Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

To many security apps? [Closed]


  • This topic is locked This topic is locked

#1
Jvescov

Jvescov

    New Member

  • Member
  • Pip
  • 3 posts
Hi, Thank you in advance. So my issue is over the years i have received help from various web sites on a few virus removals and such. My current concerns are that i still have most of these applications on my computer and i fear that they may be contradicting each-other so i was hoping to maybe gain some insight in to what i may or may not need anymore. I am having issues getting into my firewall it gives me a pop up statement of "Due to a unidentified problem, windows in unable to to display firewall settings". I discovered that when i was hoping to let my steam application to be a app to allow through firewall.
  • 0

Advertisements


#2
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
Hello Jvescov and Posted Image:


My name is Biscuithd and I am going to be helping you. Apologies fr the length of time you had to wait. Do you still need help?

  • If so, please download and run OTL along with posting the results of the scan and I'll let you know what the next stesp are.
  • Before we continue, please note, if you do not understand any of my instructions, then feel free to ask me and I will explain in further detail.
  • Some of my instructions might need to be carried out in safe mode (or be lengthy), where you will not have access to GeeksToGo, I suggest you save or print my instructions for later reference.
Please do NOT use any other tools, fixes or scripts unless instructed to do so. Not only could this damage your system, but it will make it harder to fix your issue.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

If I have not responded in three (3) days, feel free to PM me.


  • OTL by OldTimer is a modern, more powerful replacement for HijackThis. Please do not post a HijackThis, Combofix, GMER, MBAM or any other logs until requested.

    1. Download OTL, save to Desktop or other convenient location.
    2. OTL does not need to be installed, simply click the OTL icon to run.
    Posted Image

    3. Click the Quick Scan Button.
    Posted Image

    OTL will take a few minutes to generate a log, and then open it using Notepad.
    Note: If OTL.exe will not run, it may be blocked by malware. Try these alternate versions: OTL.scr, or OTL.com. If OTL still won't run, see this topic
How to copy and paste:
a. Go to the notepad window containing OTL.txt
b. Right click with your mouse or touchpad.
c. Choose Select All from the shortcut menu.
d. Right click again, then choose Copy from the shortcut menu.
e. Go the window where you are typing your new topic. Select an area after the text.
f. Right click and select Paste from the shortcut menu.
The OTL.txt log will be pasted after your text. Repeat the same for the Extras.txt file

Posted Image
  • 0

#3
Jvescov

Jvescov

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Hi Biscuithd I most certainly do thank you for your response my OTL rep will follow.

OTL logfile created on: 1/9/2014 8:24:23 PM - Run 14
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Joseph\Desktop\Anti Virus
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.57 Gb Available Physical Memory | 28.41% Memory free
4.24 Gb Paging File | 1.27 Gb Available in Paging File | 30.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.71 Gb Total Space | 96.11 Gb Free Space | 21.09% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.24 Gb Free Space | 62.39% Space Free | Partition Type: NTFS

Computer Name: JOSEPH-PC | User Name: Joseph | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/05 23:13:03 | 002,486,296 | ---- | M] () -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe
PRC - [2014/01/05 23:13:02 | 001,771,544 | ---- | M] (AVG Secure Search) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
PRC - [2014/01/05 23:13:02 | 000,159,768 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
PRC - [2013/12/13 13:37:34 | 001,383,232 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2013/12/13 13:37:34 | 000,807,800 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2013/12/11 11:40:36 | 001,823,656 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2013/12/11 11:40:36 | 000,569,768 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2013/12/03 18:48:06 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/11/18 21:59:36 | 000,590,352 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe
PRC - [2013/11/11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe
PRC - [2013/11/07 22:03:50 | 004,956,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe
PRC - [2013/11/07 22:00:48 | 000,680,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgemcx.exe
PRC - [2013/10/28 23:24:02 | 000,729,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgrsx.exe
PRC - [2013/10/28 23:17:36 | 000,892,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe
PRC - [2013/10/25 12:07:24 | 002,151,200 | ---- | M] (IObit) -- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
PRC - [2013/10/25 12:07:00 | 000,878,368 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
PRC - [2013/09/24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe
PRC - [2013/03/14 21:46:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/03/14 18:59:31 | 000,866,592 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013/03/14 18:59:30 | 001,821,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013/03/06 14:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/12/14 11:07:45 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Joseph\Desktop\Anti Virus\OTL.exe
PRC - [2011/01/04 11:05:06 | 000,083,440 | ---- | M] (Google) -- C:\Users\Joseph\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
PRC - [2010/04/29 10:30:44 | 000,091,456 | ---- | M] () -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
PRC - [2010/04/29 10:30:32 | 000,279,360 | ---- | M] (Motorola) -- C:\Program Files\Motorola\MotoConnectService\MotoConnect.exe
PRC - [2009/07/14 12:46:56 | 000,044,776 | ---- | M] (Xobni Corporation) -- C:\Program Files\Xobni\XobniService.exe
PRC - [2009/04/10 22:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/25 16:54:58 | 001,724,416 | ---- | M] (NETGEAR) -- C:\Program Files\NETGEAR\WN111v2\WN111v2.exe
PRC - [2009/02/12 23:24:30 | 000,002,560 | ---- | M] () -- C:\Windows\Runservice.exe
PRC - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/09/10 13:01:28 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2007/01/04 14:13:54 | 000,240,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe


========== Modules (No Company Name) ==========

MOD - [2014/01/05 23:13:05 | 000,519,704 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\log4cplusU.dll
MOD - [2014/01/05 23:13:03 | 002,486,296 | ---- | M] () -- C:\Program Files\AVG SafeGuard toolbar\vprot.exe
MOD - [2013/12/11 11:40:38 | 001,135,016 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll
MOD - [2013/12/11 11:40:38 | 000,121,256 | ---- | M] () -- C:\Program Files\Steam\bin\audio.dll
MOD - [2013/12/03 18:48:04 | 000,399,312 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppgooglenaclpluginchrome.dll
MOD - [2013/12/03 18:48:03 | 013,586,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
MOD - [2013/12/03 18:48:02 | 004,055,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll
MOD - [2013/12/03 18:47:11 | 000,702,416 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
MOD - [2013/12/03 18:47:11 | 000,099,792 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\libegl.dll
MOD - [2013/12/03 18:47:08 | 001,619,408 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
MOD - [2013/11/06 13:48:12 | 020,625,832 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll
MOD - [2013/11/06 13:48:10 | 000,691,200 | ---- | M] () -- C:\Program Files\Steam\SDL2.dll
MOD - [2013/09/30 09:16:10 | 000,268,968 | ---- | M] () -- C:\Windows\System32\sqlite3.dll
MOD - [2013/06/14 15:49:16 | 000,153,088 | ---- | M] () -- C:\Program Files\Steam\bin\mssvoice.asi
MOD - [2013/06/14 15:49:16 | 000,071,680 | ---- | M] () -- C:\Program Files\Steam\bin\mssmp3.asi
MOD - [2013/06/14 15:49:12 | 001,100,800 | ---- | M] () -- C:\Program Files\Steam\bin\avcodec-53.dll
MOD - [2013/06/14 15:49:12 | 000,192,000 | ---- | M] () -- C:\Program Files\Steam\bin\avformat-53.dll
MOD - [2013/06/14 15:49:12 | 000,124,416 | ---- | M] () -- C:\Program Files\Steam\bin\avutil-51.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (Pml Driver HPZ12)
SRV - File not found [Auto | Stopped] -- -- (Net Driver HPZ12)
SRV - File not found [Auto | Stopped] -- -- (HPSLPSVC)
SRV - [2014/01/05 23:13:02 | 001,771,544 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe -- (vToolbarUpdater17.3.0)
SRV - [2014/01/04 00:12:38 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/13 13:37:34 | 000,807,800 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2013/12/11 11:40:36 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/11/11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/10/30 14:17:34 | 002,473,296 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Secure Speed Dial\IE\SecureUpdate.exe -- (SecureUpdateSvc)
SRV - [2013/10/25 12:07:24 | 002,151,200 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2013/10/25 12:07:00 | 000,878,368 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe -- (AdvancedSystemCareService7)
SRV - [2013/09/24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2013/08/11 12:51:21 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/08/01 19:19:45 | 000,476,936 | ---- | M] (BitRaider, LLC) [On_Demand | Stopped] -- C:\ProgramData\BitRaider\BRSptSvc.exe -- (BRSptSvc)
SRV - [2013/03/14 21:46:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/03/06 14:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/10/19 15:14:08 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010/04/29 10:30:44 | 000,091,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe -- (MotoConnect Service)
SRV - [2009/07/14 12:46:56 | 000,044,776 | ---- | M] (Xobni Corporation) [Auto | Running] -- C:\Program Files\Xobni\XobniService.exe -- (XobniService)
SRV - [2009/02/12 23:24:30 | 000,002,560 | ---- | M] () [Auto | Running] -- C:\Windows\Runservice.exe -- (LicCtrlService)
SRV - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/09/10 13:01:28 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2008/02/29 01:07:18 | 000,942,080 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\NETGEAR\WN111v2\jswpsapi.exe -- (jswpsapi)
SRV - [2008/01/22 09:35:52 | 000,103,808 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2007/01/04 14:13:54 | 000,240,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)


========== Driver Services (SafeList) ==========

DRV - [2013/11/12 09:52:11 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/11/05 21:50:48 | 000,120,600 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2013/11/04 21:57:30 | 000,209,176 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013/10/31 23:00:28 | 000,176,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013/10/31 22:30:08 | 000,222,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avglogx.sys -- (Avglogx)
DRV - [2013/10/24 22:28:32 | 000,147,768 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgidshx.sys -- (AVGIDSHX)
DRV - [2013/10/01 00:49:38 | 000,102,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgmfx86.sys -- (Avgmfx86)
DRV - [2013/09/17 00:57:26 | 000,022,840 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013/09/10 00:43:20 | 000,027,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2013/08/01 19:57:13 | 000,064,808 | ---- | M] (BitRaider) [File_System | On_Demand | Stopped] -- C:\ProgramData\BitRaider\BRDriver.sys -- (BRDriver)
DRV - [2013/08/01 15:08:52 | 000,193,848 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2013/05/22 18:49:32 | 000,015,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2013/05/07 12:22:25 | 000,722,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2013/03/14 21:46:27 | 008,952,608 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013/03/06 14:33:24 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/03/06 14:33:24 | 000,368,176 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/03/06 14:33:24 | 000,164,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/03/06 14:33:24 | 000,062,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/03/06 14:33:24 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013/03/06 14:33:24 | 000,049,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/03/06 14:33:23 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/03/06 14:33:22 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/12/18 21:41:53 | 000,154,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2012/11/13 20:53:00 | 000,014,416 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys -- (WinRing0_1_2_0)
DRV - [2009/11/06 00:37:20 | 000,699,896 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcmwlhigh6.sys -- (BCMH43XX)
DRV - [2009/04/30 21:55:58 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2009/01/13 09:30:00 | 000,453,120 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WN111v2v.sys -- (WN111v2)
DRV - [2008/10/01 15:44:02 | 000,020,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf)
DRV - [2008/07/28 14:26:30 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2008/07/28 14:26:30 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008/01/18 20:25:05 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2007/10/01 16:20:40 | 000,032,160 | ---- | M] (PCTEL Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2007/03/27 18:06:02 | 000,857,600 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athrusb.sys -- (athrusb)
DRV - [2006/12/05 15:39:13 | 001,964,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VX3000.sys -- (VX3000)
DRV - [2006/12/05 15:39:11 | 001,963,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VX1000.sys -- (VX1000)
DRV - [2006/11/16 13:36:28 | 000,020,480 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DNISP50.sys -- (DNISp50)
DRV - [2006/11/16 13:36:18 | 000,021,504 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DNIMP50.sys -- (DNIMp50)
DRV - [2006/11/01 23:41:53 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.golsearch...E594AB&tsp=5004
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\8.5\iobitappsToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..CT3287375.browser.search.defaultthis.engineName: "true"
FF - prefs.js..CT3289847.browser.search.defaultthis.engineName: "true"
FF - prefs.js..CT3291326.browser.search.defaultthis.engineName: "true"
FF - prefs.js..browser.search.defaultenginename: "KeyBar 1.13 Customized Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "KeyBar 1.13 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=198484"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://mysearch.avg....fr&d=2013-08-26 21:04:23&v=15.6.1.2&pid=safeguard&sg=0&sap=hp"
FF - prefs.js..keyword.URL: "http://search.condui...265168&UM=2&q="
FF - prefs.js..browser.startup.homepage: "data:text/plain,browser.startup.homepage=http://search.yahoo.com/firefox/?fr=yff80-sfp"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@raidcall.en/RCplugin: C:\Users\Joseph\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: File not found
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Joseph\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Joseph\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Users\Joseph\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.7.1: C:\Users\Joseph\AppData\Local\Yahoo!\BrowserPlus\2.7.1\Plugins\npybrowserplus_2.7.1.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Mozilla Firefox\extensions\[email protected] [2013/08/11 12:50:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/04/26 22:48:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.0.49 [2014/01/05 23:13:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/09/20 09:31:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/09/20 09:31:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/09/20 09:31:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/09/20 09:31:23 | 000,000,000 | ---D | M]

[2008/11/16 14:48:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Joseph\AppData\Roaming\Mozilla\Extensions
[2014/01/03 23:05:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\fb63icx9.default\extensions
[2013/08/11 12:17:19 | 000,000,000 | ---D | M] (KeyBar 1.13) -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\fb63icx9.default\extensions\{02edb56b-9b33-435b-b7df-b2843273a694}
[2011/03/08 22:30:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\fb63icx9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013/08/18 15:00:37 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\fb63icx9.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/09/09 18:59:09 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\fb63icx9.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}(127)
[2013/08/11 12:15:41 | 000,000,000 | ---D | M] (Vafmusic) -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\fb63icx9.default\extensions\{6c3bc03f-d7b9-43ac-8931-c242e3cae971}
[2013/08/18 15:00:35 | 000,000,000 | ---D | M] (WhiteSmoke New) -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\fb63icx9.default\extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}
[2013/08/30 12:47:49 | 000,000,000 | ---D | M] (Address Bar Search) -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\fb63icx9.default\extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}
[2013/11/24 16:48:07 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\fb63icx9.default\extensions\[email protected]
[2013/09/13 10:30:53 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\fb63icx9.default\extensions\[email protected]
[2013/11/15 09:18:04 | 000,000,000 | ---D | M] (AD Block) -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\fb63icx9.default\extensions\[email protected]
[2013/11/11 22:15:55 | 000,000,000 | ---D | M] (AccelerateTab) -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\fb63icx9.default\extensions\[email protected]
[2011/08/10 09:04:32 | 000,000,000 | ---D | M] (Platinum Hide IP) -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\fb63icx9.default\extensions\[email protected]
[2009/06/29 22:41:47 | 000,004,207 | ---- | M] () -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\fb63icx9.default\searchplugins\aim-search.xml
[2012/11/14 14:52:03 | 000,002,523 | ---- | M] () -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\fb63icx9.default\searchplugins\aol-search.xml
[2013/09/29 16:41:02 | 000,001,136 | ---- | M] () -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\fb63icx9.default\searchplugins\keybar-113-customized-web-search.xml
[2009/01/31 23:34:12 | 000,001,632 | ---- | M] () -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\fb63icx9.default\searchplugins\live-search.xml
[2013/08/26 20:05:48 | 000,003,723 | ---- | M] () -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\fb63icx9.default\searchplugins\safeguard-secure-search.xml
[2013/08/11 12:51:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/08/11 12:50:58 | 000,000,000 | ---D | M] (DnsBasic) -- C:\Program Files\Mozilla Firefox\extensions\{650EED71-89E2-453B-8DCF-2AA1B4AE6EF3}
[2013/08/11 12:50:56 | 000,000,000 | ---D | M] (The Browser Highlighter) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2013/08/11 12:50:57 | 000,000,000 | ---D | M] (InfoAtoms) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2013/08/11 12:50:58 | 000,000,000 | ---D | M] ("searchme") -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2013/08/11 12:51:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/08/11 12:51:22 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/08/11 12:50:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2013/08/11 12:50:50 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013/04/26 22:48:44 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2014/01/03 23:05:56 | 000,000,000 | ---D | M] (IObit Apps Toolbar) -- C:\PROGRAM FILES\IOBIT APPS TOOLBAR\FF
() (No name found) -- C:\USERS\JOSEPH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FB63ICX9.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\JOSEPH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FB63ICX9.DEFAULT\EXTENSIONS\[email protected]
[2011/11/10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2014/01/05 23:13:34 | 000,003,736 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\safeguard-secure-search.xml
[2009/03/13 01:39:56 | 000,002,494 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\searchme.xml

========== Chrome ==========

CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://mysearch.avg....fr&d=2013-08-26 21:04:23&v=15.6.1.2&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = http://toolbar.avg.c...earchTerms}&o=1,
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00ae Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Joseph\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Joseph\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.1.0\\npsitesafety.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: Windows Live\u00ae Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Joseph\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.7.1 (Enabled) = C:\Users\Joseph\AppData\Local\Yahoo!\BrowserPlus\2.7.1\Plugins\npybrowserplus_2.7.1.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: AdBlock = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0\
CHR - Extension: No name found = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\
CHR - Extension: InfoAtoms = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk\1.4.0.0_0\
CHR - Extension: Domain Error Assistant = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.2_0\
CHR - Extension: Domain Error Assistant = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\
CHR - Extension: avast! WebRep = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: Slick Savings = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\
CHR - Extension: AVG SafeGuard = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.2.0.38_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
CHR - Extension: KeyBar 1.13 = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\njljkdinboobkmkihgcohanchjnjpgjk\10.22.5.510_0\
CHR - Extension: KeyBar 1.13 = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\njljkdinboobkmkihgcohanchjnjpgjk\10.22.5.510_0\nativeMessaging\nmHost
CHR - Extension: KeyBar 1.13 = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\njljkdinboobkmkihgcohanchjnjpgjk\10.24.3.503_0\
CHR - Extension: KeyBar 1.13 = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\njljkdinboobkmkihgcohanchjnjpgjk\10.24.3.503_0\nativeMessaging\nmHost
CHR - Extension: KeyBar 1.13 = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\njljkdinboobkmkihgcohanchjnjpgjk\10.24.3.503_1\
CHR - Extension: KeyBar 1.13 = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\njljkdinboobkmkihgcohanchjnjpgjk\10.24.3.503_1\nativeMessaging\nmHost
CHR - Extension: KeyBar 1.13 = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\njljkdinboobkmkihgcohanchjnjpgjk\10.26.0.540_0\
CHR - Extension: KeyBar 1.13 = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\njljkdinboobkmkihgcohanchjnjpgjk\10.26.0.540_0\nativeMessaging\nmHost
CHR - Extension: Google Wallet = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Google Wallet = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: No name found = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojkdcodhlkmiakbangobnmdhieapagic\1.0.0_0\
CHR - Extension: Amazon Shopping Assistant by Spigot = C:\Users\Joseph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\

O1 HOSTS File: ([2012/11/16 19:17:30 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\8.5\iobitappsToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
O2 - BHO: (AccelerateTab) - {48A789BF-F6D6-4930-9C8B-77855A63EDE1} - C:\Program Files\Secure Speed Dial\IE\SpeedDial.dll (Secure Speed Dial)
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-94BE-FD60BB9AAE29} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (no name) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - No CLSID value found.
O2 - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - No CLSID value found.
O3 - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\8.5\iobitappsToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG SafeGuard toolbar\vprot.exe ()
O4 - HKCU..\Run: [Advanced SystemCare 7] C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe (IObit)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 227
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: motive.com ([patttbc.att] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1EC9B7C7-513F-4A2E-BD42-DE5436ECB5A0}: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3575C3DB-3FA7-4849-9D56-A5312E116450}: DhcpNameServer = 68.94.156.1 68.94.157.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5122F23-263E-41D6-AE4D-B8F05908A3F9}: DhcpNameServer = 68.94.156.1 68.94.157.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A886D423-9985-4C89-8B8E-36CFA507FF34}: DhcpNameServer = 68.94.156.1 68.94.157.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AC21EB7D-6797-4330-BE20-60C29D908B1C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F675D672-38E3-4E91-9C28-9C4DE0805C99}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18 - Protocol\Handler\cdl - No CLSID value found
O18 - Protocol\Handler\file - No CLSID value found
O18 - Protocol\Handler\ftp - No CLSID value found
O18 - Protocol\Handler\javascript - No CLSID value found
O18 - Protocol\Handler\local - No CLSID value found
O18 - Protocol\Handler\mk - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Joseph\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Joseph\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 13:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2014/01/04 21:59:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2014/01/04 21:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\OpenAL
[2014/01/04 21:43:31 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2014/01/03 23:05:34 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2014/01/03 23:05:31 | 000,000,000 | ---D | C] -- C:\Program Files\IObit Apps Toolbar
[2008/12/12 16:27:49 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Joseph\AppData\Roaming\pcouffin.sys
[2 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/01/09 20:15:22 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/09 20:15:22 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/09 20:09:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/09 19:43:40 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/09 05:53:28 | 000,000,394 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{59C1AD01-8864-4B26-B305-1454909FD816}.job
[2014/01/09 04:43:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/09 01:09:43 | 000,640,408 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/01/09 01:09:43 | 000,118,660 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/01/06 22:09:25 | 000,001,948 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
[2014/01/04 22:10:13 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\Driver Booster Update.job
[2014/01/04 22:09:30 | 000,001,865 | -HS- | M] () -- C:\Windows\System32\mmf.sys
[2014/01/04 22:08:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/04 21:59:46 | 000,000,722 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2014/01/04 21:43:32 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2014/01/04 04:47:45 | 000,001,933 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/04 00:25:06 | 006,063,808 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/01/04 21:59:46 | 000,000,722 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2013/12/01 00:28:34 | 000,015,672 | ---- | C] () -- C:\Windows\System32\drivers\SmartDefragDriver.sys
[2013/10/24 07:49:08 | 000,268,968 | ---- | C] () -- C:\Windows\System32\sqlite3.dll
[2013/04/26 22:50:28 | 000,164,736 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/04/26 22:50:27 | 000,049,248 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/04/26 22:20:39 | 000,000,000 | ---- | C] () -- C:\ProgramData\222620313f3a54382a_c
[2013/04/26 22:07:22 | 000,087,608 | ---- | C] () -- C:\Users\Joseph\AppData\Roaming\inst.exe
[2013/04/25 21:41:07 | 000,000,000 | ---- | C] () -- C:\ProgramData\LQ20O6T.dat
[2013/04/25 21:40:52 | 000,000,001 | ---- | C] () -- C:\ProgramData\Ov8S1e7I.exe_.b
[2013/04/25 21:40:52 | 000,000,001 | ---- | C] () -- C:\ProgramData\Ov8S1e7I.exe.b
[2012/11/16 07:10:07 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/11/16 07:10:06 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/11/16 07:10:06 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/11/16 07:10:06 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/11/16 07:10:06 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/12/16 02:09:52 | 000,001,865 | -HS- | C] () -- C:\Windows\System32\mmf.sys
[2010/02/21 08:46:01 | 000,000,552 | ---- | C] () -- C:\Users\Joseph\AppData\Local\d3d8caps.dat
[2009/09/24 15:31:36 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/09/15 20:13:23 | 000,101,172 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2009/09/10 19:41:24 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009/09/09 00:45:00 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009/09/09 00:45:00 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2009/09/09 00:44:59 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/09/09 00:44:59 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/09/09 00:44:58 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2009/08/07 14:40:37 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/07 14:40:37 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/05/23 11:08:58 | 000,000,600 | ---- | C] () -- C:\Users\Joseph\AppData\Roaming\winscp.rnd
[2009/04/30 21:39:36 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009/02/12 23:24:30 | 000,048,640 | ---- | C] () -- C:\Windows\mmfs.dll
[2009/02/12 23:24:30 | 000,002,560 | ---- | C] () -- C:\Windows\Runservice.exe
[2008/12/23 00:19:58 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/12/12 16:27:49 | 000,007,887 | ---- | C] () -- C:\Users\Joseph\AppData\Roaming\pcouffin.cat
[2008/12/12 16:27:49 | 000,001,144 | ---- | C] () -- C:\Users\Joseph\AppData\Roaming\pcouffin.inf
[2008/12/12 14:06:41 | 000,155,136 | ---- | C] () -- C:\Users\Joseph\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/29 03:01:07 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/11/15 18:38:19 | 000,023,580 | ---- | C] () -- C:\Users\Joseph\AppData\Roaming\UserTile.png
[2008/11/15 18:31:42 | 000,002,032 | ---- | C] () -- C:\Users\Joseph\AppData\Local\d3d9caps.dat
[2008/05/16 10:58:04 | 000,012,632 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2006/11/02 04:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 04:47:37 | 006,063,808 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 04:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:33:01 | 000,640,408 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 02:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 02:33:01 | 000,118,660 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 02:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 02:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 00:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 00:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/01 23:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/01 23:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/04/19 15:14:32 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini
[2005/12/22 11:05:46 | 000,015,498 | ---- | C] () -- C:\Windows\VX3000.ini
[2003/01/07 07:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

========== LOP Check ==========

[2009/01/16 01:12:18 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\acccore
[2009/03/05 22:37:43 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\AT&T
[2009/03/05 22:37:10 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\ATTToolbar
[2013/10/28 17:54:33 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\AVG2014
[2014/01/04 00:08:16 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Azureus
[2013/11/24 15:19:50 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Babylon
[2009/07/31 13:06:37 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\DAEMON Tools Pro
[2013/05/07 17:06:19 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\DAEMON Tools Ultra
[2010/01/07 03:11:36 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\DiskAid
[2009/04/18 18:22:27 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\DMCache
[2013/04/25 14:17:59 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Downloaded Installations
[2012/04/08 19:13:03 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Go PDF Reader
[2013/12/01 00:27:34 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\IObit
[2012/10/26 18:16:52 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\LolClient
[2010/02/25 21:07:45 | 000,000,000 | -HSD | M] -- C:\Users\Joseph\AppData\Roaming\lowsec
[2009/05/23 10:59:58 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\NCH Swift Sound
[2012/10/16 10:53:15 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Nico Mak Computing
[2009/10/20 15:05:10 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\OpenOffice.org
[2013/04/26 22:11:12 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Out of the Park Developments
[2011/12/13 21:08:38 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Ovv
[2008/11/15 18:38:19 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\PeerNetworking
[2011/08/10 00:09:26 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\PlatinumHideIP
[2013/10/06 13:36:07 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\raidcall
[2009/01/05 01:02:09 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Red Kawa
[2013/04/26 16:56:40 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Samsung
[2011/12/06 13:50:34 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Spotify
[2012/05/01 20:21:29 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\StreamTorrent
[2011/12/26 21:46:13 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\SumatraPDF
[2013/11/02 01:37:52 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\TS3Client
[2013/04/26 23:04:25 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\TuneUp Software
[2013/04/26 22:07:22 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\Vso
[2011/11/10 17:53:48 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\WeatherBug
[2010/05/10 22:33:57 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\WinAVI
[2014/01/04 22:10:13 | 000,000,274 | ---- | M] () -- C:\Windows\Tasks\Driver Booster Update.job
[2014/01/04 22:07:32 | 000,032,580 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014/01/09 05:53:28 | 000,000,394 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{59C1AD01-8864-4B26-B305-1454909FD816}.job

========== Purity Check ==========



< End of report >
  • 0

#4
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
Hi Jvescov,

I see why there was no Extras.txt. Could you run OTL again and check "Use Safe List" under Extra-Registry and click the "Run Scan" Button. OTL should produce an Extras.txt this time. Would you post that log please?
  • 0

#5
Jvescov

Jvescov

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Most certainly here you are.

OTL Extras logfile created on: 1/10/2014 6:35:39 PM - Run 15
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Joseph\Desktop\Anti Virus
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.59 Gb Available Physical Memory | 29.71% Memory free
4.43 Gb Paging File | 1.15 Gb Available in Paging File | 25.97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.71 Gb Total Space | 87.04 Gb Free Space | 19.10% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.24 Gb Free Space | 62.39% Space Free | Partition Type: NTFS

Computer Name: JOSEPH-PC | User Name: Joseph | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = CHM] -- C:\Program Files\Go PDF Reader\GoPDFReader.exe (Download Manager Ltd.)
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06C32EA0-4A22-4919-979A-8700715865B8}" = Microsoft LifeCam
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4600_series" = Canon iP4600 series Printer Driver
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}" = WN111v2
"{1EBEC42C-5E3F-4077-933B-411E33A0C3A4}" = Motorola Driver Installation 4.6.0
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 30
"{2EAEB0A6-582A-490B-B075-D837677365C2}" = 2WIREUSBWLANInstaller
"{32FF8E03-4332-44D3-B5E5-A04F1D69D0E1}" = IObit Apps Toolbar v8.5
"{37C5A56A-00EA-347B-B7A1-5628BED56702}" = Google Talk Plugin
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3B97ADB7-3DA1-4964-BC10-68384BA6A66F}" = AVG 2014
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CE11B98-C61C-4692-9E0E-59934761C3BE}" = 2Wire Wireless Manager
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{4769E972-2E92-49C5-B6F9-465EFD0C4D94}" = VirtualDJ PRO Full
"{49AEFEAB-A10B-4E8E-B577-2287ACA2B8AF}" = AVG 2014
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{676B241C-AED4-400B-98FF-267773B94B11}_is1" = QuickFreedom 1.1.0
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}" = Razer Game Booster
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8DC069E7-893C-41E1-9442-DE89FEC33371}" = Xobni Core
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90A4562F-D4A1-4B65-906D-41F236CF6902}" = Path of Exile
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 ATL (x86) WinSXS MSM
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.23.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}" = iPhoneBrowser
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C3592426-531E-4110-911D-BFECE2CE284C}" = osu!
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F59A9E08-A6A4-4ACF-91F2-D0344956C30B}" = iTunes
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"1ClickDownload" = HDVidCodec
"8461-7759-5462-8226" = Vuze
"AccelerateTab_is1" = AccelerateTab
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced SystemCare 7_is1" = Advanced SystemCare 7
"ATT-HSI" = ATT-HSI
"ATT-SST" = AT&T Self Support Tool
"AVG" = AVG 2014
"AVG SafeGuard toolbar" = AVG SafeGuard toolbar
"AviSynth" = AviSynth 2.5
"BitRaider Web Client" = BitRaider Web Client
"Canon iP4600 series User Registration" = Canon iP4600 series User Registration
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DiskAid_is1" = DiskAid 3.11
"DnsBasic" = DnsBasic 1.0 build 111
"Dream Aquarium_is1" = Dream Aquarium
"DreamAqua" = Dream Aquarium
"Driver Booster_is1" = Driver Booster
"DVD Audio Ripper 4" = DVD Audio Ripper 4
"DVD Decrypter" = DVD Decrypter (Remove Only)
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Google Chrome" = Google Chrome
"GoPDFReader" = Go PDF Reader
"InfoAtoms" = InfoAtoms
"InstallShield_{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}" = RangeMax Wireless-N USB Adapter WN111v2
"IObit Malware Fighter_is1" = IObit Malware Fighter
"IObit Surfing Protection_is1" = Surfing Protection
"IObitUninstall" = IObit Uninstaller
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 17.0.1 (x86 en-US)" = Mozilla Firefox 17.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mplayer" = Mplayer 0.6.9
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"OpenAL" = OpenAL
"Out of the Park Baseball 6" = Out of the Park Baseball 6
"Photoshop Cs4 Ultra 1.1" = Photoshop Cs4 Ultra 1.1
"Pixillion" = Pixillion Image Converter
"Postal 2_is1" = Portal 2
"Project 64_is1" = Project 64 version 2.0.0.14
"RadialpointClientGateway_is1" = AT&T Internet Security Wizard 1.5.11
"RaidCall" = RaidCall
"Side 9 Screensaver" = Side 9 Screensaver
"Smart Defrag 2_is1" = Smart Defrag 2
"Steam" = Steam
"StreamTorrent 1.0" = StreamTorrent 1.0
"SumatraPDF" = SumatraPDF
"swtor_swtor" = Star Wars The Old Republic
"TruePoker" = TruePoker
"TruePoker (High Res)" = TruePoker (High Res)
"TVersity Codec Pack" = TVersity Codec Pack 1.2
"Veetle TV" = Veetle TV 0.9.18
"Videora iPod Converter" = Videora iPod Converter 4.04
"Videora Xbox 360 Converter" = Videora Xbox 360 Converter 4.08
"VLC media player" = VLC media player 0.9.8a
"vShare.tv plugin" = vShare.tv plugin 1.3
"WavePad" = WavePad Sound Editor
"WinAVI Video Converter 10.0_is1" = WinAVI Video Converter
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"winscp3_is1" = WinSCP 4.2.5
"XobniMain" = Xobni
"Yahoo! Mail" = AT&T Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
"YouTube Downloader App" = YouTube Downloader App 1.03
"YouTubeGet_is1" = YouTubeGet 5.2.3

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.7.1

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/20/2013 1:29:33 PM | Computer Name = Joseph-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\AVAST Software\Avast\AvastUI.exe".
Dependent
Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 9/20/2013 1:31:26 PM | Computer Name = Joseph-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\AVAST Software\Avast\AvastUI.exe".
Dependent
Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 9/20/2013 1:31:26 PM | Computer Name = Joseph-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\AVAST Software\Avast\AvastUI.exe".
Dependent
Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 9/20/2013 1:32:50 PM | Computer Name = Joseph-PC | Source = MsiInstaller | ID = 11935
Description =

Error - 9/20/2013 1:34:44 PM | Computer Name = Joseph-PC | Source = MsiInstaller | ID = 11935
Description =

Error - 9/21/2013 9:56:17 PM | Computer Name = Joseph-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Common
Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe". Dependent Assembly
Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 9/21/2013 9:56:57 PM | Computer Name = Joseph-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\AVAST Software\Avast\AvastUI.exe".
Dependent
Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 9/21/2013 9:57:12 PM | Computer Name = Joseph-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\AVAST Software\Avast\AvastUI.exe".
Dependent
Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 9/22/2013 2:05:38 AM | Computer Name = Joseph-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Common
Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe". Dependent Assembly
Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 9/22/2013 2:06:05 AM | Computer Name = Joseph-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\AVAST Software\Avast\AvastUI.exe".
Dependent
Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
could not be found. Please use sxstrace.exe for detailed diagnosis.

[ Media Center Events ]
Error - 12/7/2010 2:58:20 AM | Computer Name = Joseph-PC | Source = McrMgr | ID = 109
Description =

Error - 2/1/2011 3:04:42 PM | Computer Name = Joseph-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 3/14/2011 2:36:08 AM | Computer Name = Joseph-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 12/17/2012 4:40:33 AM | Computer Name = Joseph-PC | Source = Mcx2Dvcs | ID = 405
Description =

Error - 12/17/2012 4:43:18 AM | Computer Name = Joseph-PC | Source = Mcx2Dvcs | ID = 405
Description =

Error - 12/17/2012 4:52:52 AM | Computer Name = Joseph-PC | Source = Mcx2Dvcs | ID = 405
Description =

Error - 12/17/2012 5:07:38 AM | Computer Name = Joseph-PC | Source = Mcx2Dvcs | ID = 405
Description =

Error - 12/17/2012 5:13:37 AM | Computer Name = Joseph-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.SqmFlushSession failed; Win32 GetLastError
returned 0D Process: DefaultDomain Object Name: Media Center Guide

Error - 12/17/2012 5:14:52 AM | Computer Name = Joseph-PC | Source = Mcx2Dvcs | ID = 405
Description =

Error - 12/17/2012 4:36:38 PM | Computer Name = Joseph-PC | Source = Mcx2Dvcs | ID = 405
Description =

[ System Events ]
Error - 1/9/2014 5:08:00 AM | Computer Name = Joseph-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 1/9/2014 7:32:48 AM | Computer Name = Joseph-PC | Source = DCOM | ID = 10010
Description =

Error - 1/10/2014 5:05:30 AM | Computer Name = Joseph-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 1/10/2014 5:05:31 AM | Computer Name = Joseph-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 1/10/2014 5:05:50 AM | Computer Name = Joseph-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 1/10/2014 5:06:57 AM | Computer Name = Joseph-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 1/10/2014 5:07:56 AM | Computer Name = Joseph-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 1/10/2014 5:07:56 AM | Computer Name = Joseph-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 1/10/2014 5:07:56 AM | Computer Name = Joseph-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 1/10/2014 5:08:16 AM | Computer Name = Joseph-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =


< End of report >
  • 0

#6
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
Hello Jvescov

IMPORTANT I see, you have one or more P2P (Peer to Peer) programs installed.

1.) If you download files via a P2P File sharing programs, you can usually expect a infection of malware. Certainly you can use P2P programs at your own risk, but they are often the source of many computer infections.
2.) Please read these reports about the danger of P2P Programs:
3.) I would recommend that you uninstall your P2P programs. Do do this, you can perform the following instructions. Start >> Control Panel >> Add or Remove Programs
4.) If you want to keep the program on your computer , please don't use it while we are fixing your computer!


Uninstall Software

  • Click on the Start Posted Image button and select Control Panel
  • Click on Uninstall a program or Programs and Features
  • You will now see a list of your installed software, double click on the following one by one to uninstall them:IObit Apps Toolbar v8.5
    IObit Malware Fighter
    Surfing Protection
    IObit Uninstaller
Once you have done this, reboot your computer


OTL Fix

  • Run OTL as you did before.
  • Copy the text in the quote box below (do not copy the word "quote") and paste in the in the box marked Custom Scans/Fixes as shown in the graphic below.

Posted Image

:Commands
[createrestorepoint]

:OTL
SRV - [2013/10/25 12:07:24 | 002,151,200 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2013/10/25 12:07:00 | 000,878,368 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe -- (AdvancedSystemCareService7)
IE - HKCU\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\8.5\iobitappsToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
FF - prefs.js..browser.search.defaultenginename: "KeyBar 1.13 Customized Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "KeyBar 1.13 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
[2013/11/24 16:48:07 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\fb63icx9.default\extensions\[email protected]
[2013/08/11 12:50:58 | 000,000,000 | ---D | M] (DnsBasic) -- C:\Program Files\Mozilla Firefox\extensions\{650EED71-89E2-453B-8DCF-2AA1B4AE6EF3}
[2014/01/03 23:05:56 | 000,000,000 | ---D | M] (IObit Apps Toolbar) -- C:\PROGRAM FILES\IOBIT APPS TOOLBAR\FF
O2 - BHO: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\8.5\iobitappsToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O3 - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\8.5\iobitappsToolbarIE.dll (Spigot, Inc.)
O4 - HKCU..\Run: [Advanced SystemCare 7] C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe (IObit)
[2014/01/03 23:05:31 | 000,000,000 | ---D | C] -- C:\Program Files\IObit Apps Toolbar
[2014/01/06 22:09:25 | 000,001,948 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
[2014/01/04 22:10:13 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\Driver Booster Update.job
[2014/01/04 22:09:30 | 000,001,865 | -HS- | M] () -- C:\Windows\System32\mmf.sys
[2013/12/01 00:27:34 | 000,000,000 | ---D | M] -- C:\Users\Joseph\AppData\Roaming\IObit

:Commands
[emptytemp]


Press Run Fix

When OTL completes, your computer will reboot. If it does not, please manually reboot.

Junkware Removal Tool

Download Junkware Removal Tool to your desktop.


  • Disable your protection software now to avoid potential conflicts.
  • Right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Then, run OTL again and click Quick Scan.

Copy and paste the contents of the log that it produces into your next post.

Farbar Service Scanner

Please download Farbar Service Scanner to the desktop.
Doubleclick the FSS.exe file to run it. (Vista and 7 users may need to right click the file and click Run as Administrator)

  • Posted Image
  • Make sure the following options are checked:
    • Internet services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
    • Other services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.
In your next post to me please include the OTL log, Junkware Removal Tool log and the FSS log.
  • 0

#7
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#8
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Topic re-opened per OP's request...
  • 0

#9
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
Hello Jvescov,

I understand that you need help. Were you able to complete the work in Step #6 or do you have a different issue?
  • 0

#10
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP