Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Suspicious ads and page pop ups

Started by DawnsShadow , Jan 24 2014 04:19 PM

  • Please log in to reply

#16
DawnsShadow
Posted 01 February 2014 - 05:21 PM

DawnsShadow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
I will know better in a day or two. It sometimes takes a while to happen.
Thanks so much for all the help! I will post as soon a I know for sure
  • 0

Advertisements

#17
zep516
Posted 02 February 2014 - 11:14 AM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hello DawnsShadow,

Next

We need to do another fix using OTL, just a few left overs.

  • Double click on the Posted Image to open the program. On Vista/Win7/Win8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :COMMANDS
[CREATERESTOREPOINT]

:OTL

FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O1364bit: - gopher Prefix: missing

:Commands
[emptytemp]
  • Make sure all other windows are closed.
  • Click the Run Fix button at the top
  • Let the program run uninterrupted. The computer should reboot when the scan is done. If not, please reboot the computer.
  • Post the log that is found in C:\_OTL\Moved Files in your next reply.
  • Open OTL again and click the Quick Scan button.

Please post the following log in your next reply:

  • OTL Fix Log located here--> C:\_OTL\Moved Files


**Important observance's noted in your log report, that should be addressed for overall performance and security concerns.


1. You need to create additional free space on this drive soon as you can. Windows needs 15 to 20 percent free space to function correctly. You can move pictures, files, etc to another drive to free up space.

Drive C: | 578.07 Gb Total Space | 29.83 Gb Free Space | 5.16% Space Free | Partition Type: NTFS

Otherwise it will eventually cease to function correctly.


2. Out of date service pack!!
Windows 7 is currently running at Service pack 1. These service packs are important for security fixes and the overall function of the computer. I suggest you install this service pack 1 when we are done.

How to install service pack 1 Here

Thanks
Joe :)

I'd wait till we are done before installing Service packs, and you will need to free up space to install that.
  • 0

#18
DawnsShadow
Posted 03 February 2014 - 01:46 AM

DawnsShadow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
I will follow the steps above asap but just to let you know I just got another page pop up. One of the Warning pages :(
  • 0

#19
DawnsShadow
Posted 03 February 2014 - 07:04 PM

DawnsShadow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Dawn
->Temp folder emptied: 66107 bytes
->Temporary Internet Files folder emptied: 82191 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 395164899 bytes
->Flash cache emptied: 4498 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 406235 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 32309715 bytes

Total Files Cleaned = 408.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02032014_194334

Files\Folders moved on Reboot...
File\Folder C:\Users\Dawn\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • 0

#20
zep516
Posted 03 February 2014 - 08:11 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hi,

Please post a fresh OTL Log.

I just got another page pop up. One of the Warning pages


In what browser are you getting the pop up?

Tell me about the warning page, what's it say ?

In your next reply to me:

  • Post a new OTL Log
  • Answer my 2 questions.

Thanks
Joe :)
  • 0

#21
DawnsShadow
Posted 03 February 2014 - 09:51 PM

DawnsShadow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Here is the scan... FYI the fake warning pages are still popping up. I had thought they had stopped but no they are still popping up. FYI my Norton gets triggered when the pages pop up saying an attack has been attempted. I can be on any page and they pop open when I click on a link, I get re-directed to a fake page instead of the correct link.

OTL logfile created on: 2/3/2014 10:44:20 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dawn\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: MM/dd/yyyy

7.68 Gb Total Physical Memory | 5.14 Gb Available Physical Memory | 66.98% Memory free
15.35 Gb Paging File | 12.83 Gb Available in Paging File | 83.60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 578.07 Gb Total Space | 15.22 Gb Free Space | 2.63% Space Free | Partition Type: NTFS
Drive E: | 7.38 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: DAWN-PC | User Name: Dawn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2014/01/24 20:19:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dawn\Downloads\OTL.exe
PRC - [2014/01/23 13:53:42 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe
PRC - [2013/12/19 23:06:39 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/11/02 15:01:42 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
PRC - [2013/11/02 14:56:54 | 005,537,136 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
PRC - [2013/11/02 14:54:34 | 000,270,704 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
PRC - [2013/06/05 00:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Dawn\AppData\Local\Akamai\netsession_win.exe
PRC - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/02/01 16:55:58 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2012/02/01 16:55:58 | 000,214,896 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011/12/05 07:34:56 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2011/06/01 18:06:40 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2010/12/03 09:49:40 | 000,083,792 | R--- | M] (Storage Appliance Corp.) -- C:\ProgramData\Clickfree\HDDV2USB3\UACProxy.exe
PRC - [2010/10/27 18:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2010/06/03 14:46:32 | 000,139,264 | ---- | M] (Rogers Cable Communications) -- C:\Program Files (x86)\Rogers\SelfHealing\RogersSelfHelpService.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/03/08 18:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010/03/07 21:36:42 | 004,204,400 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe
PRC - [2010/03/07 21:36:28 | 003,577,712 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe
PRC - [2010/03/07 21:36:24 | 003,456,880 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
PRC - [2010/03/07 21:35:54 | 003,367,792 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
PRC - [2010/03/03 22:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/03 22:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/03 08:21:16 | 001,300,560 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010/03/03 08:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010/03/03 08:21:16 | 000,297,040 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010/02/09 13:57:46 | 000,704,032 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
PRC - [2010/02/01 13:05:02 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
PRC - [2010/01/29 18:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
PRC - [2010/01/28 18:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2010/01/13 12:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2010/01/08 08:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2009/12/24 20:45:16 | 000,401,192 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2009/12/24 20:44:48 | 000,201,512 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2009/09/30 21:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 21:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe


========== Modules (No Company Name) ==========

MOD - [2013/12/19 23:06:39 | 003,559,024 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/02/19 23:26:20 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\22c60ca3c2b18e041ebff2578c90cba3\System.Runtime.DurableInstancing.ni.dll
MOD - [2013/02/19 23:26:19 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\62d047ff6c2865139d95eb19545b1cc6\SMDiagnostics.ni.dll
MOD - [2013/02/19 23:26:18 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\48ee0e1de873152ec7e85d7456c1cc09\System.Runtime.Serialization.ni.dll
MOD - [2013/02/19 16:56:45 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\01b47a246b4ec7bfec31bf4503aceda1\System.Runtime.Remoting.ni.dll
MOD - [2013/02/19 16:56:44 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\82a4c4666ad83c3a375210247e69646b\WindowsBase.ni.dll
MOD - [2013/02/19 16:56:40 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\dd2d0cf72eac6e5b113a0059aeb3cab5\IAStorUtil.ni.dll
MOD - [2013/02/19 16:56:36 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\05682429807d34d6ff05a77ea153935f\System.Windows.Forms.ni.dll
MOD - [2013/02/19 16:56:27 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\e2ee5d77ebe0bd025e7a7a317a43d677\System.Drawing.ni.dll
MOD - [2013/02/19 16:56:06 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10aba2c167cc1119b80159fd9ac71ca8\System.Xml.ni.dll
MOD - [2013/02/19 16:56:02 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\96a3b737db1e72adaf32d2b350e50c23\System.Configuration.ni.dll
MOD - [2013/02/19 16:56:00 | 007,974,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c54750e64ba10d0fb7b6a636fb3695ca\System.ni.dll
MOD - [2013/02/19 16:55:52 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b0b8554c05f194f546a8ed531320760b\mscorlib.ni.dll
MOD - [2013/02/18 16:58:00 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d884c684ee3f738a60e3c50dd5d88caa\System.Xml.ni.dll
MOD - [2013/02/18 16:57:55 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\cb72ac8478a5ea7e2d570bb710ecb1c1\System.Configuration.ni.dll
MOD - [2013/02/18 16:57:52 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\08bebcf66ad666dfdf2a4a934d79c0f9\System.Core.ni.dll
MOD - [2013/02/18 16:57:42 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\df418085cedae9fa2efee87e20a419a4\System.ni.dll
MOD - [2013/02/18 16:57:35 | 014,413,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\60c214b6ad5691e368a16ec65d127c27\mscorlib.ni.dll
MOD - [2012/02/01 16:55:58 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2010/01/13 12:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2009/05/20 01:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll


========== Services (SafeList) ==========

SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/04/20 18:34:40 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/03/10 11:36:42 | 000,820,768 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010/01/28 18:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/11/02 14:48:18 | 000,126,352 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/02/12 03:43:00 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\SysNative\drivers\o2flash.exe -- (O2FLASH)
SRV - [2014/01/23 13:53:42 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2013/12/11 22:35:05 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/02 15:01:42 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe -- (WDBackup)
SRV - [2013/11/02 14:54:34 | 000,270,704 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)
SRV - [2013/10/08 07:05:13 | 000,264,360 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe -- (N360)
SRV - [2013/07/01 14:42:02 | 004,569,856 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll -- (Akamai)
SRV - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/02/04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012/02/01 16:55:58 | 000,214,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011/12/05 07:34:56 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2011/06/01 18:06:40 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2010/12/03 09:49:40 | 000,083,792 | R--- | M] (Storage Appliance Corp.) [Auto | Running] -- C:\ProgramData\Clickfree\HDDV2USB3\UACProxy.exe -- (CFUACProxy_hddv2usb3)
SRV - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010/06/03 14:46:32 | 000,139,264 | ---- | M] (Rogers Cable Communications) [Auto | Running] -- C:\Program Files (x86)\Rogers\SelfHealing\RogersSelfHelpService.exe -- (RogersSelfHelpService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/08 18:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/03/07 21:36:24 | 003,456,880 | ---- | M] (Egis Technology Inc.) [Auto | Running] -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2010/03/03 22:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/03 08:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/02/01 13:04:40 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010/01/29 18:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2010/01/08 08:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/11/09 12:00:12 | 000,169,936 | ---- | M] (Rogers Cable Communications) [Auto | Running] -- C:\Program Files (x86)\Rogers\Update Manager\RogersUpdateManager.exe -- (RogersUpdateManager)
SRV - [2009/10/09 21:59:08 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/09/30 21:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/09/30 21:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/11/01 14:07:04 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/09/26 22:18:30 | 001,147,480 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2013/09/26 21:45:56 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\Ironx64.sys -- (SymIRON)
DRV:64bit: - [2013/09/26 21:26:03 | 000,858,200 | R--- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013/09/25 22:28:00 | 000,590,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\symnets.sys -- (SymNetS)
DRV:64bit: - [2013/09/25 21:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\ccSetx64.sys -- (ccSet_N360)
DRV:64bit: - [2013/09/09 21:47:43 | 000,078,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)
DRV:64bit: - [2013/09/09 21:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymDS64.sys -- (SymDS)
DRV:64bit: - [2013/09/09 20:49:49 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/02/12 09:02:24 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/09/19 09:02:08 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/09/19 09:02:06 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 01:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/25 12:57:50 | 000,030,720 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2011/12/19 23:32:45 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2011/12/19 23:32:44 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2011/09/15 06:02:40 | 000,036,656 | ---- | M] (Egis Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FPSensor.sys -- (FPSensor)
DRV:64bit: - [2011/07/06 12:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/05/10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/11 01:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/04/20 20:15:04 | 006,406,144 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/04/20 17:39:36 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/04/20 17:08:04 | 010,322,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2010/04/14 05:39:40 | 000,315,440 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/04/07 15:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/04/01 03:18:30 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/03/05 01:38:20 | 000,075,624 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2mdgx64.sys -- (O2MDGRDR)
DRV:64bit: - [2010/03/03 21:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/01/18 02:38:00 | 000,075,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/01/11 05:48:00 | 000,050,976 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2sdgx64.sys -- (O2SDGRDR)
DRV:64bit: - [2010/01/06 08:33:16 | 000,158,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/11/02 14:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/10/09 21:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/09/17 14:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/08/31 17:36:18 | 000,006,656 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidshim.sys -- (hidshim)
DRV:64bit: - [2009/08/31 17:36:16 | 000,026,624 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuvotonhidcir.sys -- (nuvotonhidcir)
DRV:64bit: - [2009/08/31 15:45:20 | 000,068,096 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuvotonir.sys -- (nuvotonir)
DRV:64bit: - [2009/08/31 14:42:04 | 000,048,128 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuvotoncir.sys -- (nuvotoncir)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 19:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/02 21:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/02 21:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/02 21:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/05 03:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/05 03:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2014/01/24 17:55:04 | 000,521,944 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140131.001\IDSviA64.sys -- (IDSVia64)
DRV - [2014/01/24 14:11:12 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140202.003\ex64.sys -- (NAVEX15)
DRV - [2014/01/24 14:11:12 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140202.003\eng64.sys -- (NAVENG)
DRV - [2013/12/17 19:32:10 | 001,526,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013/12/11 05:19:07 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013/12/11 05:19:07 | 000,137,648 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...03z195t56n1l461
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...03z195t56n1l461
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...03z195t56n1l461
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{AB384A20-ECD2-4B40-B4B3-619FE39ACD23}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...03z195t56n1l461
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\SearchScopes,DefaultScope = {AB384A20-ECD2-4B40-B4B3-619FE39ACD23}
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...AW_enCA398CA398
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\SearchScopes\{AB384A20-ECD2-4B40-B4B3-619FE39ACD23}: "URL" = http://www.google.ca...AW_enCA398CA398
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\SearchScopes\{BDFCC79C-1038-46B4-BE6D-1E36044D02A1}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;192.168.*.*

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: firefox%40mega.co.nz:1.0.3
FF - prefs.js..extensions.enabledAddons: isreaditlater%40ideashower.com:3.0.4
FF - prefs.js..extensions.enabledAddons: pinterest%40robertnyman.com:1.1
FF - prefs.js..extensions.enabledAddons: %7Bdd3d7613-0246-469d-bc65-2a3cc1668adc%7D:1.1.8
FF - prefs.js..extensions.enabledAddons: client%40anonymox.net:2.1.1
FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:12.0.4.5%20-%201
FF - prefs.js..extensions.enabledAddons: %7B58d2a791-6199-482f-a9aa-9b725ec61362%7D:2.0
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.14
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014/02/01 02:59:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013/11/02 01:23:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/12/19 23:06:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/03 20:21:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/12/19 23:06:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/03 20:21:24 | 000,000,000 | ---D | M]

[2012/03/10 18:36:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Extensions
[2012/01/04 12:42:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Extensions\[email protected]
[2012/03/10 18:36:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Extensions\[email protected]
[2014/02/01 01:34:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions
[2014/01/01 19:45:40 | 000,000,000 | ---D | M] (Block site) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2011/12/21 21:55:09 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2013/06/27 11:00:10 | 000,000,000 | ---D | M] (Pocket) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2011/03/20 17:43:17 | 000,000,000 | ---D | M] (TinEye Reverse Image Search) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2013/11/23 00:06:32 | 000,000,000 | ---D | M] (YoutubeAdblocker) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2014/01/03 20:25:25 | 000,355,782 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2014/01/16 00:20:13 | 001,267,418 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2013/03/22 09:32:40 | 000,004,366 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2013/12/04 20:10:17 | 000,018,590 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2014/01/03 19:04:33 | 000,011,318 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\{146f1820-2b0d-49ef-acbf-d85a6986e10c}.xpi
[2014/01/10 11:26:18 | 000,007,641 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi
[2014/01/20 21:40:22 | 000,287,587 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013/11/22 23:39:34 | 000,000,905 | ---- | M] () -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\searchplugins\yahoo_ff.xml
[2013/12/19 23:06:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/12/19 23:06:39 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/11/02 01:23:01 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
[2012/12/06 18:22:25 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll

O1 HOSTS File: ([2014/02/01 00:32:35 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O3:64bit: - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3:64bit: - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [VitaKeyPdtWzd] C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1640631956-789530371-1737118854-1001..\Run: [Akamai NetSession Interface] C:\Users\Dawn\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - Startup: C:\Users\Dawn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9:64bit: - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanne..._IKEA_Win32.cab (20-20 3D Viewer for IKEA)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.204 64.71.255.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39E48105-21F8-418C-8275-9614EA130AE0}: DhcpNameServer = 192.168.0.1 192.168.142.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{91985F56-65F5-4E3E-AFF0-0F1DE39ECF5D}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D154A320-F2DD-4615-ADD0-26AF1F504DEA}: DhcpNameServer = 64.71.255.204 64.71.255.198
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/02/01 18:31:45 | 000,000,000 | ---D | C] -- C:\Users\Dawn\Desktop\TYNA
[2014/02/01 02:11:05 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/02/01 01:27:14 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/02/01 00:27:47 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/01/24 19:40:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Nalpeiron
[2014/01/24 19:36:45 | 000,070,768 | ---- | C] (Nalpeiron Ltd.) -- C:\Windows\SysWow64\nlssrv32.exe
[2014/01/24 19:36:40 | 000,070,768 | ---- | C] (Nalpeiron Ltd.) -- C:\Windows\SysNative\nlssrv32.exe
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/02/03 22:27:51 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/03 22:27:04 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/03 22:27:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/03 20:08:36 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/03 20:08:36 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/03 19:53:28 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/03 19:53:11 | 000,008,192 | ---- | M] () -- C:\Windows\SysWow64\WDPABKP.dat
[2014/02/03 19:52:13 | 1886,769,151 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/02 13:19:43 | 000,033,685 | ---- | M] () -- C:\Users\Dawn\Desktop\1798853_10151846711726875_237970296_n.jpg
[2014/02/01 23:29:17 | 000,053,978 | ---- | M] () -- C:\Users\Dawn\Desktop\w11.JPG
[2014/02/01 23:28:37 | 000,089,772 | ---- | M] () -- C:\Users\Dawn\Desktop\w10.JPG
[2014/02/01 23:27:51 | 000,120,374 | ---- | M] () -- C:\Users\Dawn\Desktop\w9.JPG
[2014/02/01 23:27:24 | 000,100,765 | ---- | M] () -- C:\Users\Dawn\Desktop\w8.JPG
[2014/02/01 23:26:50 | 000,103,899 | ---- | M] () -- C:\Users\Dawn\Desktop\w7.JPG
[2014/02/01 23:26:04 | 000,100,847 | ---- | M] () -- C:\Users\Dawn\Desktop\w6.JPG
[2014/02/01 23:25:32 | 000,118,252 | ---- | M] () -- C:\Users\Dawn\Desktop\w5.JPG
[2014/02/01 23:25:02 | 000,123,741 | ---- | M] () -- C:\Users\Dawn\Desktop\w4.JPG
[2014/02/01 23:24:26 | 000,113,127 | ---- | M] () -- C:\Users\Dawn\Desktop\w3.JPG
[2014/02/01 23:23:48 | 000,117,861 | ---- | M] () -- C:\Users\Dawn\Desktop\w2.JPG
[2014/02/01 23:23:14 | 000,059,368 | ---- | M] () -- C:\Users\Dawn\Desktop\w1.JPG
[2014/02/01 20:06:08 | 005,532,876 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/02/01 20:06:08 | 002,592,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/02/01 20:06:08 | 000,006,434 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/02/01 00:52:05 | 000,002,048 | ---- | M] () -- C:\Users\Dawn\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014/02/01 00:32:35 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2014/01/27 02:03:58 | 365,255,116 | ---- | M] () -- C:\Users\Dawn\Desktop\DSC_3401.psd
[2014/01/24 19:40:25 | 000,001,929 | ---- | M] () -- C:\Users\Public\Desktop\Perfect Effects 8.lnk
[2014/01/23 13:53:42 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWow64\nlssrv32.exe
[2014/01/23 13:53:42 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysNative\nlssrv32.exe
[2014/01/21 20:59:58 | 004,974,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/20 13:32:26 | 000,023,663 | ---- | M] () -- C:\Users\Dawn\Desktop\Capture LR.JPG
[2014/01/18 21:35:06 | 000,109,323 | ---- | M] () -- C:\Users\Dawn\Desktop\Large_.jpeg
[2014/01/18 19:01:17 | 001,656,964 | ---- | M] () -- C:\Users\Dawn\Desktop\maternity.psd
[2014/01/18 18:59:35 | 000,201,767 | ---- | M] () -- C:\Users\Dawn\Desktop\maternity.jpg
[2014/01/18 18:52:57 | 000,048,195 | ---- | M] () -- C:\Users\Dawn\Desktop\1517418_10153714307425293_1429156455_n.jpg
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/02/02 13:19:42 | 000,033,685 | ---- | C] () -- C:\Users\Dawn\Desktop\1798853_10151846711726875_237970296_n.jpg
[2014/02/01 23:29:17 | 000,053,978 | ---- | C] () -- C:\Users\Dawn\Desktop\w11.JPG
[2014/02/01 23:28:37 | 000,089,772 | ---- | C] () -- C:\Users\Dawn\Desktop\w10.JPG
[2014/02/01 23:27:50 | 000,120,374 | ---- | C] () -- C:\Users\Dawn\Desktop\w9.JPG
[2014/02/01 23:27:24 | 000,100,765 | ---- | C] () -- C:\Users\Dawn\Desktop\w8.JPG
[2014/02/01 23:26:50 | 000,103,899 | ---- | C] () -- C:\Users\Dawn\Desktop\w7.JPG
[2014/02/01 23:26:04 | 000,100,847 | ---- | C] () -- C:\Users\Dawn\Desktop\w6.JPG
[2014/02/01 23:25:32 | 000,118,252 | ---- | C] () -- C:\Users\Dawn\Desktop\w5.JPG
[2014/02/01 23:25:02 | 000,123,741 | ---- | C] () -- C:\Users\Dawn\Desktop\w4.JPG
[2014/02/01 23:24:25 | 000,113,127 | ---- | C] () -- C:\Users\Dawn\Desktop\w3.JPG
[2014/02/01 23:23:47 | 000,117,861 | ---- | C] () -- C:\Users\Dawn\Desktop\w2.JPG
[2014/02/01 23:23:14 | 000,059,368 | ---- | C] () -- C:\Users\Dawn\Desktop\w1.JPG
[2014/01/27 02:03:18 | 365,255,116 | ---- | C] () -- C:\Users\Dawn\Desktop\DSC_3401.psd
[2014/01/24 19:40:25 | 000,001,929 | ---- | C] () -- C:\Users\Public\Desktop\Perfect Effects 8.lnk
[2014/01/20 13:32:22 | 000,023,663 | ---- | C] () -- C:\Users\Dawn\Desktop\Capture LR.JPG
[2014/01/18 21:35:05 | 000,109,323 | ---- | C] () -- C:\Users\Dawn\Desktop\Large_.jpeg
[2014/01/18 18:59:32 | 000,201,767 | ---- | C] () -- C:\Users\Dawn\Desktop\maternity.jpg
[2014/01/18 18:58:36 | 001,656,964 | ---- | C] () -- C:\Users\Dawn\Desktop\maternity.psd
[2014/01/18 18:52:56 | 000,048,195 | ---- | C] () -- C:\Users\Dawn\Desktop\1517418_10153714307425293_1429156455_n.jpg
[2013/08/06 21:11:51 | 000,000,182 | ---- | C] () -- C:\Windows\wininit.ini
[2013/05/12 20:28:21 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\WDPABKP.dat
[2013/02/27 00:02:14 | 000,004,509 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\CamStudio.cfg
[2013/01/09 00:31:48 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\FileOps.exe
[2012/12/06 02:50:07 | 000,000,132 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/11/04 00:45:34 | 000,003,072 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\Photobook Designer Prefsv3
[2012/10/24 22:41:23 | 000,000,132 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\Adobe AIFF Format CS5 Prefs
[2012/10/20 12:58:49 | 000,000,218 | ---- | C] () -- C:\Users\Dawn\.recently-used.xbel
[2012/08/21 14:18:20 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2012/08/21 14:18:08 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\hpcc3130.dll
[2012/08/16 10:52:35 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2012/08/16 10:52:35 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2012/08/09 10:57:42 | 000,103,272 | ---- | C] () -- C:\Users\Dawn\GoToAssistDownloadHelper.exe
[2012/08/08 18:26:55 | 000,060,304 | ---- | C] () -- C:\Users\Dawn\g2mdlhlpx.exe
[2012/06/28 22:04:29 | 000,006,416 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/02/27 01:01:21 | 000,000,126 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/08/18 23:08:00 | 000,865,117 | ---- | C] () -- C:\Users\Dawn\AppData\Local\census.cache
[2011/08/18 23:06:42 | 000,131,064 | ---- | C] () -- C:\Users\Dawn\AppData\Local\ars.cache
[2011/08/18 22:19:52 | 000,000,036 | ---- | C] () -- C:\Users\Dawn\AppData\Local\housecall.guid.cache
[2011/06/19 23:35:23 | 000,001,456 | ---- | C] () -- C:\Users\Dawn\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/06/07 16:53:41 | 000,001,940 | ---- | C] () -- C:\Users\Dawn\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/05/29 10:38:57 | 000,007,618 | ---- | C] () -- C:\Users\Dawn\AppData\Local\resmon.resmoncfg
[2011/05/16 11:34:11 | 000,002,736 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\wklnhst.dat
[2010/12/24 00:25:38 | 000,004,982 | ---- | C] () -- C:\ProgramData\xjrxrpty.cte
[2010/12/24 00:25:37 | 000,004,983 | ---- | C] () -- C:\ProgramData\pyknfeyt.slj
[2010/12/03 11:55:20 | 000,061,440 | ---- | C] () -- C:\Users\Dawn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 20:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011/03/19 19:03:29 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Anthropics
[2013/11/23 02:40:17 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Azureus
[2012/10/25 17:34:12 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Broadview
[2012/01/04 12:42:07 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Canon
[2011/01/25 19:05:28 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/05/11 22:09:28 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\com.adobe.DC3Module.AdobeADC
[2013/03/09 15:30:50 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\com.showitfast.pass.desktop.PASS
[2013/12/03 23:20:25 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Dropbox
[2010/09/25 22:06:14 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\EgisTec
[2011/10/30 11:42:44 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\eSobi
[2012/03/10 18:34:42 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Flickr
[2012/10/20 12:58:16 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\gtk-2.0
[2013/10/22 09:57:38 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\JAM Software
[2011/05/28 14:58:45 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Leadertech
[2010/12/24 00:27:17 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\LumaPix
[2012/07/11 22:22:32 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Motorola
[2013/11/07 20:41:07 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\MultiBit
[2012/08/17 00:57:40 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\OfficeRecovery
[2014/01/24 19:40:18 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\onOne Software
[2010/09/27 14:05:59 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\OpenOffice.org
[2012/08/03 13:20:33 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\OverDrive
[2011/06/19 13:42:45 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Participatory Culture Foundation
[2012/10/20 12:58:49 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\PCF-VLC
[2010/11/21 18:30:08 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Philipp Winterberg
[2012/11/04 00:45:00 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Photobook Designer
[2010/09/25 19:00:35 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\PowerCinema
[2011/05/28 15:14:12 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Seagate
[2012/06/28 22:47:12 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\SoftGrid Client
[2011/03/23 16:03:40 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/12/19 23:30:08 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Temp
[2011/05/16 11:35:04 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Template
[2011/06/07 16:51:13 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Tific
[2012/01/04 12:42:05 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\TomTom
[2012/06/28 22:09:38 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\TP
[2010/12/24 03:02:05 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Utherverse
[2012/09/26 13:45:59 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Windows Live Writer
[2011/12/13 01:57:04 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\onOne Software
[2011/12/13 01:57:04 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\onOne Software

========== Purity Check ==========



< End of report >
  • 0

#22
zep516
Posted 03 February 2014 - 10:03 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts

FYI the fake warning pages are still popping up.


What browser are they popping up in Internet Explorer, Firefox or chrome ?
  • 0

#23
DawnsShadow
Posted 03 February 2014 - 11:57 PM

DawnsShadow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
FireFox.
They are warning my FireFox or Flash or whatever programs need updating but I am also thinking that it is not only popping up pages but inserting in page ads as well. Just some ads look a bit off.
I have attached some of the screen shots of what pops up as well as the other links of some of the pages. It seems once on opens the next few links I click on (on regular pages) open up these weird pages) it happens for a while then stops for a while

Attached Thumbnails

  • FF warning.JPG
  • Pop up.JPG
  • warning1.JPG
  • warning.JPG
  • warning page.JPG

Edited by DawnsShadow, 04 February 2014 - 10:39 PM.

  • 0

#24
DawnsShadow
Posted 04 February 2014 - 11:13 PM

DawnsShadow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
This is an in page ad that I have a feeling is a fake
  • 0

#25
zep516
Posted 05 February 2014 - 02:44 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hello DawnsShadow,

I'd like to look at another scan please.

Please download Farbar Recovery Scan Tool and save it to your Desktop. Please make sure you download to the desktop not the downloads folder.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

In your next reply post:

  • FRST.txt
  • Addition.txt

Thanks
Joe :)
  • 0

Advertisements

#26
DawnsShadow
Posted 05 February 2014 - 10:04 PM

DawnsShadow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2014
Ran by Dawn (administrator) on DAWN-PC on 05-02-2014 21:03:40
Running from C:\Users\Dawn\Desktop
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Storage Appliance Corp.) C:\ProgramData\Clickfree\HDDV2USB3\UACProxy.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(Rogers Cable Communications) C:\Program Files (x86)\Rogers\SelfHealing\RogersSelfHelpService.exe
(Rogers Cable Communications) C:\Program Files (x86)\Rogers\Update Manager\RogersUpdateManager.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Memeo) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\PLFSetI.exe
(Akamai Technologies, Inc.) C:\Users\Dawn\AppData\Local\Akamai\netsession_win.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Akamai Technologies, Inc.) C:\Users\Dawn\AppData\Local\Akamai\netsession_win.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Adobe Systems) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.2\lightroom.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.2\Support\DynamicLinkSupport\dynamiclink\CS6\dynamiclinkmanager.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.2\Support\DynamicLinkMediaServer\dynamiclinkmediaserver\1.0\dynamiclinkmediaserver.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.2\Support\DynamicLinkMediaServer\dynamiclinkmediaserver\1.0\32\Adobe QT32 Server.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
(Rogers Cable Communications Inc.) C:\Program Files (x86)\Rogers\SelfHealing\shs.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-02-01] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10134560 2010-03-19] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2107688 2010-04-14] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [206208 2010-01-13] ()
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2010-03-10] (Acer Incorporated)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-02-01] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-24] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192 2009-12-24] (Egis Technology Inc.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-24] (Symantec Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-04-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VitaKeyPdtWzd] - C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe [3577712 2010-03-07] (Egis Technology Inc.)
HKLM-x32\...\Run: [MDS_Menu] - C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5537136 2013-11-02] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1640631956-789530371-1737118854-1001\...\Run: [Akamai NetSession Interface] - C:\Users\Dawn\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1640631956-789530371-1737118854-1001\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-04-30] (Google Inc.)
Lsa: [Notification Packages] C:\Program Files (x86)\Acer Bio Protection\PwdFilterV64
Startup: C:\Users\Dawn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...03z195t56n1l461
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...03z195t56n1l461
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...03z195t56n1l461
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...03z195t56n1l461
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {AB384A20-ECD2-4B40-B4B3-619FE39ACD23} URL = http://www.google.co...ng}&rlz=1I7ACAW
SearchScopes: HKCU - DefaultScope {AB384A20-ECD2-4B40-B4B3-619FE39ACD23} URL = http://www.google.ca...AW_enCA398CA398
SearchScopes: HKCU - {AB384A20-ECD2-4B40-B4B3-619FE39ACD23} URL = http://www.google.ca...AW_enCA398CA398
SearchScopes: HKCU - {BDFCC79C-1038-46B4-BE6D-1E36044D02A1} URL = http://search.yahoo....p={searchTerms}
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanne..._IKEA_Win32.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 64.71.255.204 64.71.255.198

FireFox:
========
FF ProfilePath: C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\searchplugins\yahoo_ff.xml
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\Extensions\[email protected] [2011-12-21]
FF Extension: Pocket - C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\Extensions\[email protected] [2013-06-27]
FF Extension: TinEye Reverse Image Search - C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\Extensions\[email protected] [2011-03-20]
FF Extension: YoutubeAdblocker - C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\Extensions\[email protected] [2013-11-23]
FF Extension: Block site - C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2014-01-01]
FF Extension: anonymoX - C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\Extensions\[email protected] [2014-01-03]
FF Extension: Ghostery - C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\Extensions\[email protected] [2014-01-03]
FF Extension: MEGA EXTENSION - C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\Extensions\[email protected] [2013-02-10]
FF Extension: Free Memory - C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\Extensions\[email protected] [2014-02-03]
FF Extension: Pin It button - C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\Extensions\[email protected] [2013-12-04]
FF Extension: Capture &amp; Print - C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\Extensions\{146f1820-2b0d-49ef-acbf-d85a6986e10c}.xpi [2014-01-03]
FF Extension: Start Page - C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi [2014-01-10]
FF Extension: Greasemonkey - C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-24]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-11-02]

==================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-09] (Adobe Systems)
R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 CFUACProxy_hddv2usb3; C:\ProgramData\Clickfree\HDDV2USB3\UACProxy.exe [83792 2010-12-03] (Storage Appliance Corp.)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [820768 2010-03-10] (Acer Incorporated)
R2 IGBASVC; C:\Program Files (x86)\Acer Bio Protection\BASVC.exe [3456880 2010-03-07] (Egis Technology Inc.)
R2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [214896 2012-02-01] ()
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-02-01] (Egis Technology Inc.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [264360 2013-10-08] (Symantec Corporation)
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [244904 2010-02-03] ()
R2 RogersSelfHelpService; C:\Program Files (x86)\Rogers\SelfHealing\RogersSelfHelpService.exe [139264 2010-06-03] (Rogers Cable Communications)
R2 RogersUpdateManager; C:\Program Files (x86)\Rogers\Update Manager\RogersUpdateManager.exe [169936 2009-11-09] (Rogers Cable Communications)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-29] (Acer Incorporated)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-11-02] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-11-02] (Western Digital Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2013-12-17] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-11] (Symantec Corporation)
R3 hidshim; C:\Windows\system32\DRIVERS\hidshim.sys [6656 2009-08-31] (Windows ® Win 7 DDK provider)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140205.001\IDSvia64.sys [521944 2014-01-24] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140204.024\ENG64.SYS [126040 2014-01-24] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140204.024\EX64.SYS [2099288 2014-01-24] (Symantec Corporation)
S3 nuvotoncir; C:\Windows\system32\DRIVERS\nuvotoncir.sys [48128 2009-08-31] (Nuvoton Technology Corporation)
R3 nuvotonhidcir; C:\Windows\system32\DRIVERS\nuvotonhidcir.sys [26624 2009-08-31] (Nuvoton Technology Corporation)
S3 nuvotonir; C:\Windows\system32\DRIVERS\nuvotonir.sys [68096 2009-08-31] (Nuvoton Technology Corporation)
R3 O2SDGRDR; C:\Windows\System32\DRIVERS\o2sdgx64.sys [50976 2010-01-11] (O2Micro )
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1501000.012\SRTSP64.SYS [858200 2013-09-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1501000.012\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1501000.012\SYMEFA64.SYS [1147480 2013-09-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-01] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [78936 2013-09-09] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1501000.012\SYMNETS.SYS [590936 2013-09-25] (Symantec Corporation)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 ALSysIO; \??\C:\Users\Dawn\AppData\Local\Temp\ALSysIO64.sys [X]
S3 PCDSRVC{45D8DD4C-F3D6B090-06020200}_0; \??\c:\win_uut\extract\bin\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-05 21:03 - 2014-02-05 21:04 - 00027868 _____ () C:\Users\Dawn\Desktop\FRST.txt
2014-02-05 21:02 - 2014-02-05 21:03 - 00000000 ____D () C:\FRST
2014-02-05 21:00 - 2014-02-05 21:00 - 02082304 _____ (Farbar) C:\Users\Dawn\Desktop\FRST64.exe
2014-02-05 15:08 - 2014-02-05 15:33 - 1699724312 _____ () C:\Users\Dawn\Downloads\Textures & Overlays.zip.part
2014-02-05 15:04 - 2014-02-05 15:04 - 00046897 _____ () C:\Users\Dawn\Downloads\Wish_Bundle.zip
2014-02-05 15:04 - 2014-02-05 15:04 - 00021626 _____ () C:\Users\Dawn\Downloads\2014_LRPresets.zip
2014-02-04 03:08 - 2014-02-04 03:20 - 439695249 _____ () C:\Users\Dawn\Downloads\2014.zip
2014-02-04 01:23 - 2014-02-04 01:25 - 00000000 ____D () C:\Users\Dawn\Downloads\dreamclients_pdfs
2014-02-03 23:30 - 2014-02-03 23:49 - 27608035 _____ () C:\Users\Dawn\Downloads\Kiwi Clouds Painted Sky Overlays.zip
2014-02-03 23:30 - 2014-02-03 23:30 - 00655991 _____ () C:\Users\Dawn\Downloads\Paper and Camera Wedding Overlay Set 1.zip
2014-02-03 23:29 - 2014-02-04 02:44 - 431324747 _____ () C:\Users\Dawn\Downloads\dreamclients_videospart3.zip
2014-02-03 23:29 - 2014-02-03 23:50 - 46246127 _____ () C:\Users\Dawn\Downloads\dreamclients_pdfs.zip
2014-02-03 23:25 - 2014-02-04 02:44 - 858553931 _____ () C:\Users\Dawn\Downloads\dreamclients_videospart2.zip
2014-02-03 23:24 - 2014-02-04 02:44 - 450723403 _____ () C:\Users\Dawn\Downloads\dreamclients_videospart1.zip
2014-02-03 22:43 - 2014-02-03 22:43 - 00120892 _____ () C:\Users\Dawn\Desktop\OTL-full.txt
2014-02-01 18:31 - 2014-02-01 18:32 - 00000000 ____D () C:\Users\Dawn\Desktop\TYNA
2014-02-01 02:21 - 2014-02-01 02:21 - 01037068 _____ (Thisisu) C:\Users\Dawn\Downloads\JRT(1).exe
2014-02-01 02:21 - 2014-02-01 02:21 - 00987425 _____ () C:\Users\Dawn\Downloads\SecurityCheck.exe
2014-02-01 02:11 - 2014-02-01 02:13 - 00000000 ____D () C:\AdwCleaner
2014-02-01 02:10 - 2014-02-01 02:10 - 01166132 _____ () C:\Users\Dawn\Downloads\adwcleaner.exe
2014-02-01 01:35 - 2014-02-01 01:35 - 00053144 _____ () C:\Users\Dawn\Desktop\JRT.txt
2014-02-01 01:27 - 2014-02-01 01:27 - 00000000 ____D () C:\Windows\ERUNT
2014-02-01 01:25 - 2014-02-01 01:25 - 01037068 _____ (Thisisu) C:\Users\Dawn\Downloads\JRT.exe
2014-02-01 00:27 - 2014-02-01 00:27 - 00000000 ____D () C:\_OTL
2014-01-28 23:56 - 2014-01-28 23:56 - 00000000 ____D () C:\Users\Dawn\Downloads\Sange's Engagement@Luma
2014-01-28 23:54 - 2014-01-28 23:56 - 124656301 _____ () C:\Users\Dawn\Downloads\Sange's [email protected]
2014-01-27 02:03 - 2014-01-27 02:03 - 365255116 _____ () C:\Users\Dawn\Desktop\DSC_3401.psd
2014-01-24 20:43 - 2014-01-24 20:43 - 00112688 _____ () C:\Users\Dawn\Downloads\Extras.Txt
2014-01-24 20:42 - 2014-02-04 01:12 - 00142480 _____ () C:\Users\Dawn\Downloads\OTL.Txt
2014-01-24 20:21 - 2014-01-24 20:21 - 00000949 _____ () C:\Users\Dawn\Desktop\reg test.txt
2014-01-24 20:19 - 2014-01-24 20:19 - 00602112 _____ (OldTimer Tools) C:\Users\Dawn\Desktop\OTL.exe
2014-01-24 19:40 - 2014-01-24 19:40 - 00001929 _____ () C:\Users\Public\Desktop\Perfect Effects 8.lnk
2014-01-24 19:40 - 2014-01-24 19:40 - 00000000 ____D () C:\ProgramData\Nalpeiron
2014-01-24 19:36 - 2014-01-23 13:53 - 00070768 _____ (Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
2014-01-24 19:36 - 2014-01-23 13:53 - 00070768 _____ (Nalpeiron Ltd.) C:\Windows\system32\nlssrv32.exe
2014-01-23 00:59 - 2014-01-23 00:59 - 00167986 _____ () C:\Users\Dawn\Downloads\Creative Workflow- Little Lusker(2).zip
2014-01-23 00:30 - 2014-01-23 00:30 - 00167986 _____ () C:\Users\Dawn\Downloads\Creative Workflow- Little Lusker(1).zip
2014-01-23 00:08 - 2014-01-23 00:08 - 00167986 _____ () C:\Users\Dawn\Downloads\Creative Workflow- Little Lusker.zip
2014-01-23 00:08 - 2014-01-23 00:08 - 00000000 ____D () C:\Users\Dawn\Downloads\Creative Workflow- Little Lusker
2014-01-21 01:22 - 2014-01-21 01:41 - 00000000 ____D () C:\Users\Dawn\Downloads\vintage_iv_texture_pack_by_cloaks-d1zvekb
2014-01-21 01:21 - 2014-01-21 01:21 - 00000000 ____D () C:\Users\Dawn\Downloads\vintage_v_texture_pack_by_cloaks-d22lac1
2014-01-21 01:21 - 2014-01-21 01:21 - 00000000 ____D () C:\Users\Dawn\Downloads\VINTAGE_FRAME_BORDERS_2
2014-01-21 01:21 - 2014-01-21 01:21 - 00000000 ____D () C:\Users\Dawn\Downloads\SSFS_CU_VINTAGE_ORNAMENTS_HENRY_VAN_DYKE
2014-01-21 01:18 - 2014-01-21 01:18 - 00201101 _____ () C:\Users\Dawn\Downloads\SSFS_CU_SHAPES_2.zip
2014-01-21 01:18 - 2014-01-21 01:18 - 00000000 ____D () C:\Users\Dawn\Downloads\SSFS_CU_SHAPES_2
2014-01-21 01:11 - 2014-01-21 01:11 - 03870831 _____ () C:\Users\Dawn\Downloads\vintage_v_texture_pack_by_cloaks-d22lac1.zip
2014-01-21 01:11 - 2014-01-21 01:11 - 02602393 _____ () C:\Users\Dawn\Downloads\vintage_iv_texture_pack_by_cloaks-d1zvekb.zip
2014-01-21 01:08 - 2014-01-21 01:08 - 03577877 _____ () C:\Users\Dawn\Downloads\VINTAGE_FRAME_BORDERS_2.zip
2014-01-21 01:08 - 2014-01-21 01:08 - 03493256 _____ () C:\Users\Dawn\Downloads\SSFS_CU_VINTAGE_ORNAMENTS_HENRY_VAN_DYKE.zip
2014-01-21 00:39 - 2014-01-21 00:39 - 02402002 _____ () C:\Users\Dawn\Downloads\grass_and_plant_set_3_ps_by_frostbo-d4i6s9j.abr
2014-01-21 00:38 - 2013-05-12 20:18 - 00000000 ____D () C:\Users\Dawn\Downloads\30 Heads Up Display [Hi_Res_Ps Brush]
2014-01-21 00:37 - 2014-01-21 00:38 - 17188938 _____ () C:\Users\Dawn\Downloads\30_heads_up_display__hi_res_ps_brush__by_samsonshimei-d6512yq.rar
2014-01-21 00:37 - 2014-01-21 00:37 - 00000000 ____D () C:\Users\Dawn\Downloads\fractal_V_by_ShadyMedusa_stock
2014-01-21 00:36 - 2014-01-21 00:37 - 01815579 _____ () C:\Users\Dawn\Downloads\fractal_V_by_ShadyMedusa_stock.zip
2014-01-21 00:14 - 2014-01-21 00:19 - 169246939 _____ () C:\Users\Dawn\Downloads\Brushes.zip
2014-01-21 00:09 - 2014-01-21 00:09 - 00000000 ____D () C:\Users\Dawn\Downloads\sks_swirlyPNG
2014-01-21 00:09 - 2014-01-21 00:09 - 00000000 ____D () C:\Users\Dawn\Downloads\photographer_brushes_by_mohaafterdark
2014-01-21 00:08 - 2014-01-21 00:08 - 00000000 ____D () C:\Users\Dawn\Downloads\Floral_Swirl_Brushes_by_Aka_Joe
2014-01-21 00:04 - 2014-01-21 00:04 - 00377306 _____ () C:\Users\Dawn\Downloads\sks_swirlyPNG.zip
2014-01-21 00:04 - 2014-01-21 00:04 - 00208396 _____ () C:\Users\Dawn\Downloads\photographer_brushes_by_mohaafterdark.zip
2014-01-21 00:03 - 2014-01-21 00:03 - 02734792 _____ () C:\Users\Dawn\Downloads\Floral_Swirl_Brushes_by_Aka_Joe.zip
2014-01-19 02:16 - 2014-01-19 02:16 - 01585033 _____ () C:\Users\Dawn\Downloads\Meriko.zip
2014-01-19 02:16 - 2014-01-19 02:16 - 00000000 ____D () C:\Users\Dawn\Downloads\Meriko
2014-01-19 00:06 - 2014-01-19 00:06 - 04254187 _____ () C:\Users\Dawn\Downloads\November2013(2).zip
2014-01-19 00:06 - 2014-01-19 00:06 - 03914371 _____ () C:\Users\Dawn\Downloads\January2014.zip
2014-01-19 00:06 - 2014-01-19 00:06 - 03814571 _____ () C:\Users\Dawn\Downloads\December2013.zip
2014-01-18 21:35 - 2014-01-18 21:35 - 00109323 _____ () C:\Users\Dawn\Desktop\Large_.jpeg
2014-01-18 19:32 - 2014-01-18 19:32 - 00000000 ____D () C:\Users\Dawn\Downloads\LoveBeMine
2014-01-18 19:31 - 2014-01-18 19:31 - 06655620 _____ () C:\Users\Dawn\Downloads\ChalkyLoveBookmark.zip
2014-01-18 19:30 - 2014-01-18 19:30 - 07078869 _____ () C:\Users\Dawn\Downloads\LoveBeMine.zip
2014-01-18 18:58 - 2014-01-18 19:01 - 01656964 _____ () C:\Users\Dawn\Desktop\maternity.psd
2014-01-18 17:19 - 2014-01-18 17:19 - 00000000 ____D () C:\Users\Dawn\Downloads\ValentineBoudoir
2014-01-18 17:16 - 2014-01-18 17:16 - 02864381 _____ () C:\Users\Dawn\Downloads\ValentineBoudoir.zip
2014-01-18 13:08 - 2014-01-18 13:08 - 01126273 _____ () C:\Users\Dawn\Downloads\respecialproposalatluma.zip
2014-01-15 11:33 - 2014-01-15 11:33 - 00000063 _____ () C:\Users\Dawn\Desktop\rogers.txt
2014-01-11 02:14 - 2014-01-11 02:15 - 35501168 _____ () C:\Users\Dawn\Downloads\pretty-presets-exclusive-valentine-papers.zip

==================== One Month Modified Files and Folders =======

2014-02-05 21:04 - 2014-02-05 21:03 - 00027868 _____ () C:\Users\Dawn\Desktop\FRST.txt
2014-02-05 21:03 - 2014-02-05 21:02 - 00000000 ____D () C:\FRST
2014-02-05 21:02 - 2012-04-16 16:53 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-05 21:01 - 2010-06-18 19:44 - 01530187 _____ () C:\Windows\WindowsUpdate.log
2014-02-05 21:00 - 2014-02-05 21:00 - 02082304 _____ (Farbar) C:\Users\Dawn\Desktop\FRST64.exe
2014-02-05 20:50 - 2012-09-24 19:03 - 00002056 _____ () C:\ProgramData\updateinfo.txt
2014-02-05 20:50 - 2010-09-25 21:53 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-05 15:33 - 2014-02-05 15:08 - 1699724312 _____ () C:\Users\Dawn\Downloads\Textures & Overlays.zip.part
2014-02-05 15:20 - 2010-09-25 21:53 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-05 15:18 - 2009-07-13 23:51 - 00137178 _____ () C:\Windows\setupact.log
2014-02-05 15:04 - 2014-02-05 15:04 - 00046897 _____ () C:\Users\Dawn\Downloads\Wish_Bundle.zip
2014-02-05 15:04 - 2014-02-05 15:04 - 00021626 _____ () C:\Users\Dawn\Downloads\2014_LRPresets.zip
2014-02-05 14:56 - 2009-07-13 23:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-05 14:56 - 2009-07-13 23:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-05 00:02 - 2012-04-16 16:53 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 00:02 - 2012-04-16 16:53 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-05 00:02 - 2011-05-31 09:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-04 03:20 - 2014-02-04 03:08 - 439695249 _____ () C:\Users\Dawn\Downloads\2014.zip
2014-02-04 02:44 - 2014-02-03 23:29 - 431324747 _____ () C:\Users\Dawn\Downloads\dreamclients_videospart3.zip
2014-02-04 02:44 - 2014-02-03 23:25 - 858553931 _____ () C:\Users\Dawn\Downloads\dreamclients_videospart2.zip
2014-02-04 02:44 - 2014-02-03 23:24 - 450723403 _____ () C:\Users\Dawn\Downloads\dreamclients_videospart1.zip
2014-02-04 02:00 - 2010-09-26 00:21 - 00000000 ____D () C:\Users\Dawn\AppData\Local\Adobe
2014-02-04 01:25 - 2014-02-04 01:23 - 00000000 ____D () C:\Users\Dawn\Downloads\dreamclients_pdfs
2014-02-04 01:12 - 2014-01-24 20:42 - 00142480 _____ () C:\Users\Dawn\Downloads\OTL.Txt
2014-02-03 23:50 - 2014-02-03 23:29 - 46246127 _____ () C:\Users\Dawn\Downloads\dreamclients_pdfs.zip
2014-02-03 23:49 - 2014-02-03 23:30 - 27608035 _____ () C:\Users\Dawn\Downloads\Kiwi Clouds Painted Sky Overlays.zip
2014-02-03 23:30 - 2014-02-03 23:30 - 00655991 _____ () C:\Users\Dawn\Downloads\Paper and Camera Wedding Overlay Set 1.zip
2014-02-03 22:53 - 2011-12-26 19:10 - 00145304 _____ () C:\Users\Dawn\Documents\PerfectLayersConduit.log
2014-02-03 22:53 - 2011-12-26 19:10 - 00099416 _____ () C:\Users\Dawn\Documents\PerfectPortraitConduit.log
2014-02-03 22:53 - 2011-12-26 19:10 - 00099072 _____ () C:\Users\Dawn\Documents\PerfectEffectsConduit.log
2014-02-03 22:53 - 2011-12-26 19:10 - 00062952 _____ () C:\Users\Dawn\Documents\PhotoFrameConduit.log
2014-02-03 22:53 - 2011-12-26 19:10 - 00061232 _____ () C:\Users\Dawn\Documents\GenuineFractalsConduit.log
2014-02-03 22:53 - 2011-12-26 19:10 - 00060434 _____ () C:\Users\Dawn\Documents\FocalPointConduit.log
2014-02-03 22:53 - 2011-06-20 01:04 - 00067875 _____ () C:\Users\Dawn\Documents\PhotoTuneConduit.log
2014-02-03 22:53 - 2011-06-20 01:04 - 00067219 _____ () C:\Users\Dawn\Documents\PhotoToolsConduit.log
2014-02-03 22:43 - 2014-02-03 22:43 - 00120892 _____ () C:\Users\Dawn\Desktop\OTL-full.txt
2014-02-03 19:53 - 2013-05-12 20:28 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat
2014-02-03 19:52 - 2010-06-18 19:40 - 00865668 _____ () C:\Windows\PFRO.log
2014-02-03 19:52 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-01 20:06 - 2009-07-14 00:13 - 00006434 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-01 18:32 - 2014-02-01 18:31 - 00000000 ____D () C:\Users\Dawn\Desktop\TYNA
2014-02-01 18:30 - 2010-09-25 17:14 - 00000000 ____D () C:\Users\Dawn\AppData\Local\Google
2014-02-01 18:24 - 2013-05-12 20:21 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-01 02:21 - 2014-02-01 02:21 - 01037068 _____ (Thisisu) C:\Users\Dawn\Downloads\JRT(1).exe
2014-02-01 02:21 - 2014-02-01 02:21 - 00987425 _____ () C:\Users\Dawn\Downloads\SecurityCheck.exe
2014-02-01 02:13 - 2014-02-01 02:11 - 00000000 ____D () C:\AdwCleaner
2014-02-01 02:13 - 2011-08-22 22:58 - 00000000 ____D () C:\Program Files (x86)\Uniblue
2014-02-01 02:10 - 2014-02-01 02:10 - 01166132 _____ () C:\Users\Dawn\Downloads\adwcleaner.exe
2014-02-01 01:35 - 2014-02-01 01:35 - 00053144 _____ () C:\Users\Dawn\Desktop\JRT.txt
2014-02-01 01:27 - 2014-02-01 01:27 - 00000000 ____D () C:\Windows\ERUNT
2014-02-01 01:25 - 2014-02-01 01:25 - 01037068 _____ (Thisisu) C:\Users\Dawn\Downloads\JRT.exe
2014-02-01 00:33 - 2010-11-27 01:25 - 00000000 ____D () C:\Users\Dawn\AppData\Local\CrashDumps
2014-02-01 00:27 - 2014-02-01 00:27 - 00000000 ____D () C:\_OTL
2014-01-28 23:56 - 2014-01-28 23:56 - 00000000 ____D () C:\Users\Dawn\Downloads\Sange's Engagement@Luma
2014-01-28 23:56 - 2014-01-28 23:54 - 124656301 _____ () C:\Users\Dawn\Downloads\Sange's [email protected]
2014-01-27 02:03 - 2014-01-27 02:03 - 365255116 _____ () C:\Users\Dawn\Desktop\DSC_3401.psd
2014-01-24 20:43 - 2014-01-24 20:43 - 00112688 _____ () C:\Users\Dawn\Downloads\Extras.Txt
2014-01-24 20:21 - 2014-01-24 20:21 - 00000949 _____ () C:\Users\Dawn\Desktop\reg test.txt
2014-01-24 20:19 - 2014-01-24 20:19 - 00602112 _____ (OldTimer Tools) C:\Users\Dawn\Desktop\OTL.exe
2014-01-24 19:48 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-01-24 19:40 - 2014-01-24 19:40 - 00001929 _____ () C:\Users\Public\Desktop\Perfect Effects 8.lnk
2014-01-24 19:40 - 2014-01-24 19:40 - 00000000 ____D () C:\ProgramData\Nalpeiron
2014-01-24 19:40 - 2011-04-29 17:14 - 00000000 ____D () C:\Users\Dawn\AppData\Roaming\onOne Software
2014-01-24 19:38 - 2011-05-18 22:57 - 00000000 ____D () C:\Program Files\onOne Software
2014-01-24 19:38 - 2011-04-29 17:15 - 00000000 ____D () C:\ProgramData\onOne Software
2014-01-24 19:36 - 2011-04-29 17:15 - 00000000 ____D () C:\Program Files (x86)\onOne Software
2014-01-24 19:36 - 2010-04-30 04:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-01-23 13:53 - 2014-01-24 19:36 - 00070768 _____ (Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
2014-01-23 13:53 - 2014-01-24 19:36 - 00070768 _____ (Nalpeiron Ltd.) C:\Windows\system32\nlssrv32.exe
2014-01-23 00:59 - 2014-01-23 00:59 - 00167986 _____ () C:\Users\Dawn\Downloads\Creative Workflow- Little Lusker(2).zip
2014-01-23 00:30 - 2014-01-23 00:30 - 00167986 _____ () C:\Users\Dawn\Downloads\Creative Workflow- Little Lusker(1).zip
2014-01-23 00:08 - 2014-01-23 00:08 - 00167986 _____ () C:\Users\Dawn\Downloads\Creative Workflow- Little Lusker.zip
2014-01-23 00:08 - 2014-01-23 00:08 - 00000000 ____D () C:\Users\Dawn\Downloads\Creative Workflow- Little Lusker
2014-01-21 20:59 - 2009-07-13 23:45 - 04974896 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-21 01:41 - 2014-01-21 01:22 - 00000000 ____D () C:\Users\Dawn\Downloads\vintage_iv_texture_pack_by_cloaks-d1zvekb
2014-01-21 01:21 - 2014-01-21 01:21 - 00000000 ____D () C:\Users\Dawn\Downloads\vintage_v_texture_pack_by_cloaks-d22lac1
2014-01-21 01:21 - 2014-01-21 01:21 - 00000000 ____D () C:\Users\Dawn\Downloads\VINTAGE_FRAME_BORDERS_2
2014-01-21 01:21 - 2014-01-21 01:21 - 00000000 ____D () C:\Users\Dawn\Downloads\SSFS_CU_VINTAGE_ORNAMENTS_HENRY_VAN_DYKE
2014-01-21 01:18 - 2014-01-21 01:18 - 00201101 _____ () C:\Users\Dawn\Downloads\SSFS_CU_SHAPES_2.zip
2014-01-21 01:18 - 2014-01-21 01:18 - 00000000 ____D () C:\Users\Dawn\Downloads\SSFS_CU_SHAPES_2
2014-01-21 01:11 - 2014-01-21 01:11 - 03870831 _____ () C:\Users\Dawn\Downloads\vintage_v_texture_pack_by_cloaks-d22lac1.zip
2014-01-21 01:11 - 2014-01-21 01:11 - 02602393 _____ () C:\Users\Dawn\Downloads\vintage_iv_texture_pack_by_cloaks-d1zvekb.zip
2014-01-21 01:08 - 2014-01-21 01:08 - 03577877 _____ () C:\Users\Dawn\Downloads\VINTAGE_FRAME_BORDERS_2.zip
2014-01-21 01:08 - 2014-01-21 01:08 - 03493256 _____ () C:\Users\Dawn\Downloads\SSFS_CU_VINTAGE_ORNAMENTS_HENRY_VAN_DYKE.zip
2014-01-21 00:39 - 2014-01-21 00:39 - 02402002 _____ () C:\Users\Dawn\Downloads\grass_and_plant_set_3_ps_by_frostbo-d4i6s9j.abr
2014-01-21 00:39 - 2013-12-03 02:31 - 00000000 ____D () C:\Users\Dawn\Downloads\CAMERA BRUSHES
2014-01-21 00:38 - 2014-01-21 00:37 - 17188938 _____ () C:\Users\Dawn\Downloads\30_heads_up_display__hi_res_ps_brush__by_samsonshimei-d6512yq.rar
2014-01-21 00:37 - 2014-01-21 00:37 - 00000000 ____D () C:\Users\Dawn\Downloads\fractal_V_by_ShadyMedusa_stock
2014-01-21 00:37 - 2014-01-21 00:36 - 01815579 _____ () C:\Users\Dawn\Downloads\fractal_V_by_ShadyMedusa_stock.zip
2014-01-21 00:19 - 2014-01-21 00:14 - 169246939 _____ () C:\Users\Dawn\Downloads\Brushes.zip
2014-01-21 00:09 - 2014-01-21 00:09 - 00000000 ____D () C:\Users\Dawn\Downloads\sks_swirlyPNG
2014-01-21 00:09 - 2014-01-21 00:09 - 00000000 ____D () C:\Users\Dawn\Downloads\photographer_brushes_by_mohaafterdark
2014-01-21 00:08 - 2014-01-21 00:08 - 00000000 ____D () C:\Users\Dawn\Downloads\Floral_Swirl_Brushes_by_Aka_Joe
2014-01-21 00:04 - 2014-01-21 00:04 - 00377306 _____ () C:\Users\Dawn\Downloads\sks_swirlyPNG.zip
2014-01-21 00:04 - 2014-01-21 00:04 - 00208396 _____ () C:\Users\Dawn\Downloads\photographer_brushes_by_mohaafterdark.zip
2014-01-21 00:03 - 2014-01-21 00:03 - 02734792 _____ () C:\Users\Dawn\Downloads\Floral_Swirl_Brushes_by_Aka_Joe.zip
2014-01-20 13:31 - 2010-09-25 15:28 - 00095080 _____ () C:\Users\Dawn\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-19 02:16 - 2014-01-19 02:16 - 01585033 _____ () C:\Users\Dawn\Downloads\Meriko.zip
2014-01-19 02:16 - 2014-01-19 02:16 - 00000000 ____D () C:\Users\Dawn\Downloads\Meriko
2014-01-19 00:06 - 2014-01-19 00:06 - 04254187 _____ () C:\Users\Dawn\Downloads\November2013(2).zip
2014-01-19 00:06 - 2014-01-19 00:06 - 03914371 _____ () C:\Users\Dawn\Downloads\January2014.zip
2014-01-19 00:06 - 2014-01-19 00:06 - 03814571 _____ () C:\Users\Dawn\Downloads\December2013.zip
2014-01-18 21:35 - 2014-01-18 21:35 - 00109323 _____ () C:\Users\Dawn\Desktop\Large_.jpeg
2014-01-18 19:32 - 2014-01-18 19:32 - 00000000 ____D () C:\Users\Dawn\Downloads\LoveBeMine
2014-01-18 19:31 - 2014-01-18 19:31 - 06655620 _____ () C:\Users\Dawn\Downloads\ChalkyLoveBookmark.zip
2014-01-18 19:30 - 2014-01-18 19:30 - 07078869 _____ () C:\Users\Dawn\Downloads\LoveBeMine.zip
2014-01-18 19:01 - 2014-01-18 18:58 - 01656964 _____ () C:\Users\Dawn\Desktop\maternity.psd
2014-01-18 17:19 - 2014-01-18 17:19 - 00000000 ____D () C:\Users\Dawn\Downloads\ValentineBoudoir
2014-01-18 17:16 - 2014-01-18 17:16 - 02864381 _____ () C:\Users\Dawn\Downloads\ValentineBoudoir.zip
2014-01-18 13:08 - 2014-01-18 13:08 - 01126273 _____ () C:\Users\Dawn\Downloads\respecialproposalatluma.zip
2014-01-16 00:23 - 2010-04-30 05:13 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-16 00:22 - 2013-07-25 18:38 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 00:14 - 2010-10-11 10:35 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 11:33 - 2014-01-15 11:33 - 00000063 _____ () C:\Users\Dawn\Desktop\rogers.txt
2014-01-11 02:15 - 2014-01-11 02:14 - 35501168 _____ () C:\Users\Dawn\Downloads\pretty-presets-exclusive-valentine-papers.zip
2014-01-08 00:10 - 2012-01-04 12:40 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-30 02:30

==================== End Of Log ============================
  • 0

#27
DawnsShadow
Posted 05 February 2014 - 10:06 PM

DawnsShadow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2014
Ran by Dawn at 2014-02-05 21:04:52
Running from C:\Users\Dawn\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton 360 (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (x32 Version: - Microsoft)
64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) Hidden
Acer Arcade Deluxe (x32 Version: 4.1.7501 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 4.1.7501 - CyberLink Corp.) Hidden
Acer Arcade Instant On (x32 Version: 3.0.34.2 - Acer) Hidden
Acer Arcade Movie (x32 Version: 9.0.6302 - CyberLink Corp.) Hidden
Acer Backup Manager (x32 Version: 2.0.1.60 - NewTech Infosystems)
Acer Bio Protection (x32 Version: 6.5.76 - Egis Technology Inc.)
Acer Crystal Eye Webcam (x32 Version: 5.2.12.1 - Suyin Optronics Corp)
Acer eRecovery Management (x32 Version: 4.05.3011 - Acer Incorporated)
Acer Game Console (x32 Version: - WildTangent) Hidden
Acer Games (x32 Version: 1.0.0.80 - WildTangent)
Acer PowerSmart Manager (x32 Version: 5.01.3002 - Acer Incorporated)
Acer Registration (x32 Version: 1.03.3002 - Acer Incorporated)
Acer ScreenSaver (x32 Version: 1.1.0309.2010 - Acer Incorporated)
Acer Updater (x32 Version: 1.02.3001 - Acer Incorporated)
Acer VCM (x32 Version: 4.05.3002 - Acer Incorporated)
Acrobat.com (x32 Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.6.0.5970 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.6.0.5970 - Adobe Systems Incorporated) Hidden
Adobe Bridge 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.0000 - Adobe System Incorporated) Hidden
Adobe Community Help (x32 Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.5.23 - Adobe Systems Incorporated.) Hidden
Adobe Digital Editions 2.0 (x32 Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Adobe Illustrator CS2 (x32 Version: 12.000.000 - Adobe Systems Inc.)
Adobe Illustrator CS2 (x32 Version: 12.000.000 - Adobe Systems Inc.) Hidden
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (x32 Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (x32 Version: 9.0.3.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (x32 Version: 9.0.3.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Lightroom 3.6 64-bit (Version: 3.6.1 - Adobe)
Adobe Photoshop Lightroom 4 64-bit (Version: 4.0.1 - Adobe)
Adobe Photoshop Lightroom 5.2 64-bit (Version: 5.2.1 - Adobe)
Adobe Reader XI (11.0.05) (x32 Version: 11.0.05 - Adobe Systems Incorporated)
Adobe Stock Photos 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Adobe SVG Viewer 3.0 (x32 Version: 3.0 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKCU Version: - Akamai Technologies, Inc)
Akamai NetSession Interface Service (x32 Version: - )
Apple Application Support (x32 Version: 2.1.5 - Apple Inc.)
Apple Mobile Device Support (Version: 4.0.0.97 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoStudio 6 (x32 Version: 6.0.0.157 - ArcSoft)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.24 - Atheros Communications Inc.)
ATI Catalyst Install Manager (Version: 3.0.765.0 - ATI Technologies, Inc.)
Backup Manager Advance (x32 Version: 2.0.1.60 - NewTech Infosystems) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-PhotoPrint EX (x32 Version: - )
Canon Easy-WebPrint EX (x32 Version: - )
Canon IJ Network Scanner Selector EX (x32 Version: - )
Canon IJ Network Tool (x32 Version: - )
Canon MG5300 series MP Drivers (Version: - )
Canon MG5300 series On-screen Manual (x32 Version: - )
Canon MOV Decoder (x32 Version: 1.7.0.6 - Canon Inc.)
Canon MOV Encoder (x32 Version: 1.5.0.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (x32 Version: 3.6.0.5 - Canon Inc.)
Canon MP Navigator EX 5.0 (x32 Version: - )
Canon My Printer (x32 Version: - )
Canon Setup Utility 2.3 (x32 Version: - )
Canon Solution Menu EX (x32 Version: - )
Canon Utilities Digital Photo Professional 3.9 (x32 Version: 3.9.1.0 - Canon Inc.)
Canon Utilities Easy-PhotoPrint (x32 Version: - )
Canon Utilities Easy-PrintToolBox (x32 Version: - )
Canon Utilities EOS Utility (x32 Version: 2.9.0.0 - Canon Inc.)
Canon Utilities PhotoStitch (x32 Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (x32 Version: 1.8.0.0 - Canon Inc.)
Canon Utilities WFT Utility (x32 Version: 3.5.1.1 - Canon Inc.)
Canon Utilities ZoomBrowser EX (x32 Version: 6.6.0.23 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (x32 Version: 1.4.0.4 - Canon Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0421.657.10561 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0421.657.10561 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0421.657.10561 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0421.657.10561 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0421.657.10561 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0421.657.10561 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0421.657.10561 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help English (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help French (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help German (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0421.657.10561 - ATI) Hidden
ccc-utility64 (Version: 2010.0421.657.10561 - ATI) Hidden
CD-LabelPrint (x32 Version: - )
Compatibility Pack for the 2007 Office system (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Connect (x32 Version: 1.4.12253.0 - Cisco Consumer Products LLC)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKCU Version: 2.0.26 - Dropbox, Inc.)
Dynex All-in-1 Card Reader (x32 Version: 2.00.04.02 - Dynex)
Dynex All-in-1 Card Reader (x32 Version: 2.00.04.02 - Dynex) Hidden
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Escape Rosecliff Island (x32 Version: 2.2.0.82 - WildTangent) Hidden
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Faerie Solitaire (x32 Version: 2.2.0.82 - WildTangent) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.82 - WildTangent) Hidden
Fingerprint Solution (x32 Version: 6.1.76.0 - Egis Technology Inc.) Hidden
Flickr Uploadr 3.2.1 (x32 Version: - )
FotoFusion v4 (x32 Version: - LumaPix)
FotoFusionV4 (x32 Version: 4.0 - LumaPix)
Free RAR Extract Frog (x32 Version: 2.30 - Philipp Winterberg)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GoToMeeting 5.1.0.880 (HKCU Version: 5.1.0.880 - CitrixOnline)
Haali Media Splitter (x32 Version: - )
Identity Card (x32 Version: 1.00.3003 - Acer Incorporated)
Intel® Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (x32 Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (x32 Version: 9.6.0.1014 - Intel Corporation)
Intel® Turbo Boost Technology Driver (x32 Version: 01.01.00.1005 - Intel Corporation)
Intel® Turbo Boost Technology Monitor (Version: 1.0.186.6 - Intel)
iTunes (Version: 10.5.1.42 - Apple Inc.)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Quest Solitaire 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (x32 Version: 4.0.7 - Acer Inc.)
MediaShow Espresso (x32 Version: 5.5.1403_23691 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (x32 Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Works (x32 Version: 9.7.0621 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MotoHelper 2.1.40 Driver 5.5.0 (x32 Version: 2.1.40 - Motorola)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
Motorola Mobile Drivers Installation 5.5.0 (Version: 5.5.0 - Motorola Inc.) Hidden
Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - Lost in Los Angeles (x32 Version: 2.2.0.82 - WildTangent) Hidden
MyWinLocker (x32 Version: 3.1.206.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (x32 Version: 3.1.206.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.206.0 - Egis Technology Inc.) Hidden
Nik Collection (x32 Version: 1.1.1.0 - Google)
Norton 360 (x32 Version: 21.1.0.18 - Symantec Corporation)
Norton Online Backup (x32 Version: 1.2.0.36 - Symantec)
NTI Backup Now 5 (x32 Version: 5.1.2.628 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.628 - NewTech Infosystems) Hidden
NTI Media Maker 8 (x32 Version: 8.0.12.6630 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6630 - NewTech Infosystems) Hidden
Nuvoton CIR Device Drivers (x32 Version: 8.60.2002 - Nuvoton Technology Corporation)
O2Micro 1394 OHCI Compliant Host Controller Driver (Version: 1.0.00 - O2Micro International LTD.) Hidden
O2Micro 1394 OHCI Compliant Host Controller Driver (x32 Version: 1.0.00 - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (Version: 2.0.37.D - O2Micro International LTD.) Hidden
O2Micro Flash Memory Card Windows Driver (x32 Version: 2.0.37.D - O2Micro International LTD.)
OpenOffice.org 3.2 (x32 Version: 3.2.9502 - OpenOffice.org)
OpenRGB Version 2.10 (x32 Version: - Logicol S.r.l.)
OverDrive Media Console (x32 Version: 3.2.20 - OverDrive, Inc.)
PASS (x32 Version: 2.0.958 - Showitfast, Inc)
PASS (x32 Version: 2.0.958 - Showitfast, Inc) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Perfect Effects 8 (x32 Version: 8.1.0 - onOne Software)
Perfect Photo Suite 6.0.1 (x32 Version: 6.0.1 - onOne Software)
PhotoFrame 4.5.3 Free (x32 Version: 4.5.3 - onOne Software)
PhotoPresets with One-Click WOW! for Adobe Camera Raw (x32 Version: 1.0 - onOne Software)
PhotoPresets Wow Effects for Adobe Camera Raw (x32 Version: 1.0 - onOne Software)
PhotoRescue PC v3.3.4.13350 (x32 Version: - DataRescue sa/nv)
Picasa 3 (x32 Version: 3.8 - Google, Inc.)
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Portrait Professional 10.1 (x32 Version: 10.1 - Anthropics Technology Ltd.)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickTime (x32 Version: 7.69.80.9 - Apple Inc.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6072 - Realtek Semiconductor Corp.)
Red Light Center 3D Client (x32 Version: 1.9.3271 - Utherverse Digital Inc)
Rogers Self Help Software 4059 (x32 Version: 4059 - Rogers Cable Communications Inc.)
Rogers Update Manager (x32 Version: 4059 - Rogers Cable Communications Inc.)
RSH Home Networking Wizard (x32 Version: 4059 - Rogers Cable Communications Inc)
Scrabble Plus (x32 Version: 2.2.0.82 - WildTangent) Hidden
Screencast-O-Matic (HKCU Version: - Screencast-O-Matic)
Seagate Dashboard (x32 Version: 1.1.0.1421 - Memeo Inc.)
Shredder (Version: 2.0.5.0 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.5.0 - Egis Technology Inc.) Hidden
Sony Ericsson Update Engine (x32 Version: 2.11.12.9 - Sony Ericsson Mobile Communications AB)
Sony PC Companion 2.10.165 (x32 Version: 2.10.165 - Sony)
Synaptics Pointing Device Driver (Version: 15.0.12.2 - Synaptics Incorporated)
TomTom HOME 2.8.3.2458 (x32 Version: 2.8.3.2458 - TomTom)
TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2 - TomTom International B.V.)
Update for 2007 Microsoft Office System (KB967642) (x32 Version: - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32 Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32 Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (x32 Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (x32 Version: - Microsoft)
WD Quick View (x32 Version: 2.2.1.6 - Western Digital Technologies, Inc.)
WD SmartWare (Version: 2.2.1.6 - Western Digital Technologies, Inc.)
WD SmartWare Installer (x32 Version: 2.2.1.6 - Western Digital Technologies, Inc.)
WD Software Upgrader (x32 Version: 1.6.4.7 - Western Digital Technologies, Inc.)
WD Software Upgrader (x32 Version: 1.6.5.3 - Western Digital Technologies, Inc.)
Welcome Center (x32 Version: 1.01.3002 - Acer Incorporated)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Yahtzee (x32 Version: 2.2.0.82 - WildTangent) Hidden

==================== Restore Points =========================


==================== Hosts content: ==========================

2009-07-13 21:34 - 2014-02-01 00:32 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0E0A0933-A908-4CDD-9B39-7FACD1E77D0C} - System32\Tasks\AdobeAAMUpdater-1.0-Dawn-PC-Dawn => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-18] (Adobe Systems Incorporated)
Task: {44BBBBDD-48AF-4A0A-91C4-216A9E59EA30} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {48096A7E-DD86-41C7-8FE6-17B8B43B5C63} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {6695E08F-A2A5-4178-9CF9-3A85E7B0BD7E} - System32\Tasks\MotoHelper Initial Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2012-02-01] ()
Task: {7C1B0248-21EF-438C-8DAF-782C691F8A0E} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1640631956-789530371-1737118854-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {97BF0A17-6A50-4423-9AEA-13914E1B9DFD} - System32\Tasks\MotoHelper Routing => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2012-02-01] ()
Task: {A5424DBC-A19B-4A8E-AE9A-EAF9FA459840} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {AA05941E-43D7-49DE-B4A4-018199D59A7D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-25] (Google Inc.)
Task: {BABBF025-06FE-4745-B47A-23F9ED218B8C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D1287967-A9FC-4771-AF97-2660F4090FFC} - System32\Tasks\MotoHelper Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2012-02-01] ()
Task: {DEDCF67A-53D2-42CF-BECC-F90B54404E00} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1640631956-789530371-1737118854-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {E3D96738-80FB-4CFC-B52A-9CB65FF82657} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: {F19AB75E-9A58-42F3-8F24-A6ADC829350F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-25] (Google Inc.)
Task: {F28CD9E4-3A26-4A3C-B9ED-DAD206B0D4D2} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-03-26 12:41 - 2010-03-26 12:41 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-06-18 19:46 - 2010-06-18 19:46 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-09-05 08:54 - 2013-09-05 08:54 - 00720792 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.2\AgKernel.dll
2013-09-05 08:55 - 2013-09-05 08:55 - 00115096 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.2\moxplugins\AppManagerLR.mox
2013-09-05 08:55 - 2013-09-05 08:55 - 00246680 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.2\moxplugins\wpdmanager.mox
2013-09-05 08:54 - 2013-09-05 08:54 - 03505560 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.2\Support\DynamicLinkMediaServer\dynamiclinkmediaserver\1.0\DNxHDCodec.dll
2013-09-05 08:28 - 2013-09-05 08:28 - 00301568 _____ () C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.2\Support\DynamicLinkMediaServer\dynamiclinkmediaserver\1.0\MOG_Framework_2.2.10.dll
2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-08 19:18 - 2010-03-08 19:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-03-08 19:13 - 2010-03-08 19:13 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2009-03-17 13:48 - 2009-03-17 13:48 - 00028672 _____ () C:\Program Files (x86)\Rogers\SelfHealing\NamedPipes.dll
2010-04-30 05:40 - 2009-05-20 01:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2013-02-19 16:57 - 2013-02-19 16:57 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\d89f0252d910d617de1de783a812f840\IsdiInterop.ni.dll
2010-04-30 04:58 - 2010-03-03 22:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2009-03-17 13:48 - 2009-03-17 13:48 - 00028672 _____ () C:\Program Files (x86)\rogers\selfhealing\NamedPipes.dll
2013-12-19 23:06 - 2013-12-19 23:06 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-05 00:02 - 2014-02-05 00:02 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:AstInfo

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/05/2014 08:49:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8110975

Error: (02/05/2014 08:49:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8110975

Error: (02/05/2014 08:49:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/05/2014 06:34:38 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13338

Error: (02/05/2014 06:34:38 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13338

Error: (02/05/2014 06:34:38 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/05/2014 06:34:37 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12152

Error: (02/05/2014 06:34:37 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12152

Error: (02/05/2014 06:34:37 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (02/05/2014 06:34:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11123


System errors:
=============
Error: (02/04/2014 05:53:05 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (02/04/2014 02:32:55 PM) (Source: Service Control Manager) (User: )
Description: A timeout (120000 milliseconds) was reached while waiting for a transaction response from the N360 service.

Error: (02/03/2014 08:03:30 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.

Error: (02/03/2014 08:01:15 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Management & Security Application User Notification Service service hung on starting.

Error: (02/03/2014 07:58:38 PM) (Source: Service Control Manager) (User: )
Description: The Windows Font Cache Service service hung on starting.

Error: (02/03/2014 07:54:31 PM) (Source: Service Control Manager) (User: )
Description: The Rogers Update Manager service hung on starting.

Error: (02/03/2014 07:54:11 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (02/03/2014 07:43:38 PM) (Source: Service Control Manager) (User: )
Description: The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (02/03/2014 07:43:38 PM) (Source: Service Control Manager) (User: )
Description: The Portable Device Enumerator Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (02/03/2014 07:43:38 PM) (Source: Service Control Manager) (User: )
Description: The WLAN AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-10-22 15:11:36.284
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-10-22 12:09:53.365
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-04-08 01:18:52.765
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-04-08 01:18:40.375
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-04-08 01:18:14.150
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-27 01:29:50.899
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-27 01:25:08.311
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-27 00:26:11.187
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-27 00:26:02.907
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-27 00:26:02.608
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 51%
Total physical RAM: 7860.48 MB
Available physical RAM: 3840.34 MB
Total Pagefile: 15719.11 MB
Available Pagefile: 10741.49 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:578.07 GB) (Free:50.92 GB) NTFS
Drive e: (FOURTH_KIND) (CDROM) (Total:7.38 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596 GB) (Disk ID: 1361CAD3)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Not Active) - (Size=4 GB) - (Type=12)
Partition 3: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=578 GB) - (Type=OF Extended)

==================== End Of Log ============================
  • 0

#28
zep516
Posted 05 February 2014 - 10:14 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hello DawnsShadow,


Thanks for posting that. I hope I can see something in this Log that can help us with Firefox adds...

One other thing I wanted you do to is, while I look over the log report, is for you to "Run" Firefox with Add-ons Disabled and see if the pop up ads stop.

To do that:
In the Firefox Browser, at the top click Help from the drop down menu "select" Restart with Add-ons Disabled.

Run Firefox like that for a while and see if the adds stop. If they do an extension or Firefox add-on / plug-in is causing issue.

Additional help for that is Here

Thanks
Joe :)


Joe

Edited by zep516, 05 February 2014 - 10:51 PM.

  • 0

#29
DawnsShadow
Posted 05 February 2014 - 11:50 PM

DawnsShadow

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Another different pop up tab.
Plus this was one of the built in ads which are also suspect.

Attached Thumbnails

  • snip.JPG
  • ad warning.JPG

Edited by DawnsShadow, 06 February 2014 - 02:06 PM.

  • 0

#30
zep516
Posted 07 February 2014 - 11:17 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hello DawnsShadow,

Could you please "refrain" from downloading programmes till we have finished.

Also please see This about downloading programmes.

I want you to "RERUN" AdwCleaner again. And JRT Again. There already on the desktop.

Next run adwCleaner again.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
  • NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished and the PC has rebooted.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner


Next run JRT again.

Posted Image
Please close your security software to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete, depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
Please post the contents of JRT.txt into your reply.

In your next reply post:
  • AdwCleaner [S0].txt
  • JRT.txt

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP