Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows OS crashed (vista) due to virus. [Solved]


  • This topic is locked This topic is locked

#46
Monvishi

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts
JRT Log:


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows ™ Vista Home Premium x64
Ran by Fry's Electronics on Tue 01/21/2014 at 7:16:38.28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 01/21/2014 at 7:25:49.01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

Advertisements


#47
Monvishi

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts
System Look Log:


SystemLook 30.07.11 by jpshortstuff
Log created at 07:30 on 21/01/2014 by Fry's Electronics
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== filefind ==========

Searching for "*Babylon*"
No files found.

Searching for "*DSite*"
No files found.

Searching for "*OpenCandy*"
No files found.

Searching for "*pdfforge*"
No files found.

Searching for "*bProtector*"
No files found.

Searching for "*Conduit*"
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iSyncConduit.dll --a---- 1207392 bytes [19:43 06/12/2012] [19:43 06/12/2012] C963B2DECF0872C4A79D4E5E97062E8C
C:\Users\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_1450550_1446205_US.xml --a---- 187 bytes [00:22 25/02/2012] [00:22 25/02/2012] 001DAD0459165B5C76CC91EE8BC1C78B
C:\Users\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_1774897_1765438_US.xml --a---- 193 bytes [02:42 08/03/2013] [02:48 25/03/2013] 405DD1D7D36C626FAFD9AC9650D3CD76
C:\Users\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_666138_661999_US.xml --a---- 182 bytes [21:46 18/05/2011] [00:22 25/02/2012] 09537830AF4F5ED99783297FA09DC218
C:\Users\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_710635_706495_US.xml --a---- 197 bytes [21:46 18/05/2011] [21:52 18/05/2011] 8B033CC21015015B3728881F4612464F
C:\Users\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alert_services_conduit_com_Alerts_AlertServices_asmx_GetHostedFeedRss_alertID=483778&alertFeedId=479649.xml --a---- 355 bytes [20:19 22/12/2009] [20:19 22/12/2009] 9E880EE0FD29F0EDB7FEBC39B5E88869
C:\Users\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alert_services_conduit_com_Alerts_AlertServices_asmx_GetHostedFeedRss_alertID=666138&alertFeedId=661999.xml --a---- 354 bytes [23:39 28/02/2010] [23:39 28/02/2010] 1FE9FD7706C14DF8393273FFA3755F9A
C:\Users\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alert_services_conduit_com_Alerts_AlertServices_asmx_GetHostedFeedRss_alertID=710635&alertFeedId=706495.xml --a---- 362 bytes [20:19 22/12/2009] [20:19 22/12/2009] C346395C045783AD18D7C3636AB60B49
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_72_231_CT2314472_Images_633837294959906250_gif.gif --a---- 242 bytes [20:19 22/12/2009] [20:19 22/12/2009] EA36262E06B56951A20A65C2CD5A4A3D
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_72_231_CT2314472_Images_633837301853812500_png.png --a---- 1183 bytes [20:19 22/12/2009] [20:19 22/12/2009] C662495B7EE76F0940B22183DE20523C
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_72_231_CT2314472_Images_633837302182718750_png.png --a---- 357 bytes [20:19 22/12/2009] [20:19 22/12/2009] 3B24BD5B6286771AD642746BC93469D3
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_72_231_CT2314472_Images_633837302548500000_png.png --a---- 591 bytes [20:19 22/12/2009] [20:19 22/12/2009] 3BDD4870C031964CA23FD0A4FD6CB377
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_72_231_CT2314472_Images_633837303013656250_png.png --a---- 910 bytes [20:19 22/12/2009] [20:19 22/12/2009] 5354B442BD8DCB1B7541E31397E88FD6
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_72_231_CT2314472_Images_633837307552250000_png.png --a---- 1100 bytes [20:19 22/12/2009] [20:19 22/12/2009] 5EE649756200FC2AA722542239F92FAE
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_72_231_CT2314472_Images_633838102103900000_png.png --a---- 1039 bytes [20:19 22/12/2009] [20:19 22/12/2009] 3050388A851D3B33B5CD1656EB89AADA
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_72_231_CT2314472_Images_633838104893900000_png.png --a---- 399 bytes [20:19 22/12/2009] [20:19 22/12/2009] F81284CB9B5058C846C9D4ADEDBAB170
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_72_231_CT2314472_Images_633838142083556250_png.png --a---- 2267 bytes [20:19 22/12/2009] [20:19 22/12/2009] EC3B31D5CC06A803CBCE861C4B784325
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_72_231_CT2314472_Images_Email_xml-15-Classic-633807082094325000_gif.gif --a---- 633 bytes [20:19 22/12/2009] [20:19 22/12/2009] F457844316C703C5E814A1556FAC4E74
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_72_231_CT2314472_Images_Twitter_xml-0-Twitter-633807081916043750_gif.gif --a---- 585 bytes [20:19 22/12/2009] [20:19 22/12/2009] 83FF0FE407699FAF7F74DB7E9110DF6C
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_Dsilkset_controller_add_gif.gif --a---- 410 bytes [20:19 22/12/2009] [20:19 22/12/2009] 3D94DB8B460B71AD5A91F717ADDD8699
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_chevron_menu_gif.gif --a---- 884 bytes [23:39 28/02/2010] [23:39 28/02/2010] 872292DE9C3484F16BDA3A0900533398
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_display_gif.gif --a---- 399 bytes [23:39 28/02/2010] [23:39 28/02/2010] DA150617706FEF81A15865450314661F
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_equalizer_dead_gif.gif --a---- 334 bytes [23:39 28/02/2010] [23:39 28/02/2010] 499A6F58DCB20F3BB52395F9B9BD20C9
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_Equalizer_GIF.GIF --a---- 813 bytes [23:39 28/02/2010] [23:39 28/02/2010] 781FAF63B762875F2A35BDDEB01F0466
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_Error_GIF.GIF --a---- 418 bytes [23:39 28/02/2010] [23:39 28/02/2010] 4F6D53E0D533979C9ACE66EBD5DFEF1B
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_Loading_gif.gif --a---- 1035 bytes [23:39 28/02/2010] [23:39 28/02/2010] 8CEB45B28A48FD0DB3F9372CAAE79765
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_maxi_dn_gif.gif --a---- 370 bytes [23:39 28/02/2010] [23:39 28/02/2010] D744EA40C610DE7184249B4258EF146C
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_maxi_gif.gif --a---- 368 bytes [23:39 28/02/2010] [23:39 28/02/2010] A5EE5C967690ACA99E65E496397EE7D7
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_maxi_over_gif.gif --a---- 370 bytes [23:39 28/02/2010] [23:39 28/02/2010] CD0F0360C7A1D9B6E994F83FADC7B10F
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_minimize_dn_gif.gif --a---- 370 bytes [23:39 28/02/2010] [23:39 28/02/2010] DB33DE0D654DFBE8756DBF859AD9396B
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_minimize_gif.gif --a---- 366 bytes [23:39 28/02/2010] [23:39 28/02/2010] FE49A8D6C3900AC8AFD1E075E34B6F29
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_minimize_over_gif.gif --a---- 370 bytes [23:39 28/02/2010] [23:39 28/02/2010] C67A1A29D797F5DADB1638243B3F8945
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_pause_dn_gif.gif --a---- 644 bytes [23:39 28/02/2010] [23:39 28/02/2010] 0D2610E08E56487AF17B7B4059E2DB2F
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_pause_dn_mini_gif.gif --a---- 644 bytes [23:39 28/02/2010] [23:39 28/02/2010] 0D2610E08E56487AF17B7B4059E2DB2F
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_pause_gif.gif --a---- 1074 bytes [23:39 28/02/2010] [23:39 28/02/2010] 8606F2B2C935B1DD4B09CF7497FD1F7F
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_pause_mini_gif.gif --a---- 1074 bytes [23:39 28/02/2010] [23:39 28/02/2010] 8606F2B2C935B1DD4B09CF7497FD1F7F
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_pause_over_gif.gif --a---- 1077 bytes [23:39 28/02/2010] [23:39 28/02/2010] 956F0A5B2C4892BB1683910FBD6CC92B
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_pause_over_mini_gif.gif --a---- 1077 bytes [23:39 28/02/2010] [23:39 28/02/2010] 956F0A5B2C4892BB1683910FBD6CC92B
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_play_chevron_gif.gif --a---- 1007 bytes [23:39 28/02/2010] [23:39 28/02/2010] F9897266FC817421D83726AD3F4402FA
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_play_dn_gif.gif --a---- 644 bytes [23:39 28/02/2010] [23:39 28/02/2010] D93CF0E8E158C557A48A29410142BBEE
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_play_dn_mini_gif.gif --a---- 644 bytes [23:39 28/02/2010] [23:39 28/02/2010] D93CF0E8E158C557A48A29410142BBEE
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_play_gif.gif --a---- 1076 bytes [23:39 28/02/2010] [23:39 28/02/2010] 3CF9F136F15EDF91DC7A328653D40024
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_play_mini_gif.gif --a---- 1076 bytes [23:39 28/02/2010] [23:39 28/02/2010] 3CF9F136F15EDF91DC7A328653D40024
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_play_over_gif.gif --a---- 1077 bytes [23:39 28/02/2010] [23:39 28/02/2010] E97A2232F31A2514117C47BF7D8CE315
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_play_over_mini_gif.gif --a---- 1077 bytes [23:39 28/02/2010] [23:39 28/02/2010] E97A2232F31A2514117C47BF7D8CE315
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_slider_bg_gif.gif --a---- 261 bytes [23:39 28/02/2010] [23:39 28/02/2010] 342A6561EA8C99EF453A836D0DBC6964
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_slider_gif.gif --a---- 297 bytes [23:39 28/02/2010] [23:39 28/02/2010] 2929B7449737A19DF3B3EC743B6C23BF
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_stop_chevron_gif.gif --a---- 1001 bytes [23:39 28/02/2010] [23:39 28/02/2010] 7428C0515D708D7C3520CF78F85B74FE
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_stop_dn_gif.gif --a---- 673 bytes [23:39 28/02/2010] [23:39 28/02/2010] 9CF5B4F4C86825EF47642D61D85DCB41
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_stop_gif.gif --a---- 1106 bytes [23:39 28/02/2010] [23:39 28/02/2010] 527FF1AE7CFD8794164EE22E81982274
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_stop_over_gif.gif --a---- 1110 bytes [23:39 28/02/2010] [23:39 28/02/2010] 22C32D2F7EA347D7B9D6D1161C8468D5
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_vol_dn_gif.gif --a---- 1087 bytes [23:39 28/02/2010] [23:39 28/02/2010] E2CB9B173AC25A1F54DB77727C4E59EC
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_vol_gif.gif --a---- 1121 bytes [23:39 28/02/2010] [23:39 28/02/2010] 1AE5DA7ABE40EAB5FCB5D0911CBE2D44
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Mint_vol_over_gif.gif --a---- 1124 bytes [23:39 28/02/2010] [23:39 28/02/2010] 28ED9EE6825B3A656B992A528710EE12
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_ClientImages_radio_gif.gif --a---- 419 bytes [20:19 22/12/2009] [20:19 22/12/2009] 01B83C91554738F6AFFB7895BBBA73FB
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_ArcticQuest_gif.gif --a---- 1077 bytes [20:19 22/12/2009] [20:19 22/12/2009] FE6E5A8B0A9444786AE508147C93B8A4
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_AtlantisQuest_gif.gif --a---- 619 bytes [20:19 22/12/2009] [20:19 22/12/2009] CED90C973D01D3D581A1F658B263E41E
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_Backgammon_gif.gif --a---- 1031 bytes [20:19 22/12/2009] [20:19 22/12/2009] 3784449EBC06BA246D3EEF9019D401EC
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_BistroStars_gif.gif --a---- 610 bytes [20:19 22/12/2009] [20:19 22/12/2009] 816E1F5B333A1B2064999214296D2BD5
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_Checkers_gif.gif --a---- 969 bytes [20:19 22/12/2009] [20:19 22/12/2009] 47F42E2411A7E9D76B8F66BB40604FA2
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_Chess_gif.gif --a---- 985 bytes [20:19 22/12/2009] [20:19 22/12/2009] 63125AFB782F81FAECCA4B28F86B72AB
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_Clash_N_Slash_gif.gif --a---- 586 bytes [20:19 22/12/2009] [20:19 22/12/2009] 5CEA9F1083981E0F3D35223F0D5610E8
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_Connect4_gif.gif --a---- 1022 bytes [20:19 22/12/2009] [20:19 22/12/2009] BE7DB18620AA6DB7973AB1654FC09FC4
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_Darts_gif.gif --a---- 1005 bytes [20:19 22/12/2009] [20:19 22/12/2009] 320F9664B0B5F3C216CC26AF50DD46DE
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_FinalFortress_gif.gif --a---- 589 bytes [20:19 22/12/2009] [20:19 22/12/2009] C0098518021F9B797FE38A50C94D4587
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_FlowerQuest_gif.gif --a---- 1081 bytes [20:19 22/12/2009] [20:19 22/12/2009] 2AAE23CCCAEFA8D1A1830DA6E24E841C
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_Go_gif.gif --a---- 997 bytes [20:19 22/12/2009] [20:19 22/12/2009] 48455300FF81F80324231AD962C9241A
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_HiddenExpedition_gif.gif --a---- 1046 bytes [20:19 22/12/2009] [20:19 22/12/2009] 414F9D82D26CE56585D367CE3B75E786
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_MahjonggArtifacts2_gif.gif --a---- 1088 bytes [20:19 22/12/2009] [20:19 22/12/2009] 46F10BACB1357BD0D3474A33854D838C
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_Marbles_gif.gif --a---- 1000 bytes [20:19 22/12/2009] [20:19 22/12/2009] 7854D45C7EAA4977D51A1BC5CE2C4CFC
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_Match4_gif.gif --a---- 1026 bytes [20:19 22/12/2009] [20:19 22/12/2009] DDFA780E11491440D96FB557CD43BBAB
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_Poker_gif.gif --a---- 992 bytes [20:19 22/12/2009] [20:19 22/12/2009] F50F12BA2C6203FF5D4EBA4275BEE11C
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_Pool_gif.gif --a---- 1024 bytes [20:19 22/12/2009] [20:19 22/12/2009] FD7B80B70EDB98954F9F11B94C32C7E2
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_PuzzleWarArt_gif.gif --a---- 1027 bytes [20:19 22/12/2009] [20:19 22/12/2009] AF6FFF4BB362A895BFFB630EDE04226D
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_PuzzleWarFood_gif.gif --a---- 1013 bytes [20:19 22/12/2009] [20:19 22/12/2009] 2F04B84B2E8F5B34D4D4B53AE7DE18FE
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_PuzzleWarWorldTravel_gif.gif --a---- 1035 bytes [20:19 22/12/2009] [20:19 22/12/2009] 59CF82454D2B698CE0E08ECE36BECE05
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_Puzzle_Wat_Animals_gif.gif --a---- 998 bytes [20:19 22/12/2009] [20:19 22/12/2009] F4A6659C093A6CF4E2359469EB6A923F
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_PyramidRunner_gif.gif --a---- 431 bytes [20:19 22/12/2009] [20:19 22/12/2009] D1457BB4130E42B6A8734F0D6C36BDBE
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_Reversi_gif.gif --a---- 1009 bytes [20:19 22/12/2009] [20:19 22/12/2009] 3282C3698B729DD4D6111B1411E6BBF8
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_RiseofAtlantis_gif.gif --a---- 1090 bytes [20:19 22/12/2009] [20:19 22/12/2009] 92E82CFE67DD8266F90681ACB82F1576
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_SheepMe_gif.gif --a---- 1008 bytes [20:19 22/12/2009] [20:19 22/12/2009] 11E9841A2C2470AE234FB85F7F3385ED
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_Simon_gif.gif --a---- 1023 bytes [20:19 22/12/2009] [20:19 22/12/2009] A106006D81ECEBB288CBDDE241705229
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_SnowyBearsAdventures_gif.gif --a---- 1064 bytes [20:19 22/12/2009] [20:19 22/12/2009] 1CAB9AED1E3A6D0AEF3A419DD0EEE137
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_SnowyTreasureHunter_gif.gif --a---- 678 bytes [20:19 22/12/2009] [20:19 22/12/2009] 3A1CB22D90146FF71C3D2ED9DAC3682F
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_Sudoku_gif.gif --a---- 1000 bytes [20:19 22/12/2009] [20:19 22/12/2009] 0291D57D31C445545661E08C7D1D6AA5
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_icons_gamesicons_TicTacToe_gif.gif --a---- 988 bytes [20:19 22/12/2009] [20:19 22/12/2009] E86BDAB48EFA93D6273D18E3D0DA79E7
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_main_menu_about_gif.gif --a---- 403 bytes [20:19 22/12/2009] [20:19 22/12/2009] EC3C2B4E0DEC4D880BAFF88ABBF94188
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_main_menu_clear_history_gif.gif --a---- 414 bytes [20:19 22/12/2009] [20:19 22/12/2009] A9E001CBC00B06B121DFBC80707F5298
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_main_menu_contact_gif.gif --a---- 278 bytes [20:19 22/12/2009] [20:19 22/12/2009] 15DEF39E438E807E2F0E22D44FDC7FB7
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_main_menu_help_gif.gif --a---- 405 bytes [20:19 22/12/2009] [20:19 22/12/2009] 995595D4C685D659E8F03CD0A287EDDF
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_main_menu_home_page_gif.gif --a---- 405 bytes [20:19 22/12/2009] [20:19 22/12/2009] AA39D8A6B65E208901EBA9F3D4728D3E
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_main_menu_options_gif.gif --a---- 361 bytes [20:19 22/12/2009] [20:19 22/12/2009] 464E244E7E2F27FB85E0C3AB69D72104
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_main_menu_privacy_gif.gif --a---- 425 bytes [20:19 22/12/2009] [20:19 22/12/2009] 6427565C7105DC497287866100F260BB
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_main_menu_refresh_gif.gif --a---- 381 bytes [20:19 22/12/2009] [20:19 22/12/2009] AE7C9F67594A84B096D225601ACB0B2A
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_main_menu_shrink_gif.gif --a---- 351 bytes [20:19 22/12/2009] [20:19 22/12/2009] C3EBA0237D68F665AF6D663906221092
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_main_menu_tell_a_friend_gif.gif --a---- 392 bytes [20:19 22/12/2009] [20:19 22/12/2009] 5E7217A3357550F9749A095631F51015
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_main_menu_upgrade_gif.gif --a---- 399 bytes [20:19 22/12/2009] [20:19 22/12/2009] 8BE02D510B4B2E05AD2611B1E9A0BD56
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_SearchEngines_ebay_search_gif.gif --a---- 216 bytes [20:19 22/12/2009] [20:19 22/12/2009] 44A5718F3E1C5785F969C82B2C1D0904
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_searchengines_health_gif.gif --a---- 372 bytes [20:19 22/12/2009] [20:19 22/12/2009] 4B086075B87D06755126595A3453FA72
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_SearchEngines_images_search_gif.gif --a---- 405 bytes [20:19 22/12/2009] [20:19 22/12/2009] 66018EAE0906C9831A821CAE5D1089BB
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_SearchEngines_news_icon_gif.gif --a---- 371 bytes [20:19 22/12/2009] [20:19 22/12/2009] 84896837EDB1A78C14DB6A2F3A0AEE3A
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_searchengines_search_icon_gif.gif --a---- 322 bytes [20:19 22/12/2009] [20:19 22/12/2009] 948781E4B6478290050ECA4423B89B1E
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_SearchEngines_shopping_search_gif.gif --a---- 381 bytes [20:19 22/12/2009] [20:19 22/12/2009] 9AC6288F268598A1A29B2295CEBC7C3D
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_SearchEngines_site_search_gif.gif --a---- 625 bytes [20:19 22/12/2009] [20:19 22/12/2009] C23D4DB18B6BB4F38ECBA57AD414A5CF
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_searchengines_softonic_gif.gif --a---- 606 bytes [20:19 22/12/2009] [20:19 22/12/2009] 2A1D4FB45F62D3D260F2134228FAB05E
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_SearchEngines_stocks_search_gif.gif --a---- 379 bytes [20:19 22/12/2009] [20:19 22/12/2009] E751DC438525AA8470E7C019812F1B6E
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___storage_conduit_com_images_SearchEngines_weather_icon_gif.gif --a---- 165 bytes [20:19 22/12/2009] [20:19 22/12/2009] 04E3A42E439747474D80EC47A083B76D
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___weather_conduit_com_images_weather_Default_cloudy_big_gif.gif --a---- 1291 bytes [20:21 22/12/2009] [20:21 22/12/2009] DB3F036DE315E6DFF75A1AF0FF2A3F5A
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___weather_conduit_com_images_weather_Default_cloudy_gif.gif --a---- 406 bytes [20:19 22/12/2009] [20:19 22/12/2009] 61A76264B50BF0E425D6BD7DB73F40B4
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___weather_conduit_com_images_weather_Default_mostly_cloudy_big_gif.gif --a---- 1381 bytes [20:21 22/12/2009] [20:21 22/12/2009] 8940FC5BE1DA9C384EE459F6E378E8F2
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___weather_conduit_com_images_weather_Default_partly_cloudy_big_gif.gif --a---- 1318 bytes [20:21 22/12/2009] [20:21 22/12/2009] E68D03F681101CF6A643FE70B2B7021F
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___weather_conduit_com_images_weather_Default_partly_cloudy_night_gif.gif --a---- 212 bytes [01:11 21/03/2010] [01:11 21/03/2010] 88CD5B8D6F007347115A8A602E5D158B
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___weather_conduit_com_images_weather_Default_snow_big_gif.gif --a---- 859 bytes [20:21 22/12/2009] [20:21 22/12/2009] 51A9CFF8DCAD7FA9B49AC2A175382B1F
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___weather_conduit_com_images_weather_Default_snow_shower_big_gif.gif --a---- 1134 bytes [20:21 22/12/2009] [20:21 22/12/2009] EF114DC39BF8865ADCF891F44536503B
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___weather_conduit_com_images_weather_Default_sunny_big_gif.gif --a---- 1423 bytes [20:21 22/12/2009] [20:21 22/12/2009] EC789DFB1FA2BEC3C4BB90E726CA76E1
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___weather_conduit_com_images_weather_Default_sunny_gif.gif --a---- 259 bytes [20:21 22/12/2009] [20:21 22/12/2009] 110EC9BCA8470D6488B626EA28914A6C
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons\http___weather_conduit_com_images_weather_Default_sunny_night_gif.gif --a---- 204 bytes [23:39 28/02/2010] [23:39 28/02/2010] 5EBD213E8A460652C883CBF68C152B5B
C:\Users\AppData\LocalLow\TheFreeDictionarycom\RadioPlayer\Skins\http___storage_conduit_com_BankImages_RadioSkins_Mint_display_xml.xml --a---- 4982 bytes [00:12 01/03/2010] [01:28 21/03/2010] 19AEC060D948EA98A8ADD06C16811CFF

========== folderfind ==========

Searching for "*Babylon*"
No folders found.

Searching for "*DSite*"
No folders found.

Searching for "*OpenCandy*"
No folders found.

Searching for "*pdfforge*"
No folders found.

Searching for "*bProtector*"
No folders found.

Searching for "*Conduit*"
C:\Users\AppData\LocalLow\Conduit d------ [04:05 26/01/2009]

========== regfind ==========

Searching for "Babylon"
No data found.

Searching for "DSite"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D00D8A1-CDBD-4DD8-AE10-3DCA5B10D0A2}]
@="SOHMrsCDSItem Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D00D8A1-CDBD-4DD8-AE10-3DCA5B10D0A2}\ProgID]
@="SOHObj.SOHMrsCDSItem.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D00D8A1-CDBD-4DD8-AE10-3DCA5B10D0A2}\VersionIndependentProgID]
@="SOHObj.SOHMrsCDSItem"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A}]
@="IE Shell Rebar BandSite"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ECD4FC4D-521C-11D0-B792-00A0C90312E1}]
@="Shell Rebar BandSite"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{12ECDD06-24CB-49CF-BFC2-99F0CFBC1EBE}]
@="ISOHMrsCDSItem"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4CF504B0-DE96-11D0-8B3F-00A0C911E8E5}]
@="IBandSite"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOHObj.SOHMrsCDSItem]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOHObj.SOHMrsCDSItem]
@="SOHMrsCDSItem Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOHObj.SOHMrsCDSItem\CurVer]
@="SOHObj.SOHMrsCDSItem.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOHObj.SOHMrsCDSItem.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOHObj.SOHMrsCDSItem.1]
@="SOHMrsCDSItem Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\BrowserEmulation]
"UnattendSites"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\UnattendBackup\AllowedSites]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\UnattendBackup\AllowedSites]
"AllowedSites"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\UnattendBackup\SuggestedSitesEnabled]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\UnattendBackup\TrustedSites]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\UnattendBackup\TrustedSites]
"TrustedSites"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Unattend]
"TrustedSites"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A}"="IE Shell Rebar BandSite"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"

Searching for "OpenCandy"
No data found.

Searching for "pdfforge"
No data found.

Searching for "bProtector"
No data found.

Searching for "Conduit"
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\WhiteSmoke_New\uninstall.exe"="Conduit Toolbar Uninstall"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C28CD2F-1232-4A14-A3FC-CD44E1772CE6}]
@="Conduit API Server"
[HKEY_USERS\S-1-5-21-4265550052-2847090512-4221517141-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\WhiteSmoke_New\uninstall.exe"="Conduit Toolbar Uninstall"
[HKEY_USERS\S-1-5-21-4265550052-2847090512-4221517141-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\WhiteSmoke_New\uninstall.exe"="Conduit Toolbar Uninstall"

-= EOF =-
  • 0

#48
Monvishi

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts
FRST Log:


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-01-2014
Ran by Fry's Electronics (administrator) on MONVISHI on 21-01-2014 07:40:51
Running from C:\Users\Fry's Electronics\Desktop
Windows Vista ™ Home Premium Service Pack 2 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Realtek Semiconductor) C:\Windows\RTKAUDIOSERVICE.EXE
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
(Malwarebytes Corporation) C:\SW\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\SW\Malwarebytes' Anti-Malware\mbamservice.exe
(Motive Communications, Inc.) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
(Malwarebytes Corporation) C:\SW\Malwarebytes' Anti-Malware\mbamgui.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Electronics, Inc.) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESGfxMgr.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Fry's Electronics\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Sony Electronics, Inc.) C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Windows\RAVCpl64.exe [6407200 2008-07-11] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2008-07-11] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Trend Micro Titanium] - C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe [1304296 2012-12-18] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Client Framework] - C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [213824 2012-02-27] (Trend Micro Inc.)
HKLM-x32\...\Run: [VAIORegistration] - C:\Program Files\Sony\First Experience\WelcomeLauncher.exe [16384 2008-06-26] (Sony Electronics, Inc.)
HKLM-x32\...\Run: [VWLASU] - C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe [24576 2008-05-20] (Sony Electronics, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-09] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [Monitor] - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [106496 2013-11-27] (LeapFrog Enterprises, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\VESWinlogon-x32: VESWinlogon.dll [X]
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKCU\...\Run: [Facebook Update] - C:\Users\Fry's Electronics\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKCU\...\Run: [TomTomHOME.exe] - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [247768 2012-06-21] (TomTom)
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-03-15] (Google Inc.)
HKCU\...\Run: [FileHippo.com] - C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKCU\...\Run: [Google Update] - C:\Users\Fry's Electronics\AppData\Local\Google\Update\GoogleUpdate.exe [133104 2009-01-17] (Google Inc.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
HKCU\...\Run: [Google+ Auto Backup] - C:\Program Files (x86)\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3619096 2014-01-06] (Google Inc.)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
Startup: C:\Users\Fry's Electronics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Fry's Electronics\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Fry's Electronics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - %SystemRoot%\system32\wpdshserviceobj.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe64.dll (Trend Micro Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll (Trend Micro Inc.)
BHO-x32: TSToolbarBHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - No File
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Filter: application/x-microsoft-rpmsg-message - {DFF82902-0B96-3B98-6F62-D655E146A23A} - No File
Filter-x32: application/x-microsoft-rpmsg-message - {DFF82902-0B96-3B98-6F62-D655E146A23A} - No File
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{60978BA2-A574-416B-A2A2-FEEDA5DC83C9}: [NameServer]8.8.8.8

Chrome:
=======
CHR HomePage: hxxp://search.conduit.com/?CUI=UN21052501181863512&ctid=CT3289847&SearchSource=48
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\Fry's Electronics\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Fry's Electronics\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Fry's Electronics\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Trend Micro Titanium) - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll (Trend Micro Inc.)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Fry's Electronics\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Facebook Plugin) - C:\Users\Fry's Electronics\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll ( )
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\Fry's Electronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-01-01]
CHR Extension: (Google Search) - C:\Users\Fry's Electronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-01-01]
CHR Extension: (Google Wallet) - C:\Users\Fry's Electronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Fry's Electronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-01-01]
CHR StartMenuInternet: Google Chrome - C:\Users\Fry's Electronics\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 MBAMScheduler; C:\SW\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\SW\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [303104 2008-09-19] (Motive Communications, Inc.)
S3 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [53248 2008-05-20] (Sony Corporation)
S3 OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [7982368 2013-04-17] (Trend Micro Inc.)
S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [53248 2008-05-20] (Sony Corporation)
R2 RtkAudioService; C:\Windows\RtkAudioService.exe [133120 2008-07-11] (Realtek Semiconductor)
S3 SOHCImp; C:\Program Files (x86)\Sony\VAIO Media plus\SOHCImp.exe [103712 2008-05-20] (Sony Corporation)
S3 SOHDms; C:\Program Files (x86)\Sony\VAIO Media plus\SOHDms.exe [353568 2008-05-20] (Sony Corporation)
S3 SOHDs; C:\Program Files (x86)\Sony\VAIO Media plus\SOHDs.exe [62752 2008-05-20] (Sony Corporation)
S3 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [77824 2008-05-20] (Sony Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe [104960 2008-03-25] (ArcSoft, Inc.)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2008-05-22] (Sony Corporation)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [415744 2008-06-20] (Sony Corporation)
R3 Vcsw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [279848 2008-06-19] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2008-05-22] (Sony Corporation)
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad [x]

==================== Drivers (Whitelisted) ====================

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19456 2008-01-30] (ArcSoft, Inc.)
S1 Beep; No ImagePath
S1 DMICall; C:\Windows\SysWOW64\DRIVERS\DMICall.sys [10216 2008-07-11] (Sony Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2008-09-19] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MREMPR5; C:\Program Files (x86)\Common Files\Motive\MREMPR5.sys [19345 2004-11-22] (Motive, Inc.)
S3 MRENDIS5; C:\Program Files (x86)\Common Files\Motive\MRENDIS5.sys [18003 2004-11-22] (Motive, Inc.)
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2008-09-19] (Printing Communications Assoc., Inc. (PCAUSA))
R2 risdptsk; C:\Windows\System32\DRIVERS\risdsn64.sys [64512 2008-07-17] (REDC)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-02-21] (Anchorfree Inc.)
R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [107048 2012-09-24] (Trend Micro Inc.)
R1 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [173504 2012-09-24] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [77184 2012-09-24] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105744 2011-08-02] (Trend Micro Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-20] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 MREMP50a64; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50a64.SYS [x]
S3 MRESP50a64; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50a64.SYS [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S2 regi; \??\C:\Windows\system32\drivers\regi.sys [x]
S3 wanatw; system32\DRIVERS\wanatw64.sys [x]
S3 WPRO_40_1340; system32\drivers\WPRO_40_1340.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-21 07:40 - 2014-01-21 07:41 - 00021719 _____ C:\Users\Fry's Electronics\Desktop\FRST.txt
2014-01-21 07:40 - 2014-01-21 07:40 - 00000000 ____D C:\FRST
2014-01-21 07:39 - 2014-01-21 07:39 - 02077184 _____ (Farbar) C:\Users\Fry's Electronics\Desktop\FRST64.exe
2014-01-21 07:07 - 2014-01-21 07:09 - 00000000 ____D C:\AdwCleaner
2014-01-20 19:25 - 2014-01-20 20:26 - 00000000 ____D C:\Users\Fry's Electronics\Desktop\Aashi poster
2014-01-20 15:35 - 2014-01-20 15:35 - 00000444 _____ C:\files.txt
2014-01-20 15:35 - 2014-01-20 15:18 - 00024064 _____ C:\Windows\zoek-delete.exe
2014-01-20 15:19 - 2014-01-20 15:39 - 00035841 _____ C:\zoek-results.log
2014-01-20 15:18 - 2014-01-20 15:30 - 00000000 ____D C:\zoek_backup
2014-01-20 14:48 - 2014-01-20 14:48 - 00000000 ____D C:\_OTL
2014-01-18 22:24 - 2014-01-18 22:24 - 00000000 ____D C:\Users\Fry's Electronics\AppData\Roaming\WinRAR
2014-01-18 22:23 - 2014-01-18 22:23 - 00000000 ____D C:\Users\Fry's Electronics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-18 22:23 - 2014-01-18 22:23 - 00000000 ____D C:\Program Files (x86)\WinRAR
2014-01-18 21:18 - 2014-01-18 21:18 - 00000000 ____D C:\Windows\ERUNT
2014-01-17 15:34 - 2014-01-20 15:35 - 00000000 ____D C:\Program Files (x86)\HiJackThis
2014-01-14 09:06 - 2014-01-14 09:06 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2014-01-08 14:01 - 2014-01-08 14:01 - 00305664 _____ C:\Users\Fry's Electronics\Downloads\CAP_005.AVI
2014-01-08 14:00 - 2014-01-08 14:00 - 00201728 _____ C:\Users\Fry's Electronics\Downloads\CAP_003.AVI
2014-01-08 13:56 - 2014-01-20 12:19 - 00000000 ____D C:\Users\Fry's Electronics\Desktop\India trip 2013
2014-01-06 12:23 - 2014-01-06 12:23 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
2014-01-05 09:53 - 2014-01-05 09:53 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan
2014-01-05 09:39 - 2014-01-05 09:39 - 00000000 ____D C:\Program Files\DIFX
2014-01-05 09:37 - 2014-01-05 09:39 - 00000000 ____D C:\Program Files (x86)\LeapFrog
2014-01-05 09:37 - 2014-01-05 09:37 - 00000000 ____D C:\ProgramData\Leapfrog
2014-01-02 11:50 - 2014-01-02 11:50 - 00458096 _____ C:\Windows\dd_vcredistMSI2A94.txt
2014-01-02 11:50 - 2014-01-02 11:50 - 00012720 _____ C:\Windows\dd_vcredistUI2A94.txt

==================== One Month Modified Files and Folders =======

2014-01-21 07:41 - 2014-01-21 07:40 - 00021719 _____ C:\Users\Fry's Electronics\Desktop\FRST.txt
2014-01-21 07:40 - 2014-01-21 07:40 - 00000000 ____D C:\FRST
2014-01-21 07:40 - 2013-07-19 20:10 - 00000000 ____D C:\Users\Fry's Electronics\Desktop\Geekstogo
2014-01-21 07:39 - 2014-01-21 07:39 - 02077184 _____ (Farbar) C:\Users\Fry's Electronics\Desktop\FRST64.exe
2014-01-21 07:15 - 2008-11-11 17:20 - 01272575 _____ C:\Windows\WindowsUpdate.log
2014-01-21 07:13 - 2012-04-09 17:54 - 00000000 ___RD C:\Users\Fry's Electronics\Dropbox
2014-01-21 07:13 - 2012-04-09 17:52 - 00000000 ____D C:\Users\Fry's Electronics\AppData\Roaming\Dropbox
2014-01-21 07:10 - 2012-03-15 15:04 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-21 07:10 - 2006-11-02 08:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-21 07:10 - 2006-11-02 08:22 - 00004016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-21 07:10 - 2006-11-02 08:22 - 00004016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-21 07:09 - 2014-01-21 07:07 - 00000000 ____D C:\AdwCleaner
2014-01-21 07:09 - 2008-08-14 13:05 - 00000012 _____ C:\Windows\bthservsdp.dat
2014-01-21 07:09 - 2006-11-02 08:42 - 00032642 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-21 07:07 - 2012-03-15 15:04 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-21 07:04 - 2012-04-03 08:22 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-21 07:04 - 2012-03-28 20:12 - 00000976 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4265550052-2847090512-4221517141-1000UA.job
2014-01-21 07:04 - 2009-06-30 07:31 - 00000956 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265550052-2847090512-4221517141-1000UA.job
2014-01-20 20:31 - 2006-11-02 05:46 - 00723104 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-20 20:26 - 2014-01-20 19:25 - 00000000 ____D C:\Users\Fry's Electronics\Desktop\Aashi poster
2014-01-20 15:39 - 2014-01-20 15:19 - 00035841 _____ C:\zoek-results.log
2014-01-20 15:36 - 2008-01-20 20:26 - 01983374 _____ C:\Windows\PFRO.log
2014-01-20 15:35 - 2014-01-20 15:35 - 00000444 _____ C:\files.txt
2014-01-20 15:35 - 2014-01-17 15:34 - 00000000 ____D C:\Program Files (x86)\HiJackThis
2014-01-20 15:30 - 2014-01-20 15:18 - 00000000 ____D C:\zoek_backup
2014-01-20 15:18 - 2014-01-20 15:35 - 00024064 _____ C:\Windows\zoek-delete.exe
2014-01-20 14:48 - 2014-01-20 14:48 - 00000000 ____D C:\_OTL
2014-01-20 12:19 - 2014-01-08 13:56 - 00000000 ____D C:\Users\Fry's Electronics\Desktop\India trip 2013
2014-01-20 12:19 - 2010-02-26 13:08 - 00000000 ____D C:\Users\Fry's Electronics\AppData\Local\CrashDumps
2014-01-20 11:53 - 2009-06-30 07:31 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265550052-2847090512-4221517141-1000Core.job
2014-01-20 11:46 - 2012-03-28 20:12 - 00000954 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4265550052-2847090512-4221517141-1000Core.job
2014-01-19 21:12 - 2010-01-26 09:32 - 00000000 ___RD C:\SW
2014-01-19 21:07 - 2009-12-19 07:42 - 00000000 ____D C:\Users\Fry's Electronics\AppData\Roaming\Mozilla
2014-01-19 15:50 - 2009-01-18 22:08 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-18 22:39 - 2010-12-24 16:22 - 00000000 ____D C:\Users\Fry's Electronics\AppData\Roaming\vlc
2014-01-18 22:24 - 2014-01-18 22:24 - 00000000 ____D C:\Users\Fry's Electronics\AppData\Roaming\WinRAR
2014-01-18 22:23 - 2014-01-18 22:23 - 00000000 ____D C:\Users\Fry's Electronics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-18 22:23 - 2014-01-18 22:23 - 00000000 ____D C:\Program Files (x86)\WinRAR
2014-01-18 21:18 - 2014-01-18 21:18 - 00000000 ____D C:\Windows\ERUNT
2014-01-18 20:20 - 2008-11-11 17:26 - 00000000 ____D C:\Users\Fry's Electronics
2014-01-18 13:15 - 2013-07-24 13:20 - 00000000 ____D C:\ProgramData\COMODO
2014-01-18 11:49 - 2013-07-24 13:18 - 00000000 ____D C:\Program Files (x86)\Comodo
2014-01-18 11:17 - 2008-11-11 17:26 - 00000000 ___RD C:\Users\Fry's Electronics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-18 11:16 - 2012-04-09 17:52 - 00000000 ____D C:\Users\Fry's Electronics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-14 09:06 - 2014-01-14 09:06 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2014-01-13 23:45 - 2008-09-06 20:15 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-13 13:15 - 2012-03-28 20:12 - 00000000 ____D C:\Users\Fry's Electronics\AppData\Local\Facebook
2014-01-09 11:45 - 2008-11-13 14:10 - 00027648 _____ C:\Users\Fry's Electronics\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-08 14:11 - 2009-01-17 18:19 - 00000000 ____D C:\Users\Fry's Electronics\AppData\Local\Google
2014-01-08 14:01 - 2014-01-08 14:01 - 00305664 _____ C:\Users\Fry's Electronics\Downloads\CAP_005.AVI
2014-01-08 14:00 - 2014-01-08 14:00 - 00201728 _____ C:\Users\Fry's Electronics\Downloads\CAP_003.AVI
2014-01-06 12:23 - 2014-01-06 12:23 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
2014-01-05 09:53 - 2014-01-05 09:53 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan
2014-01-05 09:53 - 2012-04-03 08:22 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-05 09:53 - 2012-04-03 08:22 - 00003682 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-05 09:53 - 2011-06-01 06:55 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-05 09:53 - 2009-01-19 17:38 - 00000000 ____D C:\Users\Fry's Electronics\AppData\Local\Adobe
2014-01-05 09:39 - 2014-01-05 09:39 - 00000000 ____D C:\Program Files\DIFX
2014-01-05 09:39 - 2014-01-05 09:37 - 00000000 ____D C:\Program Files (x86)\LeapFrog
2014-01-05 09:39 - 2008-08-14 14:00 - 00036740 _____ C:\Windows\DPINST.LOG
2014-01-05 09:37 - 2014-01-05 09:37 - 00000000 ____D C:\ProgramData\Leapfrog
2014-01-02 12:02 - 2012-03-15 15:04 - 00003916 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-02 12:02 - 2012-03-15 15:04 - 00003664 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-02 11:50 - 2014-01-02 11:50 - 00458096 _____ C:\Windows\dd_vcredistMSI2A94.txt
2014-01-02 11:50 - 2014-01-02 11:50 - 00012720 _____ C:\Windows\dd_vcredistUI2A94.txt
2014-01-02 11:48 - 2009-06-30 07:31 - 00003954 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4265550052-2847090512-4221517141-1000UA
2014-01-02 11:48 - 2009-06-30 07:31 - 00003558 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4265550052-2847090512-4221517141-1000Core

Some content of TEMP:
====================
C:\Users\Fry's Electronics\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-21 07:18

==================== End Of Log ============================
  • 0

#49
Monvishi

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts
FRST Addition Log:


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-01-2014
Ran by Fry's Electronics at 2014-01-21 07:41:18
Running from C:\Users\Fry's Electronics\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Trend Micro Titanium Maximum Security 2012 (Disabled - Out of date) {B7599298-8445-728A-A5C7-A26A082C8BDA}
AS: Trend Micro Titanium Maximum Security 2012 (Disabled - Out of date) {0C38737C-A27F-7D04-9F77-991873ABC167}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (x32 Version: - Microsoft)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acrobat.com (x32 Version: 1.1.377 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.6 - Adobe Systems Incorporated)
Adobe Reader X (10.1.6) (x32 Version: 10.1.6 - Adobe Systems Incorporated)
Apple Application Support (x32 Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects (x32 Version: - ArcSoft)
ArcSoft WebCam Companion 2 (x32 Version: - ArcSoft)
ATT-HSI (x32 Version: - )
AVS Update Manager 1.0 (x32 Version: - Online Media Technologies Ltd.)
AVS Video Converter 7 (x32 Version: - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (x32 Version: - Online Media Technologies Ltd.)
Bing Maps 3D (Version: 4.0.903.16005 - Microsoft Corporation)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Click to Disc (x32 Version: 1.2.00.06190 - Sony Corporation) Hidden
Click to Disc Editor (x32 Version: 1.2.00 - Sony Corporation)
Click to Disc Editor (x32 Version: 1.2.00 - Sony Corporation) Hidden
Compatibility Pack for the 2007 Office system (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Copy (x32 Version: 130.0.366.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DJ_AIO_05_F4400_Software_Min (x32 Version: 130.0.448.000 - Hewlett-Packard) Hidden
Dolby Control Center (Version: 1.2.0702 - Dolby)
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
Express Burn (x32 Version: - NCH Software)
F4400 (x32 Version: 130.0.448.000 - Hewlett-Packard) Hidden
Facebook Plug-In (HKCU Version: - Facebook, Inc.)
Facebook Video Calling 2.0.0.447 (x32 Version: 2.0.447 - Skype Limited)
FileHippo.com Update Checker (x32 Version: - )
Free Audio CD Burner version 1.3 (x32 Version: - DVDVideoSoft Limited.)
Free DVD Decrypter version 1.5 (x32 Version: - DVDVideoSoft Limited.)
Free Studio version 4.3 (x32 Version: - DVDVideoSoft Limited.)
Free YouTube Download 2.9 (x32 Version: - DVDVideoSoft Limited.)
Google Chrome (x32 Version: 32.0.1700.76 - Google Inc.)
Google Talk Plugin (x32 Version: 5.1.2.17113 - Google)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Google+ Auto Backup (x32 Version: 1.0.21.81 - Google)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (Version: 13.0 - HP)
HP Deskjet F4400 Printer Driver Software 13.0 Rel .5 (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (Version: 13.0 - HP)
HP Print Projects 1.0 (Version: 1.0 - HP)
HP Smart Web Printing 4.5 (Version: 4.5 - HP)
HP Solution Center 13.0 (Version: 13.0 - HP)
HP Update (x32 Version: 5.005.000.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
iCloud (Version: 2.1.2.8 - Apple Inc.)
Intel® Graphics Media Accelerator Driver (Version: - )
Intel® Management Engine Interface (Version: - Intel Corporation)
iTunes (Version: 11.0.2.26 - Apple Inc.)
Java 7 Update 9 (x32 Version: 7.0.90 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 20 (x32 Version: 6.0.200 - Sun Microsystems, Inc.)
Java™ SE Runtime Environment 6 (x32 Version: 1.6.0.0 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LeapFrog Connect (x32 Version: 5.2.4.18506 - LeapFrog)
LeapFrog Connect (x32 Version: 5.2.4.18506 - LeapFrog) Hidden
LeapFrog Leapster Explorer Plugin (x32 Version: 5.2.1.18456 - LeapFrog) Hidden
Magic DVD Ripper V5.5.1 (x32 Version: - Magic DVD Software, Inc.)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Easy Assist v2 (x32 Version: 8.1.6416.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.3 (x32 Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft Office Live Meeting 2007 (x32 Version: 8.0.6362.202 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (x32 Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (x32 Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (x32 Version: 4.1.10111.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (x32 Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (x32 Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (x32 Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (x32 Version: 9.7.0621 - Microsoft Corporation)
MKV File Player (x32 Version: - mkvfileplayer.com)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB936181) (x32 Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (x32 Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (x32 Version: 4.20.9818.0 - Microsoft Corporation)
Music Transfer (x32 Version: 1.2.00.17290 - Sony Corporation)
MyTomTom 3.2.0.700 (x32 Version: 3.2.0.700 - TomTom)
OpenMG Secure Module 5.1.00 (x32 Version: 5.1.00.05200 - Sony Corporation)
OpenMG Secure Module 5.1.00 (x32 Version: 5.1.00.05200 - Sony Corporation) Hidden
Picasa 3 (x32 Version: 3.9 - Google, Inc.)
Primo (x32 Version: 1.00.0000 - Your Company Name) Hidden
QuickTime (x32 Version: 7.73.80.64 - Apple Inc.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5648 - Realtek Semiconductor Corp.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Setting Utility Series (x32 Version: 4.1.00.07300 - Sony Corporation)
Shop for HP Supplies (Version: 13.0 - HP)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SmartWi Connection Utility (x32 Version: 4.4.0.20080627.1647 - Sony Corporation)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sony Picture Utility (x32 Version: 3.2.02.06170 - Sony Corporation)
Sony Video Shared Library (x32 Version: 3.4.00 - Sony Corporation)
Spelling Dictionaries Support For Adobe Reader 9 (x32 Version: 9.0.0 - Adobe Systems Incorporated)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SupportSoft Assisted Service (x32 Version: 15 - SupportSoft)
TeamViewer 8 (x32 Version: 8.0.19617 - TeamViewer)
TomTom HOME (x32 Version: 2.9.0 - TomTom)
TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2 - TomTom International B.V.)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Trend Micro SafeSync (Version: 5.1.0.1442 - Trend Micro)
Trend Micro Titanium (Version: 5.00 - Trend Micro Inc.) Hidden
Trend Micro Titanium Maximum Security 2012 (Version: 5.4 - Trend Micro Inc.)
TuneUp Companion 2.4.8.5 (x32 Version: 2.4.8.5 - TuneUp Media, Inc.)
Update for 2007 Microsoft Office System (KB967642) (x32 Version: - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (x32 Version: - Microsoft)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB957246) (x32 Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (x32 Version: - Microsoft)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster Explorer Plugin) (x32 Version: - LeapFrog)
VAIO Care (x32 Version: 1.00.0813 - Sony)
VAIO Content Folder Setting (x32 Version: 2.0.00.17290 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (x32 Version: 3.2.00.06115 - Sony Corporation) Hidden
VAIO Content Metadata Manager Setting (x32 Version: 3.2.00.06062 - Sony Corporation) Hidden
VAIO Content Metadata XML Interface Library (x32 Version: 3.2.00.06112 - Sony Corporation) Hidden
VAIO Control Center (x32 Version: 3.1.00.07110 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.0.04.01170 - Sony Corporation)
VAIO DVD Menu Data Basic (x32 Version: 1.0.00.08130 - Sony Corporation)
VAIO Entertainment Platform (x32 Version: 3.2.00.06200 - Sony Corporation)
VAIO Entertainment Platform (x32 Version: 3.2.00.06200 - Sony Corporation) Hidden
VAIO Event Service (x32 Version: 4.1.00.07280 - Sony Corporation)
VAIO Help and Support (x32 Version: 6.00.0806.64.JS - Sony Corporation)
VAIO Media plus (x32 Version: 1.1.00.05240 - Sony Corporation)
VAIO Media plus (x32 Version: 1.1.00.05240 - Sony Corporation) Hidden
VAIO Movie Story (x32 Version: 1.3.00.06240 - Sony Corporation) Hidden
VAIO Movie Story Template Data (x32 Version: 1.3.00.06120 - Sony Corporation)
VAIO MusicBox (x32 Version: 2.1.00.06110 - Sony Corporation)
VAIO MusicBox Sample Music (x32 Version: 1.1.00.14140 - Sony Corporation)
VAIO My Memory Center (x32 Version: 1.00.0229 - Sony)
VAIO OOBE and Welcome Center (x32 Version: 6.00.0813.64.US - Sony Corporation)
VAIO Original Function Setting (x32 Version: 1.4.00.04230 - Sony Corporation)
VAIO Power Management (x32 Version: 3.1.00.08060 - Sony Corporation)
VAIO Startup Assistant (x32 Version: 3.00.0731 - Sony)
VAIO Survey (x32 Version: 6.00.0722 - Sony Corporation)
VAIO Update 4 (x32 Version: 4.0.0.07150 - Sony Corporation)
VAIO Wallpaper Contents (x32 Version: 1.2.00.05200 - Sony Corporation)
VAIO Wireless Wizard (x32 Version: 1.01.0722 - Sony)
VideoPad Video Editor (x32 Version: - NCH Software)
Visual Studio C++ 10.0 Runtime (x32 Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.0.3 (x32 Version: 2.0.3 - VideoLAN)
Vuze (x32 Version: 5.0.0.0 - Azureus Software, Inc.)
WavePad Sound Editor (x32 Version: - NCH Software)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WIDCOMM Bluetooth Software 6.2.0.4500 (Version: 6.2.0.4500 - Broadcom Corporation)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8098.930 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8093.805 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live OneCare safety scanner (x32 Version: 1.0.0.0 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (x32 Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (x32 Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (x32 Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
WinDVD for VAIO (x32 Version: 8.0-B9.513 - InterVideo Inc.)
WinDVD for VAIO (x32 Version: 8.0-B9.513 - InterVideo Inc.) Hidden
WinRAR 5.01 (32-bit) (x32 Version: 5.01.0 - win.rar GmbH)

==================== Restore Points =========================

24-07-2013 19:54:44 Monvishi System Restore
24-07-2013 20:22:40 Device Driver Package Install: COMODO Network Service
06-08-2013 19:38:02
06-08-2013 20:12:12
10-10-2013 05:35:00 Scheduled Checkpoint
22-10-2013 17:34:45 Scheduled Checkpoint
30-10-2013 18:36:25 Scheduled Checkpoint
01-11-2013 18:23:14 Scheduled Checkpoint
05-11-2013 01:47:33 Scheduled Checkpoint
11-11-2013 21:37:32 Scheduled Checkpoint
14-11-2013 22:24:30 Scheduled Checkpoint
18-11-2013 19:49:58 Scheduled Checkpoint
21-11-2013 05:29:44 Scheduled Checkpoint
25-11-2013 21:05:42 Scheduled Checkpoint
05-01-2014 16:39:19 Device Driver Package Install: Leapfrog Network adapters
08-01-2014 05:58:43 Scheduled Checkpoint
17-01-2014 22:12:28 zoek.exe restore point
18-01-2014 18:50:36 Removed COMODO Firewall
18-01-2014 18:51:36 Removed GeekBuddy.
18-01-2014 18:53:06 Removed COMODO Firewall
18-01-2014 19:06:30 Installed Microsoft Fix it 50906
19-01-2014 03:08:04 zoek.exe restore point
19-01-2014 22:52:18 OTL Restore Point - 1/19/2014 3:52:18 PM
20-01-2014 16:54:44 Scheduled Checkpoint
20-01-2014 18:05:30 OTL Restore Point - 1/20/2014 11:05:30 AM
20-01-2014 21:49:05 OTL Restore Point - 1/20/2014 2:49:05 PM
20-01-2014 22:19:57 zoek.exe restore point

==================== Hosts content: ==========================

2006-11-02 05:34 - 2013-07-22 12:42 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {00BFC584-7208-4333-BD7E-4DE50106020D} - System32\Tasks\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2008-08-13] (Sony Electronics, Inc.)
Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {104FA61F-8EC3-4B72-AD14-6BEA318F670E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4265550052-2847090512-4221517141-1000Core => C:\Users\Fry's Electronics\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
Task: {3657B50A-F509-4F97-B1E1-B058B315A105} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3E659B61-39EF-456E-9BA7-9D429E8442E6} - System32\Tasks\SONY\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe [2008-07-15] (Sony Corporation)
Task: {3F335A6D-DAF4-4FA4-B218-BD4C274D3449} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4265550052-2847090512-4221517141-1000UA => C:\Users\Fry's Electronics\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {7424741F-43F3-40D9-ADB1-4EFC48A3A0B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-15] (Google Inc.)
Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {8C8ACC51-AA8B-4270-92FE-48FC42ABB54B} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Fry's Electronics => C:\Program Files\Windows Calendar\WinCal.exe [2008-01-20] (Microsoft Corporation)
Task: {900F703D-7736-4554-AF47-B51FF4F1A3F0} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe [2008-06-27] (Sony Corporation)
Task: {93341E01-AE5D-444E-9B90-D00C9B31B391} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4265550052-2847090512-4221517141-1000Core => C:\Users\Fry's Electronics\AppData\Local\Google\Update\GoogleUpdate.exe [2009-01-17] (Google Inc.)
Task: {D166282E-4B8E-419E-85E5-1943D85B2300} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-05] (Adobe Systems Incorporated)
Task: {E1DDC06D-47AA-4372-9AD8-64C7ED74E369} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {E4CB8109-AAD7-4F68-A131-4AB1BCE0E426} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4265550052-2847090512-4221517141-1000UA => C:\Users\Fry's Electronics\AppData\Local\Google\Update\GoogleUpdate.exe [2009-01-17] (Google Inc.)
Task: {E76C0BBB-98FE-4873-84A4-3F651855691B} - \SearchGuardPlusUpdater No Task File
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()
Task: {F7003BBD-389A-4404-9B02-F38A0CAFFB6B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-15] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4265550052-2847090512-4221517141-1000Core.job => C:\Users\Fry's Electronics\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4265550052-2847090512-4221517141-1000UA.job => C:\Users\Fry's Electronics\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265550052-2847090512-4221517141-1000Core.job => C:\Users\Fry's Electronics\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4265550052-2847090512-4221517141-1000UA.job => C:\Users\Fry's Electronics\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-09-10 12:02 - 2011-08-02 13:58 - 00047104 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
2012-09-10 12:02 - 2011-08-02 13:58 - 00042496 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
2012-05-30 20:06 - 2012-05-30 20:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 20:06 - 2012-05-30 20:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2008-08-14 14:41 - 2008-07-28 17:45 - 00010752 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2008-08-14 14:41 - 2008-07-28 17:45 - 00009728 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2013-10-18 16:55 - 2013-10-18 16:55 - 25100288 _____ () C:\Users\Fry's Electronics\AppData\Roaming\Dropbox\bin\libcef.dll
2014-01-19 15:50 - 2014-01-11 03:29 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll
2014-01-19 15:50 - 2014-01-11 03:29 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
2014-01-19 15:50 - 2014-01-11 03:28 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: pcouffin device ...
Description: pcouffin device ...
Class Guid: {ff646f80-8def-11d2-9449-00105a075f6b}
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (01/21/2014 07:40:18 AM) (Source: Service Control Manager) (User: )
Description: SL UI Notification ServiceNetwork List Service%%0

Error: (01/21/2014 07:40:18 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{A47979D2-C419-11D9-A5B4-001185AD2B89}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)


Microsoft Office Sessions:
=========================
Error: (09/07/2013 01:25:24 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 2317 seconds with 240 seconds of active time. This session ended with a crash.

Error: (07/06/2013 00:32:46 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 24 seconds with 0 seconds of active time. This session ended with a crash.

Error: (04/04/2013 08:34:14 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3372 seconds with 180 seconds of active time. This session ended with a crash.

Error: (04/01/2013 07:38:22 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1263 seconds with 60 seconds of active time. This session ended with a crash.

Error: (03/27/2013 00:17:51 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 3576 seconds with 1560 seconds of active time. This session ended with a crash.

Error: (03/23/2013 10:27:42 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 709 seconds with 540 seconds of active time. This session ended with a crash.

Error: (01/22/2013 09:08:19 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2053 seconds with 720 seconds of active time. This session ended with a crash.

Error: (12/18/2012 01:37:41 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 42 seconds with 0 seconds of active time. This session ended with a crash.

Error: (09/18/2012 01:38:16 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8684 seconds with 780 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2013-07-22 12:41:26.723
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-07-22 12:41:26.599
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-07-22 09:31:04.230
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-07-22 09:24:16.257
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-07-20 12:52:39.933
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-07-20 12:28:00.669
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-07-20 11:47:32.343
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-07-20 11:14:09.050
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-07-20 10:42:05.124
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-07-20 10:25:03.203
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 52%
Total physical RAM: 3900.26 MB
Available physical RAM: 1858.97 MB
Total Pagefile: 9655.39 MB
Available Pagefile: 7429.26 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:455.93 GB) (Free:145.6 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 8A6043CE)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=456 GB) - (Type=07 NTFS)

==================== End Of Log ============================
  • 0

#50
Monvishi

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts
Hope you have some answers now...
  • 0

#51
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,700 posts
  • Step 1: Resetting Chrome

We have to reset Chrome. How to do this please look here.

  • Step 2: OTL Fix

  • Run OTL. (if you have Windows Vista / Windows 7 / Windows 8 please do a Right click on the OTL icon and select Run as Administrator)
  • Copy (Ctrl+C) and Paste (Ctrl+V) all of the following text into the Custom Scans/Fixes box:


    :Commands
    [CreateRestorePoint]
    
    :Files
    C:\Users\AppData\LocalLow\Conduit
    C:\Users\AppData\LocalLow\TheFreeDictionarycom
    C:\Program Files (x86)\WhiteSmoke_New
    
    :reg
    [HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
    "C:\Program Files (x86)\WhiteSmoke_New\uninstall.exe"=-
    
    [HKEY_USERS\S-1-5-21-4265550052-2847090512-4221517141-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
    "C:\Program Files (x86)\WhiteSmoke_New\uninstall.exe"=-
    
    [HKEY_USERS\S-1-5-21-4265550052-2847090512-4221517141-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
    "C:\Program Files (x86)\WhiteSmoke_New\uninstall.exe"=-
    
    :Commands
    [EMPTYTEMP]
    
  • Click the Run Fix button.
  • After your computer has rebooted, run OTL and click Quick Scan.
  • Copy and paste the contents of the log that it produces into your next post.

  • 0

#52
Monvishi

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts
All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== FILES ==========
C:\Users\AppData\LocalLow\Conduit\Community Alerts\Log folder moved successfully.
C:\Users\AppData\LocalLow\Conduit\Community Alerts\LanguagePacks folder moved successfully.
C:\Users\AppData\LocalLow\Conduit\Community Alerts\Feeds folder moved successfully.
C:\Users\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light folder moved successfully.
C:\Users\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark folder moved successfully.
C:\Users\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images folder moved successfully.
C:\Users\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog folder moved successfully.
C:\Users\AppData\LocalLow\Conduit\Community Alerts\Dialogs folder moved successfully.
C:\Users\AppData\LocalLow\Conduit\Community Alerts folder moved successfully.
C:\Users\AppData\LocalLow\Conduit folder moved successfully.
C:\Users\AppData\LocalLow\TheFreeDictionarycom\UserDefinedItems folder moved successfully.
C:\Users\AppData\LocalLow\TheFreeDictionarycom\Twitter folder moved successfully.
C:\Users\AppData\LocalLow\TheFreeDictionarycom\Rss folder moved successfully.
C:\Users\AppData\LocalLow\TheFreeDictionarycom\RadioPlayer\Skins folder moved successfully.
C:\Users\AppData\LocalLow\TheFreeDictionarycom\RadioPlayer folder moved successfully.
C:\Users\AppData\LocalLow\TheFreeDictionarycom\MyStuffComponents folder moved successfully.
C:\Users\AppData\LocalLow\TheFreeDictionarycom\Logs folder moved successfully.
C:\Users\AppData\LocalLow\TheFreeDictionarycom\LanguagePack\en folder moved successfully.
C:\Users\AppData\LocalLow\TheFreeDictionarycom\LanguagePack folder moved successfully.
C:\Users\AppData\LocalLow\TheFreeDictionarycom\EmailNotifier folder moved successfully.
C:\Users\AppData\LocalLow\TheFreeDictionarycom\CacheIcons folder moved successfully.
C:\Users\AppData\LocalLow\TheFreeDictionarycom folder moved successfully.
File\Folder C:\Program Files (x86)\WhiteSmoke_New not found.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\WhiteSmoke_New\uninstall.exe deleted successfully.
Registry value HKEY_USERS\S-1-5-21-4265550052-2847090512-4221517141-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\WhiteSmoke_New\uninstall.exe not found.
Registry value HKEY_USERS\S-1-5-21-4265550052-2847090512-4221517141-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\WhiteSmoke_New\uninstall.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData
->Temp folder emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Fry's Electronics
->Temp folder emptied: 2872579 bytes
->Temporary Internet Files folder emptied: 478429 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 11126903 bytes
->Flash cache emptied: 506 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7461 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 14.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 01212014_094106

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • 0

#53
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,700 posts
Now the OTL Quickscan ;)
  • 0

#54
Monvishi

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts
On its way...

Sorry for not being prompt, am occupied with my two girls.
  • 0

#55
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,700 posts
I just posted this that I'm sure that you didn't forgot that.
  • 0

Advertisements


#56
Monvishi

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts
OTL logfile created on: 1/21/2014 11:16:26 AM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Fry's Electronics\Desktop\Geekstogo
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.81 Gb Total Physical Memory | 1.99 Gb Available Physical Memory | 52.30% Memory free
9.41 Gb Paging File | 7.27 Gb Available in Paging File | 77.34% Paging File free
Paging file location(s): c:\pagefile.sys 5850 5850 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455.93 Gb Total Space | 139.37 Gb Free Space | 30.57% Space Free | Partition Type: NTFS
Drive F: | 1.24 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: MONVISHI | User Name: Fry's Electronics | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/18 21:43:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Fry's Electronics\Desktop\Geekstogo\OTL.exe
PRC - [2014/01/11 03:29:23 | 000,866,584 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/01/02 17:46:10 | 030,714,328 | ---- | M] (Dropbox, Inc.) -- C:\Users\Fry's Electronics\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/11/27 09:21:36 | 000,106,496 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2013/11/27 09:12:02 | 007,393,280 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2013/07/08 04:09:10 | 004,153,184 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\SW\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\SW\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\SW\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/12/18 07:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/09/05 08:57:26 | 000,271,808 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
PRC - [2012/06/21 05:01:58 | 000,092,632 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012/06/21 05:01:56 | 000,247,768 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2008/07/28 17:45:42 | 000,182,112 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2008/07/28 17:45:42 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2008/06/20 08:56:44 | 000,415,744 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2008/06/19 08:55:48 | 000,279,848 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2008/05/22 14:23:10 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2008/05/20 13:48:32 | 000,024,576 | ---- | M] (Sony Electronics, Inc.) -- C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe
PRC - [2008/03/25 14:32:18 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
PRC - [2007/01/04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe


========== Modules (No Company Name) ==========

MOD - [2014/01/11 03:29:21 | 000,399,640 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppgooglenaclpluginchrome.dll
MOD - [2014/01/11 03:29:19 | 013,615,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
MOD - [2014/01/11 03:29:17 | 004,055,320 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll
MOD - [2014/01/11 03:28:11 | 001,634,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
MOD - [2014/01/02 17:45:04 | 003,558,400 | ---- | M] () -- C:\Users\Fry's Electronics\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013/10/18 16:55:02 | 025,100,288 | ---- | M] () -- C:\Users\Fry's Electronics\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/02/07 18:37:57 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\09b9cd1c630210237b5b46d9943e1946\System.Windows.Forms.ni.dll
MOD - [2013/02/07 18:37:49 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\61759b9905aed9a87347d04b5fad046b\System.Drawing.ni.dll
MOD - [2012/05/30 20:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/05/30 20:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/02/16 16:37:24 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c50133cb67d7c013fa31e1ffb942060b\System.ni.dll
MOD - [2011/10/13 11:26:13 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2008/07/28 17:45:44 | 000,010,752 | ---- | M] () -- C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll


========== Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe -- (Amsp)
SRV:64bit: - [2013/04/17 16:09:14 | 007,982,368 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files\Trend Micro SafeSync\hrfscore.exe -- (OnlineStorageService)
SRV:64bit: - [2008/08/06 18:06:48 | 000,407,392 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2008/06/11 23:13:24 | 000,337,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2008/06/11 23:10:46 | 000,107,808 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2008/01/20 19:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2014/01/05 09:53:37 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/27 09:12:02 | 007,393,280 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2013/07/08 04:09:10 | 004,153,184 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\SW\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\SW\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/18 07:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/06/21 05:01:58 | 000,092,632 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/03/29 21:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/07/28 17:45:42 | 000,182,112 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2008/07/11 04:51:19 | 000,133,120 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Windows\RTKAUDIOSERVICE.EXE -- (RtkAudioService)
SRV - [2008/06/20 08:56:44 | 000,415,744 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2008/06/19 08:55:48 | 000,279,848 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2008/05/22 14:23:10 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2008/05/22 14:21:44 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2008/05/20 19:05:40 | 000,353,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\VAIO Media plus\SOHDms.exe -- (SOHDms)
SRV - [2008/05/20 19:05:40 | 000,103,712 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\VAIO Media plus\SOHCImp.exe -- (SOHCImp)
SRV - [2008/05/20 19:05:40 | 000,062,752 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\VAIO Media plus\SOHDs.exe -- (SOHDs)
SRV - [2008/05/20 01:51:34 | 000,077,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2008/05/20 01:49:04 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2008/05/20 01:29:06 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2008/03/25 14:32:18 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe -- (uCamMonitor)
SRV - [2007/01/04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/02/21 18:53:00 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\taphss6.sys -- (taphss6)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/09/24 23:01:12 | 000,107,048 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\tmactmon.sys -- (tmactmon)
DRV:64bit: - [2012/09/24 23:00:36 | 000,077,184 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\tmevtmgr.sys -- (tmevtmgr)
DRV:64bit: - [2012/09/24 23:00:00 | 000,173,504 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\tmcomm.sys -- (tmcomm)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/02/29 06:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/08/02 13:58:38 | 000,105,744 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2009/08/05 20:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009/04/10 22:43:06 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2008/08/13 17:01:16 | 000,021,032 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2008/08/13 17:01:15 | 000,132,136 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2008/08/13 17:01:15 | 000,095,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2008/08/13 17:00:47 | 000,036,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2008/08/12 17:01:41 | 007,907,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/07/17 17:02:44 | 000,064,512 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\risdsn64.sys -- (risdptsk)
DRV:64bit: - [2008/06/25 17:13:33 | 000,085,504 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\rimssn64.sys -- (rimsptsk)
DRV:64bit: - [2008/06/19 17:37:17 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2008/06/02 17:05:24 | 001,133,568 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\athrx.sys -- (athr)
DRV:64bit: - [2008/05/28 03:23:40 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wimfltr.sys -- (WimFltr)
DRV:64bit: - [2008/05/26 17:06:28 | 000,315,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\e1y60x64.sys -- (e1yexpress)
DRV:64bit: - [2008/04/08 03:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2008/03/10 04:01:26 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SFEP.sys -- (SFEP)
DRV:64bit: - [2008/01/30 17:33:30 | 000,019,456 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2008/01/20 19:47:28 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2008/01/20 19:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV - [2008/09/19 08:28:44 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2008/09/19 08:28:43 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008/07/11 16:42:58 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\DMICall.sys -- (DMICall)
DRV - [2004/11/22 15:36:39 | 000,018,003 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5)
DRV - [2004/11/22 15:36:34 | 000,019,345 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMPR5.sys -- (MREMPR5)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7GGNI_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2013/02/07 18:39:37 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2013/02/07 18:39:37 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@TrendMicro.com/FFExtension: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll (Trend Micro Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\Fry's Electronics\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll ( )
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Fry's Electronics\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Fry's Electronics\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Fry's Electronics\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Fry's Electronics\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Fry's Electronics\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=6: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=7: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Fry's Electronics\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/06/04 08:59:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{38783831-6098-4faa-A9C9-1EE1E343F4D2}: C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\firefoxextension [2013/10/01 13:11:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2013/10/01 13:11:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\ [2013/10/01 12:17:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/06/04 08:59:57 | 000,000,000 | ---D | M]

[2010/10/03 21:17:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fry's Electronics\AppData\Roaming\mozilla\Extensions
[2010/10/03 21:17:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fry's Electronics\AppData\Roaming\mozilla\Extensions\[email protected]

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://search.condui...SearchSource=48
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Fry's Electronics\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Fry's Electronics\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Fry's Electronics\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U9 (Disabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Trend Micro Titanium (Enabled) = C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Fry's Electronics\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Fry's Electronics\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Disabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Fry's Electronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Fry's Electronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\Fry's Electronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Gmail = C:\Users\Fry's Electronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/07/22 12:42:23 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Monitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [VAIORegistration] C:\Program Files\Sony\First Experience\WelcomeLauncher.exe (Sony Electronics, Inc.)
O4 - HKLM..\Run: [VWLASU] C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe (Sony Electronics, Inc.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Fry's Electronics\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [Google+ Auto Backup] C:\Program Files (x86)\Google\Google+ Auto Backup\Google+ Auto Backup.exe (Google Inc.)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - Startup: C:\Users\Fry's Electronics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Fry's Electronics\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.9.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{60978BA2-A574-416B-A2A2-FEEDA5DC83C9}: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A97872AB-22A2-4BD1-8CFC-BD03A2683FFC}: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmtb - No CLSID value found
O18:64bit: - Protocol\Handler\tmtbim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.1.1104\7.1.1104\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.0.1361\6.8.1078\TmIEPlg32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Filter\application/x-microsoft-rpmsg-message - No CLSID value found
O18 - Protocol\Filter\application/x-microsoft-rpmsg-message - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:64bit: - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\SysNative\wpdshserviceobj.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img2.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img2.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/02/06 19:51:58 | 000,000,140 | ---- | M] () - F:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/21 10:53:19 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2014/01/21 07:40:30 | 000,000,000 | ---D | C] -- C:\FRST
[2014/01/21 07:07:51 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/20 15:39:40 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/01/20 15:35:43 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2014/01/20 15:35:43 | 000,000,000 | ---D | C] -- C:\Users\Fry's Electronics\AppData\Local\Temp
[2014/01/20 15:18:55 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2014/01/20 14:48:53 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/01/19 15:51:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/01/18 22:24:01 | 000,000,000 | ---D | C] -- C:\Users\Fry's Electronics\AppData\Roaming\WinRAR
[2014/01/18 22:23:46 | 000,000,000 | ---D | C] -- C:\Users\Fry's Electronics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/01/18 22:23:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/01/18 22:23:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2014/01/18 21:18:48 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/01/17 15:34:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HiJackThis
[2014/01/14 09:06:41 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2014/01/08 13:56:50 | 000,000,000 | ---D | C] -- C:\Users\Fry's Electronics\Desktop\India trip 2013
[2014/01/07 08:06:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
[2014/01/05 09:53:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2014/01/05 09:53:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan
[2014/01/05 09:39:36 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2014/01/05 09:39:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LeapFrog Connect
[2014/01/05 09:37:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Leapfrog
[2014/01/05 09:37:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LeapFrog
[2010/05/15 17:26:18 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Fry's Electronics\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2014/01/21 11:07:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/21 11:00:16 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/21 10:53:03 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4265550052-2847090512-4221517141-1000UA.job
[2014/01/21 10:49:46 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/21 10:49:38 | 000,004,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/21 10:49:38 | 000,004,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/21 10:49:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/21 10:48:40 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2014/01/21 08:41:01 | 000,000,976 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4265550052-2847090512-4221517141-1000UA.job
[2014/01/20 20:31:15 | 000,723,104 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/20 20:31:15 | 000,618,580 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/20 20:31:15 | 000,108,560 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/20 15:18:54 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2014/01/20 11:53:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4265550052-2847090512-4221517141-1000Core.job
[2014/01/20 11:46:04 | 000,000,954 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4265550052-2847090512-4221517141-1000Core.job
[2014/01/19 15:59:16 | 000,002,049 | ---- | M] () -- C:\Users\Fry's Electronics\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/01/18 11:17:10 | 000,000,963 | ---- | M] () -- C:\Users\Fry's Electronics\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/01/10 12:10:12 | 000,216,083 | ---- | M] () -- C:\Users\Fry's Electronics\Desktop\photo (3).JPG
[2014/01/10 11:43:33 | 000,919,155 | ---- | M] () -- C:\Users\Fry's Electronics\Desktop\photo (2).JPG
[2014/01/10 11:43:15 | 000,702,647 | ---- | M] () -- C:\Users\Fry's Electronics\Desktop\photo.JPG
[2014/01/09 11:45:44 | 000,027,648 | ---- | M] () -- C:\Users\Fry's Electronics\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/01/05 09:53:41 | 000,002,001 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2014/01/03 15:49:49 | 000,450,549 | ---- | M] () -- C:\Users\Fry's Electronics\Desktop\Retroactive_Mileage_Claim.pdf

========== Files Created - No Company Name ==========

[2014/01/20 15:35:43 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2014/01/10 12:10:12 | 000,216,083 | ---- | C] () -- C:\Users\Fry's Electronics\Desktop\photo (3).JPG
[2014/01/10 11:43:14 | 000,919,155 | ---- | C] () -- C:\Users\Fry's Electronics\Desktop\photo (2).JPG
[2014/01/10 11:43:14 | 000,702,647 | ---- | C] () -- C:\Users\Fry's Electronics\Desktop\photo.JPG
[2014/01/08 14:14:25 | 002,200,835 | ---- | C] () -- C:\Users\Fry's Electronics\Desktop\IMG_1362.JPG
[2014/01/05 09:53:41 | 000,002,001 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2014/01/03 15:49:48 | 000,450,549 | ---- | C] () -- C:\Users\Fry's Electronics\Desktop\Retroactive_Mileage_Claim.pdf
[2013/07/15 14:14:28 | 000,000,680 | ---- | C] () -- C:\Users\Fry's Electronics\AppData\Local\d3d9caps.dat
[2013/07/15 12:09:41 | 000,000,732 | ---- | C] () -- C:\Users\Fry's Electronics\AppData\Local\d3d9caps64.dat
[2013/06/16 19:49:55 | 000,004,096 | -H-- | C] () -- C:\Users\Fry's Electronics\AppData\Local\keyfile3.drm
[2012/09/10 12:03:06 | 000,000,258 | R-S- | C] () -- C:\ProgramData\ntuser.pol
[2012/06/27 10:32:11 | 000,013,794 | ---- | C] () -- C:\Users\Fry's Electronics\bsnlrect.pdf
[2012/06/26 10:40:58 | 000,180,236 | ---- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010/06/04 06:37:07 | 000,004,370 | ---- | C] () -- C:\Program Files (x86)\hyperlinks.bat
[2010/05/15 17:26:18 | 000,007,859 | ---- | C] () -- C:\Users\Fry's Electronics\AppData\Roaming\pcouffin.cat
[2010/05/15 17:26:18 | 000,001,167 | ---- | C] () -- C:\Users\Fry's Electronics\AppData\Roaming\pcouffin.inf
[2008/11/29 08:35:23 | 001,263,689 | ---- | C] () -- C:\Users\Fry's Electronics\AppData\Roaming\UserTile.png
[2008/11/29 08:34:49 | 000,000,000 | ---- | C] () -- C:\Users\Fry's Electronics\AppData\Roaming\wklnhst.dat
[2008/11/13 14:10:42 | 000,027,648 | ---- | C] () -- C:\Users\Fry's Electronics\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 08:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2011/01/21 09:50:13 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 09:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 00:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 19:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\wbemess.dll

========== LOP Check ==========

[2013/06/17 20:17:35 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\Allvoi Softphone
[2013/06/22 21:06:00 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\Azureus
[2014/01/21 10:54:00 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\Dropbox
[2010/02/09 13:17:40 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\Facebook
[2009/03/16 19:43:33 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\InterVideo
[2010/03/26 15:17:25 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\NCH Swift Sound
[2013/06/22 11:57:47 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\Nico Mak Computing
[2013/07/16 19:30:17 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\TeamViewer
[2008/11/29 16:07:12 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\Template
[2010/05/12 15:17:02 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\Tific
[2010/10/03 21:17:34 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\TomTom
[2013/09/21 21:26:03 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\TuneUpMedia
[2013/10/01 13:11:10 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\uTorrent
[2010/04/16 04:38:31 | 000,000,000 | ---D | M] -- C:\Users\Fry's Electronics\AppData\Roaming\webex

========== Purity Check ==========



< End of report >
  • 0

#57
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,700 posts

CHR - homepage: http://search.condui...SearchSource=48
[2014/01/21 10:53:19 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess

I can not believe it. :)

I will come with further instructions later.
  • 0

#58
Monvishi

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts
Oh My!!

Conduit does not want to leave us, waiting for next steps from you..
  • 0

#59
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 3,700 posts
  • Step 1: FRST Fix

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST64.exe (Right click on it and select Run as Administrator) and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

Attached Files


  • 0

#60
Monvishi

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-01-2014
Ran by Fry's Electronics at 2014-01-21 13:43:19 Run:1
Running from C:\Users\Fry's Electronics\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Task: {E76C0BBB-98FE-4873-84A4-3F651855691B} - \SearchGuardPlusUpdater No Task File
C:\ProgramData\boost_interprocess
Folder: C:\Windows\tasks
*****************

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E76C0BBB-98FE-4873-84A4-3F651855691B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E76C0BBB-98FE-4873-84A4-3F651855691B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SearchGuardPlusUpdater => Key deleted successfully.
C:\ProgramData\boost_interprocess => Moved successfully.

========================= Folder: C:\Windows\tasks ========================

2012-04-03 08:22 - 2014-01-21 13:00 - 0000830 _____ () C:\Windows\tasks\Adobe Flash Player Updater.job
2012-03-28 20:12 - 2014-01-21 11:41 - 0000954 _____ () C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4265550052-2847090512-4221517141-1000Core.job
2012-03-28 20:12 - 2014-01-21 11:41 - 0000976 _____ () C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4265550052-2847090512-4221517141-1000UA.job
2012-03-15 15:04 - 2014-01-21 12:07 - 0000916 _____ () C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
2012-03-15 15:04 - 2014-01-21 13:07 - 0000920 _____ () C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
2009-06-30 07:31 - 2014-01-21 11:53 - 0000904 _____ () C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4265550052-2847090512-4221517141-1000Core.job
2009-06-30 07:31 - 2014-01-21 12:53 - 0000956 _____ () C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4265550052-2847090512-4221517141-1000UA.job
2006-11-02 08:42 - 2014-01-21 10:49 - 0000006 ____H () C:\Windows\tasks\SA.DAT
2006-11-02 08:42 - 2014-01-21 10:48 - 0032642 _____ () C:\Windows\tasks\SCHEDLGU.TXT

====== End of Folder: ======


==== End of Fixlog ====
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP