ---- | C] () -- C:\Windows\hpoins28.dat
[2013/11/28 20:45:15 | 000,000,442 | ---- | C] () -- C:\Windows\hpomdl28.dat
[2013/11/23 02:21:09 | 000,001,250 | ---- | C] () -- C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
[2013/11/19 21:08:20 | 000,681,905 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2013/11/15 19:34:44 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/11/15 19:34:42 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/11/14 05:05:24 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013/11/14 05:04:26 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013/11/14 04:46:53 | 000,002,124 | ---- | C] () -- C:\Users\Larry Valencia\Desktop\Microsoft Security Essentials.lnk
[2013/11/14 04:30:33 | 000,001,275 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2013/11/13 17:16:27 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/13 16:42:00 | 000,000,878 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/11/13 14:56:55 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/11/13 14:56:16 | 005,681,192 | ---- | C] () -- C:\Windows\SysNative\drivers\rtvienna.dat
[2013/11/13 14:56:11 | 000,605,496 | ---- | C] () -- C:\Windows\SysNative\audioLibVc.dll
[2013/11/13 14:56:11 | 000,109,848 | ---- | C] () -- C:\Windows\SysNative\AcpiServiceVnA64.dll
[2013/11/13 14:39:51 | 000,000,302 | ---- | C] () -- C:\Windows\tasks\Driver Booster Update.job
[2013/11/13 14:39:50 | 000,001,191 | ---- | C] () -- C:\Users\Public\Desktop\Driver Booster.lnk
[2013/11/13 14:26:20 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/11/13 14:09:29 | 000,001,224 | ---- | C] () -- C:\Users\Public\Desktop\Uninstaller.lnk
[2013/11/13 14:08:39 | 000,002,216 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
[2013/11/13 02:16:01 | 000,002,528 | ---- | C] () -- C:\Windows\SysNative\drivers\fvstore.dat
[2013/11/13 00:59:26 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/12 21:57:03 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013/11/12 21:56:44 | 000,002,124 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013/11/12 20:46:28 | 000,001,947 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2013/11/12 20:46:28 | 000,001,906 | ---- | C] () -- C:\Users\Public\Desktop\Virtual Comodo Dragon.lnk
[2013/11/12 20:46:27 | 000,000,600 | ---- | C] () -- C:\Users\Public\Desktop\Shared Space.lnk
[2013/11/12 20:45:36 | 000,002,020 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
[2013/11/12 20:45:36 | 000,002,020 | ---- | C] () -- C:\Users\Public\Desktop\GeekBuddy.lnk
[2013/11/12 20:45:31 | 000,001,127 | ---- | C] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2013/11/12 14:35:07 | 000,001,448 | ---- | C] () -- C:\Users\Larry Valencia\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/11/12 14:33:51 | 000,001,424 | ---- | C] () -- C:\Users\Larry Valencia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/11/12 14:33:13 | 000,000,290 | ---- | C] () -- C:\Users\Larry Valencia\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/11/12 14:33:13 | 000,000,272 | ---- | C] () -- C:\Users\Larry Valencia\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013/11/01 19:47:58 | 000,014,119 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/11/23 05:32:35 | 000,000,000 | ---D | M] -- C:\Users\Larry Valencia\AppData\Roaming\DVDVideoSoft
[2013/11/23 02:21:15 | 000,000,000 | ---D | M] -- C:\Users\Larry Valencia\AppData\Roaming\DVDVideoSoftIEHelpers
[2013/11/13 14:39:51 | 000,000,000 | ---D | M] -- C:\Users\Larry Valencia\AppData\Roaming\IObit

========== Purity Check ==========



< End of report >

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _


A second notepad window opened up as well.

"Extras.Txt-Notepad"

OTL Extras logfile created on: 12/10/2013 10:59:55 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Larry Valencia\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.94 Gb Total Physical Memory | 1.63 Gb Available Physical Memory | 41.25% Memory free
7.88 Gb Paging File | 5.03 Gb Available in Paging File | 63.85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 400.42 Gb Free Space | 85.99% Space Free | Partition Type: NTFS

Computer Name: LARRYSPC | User Name: Larry Valencia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07A6C468-6375-429A-B6F5-666F44650DA1}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{09A3DE3E-48B0-40A0-B52F-0CCA9F946589}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{11FE0211-3F52-4259-871E-6EEF09A367C4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{17C95C97-CF0D-42BD-A71E-B29EA7BA88CC}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{36A431D1-EA54-456F-A43F-0B453C04C436}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{4319C5DD-8044-4F13-9D4E-2C8F661D6F8C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{43257B45-6646-48FA-8736-6302DFA3FC0E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{472D0732-9D6C-4B35-A08D-9F180100727F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5175FEB5-2032-4BB1-853A-6A0993E54DD5}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{59CE9ED5-E4DF-4C01-9F55-B243297E604D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{5B647D4D-DB2F-417A-A43D-CE863F4B2CFF}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{5BCBE92F-39F1-4B81-891A-D19AC5A9B50B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{6FA91A8B-BE0D-4B67-998C-1904E5EE5EC7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{76077466-8F00-409F-A62B-ED440AC585F7}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{79D678E9-161D-4B50-8C79-4B686D57FE3A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8EB9C8CE-058B-49F1-AC61-CFE5C5F33820}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A5D2FDC3-736C-4992-885D-5EF594579A08}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C3F4CA69-16DF-4775-AD9B-1B75B5C3B885}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C7B73DA7-D8BF-41E5-A4B6-9FE4E778E781}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{CDD1DDE1-431D-4BDC-B5FA-62947FD00EC6}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{E12D128C-E49E-46B7-873C-726A161AED21}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{E18F6116-8D5B-4F67-8B91-F2420C928578}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EFADDBBE-7835-4E62-84CA-5FEE17241EAB}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{042943EA-DE7D-45D8-A364-11E663F341EC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{09A94794-5D87-40FC-851B-D7F164F77A86}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{0C39667B-057C-4678-9EED-A8D0C352B553}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{13481205-6349-408C-91DE-DDA28A377E65}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{1607E9D8-F55D-4C6E-96D8-A09148AEFDFC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{19237733-8029-42AE-8EE9-7660FCE3654A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{26F6C739-F244-4619-9487-C1BDAA5DEEFB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2AA80FE8-A29F-4AD8-A313-AA65BDDB1E00}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{31B957A1-9D35-4F31-872C-8033600F6455}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{36B9C035-A9FC-476B-8338-8DB28E81B1D8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{39FCEAD8-37B4-43F5-8548-54C8BBAC4BB5}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{3F680BF5-C6C6-445F-9107-D6EB6191303E}" = protocol=6 | dir=in | app=c:\program files (x86)\mass effect 2\masseffect2launcher.exe |
"{44CD1F40-1103-40B6-B0E3-722DE7824B44}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{474F3568-53A2-4C04-B23F-8877DBC3799C}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{502594CD-3885-4A21-B71C-93A93B9B84B6}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{56E806CA-9CC4-4147-B7E4-3B104ED175E0}" = protocol=17 | dir=in | app=c:\program files (x86)\mass effect 2\binaries\masseffect2.exe |
"{6247D521-5213-4E7D-88C2-2AAE5C53803D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{62702125-75EF-40CE-9ACF-98B6FDF02E10}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{6FB88B0A-C529-43A4-8622-329D059CCE50}" = protocol=17 | dir=in | app=c:\program files (x86)\mass effect 2\masseffect2launcher.exe |
"{74019DF4-9D4B-4236-AC8F-5077ADB62D2D}" = protocol=6 | dir=out | app=system |
"{8A825A67-0F3D-4417-91DF-1C0284B95F08}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{901EC465-FE92-4A7B-9DCB-0A0E232E012B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{93C6A861-4E7D-4098-891E-DE19F580DF8B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{97BF3F93-8F12-48C6-B856-A857936EA124}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{998E6F59-37A1-4C8F-BA3E-86AF1C3FA251}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{A2CE2911-1476-4E85-B49F-C2F2919DAE8D}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{A5318609-811D-4F5B-B361-118FB981F2CB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AB0CBDB0-03DC-4E8A-8C11-E6720042D83A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{ABD0098D-1F7B-484C-964C-025F4D27F8BA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{B26F4788-89DC-4504-BCF6-71AA032CCA32}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{B37D0EC4-C0F2-4CC9-8DFB-E7D57297492E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D5C75743-74F7-44A5-B1B5-1E1FE4BE1ECD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{DBCE84ED-8F64-4F54-87DE-CD95619E0EC7}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{DDDFC28D-B1DF-4256-A2A7-756E8BED3DF4}" = protocol=6 | dir=in | app=c:\program files (x86)\mass effect 2\binaries\masseffect2.exe |
"{DF45EFE2-B811-42BE-B46C-DD383C3D5FA4}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E3987A09-0548-46D9-B644-0FED05D0F372}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{EC292474-4540-4FDF-800F-A8873A3991B5}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{EC7F5390-B571-4DC3-BD86-FF62182F2142}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{ED923CB3-031E-4468-885F-E3794182FC23}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EF9A901B-8A47-4DF6-B158-4DB91F2A7536}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{F74B2BD7-D627-4D33-95D8-38A5A9E024EF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F9DF7E2F-4535-4901-889B-B458A298F053}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety
"{40F962CF-3C1E-44EB-A319-5590BEEB90CF}" = COMODO Firewall
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A00C9114-40E6-4C70-A619-7DF264B23485}" = HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 331.82
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 10.10.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 10.10.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.12
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E102B843-786A-4F58-AF75-6504570E207B}" = Microsoft Security Client
"{E3047FA0-2D6B-4BD6-8CD4-599955F1CE9D}" = Microsoft Mouse and Keyboard Center
"{FBDB51DF-B89F-4009-8650-B1C8192F327E}" = GeekBuddy
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft Mouse and Keyboard Center" = Microsoft Mouse and Keyboard Center
"Microsoft Security Client" = Microsoft Security Essentials
"Shop for HP Supplies" = Shop for HP Supplies
"VLC media player" = VLC media player 2.1.1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Ralink RT2870 Wireless LAN Card
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{363CEA5C-C9D0-45DD-9511-A461DBDEE94B}" = DJ_AIO_03_F4200_Software_Min
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{45F267AE-311F-43E2-BDAA-00D059B93BF9}" = IObit Apps Toolbar v8.2
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A407FC22-36BF-4C82-A516-59D94BC505A9}" = System Requirements Lab Detection
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B7B3E9B3-FB14-4927-894B-E9124509AF5A}" = Adobe Flash Player 10 ActiveX
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C2524280-A5CF-4458-B809-167F13FAB56D}" = F4200
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}" = RealDownloader
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced SystemCare 7_is1" = Advanced SystemCare 7
"Comodo Dragon" = Comodo Dragon
"Driver Booster_is1" = Driver Booster
"Free Studio_is1" = Free Studio version 2013
"Game Booster_is1" = Game Booster 3
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IObit Surfing Protection_is1" = Surfing Protection
"IObitUninstall" = IObit Uninstaller
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 25.0.1 (x86 en-US)" = Mozilla Firefox 25.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PrivDog" = PrivDog
"RealPlayer 16.0" = RealPlayer
"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/20/2013 11:22:23 AM | Computer Name = LarrysPC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 11/21/2013 1:30:37 AM | Computer Name = LarrysPC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 11/22/2013 1:30:33 AM | Computer Name = LarrysPC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 11/22/2013 6:38:33 AM | Computer Name = LarrysPC | Source = WinMgmt | ID = 10
Description =

Error - 11/23/2013 10:34:09 AM | Computer Name = LarrysPC | Source = Application Error | ID = 1000
Description = Faulting application name: vlc.exe, version: 2.1.0.0, time stamp:
0x52432b75 Faulting module name: vlc.exe, version: 2.1.0.0, time stamp: 0x52432b75
Exception
code: 0xc0000005 Fault offset: 0x00000000000019b4 Faulting process id: 0x2c94 Faulting
application start time: 0x01cee8550c1bbc46 Faulting application path: C:\Program
Files\VideoLAN\VLC\vlc.exe Faulting module path: C:\Program Files\VideoLAN\VLC\vlc.exe
Report
Id: 4f9c8576-544c-11e3-b6f7-94dbc9968a57

Error - 11/24/2013 3:29:19 PM | Computer Name = LarrysPC | Source = Application Error | ID = 1000
Description = Faulting application name: cmdagent.exe, version: 6.3.35694.2953,
time stamp: 0x52632e6d Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x00000000000004f4 Faulting process
id: 0x410 Faulting application start time: 0x01cee76ebef59847 Faulting application
path: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe Faulting module
path: unknown Report Id: b67c9663-553e-11e3-b6f7-94dbc9968a57

Error - 11/24/2013 3:32:20 PM | Computer Name = LarrysPC | Source = WinMgmt | ID = 10
Description =

Error - 11/25/2013 7:34:28 PM | Computer Name = LarrysPC | Source = Application Hang | ID = 1002
Description = The program QuickTimePlayer.exe version 7.74.80.86 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 36e4 Start
Time: 01ceea31e2aaa6db Termination Time: 37 Application Path: C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe

Report
Id: 3ffb63a0-5625-11e3-bb89-94dbc9968a57

Error - 11/25/2013 10:14:07 PM | Computer Name = LarrysPC | Source = WinMgmt | ID = 10
Description =

Error - 11/28/2013 9:25:52 PM | Computer Name = LarrysPC | Source = WinMgmt | ID = 10
Description =


< End of report >
  • 0

Advertisements


#2
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello passingthru,

1) Why didn't Advanced Systemcare stop it when it clearly stated that it did?

2) How do I fix this?"


Please uninstall anything with IOBit or Advanced Systemcare in the name.

You can always reinstall them later if you wish although this link might be of interest:

http://www.systemloo...ff&search=IObit

Next

Please run OTL.exe

  • Under the Custom Scans/Fixes box at the bottom, copy and paste the content of the quote box below:

    :OTL
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo....r=spigot-yhp-ie
    IE - HKCU\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.2\iobitappsToolbarIE.dll (Spigot, Inc.)
    IE - HKCU\..\SearchScopes,DefaultScope = {2908B4FE-4CE5-43EE-9C05-B89EA4D1680C}
    IE - HKCU\..\SearchScopes\{2908B4FE-4CE5-43EE-9C05-B89EA4D1680C}: "URL" = http://search.yahoo....p={searchTerms}
    FF - prefs.js..browser.search.defaultenginename: "Yahoo!"
    FF - prefs.js..browser.search.selectedEngine: "Yahoo!"
    FF - prefs.js..browser.startup.homepage: "http://search.yahoo....=spigot-yhp-ff"
    FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21
    FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0
    FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.7
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
    FF - prefs.js..keyword.URL: "http://search.yahoo....8484&ilc=12&p="
    [2013/11/13 14:08:21 | 000,000,905 | ---- | M] () -- C:\Users\Larry Valencia\AppData\Roaming\Mozilla\Firefox\Profiles\t6hker2i.default\searchplugins\yahoo_ff.xml
    File not found (No name found) -- C:\PROGRAM FILES (X86)\IOBIT APPS TOOLBAR\FF
    O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
    O2:64bit: - BHO: (DVDVideoSoft IE Extension) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
    O2 - BHO: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.2\iobitappsToolbarIE.dll (Spigot, Inc.)
    O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
    O2 - BHO: (DVDVideoSoft IE Extension) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
    O3:64bit: - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.2\iobitappsToolbarIE64.dll (Spigot, Inc.)
    O3 - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.2\iobitappsToolbarIE.dll (Spigot, Inc.)
    O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
    O4 - HKCU..\Run: [Advanced SystemCare 7] C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe (IObit)
    O33 - MountPoints2\{025c7632-4bd2-11e3-9f1c-94dbc9968a57}\Shell - "" = AutoRun
    O33 - MountPoints2\{025c7632-4bd2-11e3-9f1c-94dbc9968a57}\Shell\AutoRun\command - "" = E:\HPLauncher.exe

    :Files
    ipconfig /flushdns /c

    :Commands
    [resethosts]
    [emptytemp]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • It will produce a log for you on reboot, please post that log in your next reply.The log is saved in the same location as OTL.
After that

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called (FRST.txt) in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.
So when you return please post
  • OTL fix .txt
  • FRST.txt
  • Addition.txt

  • 0

#3
passingthru

passingthru

    Member

  • Topic Starter
  • Member
  • PipPip
  • 56 posts
So you're saying IOBit's Advanced Systemcare is what's responsible for my homepage changing?!
  • 0

#4
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
No, I am asking you to uninstall it during the cleaning process. IOBit has caused problems in the past and if you refer to the link I gave you, you will see it has a history of trackware and adware functionality.

As I said in the post you are welcome to install it afterwards but in the end it is your machine and completely up to you whether you follow our advice or not. :)

The solution to the Yahoo pages is in the OTL fix.

One thing I overlooked mentioning it that it would make sense to disable Comodo before you run the OTL fix and the Farbar Recovery Scan tool. Comodo is known to interfere with some of our tools.
  • 0

#5
passingthru

passingthru

    Member

  • Topic Starter
  • Member
  • PipPip
  • 56 posts
How does somebody create a system restore point, that's something you do before undertaking something big right?
  • 0

#6
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Open System by clicking the Start button, right-clicking Computer, and then clicking Properties.

  • In the left pane, click System protection. Administrator permission required If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
  • Under Protection Settings, click the radio button Create.
  • Type in a description to help identify the restore point and click the button Create.
  • Once complete click Close OK.

  • 0

#7
passingthru

passingthru

    Member

  • Topic Starter
  • Member
  • PipPip
  • 56 posts

Open System by clicking the Start button, right-clicking Computer, and then clicking Properties.

  • In the left pane, click System protection. Administrator permission required If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
  • Under Protection Settings, click the radio button Create.
  • Type in a description to help identify the restore point and click the button Create.
  • Once complete click Close OK.



Sorry for the holdup there. Okay, I set up a restore point. I'm gonna try to uninstall IOBit and/or Advanced Systemcare now. I hope it isn't a pain in the [bleep]. According to cnet.com, "The uninstallation process is tedious and inefficient, because the product treats each feature as a separate app." I'm not very knowledgable with computers..

I do have a question though, is there anything I can use in place of Systemcare? For instance, recently I ran a scan and it told me my security is in the yellow "medium" zone. My performance is in the yellow as well. However, my stability was in the "bad" red zone. I used the "repair" button on the 1 disk error, the junk files and the shortcut errors (I avoided the registry features which I'm told can damage your computer) and it sent my stability back into the "good" zone. Truth is I don't know what it was that it thought was making my computer so unstable, but I do know that without Systemcare I wouldn't have known anything was wrong. Is it okay to fix disk errors and junk files or can that damage your computer like the registry stuff? What replacement programs would you recommend?
  • 0

#8
passingthru

passingthru

    Member

  • Topic Starter
  • Member
  • PipPip
  • 56 posts
Alright, the only IObit products left at this point are IObit uninstaller itself and IObit Driver Booster. Can these cause problems too or can I leave them?
  • 0

#9
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

(I avoided the registry features which I'm told can damage your computer)


Absolutely, good decision.

Is it okay to fix disk errors and junk files


You can do that using your computers own utilities.

Go to Start > All Programs > Accessories > System Tools > Disk Cleanup and click OK

For the Drive errors Right click on C drive go to Properties > Tools and click on the Check now radio button in the option for checking drive errors.

No need to do it now though. Wait until we have finished the actions we are undertaking for your computer.

Alright, the only IObit products left at this point are IObit uninstaller itself and IObit Driver Booster. Can these cause problems too or can I leave them?


Well I don't like driver boosters but we can deal with the uninstaller and the drive booster separately.

Just go ahead with the actions post #2.
  • 0

#10
passingthru

passingthru

    Member

  • Topic Starter
  • Member
  • PipPip
  • 56 posts
By the way, I discovered something telling. Once, my comodo alerted me to applicationupdater.exe trying to install "IObit apps toolbar" in my browser without my permission. I blocked it from going through (though strangely, the toolbar was still listed in my "uninstall programs" window so I had to uninstall it anyway). IObit apps toolbar is by "Spigot". Now, remember my initial complaint about having my homepage constantly sent to the yahoo searchpage even when I changed it? Well, now I notice that when I click on "tools" and "options" in my Firefox, it lists http://search.yahoo....r=spigot-yhp-ff as my homepage.

Notice that the word "Spigot" is in the url? The IObit toolbar is by Spigot, maybe Systemcare IS responsible for what's happening after all.

How can you tell whether your computer is becoming unstable or has too many privacy issues? I have Microsoft Security Essentials, MalwareBytes AntiMalware and Comodo Firewall but Systemcare is the one that scanned and listed how many current privacy issues you had with a "repair" button next to it.
  • 0

Advertisements


#11
passingthru

passingthru

    Member

  • Topic Starter
  • Member
  • PipPip
  • 56 posts
OTL kicked me off Firefox for a minute there, then restarted it.

Okay, here's the log OTL had on my screen when I came back:

---------------------------------------------------------------------------------------
All processes killed
========== OTL ==========
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}\ not found.
File C:\Program Files (x86)\IObit Apps Toolbar\IE\8.2\iobitappsToolbarIE.dll not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2908B4FE-4CE5-43EE-9C05-B89EA4D1680C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2908B4FE-4CE5-43EE-9C05-B89EA4D1680C}\ not found.
Prefs.js: "Yahoo!" removed from browser.search.defaultenginename
Prefs.js: "Yahoo!" removed from browser.search.selectedEngine
Prefs.js: "http://search.yahoo....=spigot-yhp-ff" removed from browser.startup.homepage
Prefs.js: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21 removed from extensions.enabledAddons
Prefs.js: ascsurfingprotection%40iobit.com:1.0 removed from extensions.enabledAddons
Prefs.js: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.7 removed from extensions.enabledAddons
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1 removed from extensions.enabledAddons
Prefs.js: "http://search.yahoo....8484&ilc=12&p=" removed from keyword.URL
C:\Users\Larry Valencia\AppData\Roaming\Mozilla\Firefox\Profiles\t6hker2i.default\searchplugins\yahoo_ff.xml moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}\ deleted successfully.
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}\ deleted successfully.
C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}\ not found.
File C:\Program Files (x86)\IObit Apps Toolbar\IE\8.2\iobitappsToolbarIE.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}\ not found.
C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}\ deleted successfully.
C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}\ not found.
File C:\Program Files (x86)\IObit Apps Toolbar\IE\8.2\iobitappsToolbarIE64.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}\ not found.
File C:\Program Files (x86)\IObit Apps Toolbar\IE\8.2\iobitappsToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings not found.
File C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare 7 not found.
File C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{025c7632-4bd2-11e3-9f1c-94dbc9968a57}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{025c7632-4bd2-11e3-9f1c-94dbc9968a57}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{025c7632-4bd2-11e3-9f1c-94dbc9968a57}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{025c7632-4bd2-11e3-9f1c-94dbc9968a57}\ not found.
File E:\HPLauncher.exe not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Larry Valencia\Downloads\cmd.bat deleted successfully.
C:\Users\Larry Valencia\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Larry Valencia
->Temp folder emptied: 179918223 bytes
->Temporary Internet Files folder emptied: 1728289 bytes
->FireFox cache emptied: 20077342 bytes
->Flash cache emptied: 9708 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 200704 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 2617848 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1168051 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 43275025 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 237.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 12122013_212856

Files\Folders moved on Reboot...
C:\Users\Larry Valencia\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PI1A1.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PI1A2.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PI23EA.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PI24D7.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PI24E8.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PI2585.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PI25C9.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PI25CA.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PI2667.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PI27E.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PI383B.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PI383C.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PI38D9.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PI3D3B.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PI3D3C.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PI3DD9.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PI45DA.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PI45EB.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PI4697.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PI76D4.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PI76E4.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PI7772.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PI9C33.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PI9C44.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PI9CE1.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PIB2D3.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PIB2E4.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PIB390.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PIC129.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PIC12A.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PIC1B.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PIC1C7.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PIC2C.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PIC73A.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PIC73B.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PIC7D8.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PICE8.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PID134.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PID135.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PID1D2.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PID8BA.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PID8BB.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PID8C8.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PID8E8.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PID967.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PID976.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PIF406.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PIF407.tmp not found!
File\Folder C:\Users\Larry Valencia\AppData\Local\Temp\~PIF4A4.tmp not found!
C:\Users\Larry Valencia\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Users\Larry Valencia\AppData\Local\Mozilla\Firefox\Profiles\t6hker2i.default\startupCache\startupCache.4.little moved successfully.
C:\Users\Larry Valencia\AppData\Local\Mozilla\Firefox\Profiles\t6hker2i.default\Cache\_CACHE_001_ moved successfully.
C:\Users\Larry Valencia\AppData\Local\Mozilla\Firefox\Profiles\t6hker2i.default\Cache\_CACHE_002_ moved successfully.
C:\Users\Larry Valencia\AppData\Local\Mozilla\Firefox\Profiles\t6hker2i.default\Cache\_CACHE_003_ moved successfully.
C:\Users\Larry Valencia\AppData\Local\Mozilla\Firefox\Profiles\t6hker2i.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\Larry Valencia\AppData\Local\Mozilla\Firefox\Profiles\t6hker2i.default\_CACHE_CLEAN_ moved successfully.
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

-------------------------------------------------------------


OTL is saved in my "downloads" folder. The original two notepad textlogs I posted earlier are there, but not this one.

Should I disable Comodo now before I continue?
  • 0

#12
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Should I disable Comodo now before I continue?


Yes please. :)
  • 0

#13
passingthru

passingthru

    Member

  • Topic Starter
  • Member
  • PipPip
  • 56 posts
[bleep], I was looking thru my Comodo Firewall trying to find the "disable button" to press when I accidently pressed the "virtual kiosk" button. A window saying "virtual kiosk is loading" is in the center of my screen now and it never finishes "loading"! >: (

It's stuck there now..
  • 0

#14
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
From Comodo Help

To close the Virtual Kiosk and return to your real computer system

Click the 'Kiosk' start menu at the bottom left

To temporarily switch to your real Windows system, Select 'Switch to Windows'. The Virtual Kiosk will be temporarily closed and you can quickly return to it by clicking 'Open Virtual Kiosk' from the 'Sandbox Tasks' interface.

To close the Virtual Kiosk, select 'Exit'. The Virtual Kiosk will be shut down and you will be able to continue with your real system.


How to turn off Comodo

Go here for information on how to disable Comodo
  • 0

#15
passingthru

passingthru

    Member

  • Topic Starter
  • Member
  • PipPip
  • 56 posts

From Comodo Help

To close the Virtual Kiosk and return to your real computer system

Click the 'Kiosk' start menu at the bottom left

To temporarily switch to your real Windows system, Select 'Switch to Windows'. The Virtual Kiosk will be temporarily closed and you can quickly return to it by clicking 'Open Virtual Kiosk' from the 'Sandbox Tasks' interface.

To close the Virtual Kiosk, select 'Exit'. The Virtual Kiosk will be shut down and you will be able to continue with your real system.


How to turn off Comodo

Go here for information on how to disable Comodo



I'm afraid it's too late. After the previous post, I refreshed the page to see if you had answered yet. The computer then started freezing on me.

I had to restart it.

Anyway, I'm back now and I've disabled Comodo.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP