Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Downloads Issue [Closed]

Started by seniorj12 , Jan 26 2014 03:41 PM

This topic is locked

#1
seniorj12

Posted 26 January 2014 - 03:41 PM

New Member

Member
9 posts

I seem to be having a problem with all my downloads on all my browsers, even IE. The download would start then it would get cut off at about 5.7mb and show up as complete when they really aren't. I would click on the download and it would start then fail because files are missing. This is also a problem in clients as well such as Minecraft and Steam. Here is my computers information: HP PAvilion dv7 Notebook
AMD Phenom II N660 Dual-Core Processor
4GB RAM & 64-bit OS
Here is the OTL Log:

OTL logfile created on: 1/26/2014 4:13:35 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gabe\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 1.17 Gb Available Physical Memory | 31.28% Memory free
9.36 Gb Paging File | 5.37 Gb Available in Paging File | 57.36% Paging File free
Paging file location(s): c:\pagefile.sys 5751 5751 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450.84 Gb Total Space | 211.65 Gb Free Space | 46.95% Space Free | Partition Type: NTFS
Drive D: | 14.63 Gb Total Space | 1.62 Gb Free Space | 11.10% Space Free | Partition Type: NTFS
Drive F: | 99.02 Mb Total Space | 91.05 Mb Free Space | 91.95% Space Free | Partition Type: FAT32

Computer Name: AARONS-HP | User Name: Gabe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/26 16:13:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gabe\Downloads\OTL.exe
PRC - [2014/01/17 18:08:15 | 005,061,984 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.198\deploy\LoLLauncher.exe
PRC - [2014/01/06 11:30:02 | 001,015,088 | ---- | M] () -- C:\Windows\SysWOW64\jmdp\stij.exe
PRC - [2014/01/01 03:38:24 | 004,333,856 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
PRC - [2014/01/01 03:38:24 | 002,911,520 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
PRC - [2014/01/01 03:38:24 | 002,301,216 | ---- | M] (Conduit) -- C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
PRC - [2013/12/12 07:37:12 | 000,070,144 | ---- | M] () -- C:\ProgramData\GorillaPrice\WatGorp.exe
PRC - [2013/12/12 07:35:56 | 000,624,128 | ---- | M] () -- C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe
PRC - [2013/12/03 21:48:06 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/11/26 19:18:42 | 001,484,624 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Razer Game Booster\main.exe
PRC - [2013/11/22 12:36:18 | 000,105,448 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
PRC - [2013/11/13 15:50:14 | 000,198,424 | ---- | M] (TMRG, Inc.) -- C:\Program Files (x86)\RelevantKnowledge\rlservice.exe
PRC - [2013/11/13 15:50:14 | 000,160,536 | ---- | M] (TMRG, Inc.) -- C:\Program Files (x86)\RelevantKnowledge\rlvknlg32.exe
PRC - [2013/11/13 15:50:13 | 003,468,056 | ---- | M] (TMRG, Inc.) -- C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
PRC - [2013/10/24 11:58:32 | 000,790,880 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
PRC - [2013/10/24 11:58:30 | 003,212,128 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
PRC - [2013/10/24 11:58:28 | 007,064,416 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
PRC - [2013/10/24 11:58:16 | 002,003,808 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\DataProxy.exe
PRC - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/10/08 22:47:54 | 000,609,056 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
PRC - [2013/09/15 19:59:59 | 000,074,752 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.68\deploy\LolClient.exe
PRC - [2013/08/12 08:35:06 | 000,109,064 | ---- | M] (Wajam) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
PRC - [2013/07/01 11:09:56 | 000,188,760 | ---- | M] () -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
PRC - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2013/04/30 23:11:08 | 000,042,784 | ---- | M] (Yontoo LLC) -- C:\Users\Aarons\AppData\Roaming\Yontoo\YontooDesktop.exe
PRC - [2013/04/30 23:11:08 | 000,023,552 | ---- | M] (Microsoft) -- C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
PRC - [2012/10/08 15:15:50 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Pen\WacomHost.exe
PRC - [2012/09/03 21:18:02 | 000,078,352 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2012/05/29 10:45:18 | 001,300,376 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
PRC - [2011/10/06 18:19:16 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/05/21 16:52:16 | 000,103,992 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/02/18 00:48:24 | 000,265,544 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2011/02/18 00:48:12 | 000,642,888 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2011/02/18 00:47:58 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2011/02/15 17:48:52 | 001,071,160 | ---- | M] (Hewlett-Packard Development Company L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
PRC - [2011/01/27 14:38:04 | 000,318,520 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2010/11/26 09:09:12 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
PRC - [2010/11/09 17:20:36 | 000,586,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010/11/09 17:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010/04/23 14:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2009/12/03 09:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
PRC - [2009/10/09 04:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
PRC - [2006/12/19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe

========== Modules (No Company Name) ==========

MOD - [2014/01/26 16:09:07 | 000,949,248 | ---- | M] () -- C:\Users\Aarons\AppData\Roaming\Yontoo\dat\hk.dll
MOD - [2014/01/26 16:08:26 | 000,013,600 | ---- | M] () -- C:\Users\Aarons\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll
MOD - [2014/01/17 18:08:16 | 000,126,816 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.198\deploy\RiotLauncher.dll
MOD - [2014/01/17 18:08:15 | 005,061,984 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.198\deploy\LoLLauncher.exe
MOD - [2014/01/08 22:27:43 | 003,191,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web.28b9ef5a#\3a13993425764c96b2686f8205e34f4e\System.Web.Extensions.ni.dll
MOD - [2014/01/08 22:27:13 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\72843576b9bfad66be46d6eb445b76fa\System.Xml.Linq.ni.dll
MOD - [2014/01/08 22:26:44 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\f16e993b7058b005bbf273007fadf95b\UIAutomationTypes.ni.dll
MOD - [2014/01/08 22:26:41 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\d187afdee972b70222b76bd6aed1f742\PresentationFramework-SystemXml.ni.dll
MOD - [2014/01/08 22:26:41 | 000,013,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\9010845c58c17f145b3e39c2d28c4869\PresentationFramework-SystemXmlLinq.ni.dll
MOD - [2014/01/08 18:56:14 | 013,320,192 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\51c959815de499d10456ec684abf02bf\System.Web.ni.dll
MOD - [2014/01/08 18:56:07 | 000,786,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\5b44a8db5b70143f27fb695b5f72930d\System.Runtime.Remoting.ni.dll
MOD - [2014/01/08 18:56:06 | 003,910,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\18e76c3868d682a7c065bccd142eeec1\WindowsBase.ni.dll
MOD - [2014/01/08 18:56:05 | 012,698,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\c5db04fde4893300ff28045ce4f7567d\System.Windows.Forms.ni.dll
MOD - [2014/01/08 18:55:59 | 006,998,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\d913e7d0b1d32187e0c234f8a1a581fc\System.Core.ni.dll
MOD - [2014/01/08 18:55:59 | 002,786,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\be5f0f2e208bbb3c647acfbc33434251\System.Runtime.Serialization.ni.dll
MOD - [2014/01/08 18:55:56 | 000,964,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\edb27e2c25837f79902054965d6813cd\System.Configuration.ni.dll
MOD - [2014/01/08 18:55:00 | 001,920,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.V9921e851#\2e7b344eb30202c336687f3230940cb2\Microsoft.VisualBasic.ni.dll
MOD - [2014/01/08 18:54:57 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\cceaf9d7891fc325a90473aa9a661661\System.Drawing.ni.dll
MOD - [2014/01/08 18:54:14 | 000,121,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\176ea254700896ee68956986b947ea9b\SMDiagnostics.ni.dll
MOD - [2014/01/08 18:54:13 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\72227d58a04b80252053352dead3b9a3\System.ServiceModel.Internals.ni.dll
MOD - [2014/01/08 18:54:09 | 000,462,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\7dd4cd3e4768d2aa55af60c838790088\PresentationFramework.Aero.ni.dll
MOD - [2014/01/08 18:54:08 | 018,545,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\775d60de39c6f0b49f1640c4e6c8de09\PresentationFramework.ni.dll
MOD - [2014/01/08 18:54:03 | 001,880,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\f4fff5d6e716c439b944025d3994170d\System.Xaml.ni.dll
MOD - [2014/01/08 18:53:57 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\82d58d49946f82eb56bae40f3b097784\System.Xml.ni.dll
MOD - [2014/01/08 18:53:56 | 010,926,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\8e3d6080e8eaaaf28389f3742ff9acdd\PresentationCore.ni.dll
MOD - [2014/01/08 18:53:46 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ac79b74f022d9a096de2b884f4249543\System.ni.dll
MOD - [2014/01/08 18:52:47 | 001,156,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\20a513f26ee88412303b36dc8c8f7533\System.Management.ni.dll
MOD - [2014/01/08 18:52:24 | 001,614,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\65c71372e0cecdd46e984739a283f98c\Microsoft.CSharp.ni.dll
MOD - [2014/01/08 18:52:12 | 016,547,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\bf2ecabcd96ec8238dc385b0a3ffa084\mscorlib.ni.dll
MOD - [2014/01/06 11:30:04 | 001,222,960 | ---- | M] () -- C:\Windows\SysWOW64\jmdp\lmrn.dll
MOD - [2014/01/06 11:30:02 | 001,015,088 | ---- | M] () -- C:\Windows\SysWOW64\jmdp\stij.exe
MOD - [2013/12/03 21:48:04 | 000,399,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppgooglenaclpluginchrome.dll
MOD - [2013/12/03 21:48:03 | 013,586,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
MOD - [2013/12/03 21:48:02 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
MOD - [2013/12/03 21:47:11 | 000,702,416 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
MOD - [2013/12/03 21:47:11 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
MOD - [2013/12/03 21:47:08 | 001,619,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
MOD - [2013/11/24 11:37:42 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/11/24 11:37:30 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/11/24 11:37:09 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/11/24 11:37:05 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/11/24 11:37:02 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/11/24 11:36:53 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/11/12 09:57:10 | 000,098,304 | ---- | M] () -- C:\Program Files (x86)\Razer\Razer Game Booster\EasyHook32.dll
MOD - [2013/09/15 19:59:59 | 000,074,752 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.68\deploy\LolClient.exe
MOD - [2013/09/15 19:59:31 | 004,774,248 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.68\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
MOD - [2013/07/21 17:48:15 | 002,052,096 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2013/07/21 17:48:15 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2013/07/02 18:09:05 | 005,283,840 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2012/11/20 16:13:44 | 000,264,192 | ---- | M] () -- C:\Program Files (x86)\Razer\Razer Game Booster\D3DX8Wrapper.dll
MOD - [2012/10/05 05:53:24 | 003,198,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012/05/29 10:45:18 | 001,300,376 | ---- | M] () -- C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
MOD - [2010/11/20 22:24:25 | 000,385,024 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013/12/29 05:12:40 | 001,833,776 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\dmwu.exe -- (IBUpdaterService)
SRV:64bit: - [2013/07/19 11:21:14 | 002,179,056 | ---- | M] (GlavSoft LLC.) [Auto | Stopped] -- C:\Program Files\TightVNC\tvnserver.exe -- (tvnserver)
SRV:64bit: - [2013/07/01 11:09:56 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe -- (Updater By SweetPacks)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/12/11 12:07:04 | 000,619,904 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV:64bit: - [2011/12/05 22:15:08 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011/06/09 12:01:00 | 000,555,392 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)
SRV:64bit: - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011/04/24 21:00:02 | 000,173,952 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04)
SRV:64bit: - [2011/03/11 05:23:16 | 000,297,984 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/10/11 04:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/09/20 01:56:00 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/01/07 10:09:00 | 001,926,448 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService)
SRV:64bit: - [2009/03/03 05:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2014/01/25 12:22:35 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/01/01 03:38:24 | 002,301,216 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2013/12/12 07:37:12 | 000,070,144 | ---- | M] () [Auto | Running] -- C:\ProgramData\GorillaPrice\WatGorp.exe -- (WatGorp)
SRV - [2013/12/12 07:35:56 | 000,624,128 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe -- (GorillaPrice)
SRV - [2013/12/10 19:24:37 | 000,032,960 | ---- | M] (Razer, Inc.) [Auto | Running] -- C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe -- (RzOvlMon)
SRV - [2013/11/26 00:06:38 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/11/22 12:36:18 | 000,105,448 | ---- | M] (Razer Inc.) [Auto | Running] -- C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe -- (RzKLService)
SRV - [2013/11/13 15:50:14 | 000,198,424 | ---- | M] (TMRG, Inc.) [Auto | Running] -- C:\Program Files (x86)\RelevantKnowledge\rlservice.exe -- (RelevantKnowledge)
SRV - [2013/10/24 11:58:32 | 000,790,880 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe -- (SplashtopRemoteService)
SRV - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/10/08 22:47:54 | 000,609,056 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe -- (SSUService)
SRV - [2013/08/12 08:35:06 | 000,109,064 | ---- | M] (Wajam) [Auto | Running] -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater)
SRV - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013/03/26 22:47:20 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/01/08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/09/03 21:18:00 | 000,245,264 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2011/05/21 16:52:16 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/03/07 19:43:30 | 002,375,168 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/02/18 00:48:24 | 000,265,544 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2011/02/15 17:48:52 | 001,071,160 | ---- | M] (Hewlett-Packard Development Company L.P.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2010/11/26 09:09:12 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/11/09 17:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/01/07 09:53:16 | 001,656,112 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService)
SRV - [2009/10/09 04:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006/12/19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/12/10 19:14:26 | 000,129,472 | ---- | M] (Razer, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RzDxgk.sys -- (RzDxgk)
DRV:64bit: - [2013/12/10 19:14:26 | 000,074,432 | ---- | M] (Razer, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\RzFilter.sys -- (RzFilter)
DRV:64bit: - [2013/10/28 01:12:12 | 000,204,568 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013/10/28 01:12:10 | 000,107,288 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/10/22 17:06:46 | 000,028,904 | ---- | M] (Splashtop Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stdpms.sys -- (stdpms)
DRV:64bit: - [2013/06/26 19:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 19:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 19:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 19:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2013/03/29 06:22:43 | 000,052,320 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\libusb0.sys -- (libusb0)
DRV:64bit: - [2013/02/11 23:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/12/03 15:36:34 | 000,081,824 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2012/12/03 15:36:34 | 000,013,728 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2012/11/15 08:41:06 | 000,015,776 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/31 09:45:10 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2012/06/20 08:42:44 | 003,678,720 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2012/05/12 12:31:00 | 000,121,416 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/05 14:47:30 | 000,095,248 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/12/02 18:38:08 | 000,239,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2011/11/25 00:25:52 | 000,015,360 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pneteth.sys -- (pneteth)
DRV:64bit: - [2011/11/23 23:02:20 | 000,648,808 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/11/16 08:35:58 | 000,054,400 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2011/10/28 20:41:28 | 000,042,624 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011/10/28 20:41:26 | 000,080,512 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/10/14 03:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/06/24 06:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2011/05/13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/05/13 02:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/05/13 02:21:04 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2011/05/13 02:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011/03/24 19:20:36 | 000,337,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011/03/17 23:04:20 | 000,188,544 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdxhc.sys -- (amdxhc)
DRV:64bit: - [2011/03/17 23:04:18 | 000,087,168 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdhub30.sys -- (amdhub30)
DRV:64bit: - [2011/03/11 05:23:16 | 000,521,728 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/07 11:55:00 | 001,353,280 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2011/01/12 20:15:10 | 000,157,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/29 23:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/09/20 02:14:16 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/09/20 02:14:16 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/09/20 01:21:04 | 000,279,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/07/28 08:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/02/18 11:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 19:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 15:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/06/16 02:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://dts.search-re...q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{F0C07441-FD14-4F34-9C4C-A673AFE4ADE0}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {7e8a1050-cf67-4575-92df-dcc60e7d952d} - C:\Program Files (x86)\SweetPacks\prxtbSwee.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {01900FB1-3A50-4BED-8BCF-7DC6EC494919}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/...Date=27/04/2013
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://start.sweetpa...4-2C27D7D4D60A}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/...Date=27/04/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/...Date=27/04/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.search.as...APN10379&gct=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/...Date=27/04/2013
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/...Date=27/04/2013
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {739df940-c5ee-4bab-9d7e-270894ae687a} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/...Date=27/04/2013
IE - HKCU\..\SearchScopes\{01900FB1-3A50-4BED-8BCF-7DC6EC494919}: "URL" = http://search.condui...8301740737&UM=2
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{0DD553EC-A1C1-465A-979B-9051C98E32A7}: "URL" = http://websearch.ask...4E-A0851C15FC2A
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www2.delta-se...A73002637BD3942
IE - HKCU\..\SearchScopes\{1DFCB6D7-5E91-42F8-9428-5725C69AF113}: "URL" = http://search.condui...q={searchTerms}
IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKCU\..\SearchScopes\{E48C925F-FF59-41AC-832C-0EE3A5DDB1B3}: "URL" = http://websearch.ask...4E-A0851C15FC2A
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://mysearch.swee...}&barid=&&st=23
IE - HKCU\..\SearchScopes\{F0C07441-FD14-4F34-9C4C-A673AFE4ADE0}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8080

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\avget.org/AVget: C:\Users\Aarons\AppData\Roaming\AVget\npAVget.dll File not found
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX [2013/07/10 15:16:09 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8E9E3331-D360-4f87-8803-52DE43566502}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX [2013/07/10 15:16:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Mozilla FireFox\extensions\[email protected] [2013/02/28 08:02:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox [2013/07/10 15:16:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8E9E3331-D360-4f87-8803-52DE43566502}: C:\Program Files\Updater By SweetPacks\Firefox [2013/07/10 15:16:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\BetterSurf\ff [2013/11/13 15:45:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha203\ff [2013/12/20 15:45:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}: C:\Program Files (x86)\RelevantKnowledge\firefox [2013/12/29 16:40:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta7\ff [2014/01/10 16:16:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\AddLyrics\FF\

[2013/05/10 23:41:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla FireFox\extensions
[2013/05/10 23:41:55 | 000,000,000 | ---D | M] (DownloadTerms) -- C:\Program Files (x86)\Mozilla FireFox\extensions\[email protected]
[2013/02/28 08:02:29 | 000,000,000 | ---D | M] (InfoAtoms) -- C:\Program Files (x86)\Mozilla FireFox\extensions\[email protected]
[2014/01/10 16:16:26 | 000,000,000 | ---D | M] (Video Player) -- C:\PROGRAM FILES (X86)\VIDEOPLAYERV3\VIDEOPLAYERV3BETA7\FF
[2013/12/20 15:45:17 | 000,000,000 | ---D | M] (Webexp Enhanced) -- C:\PROGRAM FILES (X86)\WEBEXPENHANCEDV1\WEBEXPENHANCEDV1ALPHA203\FF

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe\1.0_0\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahlokhnddogldlplgkdgmfidibpgenoi\3.0.0_0\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\babdabjblhdjecooajkeenhbaegcdcgk\2.0.7_0\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\babdabjblhdjecooajkeenhbaegcdcgk\2.0.7_1\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\chgllnbkldfofeogfpbhciondkbendep\1.5_0\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh\1.0.0.2_0\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh\1.0.0.2_1\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.566_0\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.583_0\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.609_0\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1482\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\1.4.8_0\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.5.0.11422_0\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljdngafdeknonigdklkdlolkefpigejp\13.2334.9140_0\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpikhjbfbffdblahfidklcohlaeabak\1.0.0.5_0\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpijogomejcpdhifkigopflephcmopal\1.0_0\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjildcbkilmkddbbpbjljljdmmlfeppl\5.0_0\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle\1.3.337.3\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgjpfdjhlimkkdgnecbgnefdafbcncc\2.0.5_0\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.21.72_0\crossrider
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.21.72_0\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa\1.0_0\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk\0.71_0\
CHR - Extension: No name found = C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk\0.71_1\

O1 HOSTS File: ([2013/04/26 01:31:22 | 000,000,878 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Webexp Enhanced) - {a74072b1-001f-4bbc-9424-0ab837861407} - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha203\ie\WebexpEnhancedV1alpha203.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {D426CFA3-F742-4C87-BFCE-76D5EEBC6FF4} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Video Player) - {fc122d33-6ab0-4b99-afc2-b6cf9a42c4d8} - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta7\ie\VideoPlayerV3beta7.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {6e47d688-85ec-465a-9946-ec58220f14fc} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {739DF940-C5EE-4BAB-9D7E-270894AE687A} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (ooVoo toolbar, powered by Ask.com) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [RazerGameBooster] C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe (Razer Inc.)
O4 - HKLM..\Run: [TaskTray] File not found
O4 - HKCU..\Run: [690A3B64279ECB48B1C83D88E3FB162ECEE653EF._service_run] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [EPSON NX420 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCA.EXE /FU "C:\Windows\TEMP\E_S70CC.tmp" /EF "HKCU" File not found
O4 - HKCU..\Run: [Epson Stylus NX420(Network)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCA.EXE /FU "C:\Windows\TEMP\E_S6622.tmp" /EF "HKCU" File not found
O4 - HKCU..\Run: [EPSON21A3F5 (Epson Stylus NX420)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCA.EXE /FU "C:\Windows\TEMP\E_S2175.tmp" /EF "HKCU" File not found
O4 - HKCU..\Run: [Jump Desktop] C:\Program Files (x86)\Jump Desktop\JumpDesktop.exe autorun File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_04)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_04)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.h...hpdetect118.cab (GMNRev Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.32.5.111 65.32.5.112
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{001D1520-D0B0-4082-B80D-2371A591C492}: DhcpNameServer = 65.32.5.111 65.32.5.112
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B5948F28-8F70-44DD-AB18-65F86A9F3263}: DhcpNameServer = 65.32.5.111 65.32.5.112
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CB218F64-FFAE-42C2-A11B-BDE919B57C63}: DhcpNameServer = 150.100.2.6
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (Conduit)
O20:64bit: - AppInit_DLLs: (c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll) - File not found
O20:64bit: - AppInit_DLLs: (c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll) - File not found
O20:64bit: - AppInit_DLLs: (c:\progra~2\optimi~1\optpro~2.dll) - c:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll ()
O20 - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (Conduit)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{46d7bfa2-30be-11e2-b70c-2c27d7d4d60a}\Shell - "" = AutoRun
O33 - MountPoints2\{46d7bfa2-30be-11e2-b70c-2c27d7d4d60a}\Shell\AutoRun\command - "" = G:\LGAutoRun.exe
O33 - MountPoints2\{5e8b317f-5912-11e2-af3e-2c27d7d4d60a}\Shell - "" = AutoRun
O33 - MountPoints2\{5e8b317f-5912-11e2-af3e-2c27d7d4d60a}\Shell\AutoRun\command - "" = G:\LGAutoRun.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LGAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/26 13:55:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
[2014/01/25 23:34:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Pivot Animator
[2014/01/25 23:34:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pivot Animator
[2014/01/25 23:34:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pivot Animator
[2014/01/25 17:25:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2014/01/25 17:25:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2014/01/25 02:46:48 | 000,000,000 | ---D | C] -- C:\Users\Gabe\AppData\Roaming\mineshafter_squared
[2014/01/24 22:29:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Logs
[2014/01/21 17:56:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Splashtop
[2014/01/21 17:56:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Splashtop Remote
[2014/01/21 17:56:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Splashtop
[2014/01/17 20:10:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2014/01/16 15:18:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\SearchProtect
[2014/01/10 16:16:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoPlayerV3
[2014/01/08 12:20:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ljkb
[2014/01/08 12:20:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\jmdp
[2014/01/08 09:12:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
[2014/01/07 16:16:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/01/07 16:15:27 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/01/07 16:15:26 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/01/07 16:15:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/01/07 16:15:26 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/01/06 12:24:21 | 000,000,000 | ---D | C] -- C:\Users\Gabe\AppData\Roaming\HandBrake
[2014/01/06 09:22:53 | 000,000,000 | ---D | C] -- C:\Users\Gabe\AppData\Local\Razer_Inc
[2014/01/06 09:22:49 | 000,000,000 | ---D | C] -- C:\Users\Gabe\Documents\Razer
[2014/01/06 09:12:36 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/01/06 08:50:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/01/06 04:19:51 | 000,000,000 | ---D | C] -- C:\7a699e70de224dc21954db
[2014/01/06 03:32:58 | 000,000,000 | ---D | C] -- C:\fba59dd2b5adb9a0a2a5205e
[2014/01/06 03:23:36 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2014/01/06 02:06:50 | 000,000,000 | ---D | C] -- C:\28c9c4c20c3a25b3c3
[2014/01/02 22:36:55 | 000,000,000 | ---D | C] -- C:\Users\Gabe\AppData\Local\Razer
[2014/01/02 22:31:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Comms
[2014/01/02 22:31:22 | 000,074,432 | ---- | C] (Razer, Inc.) -- C:\Windows\SysNative\drivers\RzFilter.sys
[2014/01/02 22:31:21 | 000,129,472 | ---- | C] (Razer, Inc.) -- C:\Windows\SysNative\drivers\RzDxgk.sys
[2014/01/02 22:30:59 | 000,000,000 | ---D | C] -- C:\Windows\Razer Core
[2014/01/02 22:30:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Razer
[2014/01/02 22:30:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer
[2013/12/29 16:40:13 | 000,970,520 | ---- | C] (TMRG, Inc.) -- C:\Windows\SysNative\rlls64.dll
[2013/12/29 16:40:13 | 000,660,248 | ---- | C] (TMRG, Inc.) -- C:\Windows\SysWow64\rlls.dll
[2013/12/29 16:37:55 | 000,000,000 | ---D | C] -- C:\Users\Gabe\AppData\Local\SearchProtect
[2013/12/29 15:56:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RelevantKnowledge
[2013/12/29 15:53:19 | 000,000,000 | ---D | C] -- C:\ProgramData\GorillaPrice
[2013/12/29 15:53:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GorillaPrice
[2013/12/29 15:52:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenDownloaderManager
[15 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/01/26 15:52:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/26 15:44:00 | 000,000,360 | ---- | M] () -- C:\Windows\tasks\AmiUpdXp.job
[2014/01/26 15:30:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/26 13:53:35 | 000,001,900 | ---- | M] () -- C:\Windows\tasks\Safe Saver-chromeinstaller.job
[2014/01/26 13:53:35 | 000,001,824 | ---- | M] () -- C:\Windows\tasks\Safe Saver-firefoxinstaller.job
[2014/01/26 13:53:34 | 000,001,194 | ---- | M] () -- C:\Windows\tasks\Safe Saver-codedownloader.job
[2014/01/26 13:53:34 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\Safe Saver-enabler.job
[2014/01/26 13:53:34 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/26 13:53:34 | 000,000,396 | ---- | M] () -- C:\Windows\tasks\LyricStar Update.job
[2014/01/26 13:25:28 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/26 13:25:28 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/26 13:18:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/26 13:17:57 | 3015,888,896 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/26 01:01:36 | 000,435,200 | ---- | M] () -- C:\Users\Gabe\AppData\Roaming\RZR_01925f6a4f7eaeedfb42bcd2a208.db
[2014/01/25 23:34:32 | 000,000,990 | ---- | M] () -- C:\Users\Public\Desktop\Pivot Animator.lnk
[2014/01/25 17:59:05 | 000,000,408 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Aarons.job
[2014/01/25 17:25:28 | 000,000,923 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2014/01/25 12:19:50 | 000,001,397 | ---- | M] () -- C:\Users\Gabe\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/01/22 18:58:03 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForAarons.job
[2014/01/22 15:13:10 | 000,783,360 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/22 15:13:10 | 000,663,086 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/22 15:13:10 | 000,122,664 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/21 18:07:45 | 000,002,150 | ---- | M] () -- C:\Users\Gabe\Desktop\Splashtop Streamer.lnk
[2014/01/16 18:01:28 | 004,990,000 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/15 22:24:38 | 000,018,564 | ---- | M] () -- C:\Users\Gabe\Desktop\Anatomy Business Cards.pdf
[2014/01/15 22:15:26 | 000,010,425 | ---- | M] () -- C:\Users\Gabe\Desktop\k10753404.jpg
[2014/01/15 22:04:20 | 000,007,885 | ---- | M] () -- C:\Users\Gabe\Desktop\download.jpg
[2014/01/11 22:51:14 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForAARONS-HP$.job
[2014/01/10 16:17:11 | 000,000,168 | ---- | M] () -- C:\extensions.ini
[2014/01/08 18:55:38 | 000,775,974 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/01/08 10:41:22 | 467,617,700 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/01/08 09:12:47 | 000,002,085 | ---- | M] () -- C:\Users\Public\Desktop\Razer Game Booster.lnk
[2014/01/07 16:16:58 | 000,001,743 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/01/06 09:09:38 | 000,002,239 | ---- | M] () -- C:\Users\Gabe\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/01/06 08:50:47 | 000,002,215 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/06 02:19:35 | 000,064,576 | ---- | M] () -- C:\Users\Gabe\Documents\cc_20140106_021928.reg
[2014/01/02 22:31:43 | 000,001,224 | ---- | M] () -- C:\Users\Gabe\Desktop\Razer Comms.lnk
[2014/01/02 22:31:24 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RzFilter_01009.Wdf
[2013/12/29 21:28:15 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForGabe.job
[2013/12/29 15:52:34 | 000,000,000 | ---- | M] () -- C:\end
[2013/12/29 05:12:40 | 001,833,776 | ---- | M] () -- C:\Windows\SysNative\dmwu.exe
[2013/12/29 05:08:58 | 000,033,792 | ---- | M] (IncrediMail, Ltd.) -- C:\Windows\SysNative\ImHttpComm.dll
[15 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/01/25 23:34:32 | 000,000,990 | ---- | C] () -- C:\Users\Public\Desktop\Pivot Animator.lnk
[2014/01/25 17:25:28 | 000,000,923 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2014/01/25 12:19:50 | 000,001,409 | ---- | C] () -- C:\Users\Gabe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2014/01/21 18:07:45 | 000,002,150 | ---- | C] () -- C:\Users\Gabe\Desktop\Splashtop Streamer.lnk
[2014/01/15 22:24:38 | 000,018,564 | ---- | C] () -- C:\Users\Gabe\Desktop\Anatomy Business Cards.pdf
[2014/01/15 22:15:25 | 000,010,425 | ---- | C] () -- C:\Users\Gabe\Desktop\k10753404.jpg
[2014/01/15 22:04:24 | 000,007,885 | ---- | C] () -- C:\Users\Gabe\Desktop\download.jpg
[2014/01/08 10:41:22 | 467,617,700 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/01/08 09:12:47 | 000,002,085 | ---- | C] () -- C:\Users\Public\Desktop\Razer Game Booster.lnk
[2014/01/07 16:16:58 | 000,001,743 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/01/06 08:50:47 | 000,002,239 | ---- | C] () -- C:\Users\Gabe\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/01/06 08:50:47 | 000,002,215 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/06 02:19:32 | 000,064,576 | ---- | C] () -- C:\Users\Gabe\Documents\cc_20140106_021928.reg
[2014/01/02 22:38:27 | 000,435,200 | ---- | C] () -- C:\Users\Gabe\AppData\Roaming\RZR_01925f6a4f7eaeedfb42bcd2a208.db
[2014/01/02 22:31:43 | 000,001,224 | ---- | C] () -- C:\Users\Gabe\Desktop\Razer Comms.lnk
[2014/01/02 22:31:24 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RzFilter_01009.Wdf
[2013/11/27 10:11:21 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2013/11/22 16:22:09 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2013/10/25 16:48:01 | 000,000,095 | ---- | C] () -- C:\Windows\EART1430.ini
[2013/05/12 20:15:52 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2013/05/03 18:37:32 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat
[2013/04/13 09:49:08 | 000,000,000 | ---- | C] () -- C:\ProgramData\2928213b2121542039_c
[2013/04/10 20:01:56 | 000,039,712 | ---- | C] () -- C:\Windows\SysWow64\asl.dll
[2013/03/29 06:22:45 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/02/28 18:35:14 | 000,007,602 | ---- | C] () -- C:\Users\Gabe\AppData\Local\Resmon.ResmonCfg
[2012/12/30 09:42:13 | 000,148,952 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/09/08 09:33:37 | 000,000,902 | RHS- | C] () -- C:\Users\Gabe\ntuser.pol
[2012/08/29 22:24:25 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2012/08/25 17:35:05 | 000,004,608 | ---- | C] () -- C:\Users\Gabe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/14 18:46:29 | 000,073,220 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2012/08/14 18:46:29 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2012/08/14 18:46:29 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2012/08/14 18:46:29 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2012/08/14 18:46:29 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2012/08/14 18:46:29 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2012/08/14 18:46:29 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2012/08/14 18:46:29 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2012/08/14 18:46:29 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2012/08/14 18:46:29 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2012/08/14 18:46:29 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2012/08/14 18:46:29 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2012/08/14 18:46:29 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2012/08/14 18:46:29 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2012/08/14 18:46:29 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2012/08/14 18:46:29 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2012/08/14 18:42:09 | 000,000,071 | ---- | C] () -- C:\Windows\ENX420.ini
[2012/03/19 10:59:12 | 000,072,621 | ---- | C] () -- C:\Windows\rodflashvideoss_uninst.exe

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/01/26 16:07:54 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\.minecraft
[2012/10/06 10:31:52 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\.techniclauncher
[2012/08/25 10:58:25 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\Acoustica
[2013/11/14 18:20:46 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\Awesomium
[2012/10/25 17:11:41 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\Babylon
[2013/05/04 07:23:01 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\dll-files.com
[2012/08/19 13:28:48 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\Epson
[2013/01/04 10:44:45 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\FFP
[2013/03/24 18:06:05 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\FVD Suite
[2014/01/06 12:28:41 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\HandBrake
[2013/07/19 16:09:00 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\ihelper
[2013/06/07 07:44:11 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\Kaneva
[2012/09/21 16:06:10 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\LolClient
[2014/01/25 02:46:48 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\mineshafter_squared
[2013/03/21 16:25:44 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\MotioninJoy
[2012/08/24 21:10:25 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\Namco
[2013/02/02 15:02:40 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\Notepad++
[2013/06/07 07:44:25 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\ooVoo Details
[2013/03/24 18:33:03 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\PCFixSpeed
[2013/07/02 15:44:32 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\PDAppFlex
[2013/07/19 14:49:35 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\Phase Five Systems
[2013/04/13 09:38:59 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\Screaming Bee
[2014/01/15 22:34:10 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\SoftGrid Client
[2013/04/27 21:55:00 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\Strongvault
[2012/08/25 10:58:31 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\SynthMaker
[2012/09/11 19:19:17 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\TP
[2014/01/06 03:18:34 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\uTorrent
[2013/03/26 23:49:44 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\Wacom
[2013/03/29 20:26:22 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\WebApp
[2013/05/04 07:34:49 | 000,000,000 | ---D | M] -- C:\Users\Gabe\AppData\Roaming\WildTangent

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 148 bytes -> C:\ProgramData\Temp:AD022376
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:D346F792
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:373E1720

< End of report >

#2
emeraldnzl

Posted 26 January 2014 - 08:55 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Hello seniorj12,

Welcome to Geekstogo.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Right click to run as administrator. When the tool opens click Yes to disclaimer.
Press Scan button.
It will produce a log called (FRST.txt) in the same directory the tool is run from.
Please copy and paste log back here.
The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.

#3
seniorj12

Posted 26 January 2014 - 09:06 PM

New Member

Topic Starter
Member
9 posts

Here is the FRST:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-01-2014 02
Ran by Gabe (administrator) on AARONS-HP on 26-01-2014 22:01:49
Running from C:\Users\Gabe\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
() C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\Windows\System32\dmwu.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlservice.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
() C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
(Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
() C:\ProgramData\GorillaPrice\WatGorp.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft) C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Conduit) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Conduit) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(Conduit) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
() C:\Windows\SysWOW64\jmdp\stij.exe
() C:\Windows\System32\ljkb\stij.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\main.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\DataProxy.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlvknlg64.exe
(TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlvknlg32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-03-11] (IDT, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPConnectionManager] - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [94264 2011-02-15] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520 2011-01-27] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [TaskTray] - [x]
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [78352 2012-09-03] (cyberlink)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [ISUSScheduler] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-08-09] (InstallShield Software Corporation)
HKLM-x32\...\Run: [RazerGameBooster] - C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe [61152 2013-11-22] (Razer Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKCU\...\Run: [EPSON NX420 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCA.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [Epson Stylus NX420(Network)] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCA.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [EPSON21A3F5 (Epson Stylus NX420)] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCA.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [Jump Desktop] - C:\Program Files (x86)\Jump Desktop\JumpDesktop.exe autorun
HKCU\...\Run: [690A3B64279ECB48B1C83D88E3FB162ECEE653EF._service_run] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863184 2013-12-03] (Google Inc.)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
MountPoints2: H - H:\LGAutoRun.exe
MountPoints2: {46d7bfa2-30be-11e2-b70c-2c27d7d4d60a} - G:\LGAutoRun.exe
MountPoints2: {5e8b317f-5912-11e2-af3e-2c27d7d4d60a} - G:\LGAutoRun.exe
HKU\Aarons\...\Run: [Epson Stylus NX420(Network)] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCA.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKU\Aarons\...\Run: [EPSON21A3F5 (Epson Stylus NX420)] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCA.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKU\Aarons\...\Run: [ISUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-08-09] (InstallShield Software Corporation)
HKU\Aarons\...\Run: [Optimizer Pro] - C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [135672 2013-08-28] (PC Utilities Pro)
HKU\Aarons\...\Run: [EPLTarget\P0000000000000004] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHMA.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\Aarons\...\Run: [EPLTarget\P0000000000000003] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHMA.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\Aarons\...\Run: [ooVoo.exe] - C:\Program Files (x86)\ooVoo\oovoo.exe [35489856 2013-10-31] (ooVoo LLC)
HKU\Aarons\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18705664 2013-01-08] (Skype Technologies S.A.)
HKU\Aarons\...\Policies\system: [DisableLockWorkstation] 0
HKU\Aarons\...\Policies\system: [DisableChangePassword] 0
HKU\Aarons\...\Policies\system: [LogonHoursAction] 2
HKU\Aarons\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1344800 2014-01-01] (Conduit)
AppInit_DLLs: c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll => File Not Found
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => File Not Found
AppInit_DLLs: c:\progra~2\optimi~1\optpro~2.dll => C:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll [2533376 2013-09-16] ()
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1037600 2014-01-01] (Conduit)

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.as...APN10379&gct=hp
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/...Date=27/04/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/...Date=27/04/2013
URLSearchHook: HKLM-x32 - SweetPacks Toolbar - {7e8a1050-cf67-4575-92df-dcc60e7d952d} - C:\Program Files (x86)\SweetPacks\prxtbSwee.dll (Conduit Ltd.)
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: HKCU - (No Name) - {739df940-c5ee-4bab-9d7e-270894ae687a} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM - {01900FB1-3A50-4BED-8BCF-7DC6EC494919} URL =
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPNTDF
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKLM - {F0C07441-FD14-4F34-9C4C-A673AFE4ADE0} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {01900FB1-3A50-4BED-8BCF-7DC6EC494919} URL =
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snap.do/...Date=27/04/2013
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpa...4-2C27D7D4D60A}
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-se...A73002637BD3942
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snap.do/...Date=27/04/2013
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKCU - {01900FB1-3A50-4BED-8BCF-7DC6EC494919} URL = http://search.condui...8301740737&UM=2
SearchScopes: HKCU - {0DD553EC-A1C1-465A-979B-9051C98E32A7} URL = http://websearch.ask...4E-A0851C15FC2A
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www2.delta-se...A73002637BD3942
SearchScopes: HKCU - {1DFCB6D7-5E91-42F8-9428-5725C69AF113} URL = http://search.condui...q={searchTerms}
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPNTDF
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKCU - {E48C925F-FF59-41AC-832C-0EE3A5DDB1B3} URL = http://websearch.ask...4E-A0851C15FC2A
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://mysearch.swee...}&barid=&&st=23
SearchScopes: HKCU - {F0C07441-FD14-4F34-9C4C-A673AFE4ADE0} URL = http://www.amazon.co...s={searchTerms}
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Webexp Enhanced - {a74072b1-001f-4bbc-9424-0ab837861407} - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha203\ie\WebexpEnhancedV1alpha203.dll ()
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: No Name - {D426CFA3-F742-4C87-BFCE-76D5EEBC6FF4} - No File
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Video Player - {fc122d33-6ab0-4b99-afc2-b6cf9a42c4d8} - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta7\ie\VideoPlayerV3beta7.dll ()
Toolbar: HKLM-x32 - No Name - {6e47d688-85ec-465a-9946-ec58220f14fc} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {739DF940-C5EE-4BAB-9D7E-270894AE687A} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.h...hpdetect118.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 65.32.5.111 65.32.5.112

Chrome:
=======
CHR Extension: (Website Logon) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe [2012-08-25]
CHR Extension: (FVD Video Downloader Launcher) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahlokhnddogldlplgkdgmfidibpgenoi [2013-01-04]
CHR Extension: (Hulu - TV Shows) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\babdabjblhdjecooajkeenhbaegcdcgk [2012-08-25]
CHR Extension: (YouTube) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-08-25]
CHR Extension: (Facebook) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2012-08-25]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-08-25]
CHR Extension: (Hulu on fire) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\chgllnbkldfofeogfpbhciondkbendep [2012-08-25]
CHR Extension: (Google Search) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-09]
CHR Extension: (Netflix) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2012-08-25]
CHR Extension: (Updater By SweetPacks) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd [2013-05-12]
CHR Extension: (avast! WebRep) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2013-02-28]
CHR Extension: (FVD Video Downloader) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2013-01-04]
CHR Extension: (Skype Click to Call) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-08-25]
CHR Extension: (Happy Wheels) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljdngafdeknonigdklkdlolkefpigejp [2012-11-22]
CHR Extension: (Fieldrunners) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpikhjbfbffdblahfidklcohlaeabak [2012-12-09]
CHR Extension: (Guitar Geek) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpijogomejcpdhifkigopflephcmopal [2013-01-04]
CHR Extension: (Amazing Coupons) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjildcbkilmkddbbpbjljljdmmlfeppl [2013-04-27]
CHR Extension: (RelevantKnowledge) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle [2013-12-29]
CHR Extension: (3Dnator) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgjpfdjhlimkkdgnecbgnefdafbcncc [2012-08-25]
CHR Extension: (Vid-Saver) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc [2012-10-25]
CHR Extension: (Gmail) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-09-09]
CHR Extension: (Abstract-Blue) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa [2012-08-25]
CHR Extension: (Canvas Rider) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2012-08-25]
CHR HKLM-x32\...\Chrome\Extension: [aaaanijiojpcccpkjdjjmjghddcgcbfj] - C:\Users\Aarons\AppData\Local\APN\GoogleCRXs\aaaanijiojpcccpkjdjjmjghddcgcbfj_7.17.6.0.crx [2013-04-05]
CHR HKLM-x32\...\Chrome\Extension: [aepeildmfnnehghlknddebgjghlompfe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-02-11]
CHR HKLM-x32\...\Chrome\Extension: [banjjklfojcdbofbhbgiedekefohoaff] - C:\Users\Aarons\AppData\Local\CRE\banjjklfojcdbofbhbgiedekefohoaff.crx [2013-09-04]
CHR HKLM-x32\...\Chrome\Extension: [bbffdhejhaoiflnpooogkckfdcmmjppn] - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx [2013-09-04]
CHR HKLM-x32\...\Chrome\Extension: [bcfjehbfanfhgoehogmbiebedkidedjb] - C:\Users\Aarons\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx [2013-03-19]
CHR HKLM-x32\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files (x86)\BetterSurf\ch\Chrome.crx [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Aarons\AppData\Roaming\BabSolution\CR\Delta.crx [2013-09-16]
CHR HKLM-x32\...\Chrome\Extension: [fhmbbigfkgcficoehkhadjbokhhaijea] - C:\Program Files (x86)\LyricsPlug\Chrome.crx [2013-04-23]
CHR HKLM-x32\...\Chrome\Extension: [fmfnfnpmhcllokmkepffndflpnadjmma] - C:\Program Files (x86)\DealPly\DealPly.crx [2013-05-09]
CHR HKLM-x32\...\Chrome\Extension: [hhbgpoakplhahbklhkcfbpicgjcaoglk] - C:\Program Files (x86)\InfoAtoms\Chrome\InfoAtoms.crx [2013-02-28]
CHR HKLM-x32\...\Chrome\Extension: [jnikkfemnfogahcandhlchoengjbeaij] - C:\Program Files (x86)\LyricsWoofer\122.crx [2013-07-14]
CHR HKLM-x32\...\Chrome\Extension: [jnljpifflnndjilhoijmpjecfejgeecl] - C:\ProgramData\wxDownload\jnljpifflnndjilhoijmpjecfejgeecl.crx [2012-12-01]
CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\Aarons\AppData\Local\Wajam\Chrome\wajam.crx [2013-08-12]
CHR HKLM-x32\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\Aarons\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [2013-05-09]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKLM-x32\...\Chrome\Extension: [mjacbfnchbpaiigeigmffbicddpiggic] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta7\ch\VideoPlayerV3beta7.crx [2014-01-07]
CHR HKLM-x32\...\Chrome\Extension: [mkndcbhcgphcfkkddanakjiepeknbgle] - C:\Program Files (x86)\RelevantKnowledge\rlcm.crx [2013-12-29]
CHR HKLM-x32\...\Chrome\Extension: [mknfioaoingmjlbnpdginnnojpbiijkd] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha203\ch\WebexpEnhancedV1alpha203.crx [2013-12-19]
CHR HKLM-x32\...\Chrome\Extension: [mnmfolkogpnljmojkkkhoknhdkjphcmh] - C:\ProgramData\wxDownload\mnmfolkogpnljmojkkkhoknhdkjphcmh.crx [2012-12-01]
CHR HKLM-x32\...\Chrome\Extension: [neebgdeaohaofdhldpobdpfocdonmgki] - C:\Users\Aarons\AppData\Local\CRE\neebgdeaohaofdhldpobdpfocdonmgki.crx [2013-05-06]
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files (x86)\Yontoo\YontooLayers.crx [2013-05-06]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\jmdp\SweetNT.crx [2013-05-06]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2012-11-25] ()
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-12-05] (Advanced Micro Devices, Inc.)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [245264 2012-09-03] (CyberLink)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2301216 2014-01-01] (Conduit)
R2 GorillaPrice; C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe [624128 2013-12-12] ()
R2 IBUpdaterService; C:\Windows\system32\dmwu.exe [1833776 2013-12-29] ()
R2 RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [198424 2013-11-13] (TMRG, Inc.)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2013-11-22] (Razer Inc.)
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2013-12-10] (Razer, Inc.)
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)
R2 Updater By SweetPacks; C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe [188760 2013-07-01] ()
R2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2013-08-12] (Wajam)
R2 WatGorp; C:\ProgramData\GorillaPrice\WatGorp.exe [70144 2013-12-12] ()
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
R2 Yontoo Desktop Updater; C:\Users\Aarons\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-04-30] (Yontoo LLC)

==================== Drivers (Whitelisted) ====================

S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52320 2013-03-29] (http://libusb-win32.sourceforge.net)
R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2013-12-10] (Razer, Inc.)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74432 2013-12-10] (Razer, Inc.)
R3 stdpms; C:\Windows\System32\DRIVERS\stdpms.sys [28904 2013-10-22] (Splashtop Inc.)
S3 ALSysIO; \??\C:\Users\Aarons\AppData\Local\Temp\ALSysIO64.sys [x]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-01-26 22:01 - 2014-01-26 22:02 - 00029995 _____ C:\Users\Gabe\Desktop\FRST.txt
2014-01-26 22:01 - 2014-01-26 22:01 - 00000000 ____D C:\FRST
2014-01-26 22:00 - 2014-01-26 22:00 - 02078208 _____ (Farbar) C:\Users\Gabe\Desktop\FRST64.exe
2014-01-26 21:32 - 2014-01-26 21:37 - 02685646 _____ C:\Users\Aarons\Desktop\Sneakker Geeekz.psd
2014-01-26 17:18 - 2014-01-26 17:18 - 00332994 _____ C:\Users\Gabe\Downloads\OTLfull.Txt
2014-01-26 17:06 - 2014-01-26 17:06 - 00675988 _____ C:\Users\Gabe\Downloads\Minecraft.exe
2014-01-26 16:28 - 2014-01-26 16:28 - 00106178 _____ C:\Users\Gabe\Downloads\Extras.Txt
2014-01-26 16:26 - 2014-01-26 17:18 - 00332994 _____ C:\Users\Gabe\Downloads\OTL.Txt
2014-01-26 16:13 - 2014-01-26 16:13 - 00602112 _____ (OldTimer Tools) C:\Users\Gabe\Downloads\OTL.exe
2014-01-25 23:54 - 2014-01-25 23:54 - 00022150 _____ C:\Users\Gabe\Downloads\123704420311.zip
2014-01-25 23:50 - 2014-01-25 23:50 - 00002090 _____ C:\Users\Gabe\Downloads\125952568110.stk
2014-01-25 23:34 - 2014-01-25 23:34 - 00000990 _____ C:\Users\Public\Desktop\Pivot Animator.lnk
2014-01-25 23:34 - 2014-01-25 23:34 - 00000000 ____D C:\ProgramData\Pivot Animator
2014-01-25 23:34 - 2014-01-25 23:34 - 00000000 ____D C:\Program Files (x86)\Pivot Animator
2014-01-25 23:33 - 2014-01-25 23:33 - 01765888 _____ C:\Users\Gabe\Downloads\Pivot_hrdc_ns.exe
2014-01-25 17:25 - 2014-01-25 17:25 - 00000923 _____ C:\Users\Public\Desktop\Steam.lnk
2014-01-25 17:25 - 2014-01-25 17:25 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-25 17:24 - 2014-01-25 17:24 - 01133552 _____ C:\Users\Aarons\Downloads\SteamSetup.exe
2014-01-25 17:21 - 2014-01-25 17:21 - 00001409 _____ C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-01-25 12:19 - 2014-01-25 12:19 - 00001409 _____ C:\Users\Gabe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-01-25 02:46 - 2014-01-25 02:46 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\mineshafter_squared
2014-01-25 01:28 - 2014-01-25 01:28 - 01133552 _____ C:\Users\Gabe\Downloads\SteamSetup (1).exe
2014-01-21 18:14 - 2014-01-21 18:14 - 00000282 _____ C:\SSUUpdater.log
2014-01-21 18:07 - 2014-01-21 18:07 - 00002150 _____ C:\Users\Gabe\Desktop\Splashtop Streamer.lnk
2014-01-21 17:56 - 2014-01-21 17:56 - 00000000 ____D C:\ProgramData\Splashtop
2014-01-21 17:56 - 2014-01-21 17:56 - 00000000 ____D C:\Program Files (x86)\Splashtop
2014-01-21 17:52 - 2014-01-21 17:52 - 05966934 _____ (Splashtop Inc.) C:\Users\Gabe\Downloads\Splashtop_Business_Win_v2.4.5.2.exe
2014-01-20 17:35 - 2014-01-20 17:35 - 00000000 _____ C:\Windows\SysWOW64\sho4EC1.tmp
2014-01-18 15:22 - 2014-01-18 15:22 - 00942519 _____ C:\Users\Aarons\Downloads\(11) Facebook.htm
2014-01-18 15:22 - 2014-01-18 15:22 - 00000000 ____D C:\Users\Aarons\Downloads\(11) Facebook_files
2014-01-17 20:16 - 2014-01-17 20:17 - 05326304 _____ C:\Users\Gabe\Downloads\Synaptics_v17_0_19_C_XP32_Vista32_Win7-32_XP64_Vista64_Win7-64_Acme_Inc.zip
2014-01-17 20:10 - 2014-01-17 20:10 - 01133552 _____ C:\Users\Gabe\Downloads\SteamSetup.exe
2014-01-16 15:20 - 2013-11-26 20:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-16 15:20 - 2013-11-26 20:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-16 15:20 - 2013-11-26 20:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-16 15:20 - 2013-11-26 20:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-16 15:20 - 2013-11-26 20:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-16 15:20 - 2013-11-26 20:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-16 15:20 - 2013-11-26 20:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-16 15:20 - 2013-11-26 06:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-16 15:20 - 2013-11-26 05:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-16 15:18 - 2014-01-16 15:18 - 00000000 ____D C:\Windows\SysWOW64\SearchProtect
2014-01-14 13:10 - 2014-01-14 13:10 - 00458680 _____ C:\Users\Aarons\Downloads\Setup (1).exe
2014-01-10 16:16 - 2014-01-10 16:16 - 00000000 ____D C:\Program Files (x86)\VideoPlayerV3
2014-01-08 21:47 - 2014-01-08 21:47 - 00474536 _____ C:\Users\Aarons\Downloads\Setup.exe
2014-01-08 12:20 - 2014-01-08 12:20 - 00000000 ____D C:\Windows\SysWOW64\jmdp
2014-01-08 12:20 - 2014-01-08 12:20 - 00000000 ____D C:\Windows\system32\ljkb
2014-01-08 10:41 - 2014-01-08 10:41 - 467617700 _____ C:\Windows\MEMORY.DMP
2014-01-08 10:41 - 2014-01-08 10:41 - 00354216 _____ C:\Windows\Minidump\010814-20779-01.dmp
2014-01-08 09:13 - 2013-04-09 18:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-01-08 09:13 - 2013-04-02 17:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-01-08 09:12 - 2014-01-08 09:12 - 00002085 _____ C:\Users\Public\Desktop\Razer Game Booster.lnk
2014-01-07 16:16 - 2014-01-07 16:16 - 00001743 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-07 16:15 - 2014-01-07 21:36 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-07 16:15 - 2014-01-07 16:16 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-07 16:15 - 2014-01-07 16:16 - 00000000 ____D C:\Program Files\iTunes
2014-01-07 16:15 - 2014-01-07 16:15 - 00000000 ____D C:\Program Files\iPod
2014-01-07 16:12 - 2014-01-07 16:23 - 348027174 _____ C:\Users\Aarons\Downloads\iPod2,1_4.1_8B117_Restore.ipsw
2014-01-07 16:07 - 2014-01-07 16:08 - 80521624 _____ (Apple Inc.) C:\Users\Aarons\Downloads\iTunes64Setup.exe
2014-01-07 00:05 - 2014-01-07 00:05 - 01053468 _____ C:\Users\Aarons\Downloads\{REQUEST}_downloader (1).exe
2014-01-07 00:04 - 2014-01-07 00:04 - 02248068 _____ C:\Users\Aarons\Downloads\{REQUEST}_downloader.exe
2014-01-07 00:03 - 2014-01-07 00:03 - 00001013 _____ C:\Users\Aarons\Downloads\[kickass.to]on.the.jellicoe.road.melina.marchetta.epub.torrent
2014-01-06 23:09 - 2014-01-06 23:09 - 00000000 ____D C:\Users\Aarons\AppData\Local\Razer
2014-01-06 12:24 - 2014-01-06 12:28 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\HandBrake
2014-01-06 09:22 - 2014-01-06 09:22 - 00000000 ____D C:\Users\Gabe\Documents\Razer
2014-01-06 09:22 - 2014-01-06 09:22 - 00000000 ____D C:\Users\Gabe\AppData\Local\Razer_Inc
2014-01-06 08:50 - 2014-01-06 08:50 - 00002215 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-06 04:19 - 2014-01-06 04:22 - 00000000 ____D C:\7a699e70de224dc21954db
2014-01-06 03:32 - 2014-01-06 03:35 - 00000000 ____D C:\fba59dd2b5adb9a0a2a5205e
2014-01-06 03:22 - 2014-01-06 03:22 - 00003242 _____ C:\Windows\System32\Tasks\{4B4AB9CF-0B31-4412-AED4-114DBEA463B5}
2014-01-06 02:47 - 2014-01-26 20:14 - 00006914 _____ C:\Windows\setupact.log
2014-01-06 02:47 - 2014-01-26 20:13 - 00165938 _____ C:\Windows\PFRO.log
2014-01-06 02:47 - 2014-01-06 02:47 - 00000000 _____ C:\Windows\setuperr.log
2014-01-06 02:46 - 2014-01-06 02:46 - 00000000 _____ C:\Windows\SysWOW64\shoF2AE.tmp
2014-01-06 02:19 - 2014-01-06 02:19 - 00064576 _____ C:\Users\Gabe\Documents\cc_20140106_021928.reg
2014-01-06 02:06 - 2014-01-06 02:37 - 00000000 ____D C:\28c9c4c20c3a25b3c3
2014-01-03 16:53 - 2014-01-03 16:53 - 00000000 _____ C:\Windows\SysWOW64\sho47BC.tmp
2014-01-02 22:38 - 2014-01-26 01:01 - 00435200 _____ C:\Users\Gabe\AppData\Roaming\RZR_01925f6a4f7eaeedfb42bcd2a208.db
2014-01-02 22:36 - 2014-01-08 09:12 - 00000000 ____D C:\Users\Gabe\AppData\Local\Razer
2014-01-02 22:31 - 2014-01-02 22:31 - 00001224 _____ C:\Users\Gabe\Desktop\Razer Comms.lnk
2014-01-02 22:31 - 2014-01-02 22:31 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_RzFilter_01009.Wdf
2014-01-02 22:31 - 2013-12-10 19:14 - 00129472 _____ (Razer, Inc.) C:\Windows\system32\Drivers\RzDxgk.sys
2014-01-02 22:31 - 2013-12-10 19:14 - 00074432 _____ (Razer, Inc.) C:\Windows\system32\Drivers\RzFilter.sys
2014-01-02 22:30 - 2014-01-08 09:12 - 00000000 ____D C:\ProgramData\Razer
2014-01-02 22:30 - 2014-01-06 09:21 - 00000000 ____D C:\Program Files (x86)\Razer
2014-01-02 22:30 - 2014-01-02 22:30 - 00000000 ____D C:\Windows\Razer Core
2013-12-29 16:40 - 2013-11-13 15:50 - 00970520 _____ (TMRG, Inc.) C:\Windows\system32\rlls64.dll
2013-12-29 16:40 - 2013-11-13 15:50 - 00660248 _____ (TMRG, Inc.) C:\Windows\SysWOW64\rlls.dll
2013-12-29 16:37 - 2013-12-29 16:37 - 00000000 ____D C:\Users\Gabe\AppData\Local\SearchProtect
2013-12-29 15:56 - 2014-01-26 22:01 - 00000000 ____D C:\Program Files (x86)\RelevantKnowledge
2013-12-29 15:54 - 2013-12-29 16:29 - 00000000 ____D C:\Users\Aarons\AppData\Roaming\Open Download Manager
2013-12-29 15:53 - 2013-12-29 15:53 - 00000000 ____D C:\ProgramData\GorillaPrice
2013-12-29 15:53 - 2013-12-29 15:53 - 00000000 ____D C:\Program Files (x86)\GorillaPrice
2013-12-29 15:52 - 2013-12-29 22:49 - 00000000 ____D C:\Program Files (x86)\OpenDownloaderManager
2013-12-29 15:52 - 2013-12-29 15:53 - 00000000 ____D C:\Users\Aarons\AppData\Local\SearchProtect
2013-12-27 20:25 - 1998-12-24 20:23 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBAME.DLL

==================== One Month Modified Files and Folders =======

2014-01-26 22:02 - 2014-01-26 22:01 - 00029995 _____ C:\Users\Gabe\Desktop\FRST.txt
2014-01-26 22:01 - 2014-01-26 22:01 - 00000000 ____D C:\FRST
2014-01-26 22:01 - 2013-12-29 15:56 - 00000000 ____D C:\Program Files (x86)\RelevantKnowledge
2014-01-26 22:00 - 2014-01-26 22:00 - 02078208 _____ (Farbar) C:\Users\Gabe\Desktop\FRST64.exe
2014-01-26 21:59 - 2013-03-21 19:46 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-26 21:59 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2014-01-26 21:58 - 2013-08-03 11:53 - 00001094 _____ C:\Windows\Tasks\Safe Saver-enabler.job
2014-01-26 21:58 - 2013-08-03 11:52 - 00001900 _____ C:\Windows\Tasks\Safe Saver-chromeinstaller.job
2014-01-26 21:58 - 2013-08-03 11:52 - 00001824 _____ C:\Windows\Tasks\Safe Saver-firefoxinstaller.job
2014-01-26 21:58 - 2013-08-03 11:52 - 00001194 _____ C:\Windows\Tasks\Safe Saver-codedownloader.job
2014-01-26 21:58 - 2013-05-10 23:44 - 00000360 _____ C:\Windows\Tasks\AmiUpdXp.job
2014-01-26 21:58 - 2013-03-02 18:30 - 00000396 _____ C:\Windows\Tasks\LyricStar Update.job
2014-01-26 21:52 - 2013-03-21 19:46 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-26 21:37 - 2014-01-26 21:32 - 02685646 _____ C:\Users\Aarons\Desktop\Sneakker Geeekz.psd
2014-01-26 21:35 - 2012-11-22 11:04 - 01271254 _____ C:\Windows\WindowsUpdate.log
2014-01-26 21:30 - 2012-06-25 18:11 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-26 20:21 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-26 20:21 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-26 20:19 - 2012-02-24 11:26 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{63C9AABB-0CD9-41B8-B9CB-F7224580E5E5}
2014-01-26 20:14 - 2014-01-06 02:47 - 00006914 _____ C:\Windows\setupact.log
2014-01-26 20:14 - 2012-12-15 14:10 - 00000000 ____D C:\ProgramData\boost_interprocess
2014-01-26 20:14 - 2012-08-10 16:50 - 00000000 ____D C:\Users\Aarons\AppData\Roaming\Skype
2014-01-26 20:14 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-26 20:13 - 2014-01-06 02:47 - 00165938 _____ C:\Windows\PFRO.log
2014-01-26 18:58 - 2013-02-08 10:25 - 00000336 _____ C:\Windows\Tasks\HPCeeScheduleForAarons.job
2014-01-26 17:31 - 2012-08-19 13:42 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\.minecraft
2014-01-26 17:18 - 2014-01-26 17:18 - 00332994 _____ C:\Users\Gabe\Downloads\OTLfull.Txt
2014-01-26 17:18 - 2014-01-26 16:26 - 00332994 _____ C:\Users\Gabe\Downloads\OTL.Txt
2014-01-26 17:06 - 2014-01-26 17:06 - 00675988 _____ C:\Users\Gabe\Downloads\Minecraft.exe
2014-01-26 16:28 - 2014-01-26 16:28 - 00106178 _____ C:\Users\Gabe\Downloads\Extras.Txt
2014-01-26 16:13 - 2014-01-26 16:13 - 00602112 _____ (OldTimer Tools) C:\Users\Gabe\Downloads\OTL.exe
2014-01-26 13:18 - 2009-07-14 00:08 - 00032644 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-26 02:27 - 2012-09-07 15:32 - 00000000 ____D C:\Users\Gabe\AppData\Local\CrashDumps
2014-01-26 02:00 - 2012-09-09 17:12 - 00000000 ____D C:\Users\Gabe\AppData\Local\Adobe
2014-01-26 01:01 - 2014-01-02 22:38 - 00435200 _____ C:\Users\Gabe\AppData\Roaming\RZR_01925f6a4f7eaeedfb42bcd2a208.db
2014-01-25 23:54 - 2014-01-25 23:54 - 00022150 _____ C:\Users\Gabe\Downloads\123704420311.zip
2014-01-25 23:50 - 2014-01-25 23:50 - 00002090 _____ C:\Users\Gabe\Downloads\125952568110.stk
2014-01-25 23:34 - 2014-01-25 23:34 - 00000990 _____ C:\Users\Public\Desktop\Pivot Animator.lnk
2014-01-25 23:34 - 2014-01-25 23:34 - 00000000 ____D C:\ProgramData\Pivot Animator
2014-01-25 23:34 - 2014-01-25 23:34 - 00000000 ____D C:\Program Files (x86)\Pivot Animator
2014-01-25 23:33 - 2014-01-25 23:33 - 01765888 _____ C:\Users\Gabe\Downloads\Pivot_hrdc_ns.exe
2014-01-25 22:48 - 2012-08-19 13:27 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{87765B85-AB53-462B-9F7A-6ABABA16FBBD}
2014-01-25 17:59 - 2013-05-09 18:59 - 00000408 ____H C:\Windows\Tasks\Norton Security Scan for Aarons.job
2014-01-25 17:25 - 2014-01-25 17:25 - 00000923 _____ C:\Users\Public\Desktop\Steam.lnk
2014-01-25 17:25 - 2014-01-25 17:25 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-25 17:24 - 2014-01-25 17:24 - 01133552 _____ C:\Users\Aarons\Downloads\SteamSetup.exe
2014-01-25 17:21 - 2014-01-25 17:21 - 00001409 _____ C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-01-25 17:21 - 2012-08-30 06:50 - 00001403 _____ C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-25 12:22 - 2012-06-25 18:11 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-25 12:22 - 2012-06-25 18:11 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-25 12:22 - 2012-06-25 18:11 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-25 12:19 - 2014-01-25 12:19 - 00001409 _____ C:\Users\Gabe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-01-25 12:19 - 2012-08-19 13:27 - 00001403 _____ C:\Users\Gabe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-25 12:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2014-01-25 11:49 - 2007-01-01 20:25 - 00000000 ____D C:\Windows\Panther
2014-01-25 02:56 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2014-01-25 02:46 - 2014-01-25 02:46 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\mineshafter_squared
2014-01-25 01:28 - 2014-01-25 01:28 - 01133552 _____ C:\Users\Gabe\Downloads\SteamSetup (1).exe
2014-01-24 22:37 - 2013-02-28 18:14 - 00000000 ____D C:\Windows\pss
2014-01-24 22:37 - 2012-08-19 13:27 - 00000000 ___RD C:\Users\Gabe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-24 15:28 - 2012-08-30 07:14 - 00000000 ____D C:\Users\Aarons\AppData\Local\Adobe
2014-01-22 18:58 - 2013-02-08 10:25 - 00003192 _____ C:\Windows\System32\Tasks\HPCeeScheduleForAarons
2014-01-22 16:16 - 2012-02-24 12:38 - 00000000 ____D C:\Users\Aarons\AppData\Local\CrashDumps
2014-01-22 15:13 - 2009-07-14 00:13 - 00783360 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-22 13:35 - 2013-05-13 00:02 - 00000000 ____D C:\Users\Aarons\AppData\Roaming\Yontoo
2014-01-21 18:14 - 2014-01-21 18:14 - 00000282 _____ C:\SSUUpdater.log
2014-01-21 18:07 - 2014-01-21 18:07 - 00002150 _____ C:\Users\Gabe\Desktop\Splashtop Streamer.lnk
2014-01-21 17:56 - 2014-01-21 17:56 - 00000000 ____D C:\ProgramData\Splashtop
2014-01-21 17:56 - 2014-01-21 17:56 - 00000000 ____D C:\Program Files (x86)\Splashtop
2014-01-21 17:52 - 2014-01-21 17:52 - 05966934 _____ (Splashtop Inc.) C:\Users\Gabe\Downloads\Splashtop_Business_Win_v2.4.5.2.exe
2014-01-20 17:35 - 2014-01-20 17:35 - 00000000 _____ C:\Windows\SysWOW64\sho4EC1.tmp
2014-01-18 15:22 - 2014-01-18 15:22 - 00942519 _____ C:\Users\Aarons\Downloads\(11) Facebook.htm
2014-01-18 15:22 - 2014-01-18 15:22 - 00000000 ____D C:\Users\Aarons\Downloads\(11) Facebook_files
2014-01-17 20:17 - 2014-01-17 20:16 - 05326304 _____ C:\Users\Gabe\Downloads\Synaptics_v17_0_19_C_XP32_Vista32_Win7-32_XP64_Vista64_Win7-64_Acme_Inc.zip
2014-01-17 20:10 - 2014-01-17 20:10 - 01133552 _____ C:\Users\Gabe\Downloads\SteamSetup.exe
2014-01-16 18:01 - 2009-07-13 23:45 - 04990000 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-16 15:18 - 2014-01-16 15:18 - 00000000 ____D C:\Windows\SysWOW64\SearchProtect
2014-01-16 15:18 - 2013-09-05 14:32 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2014-01-15 22:34 - 2012-09-11 19:19 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\SoftGrid Client
2014-01-14 13:10 - 2014-01-14 13:10 - 00458680 _____ C:\Users\Aarons\Downloads\Setup (1).exe
2014-01-12 17:20 - 2013-05-13 00:02 - 00000000 ____D C:\Program Files (x86)\Yontoo
2014-01-11 22:51 - 2013-02-08 10:25 - 00003220 _____ C:\Windows\System32\Tasks\HPCeeScheduleForAARONS-HP$
2014-01-11 22:51 - 2013-02-08 10:25 - 00000344 _____ C:\Windows\Tasks\HPCeeScheduleForAARONS-HP$.job
2014-01-10 16:17 - 2013-12-20 15:45 - 00000168 _____ C:\extensions.ini
2014-01-10 16:16 - 2014-01-10 16:16 - 00000000 ____D C:\Program Files (x86)\VideoPlayerV3
2014-01-08 21:47 - 2014-01-08 21:47 - 00474536 _____ C:\Users\Aarons\Downloads\Setup.exe
2014-01-08 18:55 - 2011-09-26 02:35 - 00775974 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-08 12:20 - 2014-01-08 12:20 - 00000000 ____D C:\Windows\SysWOW64\jmdp
2014-01-08 12:20 - 2014-01-08 12:20 - 00000000 ____D C:\Windows\system32\ljkb
2014-01-08 10:41 - 2014-01-08 10:41 - 467617700 _____ C:\Windows\MEMORY.DMP
2014-01-08 10:41 - 2014-01-08 10:41 - 00354216 _____ C:\Windows\Minidump\010814-20779-01.dmp
2014-01-08 10:41 - 2012-08-07 16:28 - 00000000 ____D C:\Windows\Minidump
2014-01-08 09:12 - 2014-01-08 09:12 - 00002085 _____ C:\Users\Public\Desktop\Razer Game Booster.lnk
2014-01-08 09:12 - 2014-01-02 22:36 - 00000000 ____D C:\Users\Gabe\AppData\Local\Razer
2014-01-08 09:12 - 2014-01-02 22:30 - 00000000 ____D C:\ProgramData\Razer
2014-01-07 21:36 - 2014-01-07 16:15 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-07 16:23 - 2014-01-07 16:12 - 348027174 _____ C:\Users\Aarons\Downloads\iPod2,1_4.1_8B117_Restore.ipsw
2014-01-07 16:16 - 2014-01-07 16:16 - 00001743 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-07 16:16 - 2014-01-07 16:15 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-07 16:16 - 2014-01-07 16:15 - 00000000 ____D C:\Program Files\iTunes
2014-01-07 16:15 - 2014-01-07 16:15 - 00000000 ____D C:\Program Files\iPod
2014-01-07 16:08 - 2014-01-07 16:07 - 80521624 _____ (Apple Inc.) C:\Users\Aarons\Downloads\iTunes64Setup.exe
2014-01-07 15:49 - 2012-06-25 17:27 - 00000000 ____D C:\Users\Aarons\AppData\Local\Google
2014-01-07 00:05 - 2014-01-07 00:05 - 01053468 _____ C:\Users\Aarons\Downloads\{REQUEST}_downloader (1).exe
2014-01-07 00:04 - 2014-01-07 00:04 - 02248068 _____ C:\Users\Aarons\Downloads\{REQUEST}_downloader.exe
2014-01-07 00:03 - 2014-01-07 00:03 - 00001013 _____ C:\Users\Aarons\Downloads\[kickass.to]on.the.jellicoe.road.melina.marchetta.epub.torrent
2014-01-06 23:10 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-06 23:09 - 2014-01-06 23:09 - 00000000 ____D C:\Users\Aarons\AppData\Local\Razer
2014-01-06 12:28 - 2014-01-06 12:24 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\HandBrake
2014-01-06 12:28 - 2012-09-21 14:24 - 00000000 ____D C:\Users\Gabe\Desktop\League of legends
2014-01-06 09:22 - 2014-01-06 09:22 - 00000000 ____D C:\Users\Gabe\Documents\Razer
2014-01-06 09:22 - 2014-01-06 09:22 - 00000000 ____D C:\Users\Gabe\AppData\Local\Razer_Inc
2014-01-06 09:21 - 2014-01-02 22:30 - 00000000 ____D C:\Program Files (x86)\Razer
2014-01-06 08:52 - 2012-08-25 10:08 - 00000000 ____D C:\Users\Gabe\AppData\Local\Google
2014-01-06 08:50 - 2014-01-06 08:50 - 00002215 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-06 08:50 - 2013-03-21 19:46 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-06 04:22 - 2014-01-06 04:19 - 00000000 ____D C:\7a699e70de224dc21954db
2014-01-06 03:35 - 2014-01-06 03:32 - 00000000 ____D C:\fba59dd2b5adb9a0a2a5205e
2014-01-06 03:26 - 2013-02-28 17:52 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-06 03:22 - 2014-01-06 03:22 - 00003242 _____ C:\Windows\System32\Tasks\{4B4AB9CF-0B31-4412-AED4-114DBEA463B5}
2014-01-06 03:18 - 2013-09-16 12:41 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\uTorrent
2014-01-06 02:47 - 2014-01-06 02:47 - 00000000 _____ C:\Windows\setuperr.log
2014-01-06 02:46 - 2014-01-06 02:46 - 00000000 _____ C:\Windows\SysWOW64\shoF2AE.tmp
2014-01-06 02:37 - 2014-01-06 02:06 - 00000000 ____D C:\28c9c4c20c3a25b3c3
2014-01-06 02:22 - 2012-06-27 19:50 - 00000000 ____D C:\Users\Aarons\Documents\Youcam
2014-01-06 02:19 - 2014-01-06 02:19 - 00064576 _____ C:\Users\Gabe\Documents\cc_20140106_021928.reg
2014-01-05 16:31 - 2012-02-24 11:24 - 00082496 _____ C:\Users\Aarons\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-03 16:53 - 2014-01-03 16:53 - 00000000 _____ C:\Windows\SysWOW64\sho47BC.tmp
2014-01-02 22:35 - 2012-08-19 13:28 - 00082496 _____ C:\Users\Gabe\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-02 22:31 - 2014-01-02 22:31 - 00001224 _____ C:\Users\Gabe\Desktop\Razer Comms.lnk
2014-01-02 22:31 - 2014-01-02 22:31 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_RzFilter_01009.Wdf
2014-01-02 22:30 - 2014-01-02 22:30 - 00000000 ____D C:\Windows\Razer Core
2014-01-02 19:06 - 2013-06-26 15:16 - 00000000 ____D C:\Windows\SysWOW64\WNLT
2014-01-02 19:06 - 2013-06-26 15:16 - 00000000 ____D C:\Windows\SysWOW64\ARFC
2014-01-02 19:05 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-31 20:55 - 2012-07-29 17:08 - 00000000 ____D C:\Users\Aarons\Documents\VirtualDJ
2013-12-31 12:03 - 2013-05-12 20:15 - 00000000 ____D C:\Program Files (x86)\LyricsPlug
2013-12-31 12:02 - 2013-02-02 14:34 - 00000000 ____D C:\Program Files (x86)\GadgetBox
2013-12-29 22:49 - 2013-12-29 15:52 - 00000000 ____D C:\Program Files (x86)\OpenDownloaderManager
2013-12-29 22:08 - 2012-08-24 19:43 - 00000000 ____D C:\Users\Gabe\Documents\Youcam
2013-12-29 21:28 - 2013-01-03 03:53 - 00003180 _____ C:\Windows\System32\Tasks\HPCeeScheduleForGabe
2013-12-29 21:28 - 2013-01-03 03:53 - 00000328 _____ C:\Windows\Tasks\HPCeeScheduleForGabe.job
2013-12-29 16:37 - 2013-12-29 16:37 - 00000000 ____D C:\Users\Gabe\AppData\Local\SearchProtect
2013-12-29 16:29 - 2013-12-29 15:54 - 00000000 ____D C:\Users\Aarons\AppData\Roaming\Open Download Manager
2013-12-29 15:53 - 2013-12-29 15:53 - 00000000 ____D C:\ProgramData\GorillaPrice
2013-12-29 15:53 - 2013-12-29 15:53 - 00000000 ____D C:\Program Files (x86)\GorillaPrice
2013-12-29 15:53 - 2013-12-29 15:52 - 00000000 ____D C:\Users\Aarons\AppData\Local\SearchProtect
2013-12-29 15:52 - 2013-09-26 14:25 - 00000000 _____ C:\end
2013-12-29 05:12 - 2013-06-26 15:16 - 01833776 _____ C:\Windows\system32\dmwu.exe
2013-12-29 05:08 - 2013-06-26 15:16 - 00033792 _____ (IncrediMail, Ltd.) C:\Windows\system32\ImHttpComm.dll
2013-12-27 17:46 - 2013-07-24 10:25 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software

Some content of TEMP:
====================
C:\Users\Aarons\AppData\Local\Temp\nsc45CE.exe
C:\Users\Aarons\AppData\Local\Temp\nsh509A.exe
C:\Users\Aarons\AppData\Local\Temp\nsm49B5.exe
C:\Users\Aarons\AppData\Local\Temp\nsm923C.exe
C:\Users\Aarons\AppData\Local\Temp\nsm95E5.exe
C:\Users\Aarons\AppData\Local\Temp\nss4D30.exe
C:\Users\Aarons\AppData\Local\Temp\nsx99CD.exe
C:\Users\Aarons\AppData\Local\Temp\Setup1.exe
C:\Users\Aarons\AppData\Local\Temp\SPSetup.exe
C:\Users\Gabe\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-01-25 12:09

==================== End Of Log ============================

And here is the Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-01-2014 02
Ran by Gabe at 2014-01-26 22:03:00
Running from C:\Users\Gabe\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Acoustica Mixcraft 6 (x32 Version: b216 - Acoustica)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe AIR (x32 Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.6.0.6090 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (x32 Version: 2.0.2.189 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.38 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (x32 Version: 8.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop.com Inspiration Browser (x32 Version: 3.04 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (x32 Version: 3.04 - Adobe Systems Incorporated) Hidden
Adobe Reader X MUI (x32 Version: 10.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.0.112 - Adobe Systems, Inc.)
AMD APP SDK Runtime (Version: 10.0.851.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (Version: 3.0.859.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2011.1205.2215.39827 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.61205.2219 - Advanced Micro Devices, Inc.) Hidden
AMD System Monitor (x32 Version: 1.0.5 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (x32 Version: 2011.1205.2215.39827 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (x32 Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar (x32 Version: 1.17.6.0 - Ask.com) <==== ATTENTION
AuthenTec TrueAPI (Version: 1.2.1.33 - AuthenTec, Inc.) Hidden
Bamboo Dock (x32 Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Bamboo Tablets Tutorial (x32 Version: 3.0.20 - Wacom) Hidden
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.1205.2215.39827 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.1205.2215.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2011.1205.2215.39827 - Advanced Micro Devices, Inc.) Hidden
CCleaner (Version: 4.04 - Piriform)
Core Temp 1.0 RC3 (Version: 1.0 - Alcpu)
CyberLink PowerDVD (x32 Version: 10.0.5.4504 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.5.4504 - CyberLink Corp.) Hidden
CyberLink YouCam (x32 Version: 3.5.1.4606 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.1.4606 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (Version: 2.10 - Piriform)
DomaIQ (x32 Version: - Tuguu SLU)
DomDomSoft Manga Downloader (remove only) (x32 Version: - )
Download Navigator (x32 Version: 3.4.0 - SEIKO EPSON CORPORATION)
Driver Genius Professional Edition (x32 Version: 10.0 - Driver-Soft Inc.)
DVD Shrink 3.2 (x32 Version: - DVD Shrink)
Energy Star Digital Logo (x32 Version: 1.0.1 - Hewlett-Packard)
EPSON Artisan 1430 Series Printer Uninstall (Version: - SEIKO EPSON Corporation)
Epson Connect (x32 Version: - )
Epson Customer Participation (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (x32 Version: 2.40.0001 - SEIKO EPSON CORPORATION)
EPSON NX420 Series Printer Uninstall (Version: - SEIKO EPSON Corporation)
Epson Print CD (x32 Version: 2.05.00 - SEIKO EPSON CORPORATION)
EPSON Scan (x32 Version: - Seiko Epson Corporation)
EpsonNet Print (x32 Version: 2.5.00 - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (x32 Version: 3.3b - SEIKO EPSON CORPORATION)
ESU for Microsoft Windows 7 (x32 Version: 1.0.0 - Hewlett-Packard)
Evernote v. 4.2.2 (x32 Version: 4.2.2.3979 - Evernote Corp.)
Express Burn (x32 Version: 4.68 - NCH Software)
exPressit SE (x32 Version: 3.10.0000 - Medea International Ltd)
FB Cover Maker Packages (HKCU Version: - ) <==== ATTENTION
FVD Converter 1.0.2 (x32 Version: - flashvideodownloader.org)
GadgetBox (x32 Version: 1.0 - GadgetBox) <==== ATTENTION
GadgetBox Updater (Version: 1.0 - BetterSoft) <==== ATTENTION
GoforFiles (HKCU Version: 1.7.1 - http://www.goforfiles.com/) <==== ATTENTION
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Drive (x32 Version: 1.12.5329.1887 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GorillaPrice (x32 Version: - )
HandBrake 0.9.9.1 (x32 Version: 0.9.9.1 - )
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP 3D DriveGuard (Version: 4.1.5.1 - Hewlett-Packard Company)
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Connection Manager (x32 Version: 4.0.45.1 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (x32 Version: 1.2.0.0 - Hewlett-Packard)
HP DVB-T TV Tuner 8.0.64.43 (x32 Version: 8.0.64.43 - )
HP MovieStore (x32 Version: 1.0.047 - Hewlett-Packard) Hidden
HP MovieStore (x32 Version: 2.0 - Hewlett-Packard)
HP On Screen Display (x32 Version: 1.1.2 - Hewlett-Packard Company)
HP Power Manager (x32 Version: 1.2.1 - Hewlett-Packard Company)
HP Product Detection (x32 Version: 11.14.0001 - HP)
HP Quick Launch (x32 Version: 2.3.6 - Hewlett-Packard Company)
HP Setup (x32 Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (x32 Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP SimplePass 2011 (x32 Version: 5.1.0.495 - Hewlett-Packard)
HP Software Framework (x32 Version: 4.1.6.1 - Hewlett-Packard Company)
HP Support Assistant (x32 Version: 5.2.9.2 - Hewlett-Packard Company)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
IB Updater Service (x32 Version: 5.0.1.7 - ) <==== ATTENTION
IDT Audio (x32 Version: 1.0.6329.0 - IDT)
ImageCompressor (x32 Version: 1.0.0 - Rajput Y H)
InfoAtoms [Uninstall] (x32 Version: 1.5.0.0 - InfoAtoms)
iTunes (Version: 10.7.0.21 - Apple Inc.)
Java 7 Update 25 (x32 Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 4 (64-bit) (Version: 1.7.0.40 - Oracle)
Java™ 7 Update 4 (64-bit) (Version: 7.0.40 - Oracle)
JavaFX 2.1.1 (x32 Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (x32 Version: 1.3 - Riot Games)
Lyrics Plug (x32 Version: - SRA Software) <==== ATTENTION
LyricsWoofer (x32 Version: - Lyrics Woofer LTD) <==== ATTENTION
Magic DVD Copier V8.1.0 (x32 Version: - Magic DVD Software, Inc.)
Memorex exPressit Label Design Studio (x32 Version: - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (x32 Version: 14.0.5131.5000 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
MotioninJoy Gamepad tool 0.7.1001 (Version: 0.7.1001 - www.motioninjoy.com)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Norton Security Scan (x32 Version: 4.0.0.48 - Symantec Corporation)
ooVoo (x32 Version: 3.6.1008 - ooVoo LLC.)
ooVoo toolbar, powered by Ask.com Updater (HKCU Version: 1.4.3.42067 - Ask.com)
Optimizer Pro v3.2 (x32 Version: 3.2 - PC Utilities Software Limited) <==== ATTENTION
PDFCreator (x32 Version: 1.2.3 - Frank Heindörfer, Philip Chinery)
Pivot Animator version 4.1.10 (x32 Version: 4.1.10 - Motus Software Ltd)
Qualcomm Atheros WiFi Driver Installation (x32 Version: 9.2 - Qualcomm Atheros)
QuickShare (x32 Version: 1.6.1.931 - Linkury Inc.) <==== ATTENTION
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Ralink RT5390 802.11b/g/n WiFi Adapter (x32 Version: 3.01.16.1 - Ralink)
Razer Comms (x32 Version: 1.82.15 - Razer Inc.)
Razer Core (x32 Version: 1.0.1.56 - Razer Inc)
Razer Game Booster (x32 Version: 4.1.59.0 - Razer Inc.)
Realtek Ethernet Controller Driver (x32 Version: 7.50.1123.2011 - Realtek)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6519 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (x32 Version: 6.1.7600.80 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
RelevantKnowledge (x32 Version: 1.3.337.320 - TMRG, Inc.) <==== ATTENTION
RoxioNow Player (x32 Version: 1.9.5.103 - RoxioNow)
Safe Saver (x32 Version: 1.27.153.8 - Safe Saver)
Search Protect (x32 Version: 2.9.40.12 - Conduit) <==== ATTENTION
SixaxisPairTool 0.2.3 (x32 Version: 0.2.3 - Dancing Pixel Studios)
Skype Click to Call (x32 Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.1 (x32 Version: 6.1.129 - Skype Technologies S.A.)
Software Version Updater (x32 Version: 1.1.3.7 - ) <==== ATTENTION
Splashtop Software Updater (x32 Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (x32 Version: 2.5.0.1 - Splashtop Inc.)
SProtector 1.74 (x32 Version: - )
Steam (x32 Version: - Valve Corporation)
SweetPacks Toolbar (x32 Version: 6.15.0.27 - SweetPacks) <==== ATTENTION
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (Version: 15.3.29.0 - Synaptics Incorporated)
TightVNC (Version: 2.7.10.0 - GlavSoft LLC.)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1 - Microsoft Corporation)
Updater By SweetPacks 2.0.0.609 (Version: 2.0.0.609 - SweetPacks) <==== ATTENTION
Validity Sensors DDK (Version: 3.1.374 - Validity Sensors, Inc.)
Validity WBF DDK (Version: 4.3.118.0 - Validity Sensors, Inc.)
Video Player (x32 Version: 1.1 - Video Player) <==== ATTENTION
Video Screensaver 1.0 (x32 Version: 1.0 - rodflash.com)
VideoPad Video Editor (x32 Version: 3.04 - NCH Software)
VirtualDJ Home FREE (x32 Version: 7.0.5 - Atomix Productions)
VisualBee for Microsoft PowerPoint (HKCU Version: V3.6 - VisualBee.com)
Wacom (Version: 5.3.2-1 - Wacom Technology Corp.)
Wajam (x32 Version: 1.91 - Wajam) <==== ATTENTION
WBFS Manager 3.0 (x32 Version: 3.0 - AlexDP)
Webexp Enhanced (x32 Version: 1.1 - Webexp Enhanced) <==== ATTENTION
WebTablet FB Plugin 32 bit (x32 Version: 2.1.0.2 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (Version: 2.1.0.2 - Wacom Technology Corp.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Movie Maker 2.6 (x32 Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (x32 Version: 4.20.0 - win.rar GmbH)
Yontoo 2.053 (Version: 2.053 - Yontoo LLC) <==== ATTENTION

==================== Restore Points =========================

16-01-2014 22:37:43 Windows Update
21-01-2014 19:39:01 Windows Update
21-01-2014 22:55:46 Installed Splashtop Streamer.
21-01-2014 22:59:41 Device Driver Package Install: Splashtop Inc. Monitors
23-01-2014 04:12:03 HPSF Restore Point
25-01-2014 03:42:55 Windows Update
25-01-2014 07:53:38 Windows Modules Installer

==================== Hosts content: ==========================

2009-07-13 21:34 - 2013-04-26 01:31 - 00000878 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0F7FF4B8-2915-480E-BE3B-7591BE862371} - System32\Tasks\Safe Saver-codedownloader => C:\Program Files (x86)\Safe Saver\Safe Saver-codedownloader.exe [2013-08-03] (Safe Saver)
Task: {19115EF8-9702-4CCA-B3B1-2DF41BFCA889} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-27] (Google Inc.)
Task: {1EFD3500-48C3-4B68-BFE3-136E81ADD383} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
Task: {358E9F26-0F15-4F5F-86B3-C9F5B83E8073} - System32\Tasks\Safe Saver-firefoxinstaller => C:\Program Files (x86)\Safe Saver\Safe Saver-firefoxinstaller.exe [2013-08-03] (Safe Saver)
Task: {3AFFD0E9-B0D3-4A11-88E9-86AA7DF9D0CA} - System32\Tasks\HPCeeScheduleForAARONS-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {463D73E6-B699-488D-9B8A-90A5DB530D14} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-27] (Google Inc.)
Task: {48F04C03-DE0D-46D1-AEE3-D768F58CABC3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {4D911614-0140-49A3-BA6D-ECB22061B3AE} - System32\Tasks\AdobeAAMUpdater-1.0-Aarons-HP-Aarons => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {60090C76-6585-4259-8503-60F54EE515EB} - System32\Tasks\Test TimeTrigger => C:\Users\Gabe\AppData\Local\Temp\Runner.exe <==== ATTENTION
Task: {7523D4D6-30B9-4535-9833-920BDF68728D} - System32\Tasks\Safe Saver-enabler => C:\Program Files (x86)\Safe Saver\Safe Saver-enabler.exe [2013-08-03] (Safe Saver) <==== ATTENTION
Task: {79365052-E51F-4C42-BC4F-7B53D5682161} - System32\Tasks\VisualBeeRecovery => C:\Users\Gabe\AppData\Local\VisualBeeExe\VisualBeeRecovery.exe [2012-03-14] ()
Task: {9BF559D5-26FF-408E-837B-985606EF4811} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-25] (Adobe Systems Incorporated)
Task: {A048CD7F-C316-4DDB-9E97-30294C47701C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
Task: {A5D4CB4C-872E-4882-A312-3DF48D1B9E93} - System32\Tasks\HPCeeScheduleForAarons => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {A6C526F5-2C68-439C-B659-AB9069136FA4} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-10-06] (CyberLink)
Task: {B8A469D3-DC13-420B-A0B0-4538FF5F796F} - System32\Tasks\LyricStar Update => C:\Program Files (x86)\LyricStar\LyricStarUpdater.exe <==== ATTENTION
Task: {C07F10D8-79DC-4F59-833B-04DDB33ED568} - System32\Tasks\Safe Saver-chromeinstaller => C:\Program Files (x86)\Safe Saver\Safe Saver-chromeinstaller.exe [2013-08-03] (Safe Saver)
Task: {C8414ADB-CB54-4AB0-888B-B189EC3BF602} - System32\Tasks\Norton Security Scan for Aarons => C:\Program Files (x86)\Norton Security Scan\Engine\4.0.0.48\Nss.exe [2013-05-07] (Symantec Corporation)
Task: {E0344375-E98C-4A15-9BEE-2D96344B2355} - System32\Tasks\AmiUpdXp => C:\Users\Aarons\AppData\Local\SwvUpdater\Updater.exe [2013-07-23] (Amonetize ltd.) <==== ATTENTION
Task: {E6D5AF10-58C9-42D2-9BF3-8C23C9915441} - System32\Tasks\HPCeeScheduleForGabe => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {F020A4A5-16DD-4A89-8583-3244366C9EA4} - System32\Tasks\AdobeAAMUpdater-1.0-Aarons-HP-Gabe => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {F6F76818-125E-4E9E-AB52-95F29CFB6EBA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2012-02-22] (Microsoft)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Aarons\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForAARONS-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForAarons.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForGabe.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\LyricStar Update.job => C:\Program Files (x86)\LyricStar\LyricStarUpdater.exe <==== ATTENTION
Task: C:\Windows\Tasks\Norton Security Scan for Aarons.job => C:\PROGRA~2\NORTON~2\Engine\400~1.48\Nss.exe
Task: C:\Windows\Tasks\Safe Saver-chromeinstaller.job => C:\Program Files (x86)\Safe Saver\Safe Saver-chromeinstaller.exe
Task: C:\Windows\Tasks\Safe Saver-codedownloader.job => C:\Program Files (x86)\Safe Saver\Safe Saver-codedownloader.exe
Task: C:\Windows\Tasks\Safe Saver-enabler.job => C:\Program Files (x86)\Safe Saver\Safe Saver-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Safe Saver-firefoxinstaller.job => C:\Program Files (x86)\Safe Saver\Safe Saver-firefoxinstaller.exe

==================== Loaded Modules (whitelisted) =============

2013-06-19 23:45 - 2013-06-19 23:45 - 03317616 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
2013-03-26 22:31 - 2012-12-11 12:07 - 01184640 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2014-01-06 11:30 - 2014-01-06 11:30 - 01514800 _____ () C:\Windows\System32\ljkb\lmrn.dll
2010-06-24 04:21 - 2010-06-24 04:21 - 01102336 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\System.Data.SQLite.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-06-24 04:19 - 2010-06-24 04:19 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
2014-01-06 11:30 - 2014-01-06 11:30 - 01222960 _____ () C:\Windows\SysWOW64\jmdp\lmrn.dll
2014-01-06 09:21 - 2012-11-20 16:13 - 00264192 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\D3DX8Wrapper.dll
2014-01-06 09:21 - 2013-11-12 09:57 - 00098304 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\EasyHook32.dll
2014-01-06 08:50 - 2013-12-03 21:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2014-01-06 08:50 - 2013-12-03 21:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
2014-01-06 08:50 - 2013-12-03 21:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
2014-01-06 08:50 - 2013-12-03 21:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2014-01-06 08:50 - 2013-12-03 21:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:AD022376
AlternateDataStreams: C:\ProgramData\Temp:D346F792

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (01/26/2014 08:14:25 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/26/2014 06:04:41 PM) (Source: Application Hang) (User: )
Description: The program main.exe version 4.1.59.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1470

Start Time: 01cf1ac7eaf98ede

Termination Time: 70

Application Path: C:\Program Files (x86)\Razer\Razer Game Booster\main.exe

Report Id:

Error: (01/26/2014 01:19:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/26/2014 02:27:09 AM) (Source: Application Error) (User: )
Description: Faulting application name: League of Legends.exe, version: 4.1.0.171, time stamp: 0x52d458f9
Faulting module name: d3dx9_43.dll, version: 9.29.952.3111, time stamp: 0x4bf7318d
Exception code: 0xc0000005
Fault offset: 0x001bec0d
Faulting process id: 0x3bc4
Faulting application start time: 0xLeague of Legends.exe0
Faulting application path: League of Legends.exe1
Faulting module path: League of Legends.exe2
Report Id: League of Legends.exe3

Error: (01/26/2014 00:10:55 AM) (Source: Application Error) (User: )
Description: Faulting application name: pivot.exe, version: 4.1.10.0, time stamp: 0x2a425e19
Faulting module name: d3dx9_43.dll, version: 9.29.952.3111, time stamp: 0x4bf7318d
Exception code: 0xc0000005
Fault offset: 0x001bec0d
Faulting process id: 0x393c
Faulting application start time: 0xpivot.exe0
Faulting application path: pivot.exe1
Faulting module path: pivot.exe2
Report Id: pivot.exe3

Error: (01/26/2014 00:09:55 AM) (Source: Application Error) (User: )
Description: Faulting application name: pivot.exe, version: 4.1.10.0, time stamp: 0x2a425e19
Faulting module name: d3dx9_43.dll, version: 9.29.952.3111, time stamp: 0x4bf7318d
Exception code: 0xc0000005
Fault offset: 0x001bec0d
Faulting process id: 0x37f0
Faulting application start time: 0xpivot.exe0
Faulting application path: pivot.exe1
Faulting module path: pivot.exe2
Report Id: pivot.exe3

Error: (01/25/2014 11:38:33 PM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 8.0.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2950

Start Time: 01cf1a500374ef7f

Termination Time: 39

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: b22abdbe-8643-11e3-bd7a-2c27d7d4d60a

Error: (01/25/2014 10:40:48 PM) (Source: Application Error) (User: )
Description: Faulting application name: League of Legends.exe, version: 4.1.0.171, time stamp: 0x52d458f9
Faulting module name: d3dx9_43.dll, version: 9.29.952.3111, time stamp: 0x4bf7318d
Exception code: 0xc0000005
Fault offset: 0x001bec0d
Faulting process id: 0xf78
Faulting application start time: 0xLeague of Legends.exe0
Faulting application path: League of Legends.exe1
Faulting module path: League of Legends.exe2
Report Id: League of Legends.exe3

Error: (01/25/2014 09:58:05 PM) (Source: Application Error) (User: )
Description: Faulting application name: League of Legends.exe, version: 4.1.0.171, time stamp: 0x52d458f9
Faulting module name: d3dx9_43.dll, version: 9.29.952.3111, time stamp: 0x4bf7318d
Exception code: 0xc0000005
Fault offset: 0x001bec0d
Faulting process id: 0x2a24
Faulting application start time: 0xLeague of Legends.exe0
Faulting application path: League of Legends.exe1
Faulting module path: League of Legends.exe2
Report Id: League of Legends.exe3

Error: (01/25/2014 08:45:43 PM) (Source: Application Error) (User: )
Description: Faulting application name: League of Legends.exe, version: 4.1.0.171, time stamp: 0x52d458f9
Faulting module name: d3dx9_43.dll, version: 9.29.952.3111, time stamp: 0x4bf7318d
Exception code: 0xc0000005
Fault offset: 0x001bec0d
Faulting process id: 0x2dfc
Faulting application start time: 0xLeague of Legends.exe0
Faulting application path: League of Legends.exe1
Faulting module path: League of Legends.exe2
Report Id: League of Legends.exe3

System errors:
=============
Error: (01/26/2014 09:03:43 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.

Error: (01/26/2014 08:15:12 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/26/2014 01:19:08 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/25/2014 11:49:52 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/25/2014 02:56:09 AM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (01/24/2014 10:40:07 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/24/2014 10:26:47 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/24/2014 10:24:09 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (01/24/2014 09:53:38 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/24/2014 03:14:17 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Microsoft Office Sessions:
=========================
Error: (01/26/2014 08:14:25 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/26/2014 06:04:41 PM) (Source: Application Hang)(User: )
Description: main.exe4.1.59.0147001cf1ac7eaf98ede70C:\Program Files (x86)\Razer\Razer Game Booster\main.exe

Error: (01/26/2014 01:19:45 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/26/2014 02:27:09 AM) (Source: Application Error)(User: )
Description: League of Legends.exe4.1.0.17152d458f9d3dx9_43.dll9.29.952.31114bf7318dc0000005001bec0d3bc401cf1a6514acc63dC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.6\deploy\League of Legends.exeC:\Program Files (x86)\Razer\Razer Game Booster\d3dx9_43.dll43b7f8bd-865b-11e3-bd7a-2c27d7d4d60a

Error: (01/26/2014 00:10:55 AM) (Source: Application Error)(User: )
Description: pivot.exe4.1.10.02a425e19d3dx9_43.dll9.29.952.31114bf7318dc0000005001bec0d393c01cf1a521460301eC:\Program Files (x86)\Pivot Animator\pivot.exeC:\Program Files (x86)\Razer\Razer Game Booster\d3dx9_43.dll3b5edf82-8648-11e3-bd7a-2c27d7d4d60a

Error: (01/26/2014 00:09:55 AM) (Source: Application Error)(User: )
Description: pivot.exe4.1.10.02a425e19d3dx9_43.dll9.29.952.31114bf7318dc0000005001bec0d37f001cf1a4feb513af2C:\Program Files (x86)\Pivot Animator\pivot.exeC:\Program Files (x86)\Razer\Razer Game Booster\d3dx9_43.dll179a290f-8648-11e3-bd7a-2c27d7d4d60a

Error: (01/25/2014 11:38:33 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE8.0.7601.17514295001cf1a500374ef7f39C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEb22abdbe-8643-11e3-bd7a-2c27d7d4d60a

Error: (01/25/2014 10:40:48 PM) (Source: Application Error)(User: )
Description: League of Legends.exe4.1.0.17152d458f9d3dx9_43.dll9.29.952.31114bf7318dc0000005001bec0df7801cf1a43872e84dfC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.6\deploy\League of Legends.exeC:\Program Files (x86)\Razer\Razer Game Booster\d3dx9_43.dlla475fb5c-863b-11e3-bd7a-2c27d7d4d60a

Error: (01/25/2014 09:58:05 PM) (Source: Application Error)(User: )
Description: League of Legends.exe4.1.0.17152d458f9d3dx9_43.dll9.29.952.31114bf7318dc0000005001bec0d2a2401cf1a3f2f97c444C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.6\deploy\League of Legends.exeC:\Program Files (x86)\Razer\Razer Game Booster\d3dx9_43.dllad48b6e3-8635-11e3-bd7a-2c27d7d4d60a

Error: (01/25/2014 08:45:43 PM) (Source: Application Error)(User: )
Description: League of Legends.exe4.1.0.17152d458f9d3dx9_43.dll9.29.952.31114bf7318dc0000005001bec0d2dfc01cf1a3456fb522bC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.6\deploy\League of Legends.exeC:\Program Files (x86)\Razer\Razer Game Booster\d3dx9_43.dll91327585-862b-11e3-bd7a-2c27d7d4d60a

==================== Memory info ===========================

Percentage of memory in use: 50%
Total physical RAM: 3834.9 MB
Available physical RAM: 1913.13 MB
Total Pagefile: 9584.08 MB
Available Pagefile: 7103.53 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:450.84 GB) (Free:211.1 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:14.63 GB) (Free:1.62 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 8D715ADE)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=451 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================

#4
emeraldnzl

Posted 26 January 2014 - 09:31 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Hello seniorj12,

Bit to do in this post.

Firstly

Please go to Start > Control Panel > Uninstall a program and uninstall these programs if they are there:

Ask Toolbar
FB Cover Maker Packages
GadgetBox
GadgetBox Updater
GoforFiles
IB Updater Service
Lyrics Plug
LyricsWoofer
Optimizer Pro v3.2
QuickShare
RelevantKnowledge
Search Protect
Software Version Updater
SweetPacks Toolbar
Updater By SweetPacks 2.0.0.609
Video Player
Wajam
Yontoo

They are either fake, can damage your machine or bring adware with them.

After that

Please download zoek.exe and save it to your desktop (Firefox users right click and Save Link As...).

Close any open browsers.
Temporarily disable your AntiVirus program. (If necessary)
Double click on zoek.exe to run.
Please wait while the tool starts. It will appear to be doing nothing and may take a few seconds to come up
Click Options button below the large panel and check the box:

Auto Clean
Click on Run script button
Please wait patiently (it may take a few minutes) until a log report will open (this may be after reboot, if required)
Copy (Ctrl +C) and paste (Ctrl +V) the contents of the opened entire report back here.

Note: It will also create a log in the C:\ directory named "zoek-results.log"

Next

Please download : ADWCleaner to your desktop.

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs and click on the AdwCleaner icon.

Posted Image

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy and paste back here. If a report doesn't appear, press the report button and Copy & Paste the contents on your next reply.

A copy of the report is also saved in the C:\AdwCleaner folder.

Finally in this post

Please run a scan with FRST again with the Addition.txt box in the Optional Scan area checked. Post back the logs it generates FRST.txt and Addition.txt.

So when you return please post
zoek results log
AdwCleaner log
FRST.txt
Additional.txt

#5
seniorj12

Posted 27 January 2014 - 05:04 PM

New Member

Topic Starter
Member
9 posts

Thanks.
Here is the zoek results log:

Zoek.exe v5.0.0.0 Updated 25-January-2014
Tool run by Gabe on Mon 01/27/2014 at 17:12:27.61.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gabe\Desktop\zoek.exe [Scan all users] [Checkboxes used]

==== System Restore Info ======================

1/27/2014 5:15:02 PM Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1143187190-511333535-2285427750-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_USERS\S-1-5-21-1143187190-511333535-2285427750-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_USERS\S-1-5-21-1143187190-511333535-2285427750-1003\Software\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully
HKEY_USERS\S-1-5-21-1143187190-511333535-2285427750-1003\Software\Microsoft\Internet Explorer\SearchScopes\{F0C07441-FD14-4F34-9C4C-A673AFE4ADE0} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Yontoo Desktop Updater deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Yontoo Desktop Updater deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SSUService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SSUService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\splashtopremoteservice deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\splashtopremoteservice deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\Aarons\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

---- Lines mysearch removed from prefs.js ----
user_pref("browser.startup.homepage", "http://mysearch.avg....91303ff9-05e94d
---- FireFox user.js and prefs.js backups ----

user_20140127_0522_.backup
prefs_20140127_0522_.backup

==== Deleting Files \ Folders ======================

C:\ProgramData\{B4D4ECB5-EA51-42A7-870C-602BB6556263} deleted
C:\Users\Aarons\.android deleted
C:\Users\Gabe\.android deleted
C:\PROGRA~2\GUMEF4D.tmp deleted
C:\PROGRA~2\Safe Saver deleted
C:\PROGRA~2\VideoPlayerV3 deleted
C:\PROGRA~2\WebexpEnhancedV1 deleted
C:\PROGRA~2\InfoAtoms deleted
C:\PROGRA~2\Lucky Savings deleted
C:\PROGRA~2\AddLyrics deleted
C:\PROGRA~2\FindLyrics deleted
C:\PROGRA~2\LyricsFan deleted
C:\PROGRA~2\Splashtop deleted
C:\PROGRA~2\Yontoo deleted
C:\PROGRA~2\MyPC Backup deleted
C:\PROGRA~2\Vid-Saver deleted
C:\PROGRA~2\SweetPacks deleted
C:\PROGRA~2\OApps deleted
C:\PROGRA~2\Wondershare deleted
C:\PROGRA~2\Driver-Soft deleted
C:\PROGRA~2\Funmoods deleted
C:\PROGRA~2\Conduit deleted
C:\PROGRA~2\COMMON~1\Wondershare deleted
C:\SearchProtect deleted
C:\found.000 deleted
C:\Users\Aarons\AppData\Roaming\BitLord deleted
C:\Users\Aarons\AppData\Roaming\GoforFiles deleted
C:\Users\Aarons\AppData\Roaming\Open Download Manager deleted
C:\Users\Aarons\AppData\Roaming\Strongvault deleted
C:\Users\Aarons\AppData\Roaming\ParetoLogic deleted
C:\Users\Aarons\AppData\Roaming\DriverCure deleted
C:\Users\Aarons\AppData\Roaming\BabSolution deleted
C:\Users\Aarons\AppData\Roaming\Babylon deleted
C:\Users\Aarons\AppData\Roaming\DealPly deleted
C:\Users\Aarons\AppData\Roaming\Delta deleted
C:\Users\Aarons\AppData\Roaming\ihelper deleted
C:\Users\Aarons\AppData\Roaming\pdfforge deleted
C:\Users\Gabe\AppData\Roaming\dll-files.com deleted
C:\Users\Gabe\AppData\Roaming\Strongvault deleted
C:\Users\Gabe\AppData\Roaming\Babylon deleted
C:\Users\Gabe\AppData\Roaming\ihelper deleted
C:\ProgramData\boost_interprocess deleted
C:\ProgramData\DSearchLink deleted
C:\ProgramData\RightClick deleted
C:\ProgramData\ParetoLogic deleted
C:\ProgramData\VisualBee deleted
C:\ProgramData\Strongvault Online Backup deleted
C:\ProgramData\wxDownload deleted
C:\ProgramData\Splashtop deleted
C:\ProgramData\Cloud Software LTD deleted
C:\ProgramData\InstallMate deleted
C:\ProgramData\Tarma Installer deleted
C:\ProgramData\Premium deleted
C:\ProgramData\Babylon deleted
C:\ProgramData\Package Cache deleted
C:\Users\Aarons\AppData\Local\CRE deleted
C:\Users\Aarons\AppData\Local\APN deleted
C:\Users\Aarons\AppData\Local\Updater12759 deleted
C:\Users\Aarons\AppData\Local\TopArcadeHits deleted
C:\Users\Aarons\AppData\Local\Lucky Savings deleted
C:\Users\Aarons\AppData\Local\BearShare deleted
C:\Users\Aarons\AppData\Local\avgchrome deleted
C:\Users\Aarons\AppData\Local\Wondershare deleted
C:\Users\Aarons\AppData\Local\PutLockerDownloader deleted
C:\Users\Aarons\AppData\Local\PackageAware deleted
C:\Users\Aarons\AppData\Local\SwvUpdater deleted
C:\Users\Aarons\AppData\Local\Smartbar deleted
C:\Users\Aarons\AppData\Local\Conduit deleted
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle deleted
C:\Users\Gabe\AppData\Local\avgchrome deleted
C:\Users\Gabe\AppData\Local\Wondershare deleted
C:\Users\Gabe\AppData\Local\PackageAware deleted
C:\Users\Gabe\AppData\Local\Vid-Saver deleted
C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle deleted
C:\Users\Gabe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup deleted
C:\Windows\SysNative\roboot64.exe deleted
C:\Users\Aarons\AppData\LocalLow\AVG SafeGuard toolbar deleted
C:\Users\Aarons\AppData\LocalLow\bearsharetoolbarguid deleted
C:\Users\Aarons\AppData\LocalLow\AskToolbar deleted
C:\Users\Aarons\AppData\LocalLow\Delta deleted
C:\Users\Aarons\AppData\LocalLow\Smartbar deleted
C:\Users\Aarons\AppData\LocalLow\DataMngr deleted
C:\Users\Aarons\AppData\LocalLow\PriceGong deleted
C:\Users\Aarons\AppData\LocalLow\Conduit deleted
C:\Users\Gabe\AppData\LocalLow\Claro LTD deleted
C:\Users\Gabe\AppData\LocalLow\AskToolbar deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted
C:\AI_RecycleBin deleted
C:\windows\SysNative\tasks\LyricStar Update deleted
C:\Windows\tasks\LyricStar Update.job deleted
C:\Windows\Syswow64\sho153D.tmp deleted
C:\Windows\Syswow64\sho1C3D.tmp deleted
C:\Windows\Syswow64\sho25A.tmp deleted
C:\Windows\Syswow64\sho443B.tmp deleted
C:\Windows\Syswow64\sho47BC.tmp deleted
C:\Windows\Syswow64\sho4832.tmp deleted
C:\Windows\Syswow64\sho4EC1.tmp deleted
C:\Windows\Syswow64\sho78BF.tmp deleted
C:\Windows\Syswow64\shoC244.tmp deleted
C:\Windows\Syswow64\shoE448.tmp deleted
C:\Windows\Syswow64\shoE494.tmp deleted
C:\Windows\Syswow64\shoEF5F.tmp deleted
C:\Windows\Syswow64\shoF2AE.tmp deleted
C:\Windows\Syswow64\shoFB07.tmp deleted
C:\Windows\Syswow64\shoFEFC.tmp deleted
C:\Windows\Syswow64\SearchProtect deleted
C:\Windows\SysWow64\AI_RecycleBin deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
C:\Users\Aarons\Documents\Optimizer Pro deleted
C:\Users\Aarons\Documents\BitLord deleted
C:\Users\Aarons\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\safeguard-secure-search.xml deleted
C:\Users\Aarons\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\[email protected] deleted
C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} deleted
C:\Users\Gabe\Downloads\setup.exe deleted
C:\Users\Aarons\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\[email protected] deleted
"C:\ProgramData\2928213b2121542039_c" deleted
"C:\Users\Aarons\AppData\Roaming\Yontoo\YontooDesktop.exe" deleted
"C:\Users\Aarons\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll" deleted
"C:\Users\Aarons\AppData\Roaming\Yontoo" deleted
"C:\Users\Aarons\AppData\Roaming\Yontoo\dat" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{8E9E3331-D360-4f87-8803-52DE43566502}"="C:\Program Files\Updater By SweetPacks\Firefox" []
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"[email protected]"="C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha203\ff" []
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"[email protected]"="C:\Program Files (x86)\AddLyrics\FF" []

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla FireFox
- DownloadTerms - %AppDir%\extensions\[email protected]
- InfoAtoms - %AppDir%\extensions\[email protected]

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aaaanijiojpcccpkjdjjmjghddcgcbfj - C:\Users\Aarons\AppData\Local\APN\GoogleCRXs\aaaanijiojpcccpkjdjjmjghddcgcbfj_7.17.6.0.crx[]
aepeildmfnnehghlknddebgjghlompfe - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx[02/11/2011 05:37 AM]
banjjklfojcdbofbhbgiedekefohoaff - C:\Users\Aarons\AppData\Local\CRE\banjjklfojcdbofbhbgiedekefohoaff.crx[]
bbffdhejhaoiflnpooogkckfdcmmjppn - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx[]
bcfjehbfanfhgoehogmbiebedkidedjb - C:\Users\Aarons\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx[]
dedmngkbaffkenlfdcbganndoghblmap - C:\Program Files (x86)\BetterSurf\ch\Chrome.crx[]
eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\Aarons\AppData\Roaming\BabSolution\CR\Delta.crx[]
fmfnfnpmhcllokmkepffndflpnadjmma - C:\Program Files (x86)\DealPly\DealPly.crx[]
hhbgpoakplhahbklhkcfbpicgjcaoglk - C:\Program Files (x86)\InfoAtoms\Chrome\InfoAtoms.crx[]
jnljpifflnndjilhoijmpjecfejgeecl - C:\ProgramData\wxDownload\jnljpifflnndjilhoijmpjecfejgeecl.crx[]
klibnahbojhkanfgaglnlalfkgpcppfi - C:\Users\Aarons\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[10/09/2013 09:59 AM]
mknfioaoingmjlbnpdginnnojpbiijkd - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha203\ch\WebexpEnhancedV1alpha203.crx[]
mnmfolkogpnljmojkkkhoknhdkjphcmh - C:\ProgramData\wxDownload\mnmfolkogpnljmojkkkhoknhdkjphcmh.crx[]
neebgdeaohaofdhldpobdpfocdonmgki - C:\Users\Aarons\AppData\Local\CRE\neebgdeaohaofdhldpobdpfocdonmgki.crx[]
niapdbllcanepiiimjjndipklodoedlc - C:\Program Files (x86)\Yontoo\YontooLayers.crx[]

Oovoo Toolbar - Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaanijiojpcccpkjdjjmjghddcgcbfj
Website Logon - Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe
QuickShare Widget - Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
SweetPacks - Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\banjjklfojcdbofbhbgiedekefohoaff
IMVU Inc - Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfjehbfanfhgoehogmbiebedkidedjb
BetterSurf - Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Delta Toolbar - Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Lyrics Plug - Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhmbbigfkgcficoehkhadjbokhhaijea
DealPly Brazil - Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma
InfoAtoms - Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk
LyricsWoofer - Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnikkfemnfogahcandhlchoengjbeaij
wxDownload - Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnljpifflnndjilhoijmpjecfejgeecl
Wajam - Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
WhiteSmoke New - Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Skype for Chromium - Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Safe Saver - Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\mehnejgknjfgfdmijlaloodhdgnbgdgn
Video Player - Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjacbfnchbpaiigeigmffbicddpiggic
Webexp Enhanced - Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\mknfioaoingmjlbnpdginnnojpbiijkd
wxDownload - Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnmfolkogpnljmojkkkhoknhdkjphcmh
Vafmusic - Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebgdeaohaofdhldpobdpfocdonmgki
Oovoo Toolbar - Aarons\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aaaanijiojpcccpkjdjjmjghddcgcbfj
Website Logon - Aarons\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aepeildmfnnehghlknddebgjghlompfe
Updater By SweetPacks - Aarons\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
InfoAtoms - Aarons\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk
Safe Saver - Aarons\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mehnejgknjfgfdmijlaloodhdgnbgdgn
Website Logon - Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe
FVD Video Downloader Launcher - Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahlokhnddogldlplgkdgmfidibpgenoi
Hulu - TV Shows - Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\babdabjblhdjecooajkeenhbaegcdcgk
Facebook - Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm
Hulu on fire - Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\chgllnbkldfofeogfpbhciondkbendep
Netflix - Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh
avast WebRep - Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
FVD Video Downloader - Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp
Skype for Chromium - Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Fieldrunners - Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpikhjbfbffdblahfidklcohlaeabak
Guitar Geek - Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpijogomejcpdhifkigopflephcmopal
Amazing Coupons - Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjildcbkilmkddbbpbjljljdmmlfeppl
3Dnator - Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgjpfdjhlimkkdgnecbgnefdafbcncc
Vid-Saver - Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc
Abstract-Blue - Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa
Canvas Rider - Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk
Angry Birds - Gabe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj
Running Fred - Gabe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\amfalcbcdebaemokjapphcfnldiogddk
Hulu - TV Shows - Gabe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\babdabjblhdjecooajkeenhbaegcdcgk
Facebook - Gabe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boeajhmfdjldchidhphikilcgdacljfm
Twitter - Gabe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\calfnkhdgehokiblgmcoohamedbhfmfm
Monster Dash - Gabe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cknghehebaconkajgiobncfleofebcog
Netflix - Gabe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\deceagebecbceejblnlcjooeohmmeldh
Video Downloader - Gabe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp
Download Master - Gabe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mcceagdollnkjlogmdckgjakjapmkdjf
Safe Saver - Gabe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mehnejgknjfgfdmijlaloodhdgnbgdgn
3Dnator - Gabe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nhgjpfdjhlimkkdgnecbgnefdafbcncc
Instagram for Chrome - Gabe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb
Abstract-Blue - Gabe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\plnacehkknmafkjgkikclamogikoiaaa
Canvas Rider - Gabe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\poknhlcknimnnbfcombaooklofipaibk

==== Chrome Fix ======================

C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.removeconduitsearch.com_0.localstorage deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.removeconduitsearch.com_0.localstorage-journal deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_home.sweetim.com_0.localstorage deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_home.sweetim.com_0.localstorage-journal deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.sweetim.com_0.localstorage deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.sweetim.com_0.localstorage-journal deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nero-burning-rom.en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaanijiojpcccpkjdjjmjghddcgcbfj deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aaaanijiojpcccpkjdjjmjghddcgcbfj deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Profile 3\Local Storage\chrome-extension_aaaanijiojpcccpkjdjjmjghddcgcbfj_0.localstorage deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\banjjklfojcdbofbhbgiedekefohoaff deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bcfjehbfanfhgoehogmbiebedkidedjb deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fmfnfnpmhcllokmkepffndflpnadjmma_0.localstorage deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fmfnfnpmhcllokmkepffndflpnadjmma_0.localstorage-journal deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnljpifflnndjilhoijmpjecfejgeecl deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\mknfioaoingmjlbnpdginnnojpbiijkd deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnmfolkogpnljmojkkkhoknhdkjphcmh deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\neebgdeaohaofdhldpobdpfocdonmgki deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\banjjklfojcdbofbhbgiedekefohoaff deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfjehbfanfhgoehogmbiebedkidedjb deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebgdeaohaofdhldpobdpfocdonmgki deleted successfully
C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjildcbkilmkddbbpbjljljdmmlfeppl deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\mehnejgknjfgfdmijlaloodhdgnbgdgn deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mehnejgknjfgfdmijlaloodhdgnbgdgn deleted successfully
C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mehnejgknjfgfdmijlaloodhdgnbgdgn deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mehnejgknjfgfdmijlaloodhdgnbgdgn_0.localstorage deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mehnejgknjfgfdmijlaloodhdgnbgdgn_0.localstorage-journal deleted successfully
C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_mehnejgknjfgfdmijlaloodhdgnbgdgn_0.localstorage deleted successfully
C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_mehnejgknjfgfdmijlaloodhdgnbgdgn_0.localstorage-journal deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_mehnejgknjfgfdmijlaloodhdgnbgdgn_0 deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mehnejgknjfgfdmijlaloodhdgnbgdgn deleted successfully
C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Profile 1\databases\chrome-extension_mehnejgknjfgfdmijlaloodhdgnbgdgn_0 deleted successfully
C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\mehnejgknjfgfdmijlaloodhdgnbgdgn deleted successfully
C:\Users\Aarons\AppData\Local\Torch\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc deleted successfully
C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc deleted successfully
C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pgmfkblbflahhponhjmkcnpjinenhlnc_0.localstorage deleted successfully
C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_pgmfkblbflahhponhjmkcnpjinenhlnc_0 deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhmbbigfkgcficoehkhadjbokhhaijea deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnikkfemnfogahcandhlchoengjbeaij deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl deleted successfully
C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahlokhnddogldlplgkdgmfidibpgenoi deleted successfully
C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp deleted successfully
C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp deleted successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage deleted successfully
C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage deleted successfully
C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage deleted successfully
C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.sweetpack...&src=10&&st=23"
"Search Page"="http://feed.snap.do/...ate=27/04/2013"
"Search Bar"="http://feed.snap.do/...ate=27/04/2013"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://feed.snap.do/...ate=27/04/2013"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://feed.snap.do/...ate=27/04/2013"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://feed.snap.do/...ate=27/04/2013"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://feed.snap.do/...ate=27/04/2013"
"SearchAssistant"="http://feed.snap.do/...ate=27/04/2013"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft..../?LinkId=54896"
"Search Bar"="http://go.microsoft..../?LinkId=54896"
"Start Page"="http://www.google.com"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.co...sults.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.co...sults.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.co...sults.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft..../?LinkId=54896"
"SearchAssistant"="http://ie.search.msn...t/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{006ee092-9658-4fd6-bd8e-a21a348e59f5} Unknown Url="Not_Found"
{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Unknown Url="Not_Found"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/...c=IE-SearchBox"
{483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown Url="Not_Found"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.co...ge={startPage}"
{d43b3890-80c7-4010-a95d-1e77b5924dc3} Wikipedia Url="http://en.wikipedia....={searchTerms}"
{D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="http://rover.ebay.co...={searchTerms}"
{EEE6C360-6118-11DC-9C72-001320C79847} Unknown Url="Not_Found"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1143187190-511333535-2285427750-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_USERS\S-1-5-21-1143187190-511333535-2285427750-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_USERS\S-1-5-21-1143187190-511333535-2285427750-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7DE454C1-85A2-4F21-12FF-DA88A7EAF549} deleted successfully
HKEY_USERS\S-1-5-21-1143187190-511333535-2285427750-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7DE454C1-85A2-4F21-12FF-DA88A7EAF549} deleted successfully
HKEY_USERS\S-1-5-21-1143187190-511333535-2285427750-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF7BD87A-8024-11E2-F316-F3E56188709B} deleted successfully
HKEY_USERS\S-1-5-21-1143187190-511333535-2285427750-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF7BD87A-8024-11E2-F316-F3E56188709B} deleted successfully
HKEY_USERS\S-1-5-21-1143187190-511333535-2285427750-1003\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully
HKEY_USERS\S-1-5-21-1143187190-511333535-2285427750-1003\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully
HKEY_USERS\S-1-5-21-1143187190-511333535-2285427750-1003\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully
HKEY_USERS\S-1-5-21-1143187190-511333535-2285427750-1003\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7DE454C1-85A2-4F21-12FF-DA88A7EAF549} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EF7BD87A-8024-11E2-F316-F3E56188709B} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311321154} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311321154} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7e8a1050-cf67-4575-92df-dcc60e7d952d} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1143187190-511333535-2285427750-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_USERS\S-1-5-21-1143187190-511333535-2285427750-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully
HKEY_USERS\S-1-5-21-1143187190-511333535-2285427750-1003\Software\Mozilla\Firefox\Extensions\[email protected] deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{8E9E3331-D360-4f87-8803-52DE43566502} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{8E9E3331-D360-4f87-8803-52DE43566502} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\[email protected] deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\[email protected] deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\Aarons\Desktop\BitLord.lnk - C:\Program Files (x86)\BitLord 2\Bitlord files\bitlord.exe
C:\Users\Aarons\Desktop\Computer.lnk -
C:\Users\Aarons\Desktop\Core Temp.lnk - C:\Program Files (x86)\Core Temp\Core Temp.exe
C:\Users\Aarons\Desktop\DVD Shrink 3.2.lnk - C:\Program Files (x86)\DVD Shrink\DVD Shrink 3.2.exe
C:\Users\Aarons\Desktop\Google Drive.lnk - C:\Users\Aarons\Google Drive
C:\Users\Aarons\Desktop\Handbrake.lnk - C:\Program Files\Handbrake\Handbrake.exe
C:\Users\Aarons\Desktop\Magic DVD Copier.lnk - C:\Program Files (x86)\MagicDVDCopier\MagicDVDCopier.exe
C:\Users\Aarons\Desktop\Microsoft Word Starter 2010.lnk - C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE "Microsoft Word Starter 2010 9014006604090000"
C:\Users\Aarons\Desktop\Mixcraft 6.lnk - C:\Program Files (x86)\Acoustica Mixcraft 6\mixcraft6.exe
C:\Users\Aarons\Desktop\Search.lnk - C:\ProgramData\DSearchLink\DSearchLink.exe -url http://www2.delta-se...119557&tsp=5007 -wbr 4
C:\Users\Aarons\Desktop\VirtualDJ Home FREE - Shortcut.lnk - C:\Program Files (x86)\VirtualDJ\virtualdj_home.exe
C:\Users\Aarons\Desktop\Windows Live Writer.lnk - C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriter.exe
C:\Users\Aarons\Desktop\USB Gabby\Capture_20121215 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121215.wmv
C:\Users\Aarons\Desktop\USB Gabby\Capture_20121228 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121228.wmv
C:\Users\Aarons\Desktop\USB Gabby\Capture_20121228_2 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121228_2.wmv
C:\Users\Aarons\Desktop\USB Gabby\Capture_20121228_3 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121228_3.wmv
C:\Users\Aarons\Desktop\USB Gabby\Capture_20121228_4 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121228_4.wmv
C:\Users\Aarons\Desktop\USB Gabby\Capture_20121228_5 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121228_5.wmv
C:\Users\Aarons\Desktop\USB Gabby\Capture_20121228_6 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121228_6.wmv
C:\Users\Aarons\Desktop\USB Gabby\Capture_20121228_9 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121228_9.wmv
C:\Users\Aarons\Desktop\USB Gabby\Facebook.lnk - C:\Users\Gabe\AppData\Local\Torch\Application\torch.exe http://www.facebook.com
C:\Users\Aarons\Desktop\USB Gabby\beats\Capture_20121215 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121215.wmv
C:\Users\Aarons\Desktop\USB Gabby\beats\Capture_20121228 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121228.wmv
C:\Users\Aarons\Desktop\USB Gabby\beats\Capture_20121228_2 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121228_2.wmv
C:\Users\Aarons\Desktop\USB Gabby\beats\Capture_20121228_3 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121228_3.wmv
C:\Users\Aarons\Desktop\USB Gabby\beats\Capture_20121228_4 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121228_4.wmv
C:\Users\Aarons\Desktop\USB Gabby\beats\Capture_20121228_5 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121228_5.wmv
C:\Users\Aarons\Desktop\USB Gabby\beats\Capture_20121228_6 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121228_6.wmv
C:\Users\Aarons\Desktop\USB Gabby\beats\Capture_20121228_9 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121228_9.wmv
C:\Users\Aarons\Desktop\USB Gabby\Music\Capture_20121215 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121215.wmv
C:\Users\Aarons\Desktop\USB Gabby\Music\Capture_20121228 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121228.wmv
C:\Users\Aarons\Desktop\USB Gabby\Music\Capture_20121228_5 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121228_5.wmv
C:\Users\Aarons\Desktop\USB Gabby\Music\Capture_20121228_6 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121228_6.wmv
C:\Users\Aarons\Desktop\USB Gabby\Music\Capture_20121228_9 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121228_9.wmv
C:\Users\Aarons\Desktop\USB Gabby\Playlists\Capture_20121215 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121215.wmv
C:\Users\Aarons\Desktop\USB Gabby\Playlists\Capture_20121228 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121228.wmv
C:\Users\Aarons\Desktop\USB Gabby\Playlists\Capture_20121228_2 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121228_2.wmv
C:\Users\Aarons\Desktop\USB Gabby\Playlists\Capture_20121228_3 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121228_3.wmv
C:\Users\Aarons\Desktop\USB Gabby\Playlists\Capture_20121228_4 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121228_4.wmv
C:\Users\Aarons\Desktop\USB Gabby\Playlists\Capture_20121228_5 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121228_5.wmv
C:\Users\Aarons\Desktop\USB Gabby\Playlists\Capture_20121228_6 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121228_6.wmv
C:\Users\Aarons\Desktop\USB Gabby\Playlists\Capture_20121228_9 - Shortcut.lnk - C:\Users\Aarons\Documents\Youcam\Capture_20121228_9.wmv
C:\Users\Aarons\Desktop\Video Projects\FVD Converter.lnk - C:\Program Files (x86)\FVD Converter\FVD Converter.exe
C:\Users\Aarons\Desktop\Video Projects\Memorex exPressit.lnk - C:\Program Files (x86)\Memorex exPressit Label Design Studio\STCD\stcd.exe
C:\Users\Aarons\Desktop\Video Projects\VideoPad Video Editor.lnk - C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe
C:\Users\Aarons\Desktop\Video Projects\Windows DVD Maker.lnk -
C:\Users\Aarons\Desktop\Video Projects\Windows Movie Maker 2.6.lnk - C:\Windows\Installer\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}\MOVIEMK.exe
C:\Users\Aarons\Desktop\WiiGames\WBFS Manager 3.0.lnk - C:\Program Files\WBFS\WBFS Manager 3.0\WBFSManager.exe
C:\Users\Gabe\Desktop\DVD Shrink 3.2.lnk - C:\Program Files (x86)\DVD Shrink\DVD Shrink 3.2.exe
C:\Users\Gabe\Desktop\Handbrake.lnk - C:\Program Files\Handbrake\Handbrake.exe
C:\Users\Gabe\Desktop\LogMeIn.lnk - C:\Program Files (x86)\LogMeIn\x64\LogMeInToolkit.exe
C:\Users\Gabe\Desktop\Play League of Legends.lnk - C:\Riot Games\League of Legends\lol.launcher.exe
C:\Users\Gabe\Desktop\Razer Comms.lnk - C:\Program Files (x86)\Razer\Core\RazerCore.exe /ChatApplet
C:\Users\Gabe\Desktop\Splashtop Streamer.lnk - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
C:\Users\Gabe\Desktop\VideoEditor - Shortcut.lnk - C:\Program Files (x86)\Wondershare\Video Editor\VideoEditor.exe
C:\Users\Gabe\Desktop\VisualBoyAdvance.lnk - C:\Users\Gabe\Desktop\Pokemon\VisualBoyAdvance.exe
C:\Users\Gabe\Desktop\Magna\DomDomSoft Manga Downloader.lnk - C:\Program Files (x86)\DomDomSoft Manga Downloader\DomDomSoft Manga Downloader.exe
C:\Users\Gabe\Desktop\Minecraft\Fraps.lnk - C:\Fraps\fraps.exe
C:\Users\Gabe\Desktop\Minecraft\mods\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe
C:\Users\Gabe\Desktop\Root Tools\blackra1n.lnk - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\blackra1n.exe
C:\Users\Gabe\Desktop\Root Tools\Nexus Root Toolkit.lnk - C:\Program Files (x86)\WugFresh Development\NexusRootToolkit.exe
C:\Users\Gabe\Desktop\Root Tools\Samsung GS3 ToolKit.lnk - C:\Samsung Galaxy S3 ToolKit\ToolKit.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Creative Cloud.lnk - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --appletID=HomePanel_BL --appletVersion=1.0
C:\Users\Public\Desktop\Adobe Photoshop Elements 8.0.lnk - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\Photoshop Elements 8.0.exe
C:\Users\Public\Desktop\Bamboo Dock.lnk - C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe
C:\Users\Public\Desktop\Defraggler.lnk - C:\Program Files (x86)\Defraggler\Defraggler64.exe
C:\Users\Public\Desktop\EPSON Scan.lnk - C:\Windows\twain_32\escndv\escndv.exe
C:\Users\Public\Desktop\Express Burn.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe
C:\Users\Public\Desktop\exPressit SE3.1.lnk - C:\Program Files (x86)\Medea International Ltd\exPressitSE3.1\ExpressIT.exe
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Public\Desktop\HP Support Assistant.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
C:\Users\Public\Desktop\ImageCompressor.lnk - C:\Windows\Installer\{390969EC-A5B1-44FA-A5FD-0D4A3978004F}\_5918FF6B8DCCFF0870E595.exe
C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe
C:\Users\Public\Desktop\Norton Security Scan.LNK - C:\Program Files (x86)\Norton Security Scan\Engine\4.0.0.48\Nss.exe
C:\Users\Public\Desktop\ooVoo.lnk - C:\Program Files (x86)\ooVoo\ooVoo.exe
C:\Users\Public\Desktop\Pivot Animator.lnk - C:\Program Files (x86)\Pivot Animator\pivot.exe
C:\Users\Public\Desktop\Print CD.lnk - C:\Program Files (x86)\Epson Software\Print CD\PrintCD.exe
C:\Users\Public\Desktop\Razer Game Booster.lnk - C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe
C:\Users\Public\Desktop\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff
C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Accounting Software.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind ExpressAccounts
C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Classic FTP Software.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind ClassicFTP
C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Doxillion Document Converter.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Doxillion
C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Express Burn CD, DVD or Blu-Ray.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe
C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Express Dictate Recorder.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Express
C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Express Rip CD Ripper.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Rip
C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Express Zip File Compression.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind ExpressZip
C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Graphics File Converter.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Pixillion
C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Invoicing Software.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind ExpressInvoice
C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\MixPad MultiTrack Mixer.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind MixPad
C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Prism Video File Format Converter.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Prism
C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\RecordPad Sound Recorder.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind RecordPad
C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\SoundTap Streaming Recorder.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind SoundTap
C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Switch Sound File Converter.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Switch
C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Video Capture Software.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind Debut
C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\VideoPad Video Editor.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind VideoPad
C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\WavePad Sound Editor.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe -extfind WavePad
C:\Users\Gabe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Gabe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Gabe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff
C:\Users\Gabe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wugs Nexus Root Tookit\Nexus Root Toolkit.lnk - C:\Program Files (x86)\WugFresh Development\NexusRootToolkit.exe
C:\Users\Gabe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wugs Nexus Root Tookit\NRT Updater.lnk - C:\Program Files (x86)\WugFresh Development\Wug_Updater.exe
C:\Users\Gabe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wugs Nexus Root Tookit\Uninstall.lnk - C:\Program Files (x86)\WugFresh Development\Uninstall_NRT.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\About iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.Resources\en.lproj\About iTunes.rtf
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pivot Animator\Pivot Animator.lnk - C:\Program Files (x86)\Pivot Animator\pivot.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pivot Animator\Uninstall Pivot.lnk - C:\Program Files (x86)\Pivot Animator\unins000.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer\Razer Game Booster\Razer Game Booster.lnk - C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Splashtop Remote\Splashtop Streamer.lnk - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe

==== shortcuts in Quick Launch ======================

C:\Users\Aarons\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\4shared Desktop.lnk - C:\Program Files (x86)\4shared Desktop\desktop.exe
C:\Users\Aarons\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Aarons\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Aarons\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Aarons\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Aarons\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Mixcraft 6.lnk - C:\Program Files (x86)\Acoustica Mixcraft 6\mixcraft6.exe
C:\Users\Aarons\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Nexus Root Toolkit.lnk - C:\Program Files (x86)\WugFresh Development\NexusRootToolkit.exe
C:\Users\Aarons\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\On-Screen Keyboard.lnk - C:\Windows\system32\osk.exe
C:\Users\Aarons\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\SixaxisPairTool.lnk - C:\Program Files (x86)\SixaxisPairTool\SixaxisPairTool.exe
C:\Users\Aarons\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Windows Live Movie Maker.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
C:\Users\Aarons\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe
C:\Users\Aarons\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome (2).lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Aarons\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\hpDST.lnk - C:\Program Files (x86)\Hewlett-Packard\Setup Manager\hpDST.exe
C:\Users\Aarons\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mixcraft 6.lnk - C:\Program Files (x86)\Acoustica Mixcraft 6\mixcraft6.exe
C:\Users\Aarons\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Paint.lnk - C:\Windows\system32\mspaint.exe
C:\Users\Aarons\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Aarons\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Gabe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FVD Converter.lnk - C:\Program Files (x86)\FVD Converter\FVD Converter.exe
C:\Users\Gabe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Gabe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Gabe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Gabe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Gabe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe
C:\Users\Gabe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk - C:\Windows\system32\mspaint.exe
C:\Users\Gabe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome (2).lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Gabe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP Download Store.lnk - C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe http://redirect.hp.c...re&c=113&TYPE=4
C:\Users\Gabe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\hpDST.lnk - C:\Program Files (x86)\Hewlett-Packard\Setup Manager\hpDST.exe
C:\Users\Gabe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe
C:\Users\Gabe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Live Photo Gallery.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
C:\Users\Gabe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

==== shortcuts After Repair ======================

C:\Users\Aarons\Desktop\USB Gabby\Facebook.lnk - C:\Users\Gabe\AppData\Local\Torch\Application\torch.exe
C:\Users\Gabe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP Download Store.lnk - C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0DD54749-BE4A-9F00-5E1B-01E5D1E9A308} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{48E73B93-EB21-171A-7C12-33BA5A1447D6} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4E835A1A-D0DE-C704-CA95-4236F0589C86} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A9FB5285-9563-519F-C34B-F5703987EF21} deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaanijiojpcccpkjdjjmjghddcgcbfj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\banjjklfojcdbofbhbgiedekefohoaff deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bbffdhejhaoiflnpooogkckfdcmmjppn deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bcfjehbfanfhgoehogmbiebedkidedjb deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jnljpifflnndjilhoijmpjecfejgeecl deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mknfioaoingmjlbnpdginnnojpbiijkd deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mnmfolkogpnljmojkkkhoknhdkjphcmh deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\neebgdeaohaofdhldpobdpfocdonmgki deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupAgent deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Browser Infrastructure Helper deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_7E76354CA938FEE43A2660C795E2E79A deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KanevaTray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Optimizer Pro deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Health Kit deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Speed Maximizer deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtect deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtectAll deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yontoo Desktop deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Users\Aarons\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Aarons\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Gabe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gabe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Profile 3\Cache emptied successfully
C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=6931 folders=1427 4973356234 bytes)

==== Empty Temp Folders ======================

C:\Users\Aarons\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Gabe\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Gabe\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Users\Gabe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\banjjklfojcdbofbhbgiedekefohoaff" not found
"C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfjehbfanfhgoehogmbiebedkidedjb" not found
"C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebgdeaohaofdhldpobdpfocdonmgki" not found

==== EOF on Mon 01/27/2014 at 17:43:54.87 ======================

Here is the AdwCleaner log:

# AdwCleaner v3.017 - Report created 27/01/2014 at 17:51:53
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Gabe - AARONS-HP
# Running from : C:\Users\Gabe\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\~0
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\Program Files (x86)\NCH Software
Folder Deleted : C:\Windows\SysWOW64\BrowserProtect
Folder Deleted : C:\Program Files\DomaIQ Uninstaller
Folder Deleted : C:\Program Files\Windows Sidebar\Shared Gadgets\gadgetbox.gadget
Folder Deleted : C:\Users\Aarons\AppData\Local\DownloadTerms
Folder Deleted : C:\Users\Aarons\AppData\Local\torch
Folder Deleted : C:\Users\Aarons\AppData\LocalLow\SweetPacks
Folder Deleted : C:\Users\Aarons\AppData\Roaming\24x7 help
Folder Deleted : C:\Users\Aarons\AppData\Roaming\Conduit
Folder Deleted : C:\Users\Aarons\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
Folder Deleted : C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Folder Deleted : C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Ride Games
Folder Deleted : C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com
Folder Deleted : C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Folder Deleted : C:\Users\Gabe\AppData\Local\VisualBeeClient
Folder Deleted : C:\Users\Gabe\AppData\Local\visualbeeexe
Folder Deleted : C:\Users\Gabe\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\Gabe\AppData\Roaming\PCFixSpeed
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\[email protected]
File Deleted : C:\Users\Aarons\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
File Deleted : C:\Windows\System32\Tasks\NCH Software

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\FTDownloader
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bho
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FTDownloader_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FTDownloader_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Lucky Savings_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Lucky Savings_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Lucky Savings-InternalInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Lucky Savings-InternalInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LyricsFanUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LyricsFanUpdater_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\VAFMusic Conduit_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\VAFMusic Conduit_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_57da8c42
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0033254.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0033254.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0033254.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0033254.Sandbox.1
Key Deleted : HKCU\Software\5257d9dae06fe414
Key Deleted : HKLM\SOFTWARE\5257d9dae06fe414
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3310511
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_easy-audio-mixer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_easy-audio-mixer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft-server_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft-server_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6FDBBC21-E399-4542-B4CE-86326E1F0727}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B878FD4-8F19-46DB-94B1-4CABFF80679C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8BA495EF-6CD5-413A-8AEF-483631B98C4F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8C71E394-2E6F-452A-AB7D-C17E78307083}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BADB1512-759C-4792-A18A-DD6BDC4E1991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E54FBC83-9028-45AC-A5B9-D5DA828E59C2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E6C03E0-D368-4690-8168-9848D4C0F587}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322322254}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355325554}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366326654}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0113A098-06EA-4776-A011-D75590778F1E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{633AA60B-C339-46C3-951F-047F9822C473}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9156C8F9-B397-4DEF-8AC5-5966221A134A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A8E5842E-102B-4289-9D57-3B3F5B5E15D3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344324454}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{44C9CC91-6A4A-4579-B4B5-899ECDC18DC6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5E6C03E0-D368-4690-8168-9848D4C0F587}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD39D8DB-A7B8-41BB-A151-F74DD5A05E9F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{941B1A6F-ED42-4D99-A520-7AEAFF56BD48}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7E8A1050-CF67-4575-92DF-DCC60E7D952D}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355325554}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366326654}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\NCH Software
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Splashtop Inc.
Key Deleted : HKCU\Software\visualbee
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\findlyrics
Key Deleted : HKCU\Software\AppDataLow\Software\Lucky Savings
Key Deleted : HKCU\Software\AppDataLow\Software\LyricsWoofer
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Vid-Saver
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BetterSurf
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\DealPly
Key Deleted : HKLM\Software\Driver-Soft
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\GoforFiles
Key Deleted : HKLM\Software\InfoAtoms
Key Deleted : HKLM\Software\NCH Software
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\Splashtop Inc.
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\SweetPacks
Key Deleted : HKLM\Software\torch
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\Updater By Sweetpacks
Key Deleted : HKLM\Software\visualbee
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B7C5EA94-B96A-41F5-BE95-25D78B486678}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DomaIQ Uninstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InfoAtoms
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Splashtop Software Updater
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SweetPacks Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\DataMngr
Key Deleted : [x64] HKLM\SOFTWARE\DomaIQ
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Updater By Sweetpacks
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll
Key Deleted : HKLM\Software\Classes\Installer\Features\49AE5C7BA69B5F14EB59527DB8846687
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\49AE5C7BA69B5F14EB59527DB8846687
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7601.17514

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Aarons\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [24459 octets] - [27/01/2014 17:49:23]
AdwCleaner[S0].txt - [24059 octets] - [27/01/2014 17:51:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [24120 octets] ##########

Here is the FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-01-2014 02
Ran by Gabe (administrator) on AARONS-HP on 27-01-2014 17:55:43
Running from C:\Users\Gabe\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\splwow64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-03-11] (IDT, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPConnectionManager] - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [94264 2011-02-15] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520 2011-01-27] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [TaskTray] - [x]
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [78352 2012-09-03] (cyberlink)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [ISUSScheduler] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-08-09] (InstallShield Software Corporation)
HKLM-x32\...\Run: [RazerGameBooster] - C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe [61152 2013-11-22] (Razer Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKCU\...\Run: [EPSON NX420 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCA.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [Epson Stylus NX420(Network)] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCA.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [EPSON21A3F5 (Epson Stylus NX420)] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCA.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [Jump Desktop] - C:\Program Files (x86)\Jump Desktop\JumpDesktop.exe autorun
HKCU\...\Run: [690A3B64279ECB48B1C83D88E3FB162ECEE653EF._service_run] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863184 2013-12-03] (Google Inc.)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
MountPoints2: H - H:\LGAutoRun.exe
MountPoints2: {46d7bfa2-30be-11e2-b70c-2c27d7d4d60a} - G:\LGAutoRun.exe
MountPoints2: {5e8b317f-5912-11e2-af3e-2c27d7d4d60a} - G:\LGAutoRun.exe
HKU\Aarons\...\Run: [Epson Stylus NX420(Network)] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCA.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKU\Aarons\...\Run: [EPSON21A3F5 (Epson Stylus NX420)] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCA.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKU\Aarons\...\Run: [ISUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-08-09] (InstallShield Software Corporation)
HKU\Aarons\...\Run: [Optimizer Pro] - C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
HKU\Aarons\...\Run: [EPLTarget\P0000000000000004] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHMA.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\Aarons\...\Run: [EPLTarget\P0000000000000003] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHMA.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\Aarons\...\Run: [ooVoo.exe] - C:\Program Files (x86)\ooVoo\oovoo.exe [35489856 2013-10-31] (ooVoo LLC)
HKU\Aarons\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18705664 2013-01-08] (Skype Technologies S.A.)
HKU\Aarons\...\Policies\system: [DisableLockWorkstation] 0
HKU\Aarons\...\Policies\system: [DisableChangePassword] 0
HKU\Aarons\...\Policies\system: [LogonHoursAction] 2
HKU\Aarons\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
URLSearchHook: HKCU - (No Name) - {739df940-c5ee-4bab-9d7e-270894ae687a} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL =
SearchScopes: HKLM - {01900FB1-3A50-4BED-8BCF-7DC6EC494919} URL =
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.co...age={startPage}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name - {D426CFA3-F742-4C87-BFCE-76D5EEBC6FF4} - No File
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - No Name - {6e47d688-85ec-465a-9946-ec58220f14fc} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {739DF940-C5EE-4BAB-9D7E-270894AE687A} - No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.h...hpdetect118.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 65.32.5.111 65.32.5.112

Chrome:
=======
CHR Extension: (Website Logon) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe [2012-08-25]
CHR Extension: (Hulu - TV Shows) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\babdabjblhdjecooajkeenhbaegcdcgk [2012-08-25]
CHR Extension: (YouTube) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-08-25]
CHR Extension: (Facebook) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2012-08-25]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-08-25]
CHR Extension: (Hulu on fire) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\chgllnbkldfofeogfpbhciondkbendep [2012-08-25]
CHR Extension: (Google Search) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-09]
CHR Extension: (Netflix) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2012-08-25]
CHR Extension: (avast! WebRep) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2013-02-28]
CHR Extension: (Skype Click to Call) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-08-25]
CHR Extension: (Happy Wheels) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljdngafdeknonigdklkdlolkefpigejp [2012-11-22]
CHR Extension: (Fieldrunners) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpikhjbfbffdblahfidklcohlaeabak [2012-12-09]
CHR Extension: (Guitar Geek) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpijogomejcpdhifkigopflephcmopal [2013-01-04]
CHR Extension: (3Dnator) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhgjpfdjhlimkkdgnecbgnefdafbcncc [2012-08-25]
CHR Extension: (Gmail) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-09-09]
CHR Extension: (Abstract-Blue) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa [2012-08-25]
CHR Extension: (Canvas Rider) - C:\Users\Gabe\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2012-08-25]
CHR HKLM-x32\...\Chrome\Extension: [aepeildmfnnehghlknddebgjghlompfe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-02-11]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2012-11-25] ()
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-12-05] (Advanced Micro Devices, Inc.)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [245264 2012-09-03] (CyberLink)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2013-11-22] (Razer Inc.)
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2013-12-10] (Razer, Inc.)
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52320 2013-03-29] (http://libusb-win32.sourceforge.net)
R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2013-12-10] (Razer, Inc.)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74432 2013-12-10] (Razer, Inc.)
R3 stdpms; C:\Windows\System32\DRIVERS\stdpms.sys [28904 2013-10-22] (Splashtop Inc.)
S3 ALSysIO; \??\C:\Users\Aarons\AppData\Local\Temp\ALSysIO64.sys [x]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-01-27 17:55 - 2014-01-27 17:55 - 00000000 ____D C:\Users\Gabe\Desktop\FRST-OlderVersion
2014-01-27 17:48 - 2014-01-27 17:52 - 00000000 ____D C:\AdwCleaner
2014-01-27 17:47 - 2014-01-27 17:47 - 01236282 _____ C:\Users\Gabe\Downloads\AdwCleaner.exe
2014-01-27 17:47 - 2014-01-27 17:47 - 01236282 _____ C:\Users\Gabe\Desktop\AdwCleaner.exe
2014-01-27 17:41 - 2014-01-27 17:12 - 00024064 _____ C:\Windows\zoek-delete.exe
2014-01-27 17:14 - 2014-01-27 17:43 - 00062758 _____ C:\zoek-results.log
2014-01-27 17:12 - 2014-01-27 17:36 - 00000000 ____D C:\zoek_backup
2014-01-27 17:11 - 2014-01-27 17:11 - 01283072 _____ C:\Users\Gabe\Downloads\zoek.exe
2014-01-27 17:11 - 2014-01-27 17:11 - 01283072 _____ C:\Users\Gabe\Desktop\zoek.exe
2014-01-27 16:49 - 2014-01-27 16:49 - 03036672 _____ C:\Users\Gabe\Downloads\Gorilla_Uninstaller_Download_File.exe
2014-01-26 22:03 - 2014-01-26 22:03 - 00038004 _____ C:\Users\Gabe\Desktop\Addition.txt
2014-01-26 22:01 - 2014-01-27 17:55 - 00016594 _____ C:\Users\Gabe\Desktop\FRST.txt
2014-01-26 22:01 - 2014-01-27 17:55 - 00000000 ____D C:\FRST
2014-01-26 22:00 - 2014-01-27 17:55 - 02079232 _____ (Farbar) C:\Users\Gabe\Desktop\FRST64.exe
2014-01-26 21:32 - 2014-01-26 21:37 - 02685646 _____ C:\Users\Aarons\Desktop\Sneakker Geeekz.psd
2014-01-26 17:18 - 2014-01-26 17:18 - 00332994 _____ C:\Users\Gabe\Downloads\OTLfull.Txt
2014-01-26 17:06 - 2014-01-26 17:06 - 00675988 _____ C:\Users\Gabe\Downloads\Minecraft.exe
2014-01-26 16:28 - 2014-01-26 16:28 - 00106178 _____ C:\Users\Gabe\Downloads\Extras.Txt
2014-01-26 16:26 - 2014-01-26 17:18 - 00332994 _____ C:\Users\Gabe\Downloads\OTL.Txt
2014-01-26 16:13 - 2014-01-26 16:13 - 00602112 _____ (OldTimer Tools) C:\Users\Gabe\Downloads\OTL.exe
2014-01-25 23:54 - 2014-01-25 23:54 - 00022150 _____ C:\Users\Gabe\Downloads\123704420311.zip
2014-01-25 23:50 - 2014-01-25 23:50 - 00002090 _____ C:\Users\Gabe\Downloads\125952568110.stk
2014-01-25 23:34 - 2014-01-25 23:34 - 00000990 _____ C:\Users\Public\Desktop\Pivot Animator.lnk
2014-01-25 23:34 - 2014-01-25 23:34 - 00000000 ____D C:\ProgramData\Pivot Animator
2014-01-25 23:34 - 2014-01-25 23:34 - 00000000 ____D C:\Program Files (x86)\Pivot Animator
2014-01-25 23:33 - 2014-01-25 23:33 - 01765888 _____ C:\Users\Gabe\Downloads\Pivot_hrdc_ns.exe
2014-01-25 17:25 - 2014-01-27 17:10 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-25 17:25 - 2014-01-25 17:25 - 00000923 _____ C:\Users\Public\Desktop\Steam.lnk
2014-01-25 17:24 - 2014-01-25 17:24 - 01133552 _____ C:\Users\Aarons\Downloads\SteamSetup.exe
2014-01-25 17:21 - 2014-01-25 17:21 - 00001409 _____ C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-01-25 12:19 - 2014-01-25 12:19 - 00001409 _____ C:\Users\Gabe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-01-25 02:46 - 2014-01-25 02:46 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\mineshafter_squared
2014-01-25 01:28 - 2014-01-25 01:28 - 01133552 _____ C:\Users\Gabe\Downloads\SteamSetup (1).exe
2014-01-21 18:07 - 2014-01-21 18:07 - 00002150 _____ C:\Users\Gabe\Desktop\Splashtop Streamer.lnk
2014-01-21 17:52 - 2014-01-21 17:52 - 05966934 _____ (Splashtop Inc.) C:\Users\Gabe\Downloads\Splashtop_Business_Win_v2.4.5.2.exe
2014-01-18 15:22 - 2014-01-18 15:22 - 00942519 _____ C:\Users\Aarons\Downloads\(11) Facebook.htm
2014-01-18 15:22 - 2014-01-18 15:22 - 00000000 ____D C:\Users\Aarons\Downloads\(11) Facebook_files
2014-01-17 20:16 - 2014-01-17 20:17 - 05326304 _____ C:\Users\Gabe\Downloads\Synaptics_v17_0_19_C_XP32_Vista32_Win7-32_XP64_Vista64_Win7-64_Acme_Inc.zip
2014-01-17 20:10 - 2014-01-17 20:10 - 01133552 _____ C:\Users\Gabe\Downloads\SteamSetup.exe
2014-01-16 15:20 - 2013-11-26 20:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-16 15:20 - 2013-11-26 20:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-16 15:20 - 2013-11-26 20:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-16 15:20 - 2013-11-26 20:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-16 15:20 - 2013-11-26 20:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-16 15:20 - 2013-11-26 20:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-16 15:20 - 2013-11-26 20:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-16 15:20 - 2013-11-26 06:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-16 15:20 - 2013-11-26 05:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 13:10 - 2014-01-14 13:10 - 00458680 _____ C:\Users\Aarons\Downloads\Setup (1).exe
2014-01-08 21:47 - 2014-01-08 21:47 - 00474536 _____ C:\Users\Aarons\Downloads\Setup.exe
2014-01-08 10:41 - 2014-01-08 10:41 - 467617700 _____ C:\Windows\MEMORY.DMP
2014-01-08 10:41 - 2014-01-08 10:41 - 00354216 _____ C:\Windows\Minidump\010814-20779-01.dmp
2014-01-08 09:13 - 2013-04-09 18:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-01-08 09:13 - 2013-04-02 17:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-01-08 09:12 - 2014-01-08 09:12 - 00002085 _____ C:\Users\Public\Desktop\Razer Game Booster.lnk
2014-01-07 16:16 - 2014-01-07 16:16 - 00001743 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-07 16:15 - 2014-01-07 21:36 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-07 16:15 - 2014-01-07 16:16 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-07 16:15 - 2014-01-07 16:16 - 00000000 ____D C:\Program Files\iTunes
2014-01-07 16:15 - 2014-01-07 16:15 - 00000000 ____D C:\Program Files\iPod
2014-01-07 16:12 - 2014-01-07 16:23 - 348027174 _____ C:\Users\Aarons\Downloads\iPod2,1_4.1_8B117_Restore.ipsw
2014-01-07 16:07 - 2014-01-07 16:08 - 80521624 _____ (Apple Inc.) C:\Users\Aarons\Downloads\iTunes64Setup.exe
2014-01-07 00:05 - 2014-01-07 00:05 - 01053468 _____ C:\Users\Aarons\Downloads\{REQUEST}_downloader (1).exe
2014-01-07 00:04 - 2014-01-07 00:04 - 02248068 _____ C:\Users\Aarons\Downloads\{REQUEST}_downloader.exe
2014-01-07 00:03 - 2014-01-07 00:03 - 00001013 _____ C:\Users\Aarons\Downloads\[kickass.to]on.the.jellicoe.road.melina.marchetta.epub.torrent
2014-01-06 23:09 - 2014-01-06 23:09 - 00000000 ____D C:\Users\Aarons\AppData\Local\Razer
2014-01-06 12:24 - 2014-01-06 12:28 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\HandBrake
2014-01-06 09:22 - 2014-01-06 09:22 - 00000000 ____D C:\Users\Gabe\Documents\Razer
2014-01-06 09:22 - 2014-01-06 09:22 - 00000000 ____D C:\Users\Gabe\AppData\Local\Razer_Inc
2014-01-06 08:50 - 2014-01-06 08:50 - 00002215 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-06 04:19 - 2014-01-06 04:22 - 00000000 ____D C:\7a699e70de224dc21954db
2014-01-06 03:32 - 2014-01-06 03:35 - 00000000 ____D C:\fba59dd2b5adb9a0a2a5205e
2014-01-06 03:22 - 2014-01-06 03:22 - 00003242 _____ C:\Windows\System32\Tasks\{4B4AB9CF-0B31-4412-AED4-114DBEA463B5}
2014-01-06 02:47 - 2014-01-27 17:53 - 00007194 _____ C:\Windows\setupact.log
2014-01-06 02:47 - 2014-01-27 17:43 - 00176178 _____ C:\Windows\PFRO.log
2014-01-06 02:47 - 2014-01-06 02:47 - 00000000 _____ C:\Windows\setuperr.log
2014-01-06 02:19 - 2014-01-06 02:19 - 00064576 _____ C:\Users\Gabe\Documents\cc_20140106_021928.reg
2014-01-06 02:06 - 2014-01-06 02:37 - 00000000 ____D C:\28c9c4c20c3a25b3c3
2014-01-02 22:38 - 2014-01-26 01:01 - 00435200 _____ C:\Users\Gabe\AppData\Roaming\RZR_01925f6a4f7eaeedfb42bcd2a208.db
2014-01-02 22:36 - 2014-01-08 09:12 - 00000000 ____D C:\Users\Gabe\AppData\Local\Razer
2014-01-02 22:31 - 2014-01-02 22:31 - 00001224 _____ C:\Users\Gabe\Desktop\Razer Comms.lnk
2014-01-02 22:31 - 2014-01-02 22:31 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_RzFilter_01009.Wdf
2014-01-02 22:31 - 2013-12-10 19:14 - 00129472 _____ (Razer, Inc.) C:\Windows\system32\Drivers\RzDxgk.sys
2014-01-02 22:31 - 2013-12-10 19:14 - 00074432 _____ (Razer, Inc.) C:\Windows\system32\Drivers\RzFilter.sys
2014-01-02 22:30 - 2014-01-08 09:12 - 00000000 ____D C:\ProgramData\Razer
2014-01-02 22:30 - 2014-01-06 09:21 - 00000000 ____D C:\Program Files (x86)\Razer
2014-01-02 22:30 - 2014-01-02 22:30 - 00000000 ____D C:\Windows\Razer Core
2013-12-29 15:52 - 2013-12-29 22:49 - 00000000 ____D C:\Program Files (x86)\OpenDownloaderManager

==================== One Month Modified Files and Folders =======

2014-01-27 17:55 - 2014-01-27 17:55 - 00000000 ____D C:\Users\Gabe\Desktop\FRST-OlderVersion
2014-01-27 17:55 - 2014-01-26 22:01 - 00016594 _____ C:\Users\Gabe\Desktop\FRST.txt
2014-01-27 17:55 - 2014-01-26 22:01 - 00000000 ____D C:\FRST
2014-01-27 17:55 - 2014-01-26 22:00 - 02079232 _____ (Farbar) C:\Users\Gabe\Desktop\FRST64.exe
2014-01-27 17:54 - 2013-08-03 11:53 - 00001094 _____ C:\Windows\Tasks\Safe Saver-enabler.job
2014-01-27 17:54 - 2013-08-03 11:52 - 00001900 _____ C:\Windows\Tasks\Safe Saver-chromeinstaller.job
2014-01-27 17:54 - 2013-08-03 11:52 - 00001824 _____ C:\Windows\Tasks\Safe Saver-firefoxinstaller.job
2014-01-27 17:54 - 2013-08-03 11:52 - 00001194 _____ C:\Windows\Tasks\Safe Saver-codedownloader.job
2014-01-27 17:54 - 2013-03-21 19:46 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-27 17:54 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2014-01-27 17:53 - 2014-01-06 02:47 - 00007194 _____ C:\Windows\setupact.log
2014-01-27 17:53 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-27 17:52 - 2014-01-27 17:48 - 00000000 ____D C:\AdwCleaner
2014-01-27 17:52 - 2013-03-21 19:46 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-27 17:52 - 2012-11-22 11:04 - 01258374 _____ C:\Windows\WindowsUpdate.log
2014-01-27 17:50 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-27 17:50 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-27 17:47 - 2014-01-27 17:47 - 01236282 _____ C:\Users\Gabe\Downloads\AdwCleaner.exe
2014-01-27 17:47 - 2014-01-27 17:47 - 01236282 _____ C:\Users\Gabe\Desktop\AdwCleaner.exe
2014-01-27 17:43 - 2014-01-27 17:14 - 00062758 _____ C:\zoek-results.log
2014-01-27 17:43 - 2014-01-06 02:47 - 00176178 _____ C:\Windows\PFRO.log
2014-01-27 17:36 - 2014-01-27 17:12 - 00000000 ____D C:\zoek_backup
2014-01-27 17:30 - 2012-06-25 18:11 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-27 17:28 - 2012-08-19 13:26 - 00000000 ____D C:\Users\Gabe
2014-01-27 17:28 - 2012-02-24 12:02 - 00000000 ____D C:\Users\Aarons
2014-01-27 17:12 - 2014-01-27 17:41 - 00024064 _____ C:\Windows\zoek-delete.exe
2014-01-27 17:11 - 2014-01-27 17:11 - 01283072 _____ C:\Users\Gabe\Downloads\zoek.exe
2014-01-27 17:11 - 2014-01-27 17:11 - 01283072 _____ C:\Users\Gabe\Desktop\zoek.exe
2014-01-27 17:10 - 2014-01-25 17:25 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-27 16:50 - 2012-09-07 15:32 - 00000000 ____D C:\Users\Gabe\AppData\Local\CrashDumps
2014-01-27 16:49 - 2014-01-27 16:49 - 03036672 _____ C:\Users\Gabe\Downloads\Gorilla_Uninstaller_Download_File.exe
2014-01-27 15:04 - 2009-07-14 00:13 - 00783360 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-27 12:58 - 2013-02-08 10:25 - 00003192 _____ C:\Windows\System32\Tasks\HPCeeScheduleForAarons
2014-01-27 12:58 - 2013-02-08 10:25 - 00000336 _____ C:\Windows\Tasks\HPCeeScheduleForAarons.job
2014-01-27 11:19 - 2012-08-10 16:50 - 00000000 ____D C:\Users\Aarons\AppData\Roaming\Skype
2014-01-27 02:00 - 2012-09-09 17:12 - 00000000 ____D C:\Users\Gabe\AppData\Local\Adobe
2014-01-26 23:29 - 2012-08-19 13:27 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{87765B85-AB53-462B-9F7A-6ABABA16FBBD}
2014-01-26 22:03 - 2014-01-26 22:03 - 00038004 _____ C:\Users\Gabe\Desktop\Addition.txt
2014-01-26 21:37 - 2014-01-26 21:32 - 02685646 _____ C:\Users\Aarons\Desktop\Sneakker Geeekz.psd
2014-01-26 20:19 - 2012-02-24 11:26 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{63C9AABB-0CD9-41B8-B9CB-F7224580E5E5}
2014-01-26 17:31 - 2012-08-19 13:42 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\.minecraft
2014-01-26 17:18 - 2014-01-26 17:18 - 00332994 _____ C:\Users\Gabe\Downloads\OTLfull.Txt
2014-01-26 17:18 - 2014-01-26 16:26 - 00332994 _____ C:\Users\Gabe\Downloads\OTL.Txt
2014-01-26 17:06 - 2014-01-26 17:06 - 00675988 _____ C:\Users\Gabe\Downloads\Minecraft.exe
2014-01-26 16:28 - 2014-01-26 16:28 - 00106178 _____ C:\Users\Gabe\Downloads\Extras.Txt
2014-01-26 16:13 - 2014-01-26 16:13 - 00602112 _____ (OldTimer Tools) C:\Users\Gabe\Downloads\OTL.exe
2014-01-26 13:18 - 2009-07-14 00:08 - 00032644 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-26 01:01 - 2014-01-02 22:38 - 00435200 _____ C:\Users\Gabe\AppData\Roaming\RZR_01925f6a4f7eaeedfb42bcd2a208.db
2014-01-25 23:54 - 2014-01-25 23:54 - 00022150 _____ C:\Users\Gabe\Downloads\123704420311.zip
2014-01-25 23:50 - 2014-01-25 23:50 - 00002090 _____ C:\Users\Gabe\Downloads\125952568110.stk
2014-01-25 23:34 - 2014-01-25 23:34 - 00000990 _____ C:\Users\Public\Desktop\Pivot Animator.lnk
2014-01-25 23:34 - 2014-01-25 23:34 - 00000000 ____D C:\ProgramData\Pivot Animator
2014-01-25 23:34 - 2014-01-25 23:34 - 00000000 ____D C:\Program Files (x86)\Pivot Animator
2014-01-25 23:33 - 2014-01-25 23:33 - 01765888 _____ C:\Users\Gabe\Downloads\Pivot_hrdc_ns.exe
2014-01-25 17:59 - 2013-05-09 18:59 - 00000408 ____H C:\Windows\Tasks\Norton Security Scan for Aarons.job
2014-01-25 17:25 - 2014-01-25 17:25 - 00000923 _____ C:\Users\Public\Desktop\Steam.lnk
2014-01-25 17:24 - 2014-01-25 17:24 - 01133552 _____ C:\Users\Aarons\Downloads\SteamSetup.exe
2014-01-25 17:21 - 2014-01-25 17:21 - 00001409 _____ C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-01-25 17:21 - 2012-08-30 06:50 - 00001403 _____ C:\Users\Aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-25 12:22 - 2012-06-25 18:11 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-25 12:22 - 2012-06-25 18:11 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-25 12:22 - 2012-06-25 18:11 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-25 12:19 - 2014-01-25 12:19 - 00001409 _____ C:\Users\Gabe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-01-25 12:19 - 2012-08-19 13:27 - 00001403 _____ C:\Users\Gabe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-25 12:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2014-01-25 11:49 - 2007-01-01 20:25 - 00000000 ____D C:\Windows\Panther
2014-01-25 02:56 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2014-01-25 02:46 - 2014-01-25 02:46 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\mineshafter_squared
2014-01-25 01:28 - 2014-01-25 01:28 - 01133552 _____ C:\Users\Gabe\Downloads\SteamSetup (1).exe
2014-01-24 22:37 - 2013-02-28 18:14 - 00000000 ____D C:\Windows\pss
2014-01-24 22:37 - 2012-08-19 13:27 - 00000000 ___RD C:\Users\Gabe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-24 15:28 - 2012-08-30 07:14 - 00000000 ____D C:\Users\Aarons\AppData\Local\Adobe
2014-01-22 16:16 - 2012-02-24 12:38 - 00000000 ____D C:\Users\Aarons\AppData\Local\CrashDumps
2014-01-21 18:07 - 2014-01-21 18:07 - 00002150 _____ C:\Users\Gabe\Desktop\Splashtop Streamer.lnk
2014-01-21 17:52 - 2014-01-21 17:52 - 05966934 _____ (Splashtop Inc.) C:\Users\Gabe\Downloads\Splashtop_Business_Win_v2.4.5.2.exe
2014-01-18 15:22 - 2014-01-18 15:22 - 00942519 _____ C:\Users\Aarons\Downloads\(11) Facebook.htm
2014-01-18 15:22 - 2014-01-18 15:22 - 00000000 ____D C:\Users\Aarons\Downloads\(11) Facebook_files
2014-01-17 20:17 - 2014-01-17 20:16 - 05326304 _____ C:\Users\Gabe\Downloads\Synaptics_v17_0_19_C_XP32_Vista32_Win7-32_XP64_Vista64_Win7-64_Acme_Inc.zip
2014-01-17 20:10 - 2014-01-17 20:10 - 01133552 _____ C:\Users\Gabe\Downloads\SteamSetup.exe
2014-01-16 18:01 - 2009-07-13 23:45 - 04990000 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 22:34 - 2012-09-11 19:19 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\SoftGrid Client
2014-01-14 13:10 - 2014-01-14 13:10 - 00458680 _____ C:\Users\Aarons\Downloads\Setup (1).exe
2014-01-11 22:51 - 2013-02-08 10:25 - 00003220 _____ C:\Windows\System32\Tasks\HPCeeScheduleForAARONS-HP$
2014-01-11 22:51 - 2013-02-08 10:25 - 00000344 _____ C:\Windows\Tasks\HPCeeScheduleForAARONS-HP$.job
2014-01-08 21:47 - 2014-01-08 21:47 - 00474536 _____ C:\Users\Aarons\Downloads\Setup.exe
2014-01-08 18:55 - 2011-09-26 02:35 - 00775974 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-08 10:41 - 2014-01-08 10:41 - 467617700 _____ C:\Windows\MEMORY.DMP
2014-01-08 10:41 - 2014-01-08 10:41 - 00354216 _____ C:\Windows\Minidump\010814-20779-01.dmp
2014-01-08 10:41 - 2012-08-07 16:28 - 00000000 ____D C:\Windows\Minidump
2014-01-08 09:12 - 2014-01-08 09:12 - 00002085 _____ C:\Users\Public\Desktop\Razer Game Booster.lnk
2014-01-08 09:12 - 2014-01-02 22:36 - 00000000 ____D C:\Users\Gabe\AppData\Local\Razer
2014-01-08 09:12 - 2014-01-02 22:30 - 00000000 ____D C:\ProgramData\Razer
2014-01-07 21:36 - 2014-01-07 16:15 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-07 16:23 - 2014-01-07 16:12 - 348027174 _____ C:\Users\Aarons\Downloads\iPod2,1_4.1_8B117_Restore.ipsw
2014-01-07 16:16 - 2014-01-07 16:16 - 00001743 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-07 16:16 - 2014-01-07 16:15 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-07 16:16 - 2014-01-07 16:15 - 00000000 ____D C:\Program Files\iTunes
2014-01-07 16:15 - 2014-01-07 16:15 - 00000000 ____D C:\Program Files\iPod
2014-01-07 16:08 - 2014-01-07 16:07 - 80521624 _____ (Apple Inc.) C:\Users\Aarons\Downloads\iTunes64Setup.exe
2014-01-07 15:49 - 2012-06-25 17:27 - 00000000 ____D C:\Users\Aarons\AppData\Local\Google
2014-01-07 00:05 - 2014-01-07 00:05 - 01053468 _____ C:\Users\Aarons\Downloads\{REQUEST}_downloader (1).exe
2014-01-07 00:04 - 2014-01-07 00:04 - 02248068 _____ C:\Users\Aarons\Downloads\{REQUEST}_downloader.exe
2014-01-07 00:03 - 2014-01-07 00:03 - 00001013 _____ C:\Users\Aarons\Downloads\[kickass.to]on.the.jellicoe.road.melina.marchetta.epub.torrent
2014-01-06 23:10 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-06 23:09 - 2014-01-06 23:09 - 00000000 ____D C:\Users\Aarons\AppData\Local\Razer
2014-01-06 12:28 - 2014-01-06 12:24 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\HandBrake
2014-01-06 12:28 - 2012-09-21 14:24 - 00000000 ____D C:\Users\Gabe\Desktop\League of legends
2014-01-06 09:22 - 2014-01-06 09:22 - 00000000 ____D C:\Users\Gabe\Documents\Razer
2014-01-06 09:22 - 2014-01-06 09:22 - 00000000 ____D C:\Users\Gabe\AppData\Local\Razer_Inc
2014-01-06 09:21 - 2014-01-02 22:30 - 00000000 ____D C:\Program Files (x86)\Razer
2014-01-06 08:52 - 2012-08-25 10:08 - 00000000 ____D C:\Users\Gabe\AppData\Local\Google
2014-01-06 08:50 - 2014-01-06 08:50 - 00002215 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-06 08:50 - 2013-03-21 19:46 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-06 04:22 - 2014-01-06 04:19 - 00000000 ____D C:\7a699e70de224dc21954db
2014-01-06 03:35 - 2014-01-06 03:32 - 00000000 ____D C:\fba59dd2b5adb9a0a2a5205e
2014-01-06 03:26 - 2013-02-28 17:52 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-06 03:22 - 2014-01-06 03:22 - 00003242 _____ C:\Windows\System32\Tasks\{4B4AB9CF-0B31-4412-AED4-114DBEA463B5}
2014-01-06 03:18 - 2013-09-16 12:41 - 00000000 ____D C:\Users\Gabe\AppData\Roaming\uTorrent
2014-01-06 02:47 - 2014-01-06 02:47 - 00000000 _____ C:\Windows\setuperr.log
2014-01-06 02:37 - 2014-01-06 02:06 - 00000000 ____D C:\28c9c4c20c3a25b3c3
2014-01-06 02:22 - 2012-06-27 19:50 - 00000000 ____D C:\Users\Aarons\Documents\Youcam
2014-01-06 02:19 - 2014-01-06 02:19 - 00064576 _____ C:\Users\Gabe\Documents\cc_20140106_021928.reg
2014-01-05 16:31 - 2012-02-24 11:24 - 00082496 _____ C:\Users\Aarons\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-02 22:35 - 2012-08-19 13:28 - 00082496 _____ C:\Users\Gabe\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-02 22:31 - 2014-01-02 22:31 - 00001224 _____ C:\Users\Gabe\Desktop\Razer Comms.lnk
2014-01-02 22:31 - 2014-01-02 22:31 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_RzFilter_01009.Wdf
2014-01-02 22:30 - 2014-01-02 22:30 - 00000000 ____D C:\Windows\Razer Core
2014-01-02 19:05 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-31 20:55 - 2012-07-29 17:08 - 00000000 ____D C:\Users\Aarons\Documents\VirtualDJ
2013-12-29 22:49 - 2013-12-29 15:52 - 00000000 ____D C:\Program Files (x86)\OpenDownloaderManager
2013-12-29 22:08 - 2012-08-24 19:43 - 00000000 ____D C:\Users\Gabe\Documents\Youcam
2013-12-29 21:28 - 2013-01-03 03:53 - 00003180 _____ C:\Windows\System32\Tasks\HPCeeScheduleForGabe
2013-12-29 21:28 - 2013-01-03 03:53 - 00000328 _____ C:\Windows\Tasks\HPCeeScheduleForGabe.job

Some content of TEMP:
====================
C:\Users\Gabe\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-01-25 12:09

==================== End Of Log ============================

Here is the Additional.txt:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2014 02
Ran by Gabe at 2014-01-27 17:56:47
Running from C:\Users\Gabe\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Acoustica Mixcraft 6 (x32 Version: b216 - Acoustica)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe AIR (x32 Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.6.0.6090 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (x32 Version: 2.0.2.189 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.38 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (x32 Version: 8.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop.com Inspiration Browser (x32 Version: 3.04 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (x32 Version: 3.04 - Adobe Systems Incorporated) Hidden
Adobe Reader X MUI (x32 Version: 10.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.0.112 - Adobe Systems, Inc.)
AMD APP SDK Runtime (Version: 10.0.851.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (Version: 3.0.859.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2011.1205.2215.39827 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.61205.2219 - Advanced Micro Devices, Inc.) Hidden
AMD System Monitor (x32 Version: 1.0.5 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (x32 Version: 2011.1205.2215.39827 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (x32 Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
AuthenTec TrueAPI (Version: 1.2.1.33 - AuthenTec, Inc.) Hidden
Bamboo Dock (x32 Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Bamboo Tablets Tutorial (x32 Version: 3.0.20 - Wacom) Hidden
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.1205.2215.39827 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.1205.2215.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2011.1205.2214.39827 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2011.1205.2215.39827 - Advanced Micro Devices, Inc.) Hidden
CCleaner (Version: 4.04 - Piriform)
Core Temp 1.0 RC3 (Version: 1.0 - Alcpu)
CyberLink PowerDVD (x32 Version: 10.0.5.4504 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.5.4504 - CyberLink Corp.) Hidden
CyberLink YouCam (x32 Version: 3.5.1.4606 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.1.4606 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (Version: 2.10 - Piriform)
DomDomSoft Manga Downloader (remove only) (x32 Version: - )
Download Navigator (x32 Version: 3.4.0 - SEIKO EPSON CORPORATION)
Driver Genius Professional Edition (x32 Version: 10.0 - Driver-Soft Inc.)
DVD Shrink 3.2 (x32 Version: - DVD Shrink)
Energy Star Digital Logo (x32 Version: 1.0.1 - Hewlett-Packard)
EPSON Artisan 1430 Series Printer Uninstall (Version: - SEIKO EPSON Corporation)
Epson Connect (x32 Version: - )
Epson Customer Participation (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (x32 Version: 2.40.0001 - SEIKO EPSON CORPORATION)
EPSON NX420 Series Printer Uninstall (Version: - SEIKO EPSON Corporation)
Epson Print CD (x32 Version: 2.05.00 - SEIKO EPSON CORPORATION)
EPSON Scan (x32 Version: - Seiko Epson Corporation)
EpsonNet Print (x32 Version: 2.5.00 - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (x32 Version: 3.3b - SEIKO EPSON CORPORATION)
ESU for Microsoft Windows 7 (x32 Version: 1.0.0 - Hewlett-Packard)
Evernote v. 4.2.2 (x32 Version: 4.2.2.3979 - Evernote Corp.)
Express Burn (x32 Version: 4.68 - NCH Software)
exPressit SE (x32 Version: 3.10.0000 - Medea International Ltd)
FVD Converter 1.0.2 (x32 Version: - flashvideodownloader.org)
GadgetBox (x32 Version: 1.0 - GadgetBox) <==== ATTENTION
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Drive (x32 Version: 1.12.5329.1887 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GorillaPrice (x32 Version: - )
HandBrake 0.9.9.1 (x32 Version: 0.9.9.1 - )
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP 3D DriveGuard (Version: 4.1.5.1 - Hewlett-Packard Company)
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Connection Manager (x32 Version: 4.0.45.1 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (x32 Version: 1.2.0.0 - Hewlett-Packard)
HP DVB-T TV Tuner 8.0.64.43 (x32 Version: 8.0.64.43 - )
HP MovieStore (x32 Version: 1.0.047 - Hewlett-Packard) Hidden
HP MovieStore (x32 Version: 2.0 - Hewlett-Packard)
HP On Screen Display (x32 Version: 1.1.2 - Hewlett-Packard Company)
HP Power Manager (x32 Version: 1.2.1 - Hewlett-Packard Company)
HP Product Detection (x32 Version: 11.14.0001 - HP)
HP Quick Launch (x32 Version: 2.3.6 - Hewlett-Packard Company)
HP Setup (x32 Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (x32 Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP SimplePass 2011 (x32 Version: 5.1.0.495 - Hewlett-Packard)
HP Software Framework (x32 Version: 4.1.6.1 - Hewlett-Packard Company)
HP Support Assistant (x32 Version: 5.2.9.2 - Hewlett-Packard Company)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
IDT Audio (x32 Version: 1.0.6329.0 - IDT)
ImageCompressor (x32 Version: 1.0.0 - Rajput Y H)
iTunes (Version: 10.7.0.21 - Apple Inc.)
Java 7 Update 25 (x32 Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 4 (64-bit) (Version: 1.7.0.40 - Oracle)
Java™ 7 Update 4 (64-bit) (Version: 7.0.40 - Oracle)
JavaFX 2.1.1 (x32 Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (x32 Version: 1.3 - Riot Games)
Magic DVD Copier V8.1.0 (x32 Version: - Magic DVD Software, Inc.)
Memorex exPressit Label Design Studio (x32 Version: - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (x32 Version: 14.0.5131.5000 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
MotioninJoy Gamepad tool 0.7.1001 (Version: 0.7.1001 - www.motioninjoy.com)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Norton Security Scan (x32 Version: 4.0.0.48 - Symantec Corporation)
ooVoo (x32 Version: 3.6.1008 - ooVoo LLC.)
PDFCreator (x32 Version: 1.2.3 - Frank Heindörfer, Philip Chinery)
Pivot Animator version 4.1.10 (x32 Version: 4.1.10 - Motus Software Ltd)
Qualcomm Atheros WiFi Driver Installation (x32 Version: 9.2 - Qualcomm Atheros)
QuickShare (x32 Version: 1.6.1.931 - Linkury Inc.) <==== ATTENTION
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Ralink RT5390 802.11b/g/n WiFi Adapter (x32 Version: 3.01.16.1 - Ralink)
Razer Comms (x32 Version: 1.82.15 - Razer Inc.)
Razer Core (x32 Version: 1.0.1.56 - Razer Inc)
Razer Game Booster (x32 Version: 4.1.59.0 - Razer Inc.)
Realtek Ethernet Controller Driver (x32 Version: 7.50.1123.2011 - Realtek)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6519 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (x32 Version: 6.1.7600.80 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
RoxioNow Player (x32 Version: 1.9.5.103 - RoxioNow)
Safe Saver (x32 Version: 1.27.153.8 - Safe Saver)
SixaxisPairTool 0.2.3 (x32 Version: 0.2.3 - Dancing Pixel Studios)
Skype Click to Call (x32 Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.1 (x32 Version: 6.1.129 - Skype Technologies S.A.)
Steam (x32 Version: - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (Version: 15.3.29.0 - Synaptics Incorporated)
TightVNC (Version: 2.7.10.0 - GlavSoft LLC.)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1 - Microsoft Corporation)
Validity Sensors DDK (Version: 3.1.374 - Validity Sensors, Inc.)
Validity WBF DDK (Version: 4.3.118.0 - Validity Sensors, Inc.)
Video Screensaver 1.0 (x32 Version: 1.0 - rodflash.com)
VideoPad Video Editor (x32 Version: 3.04 - NCH Software)
VirtualDJ Home FREE (x32 Version: 7.0.5 - Atomix Productions)
VisualBee for Microsoft PowerPoint (HKCU Version: V3.6 - VisualBee.com)
Wacom (Version: 5.3.2-1 - Wacom Technology Corp.)
WBFS Manager 3.0 (x32 Version: 3.0 - AlexDP)
Webexp Enhanced (x32 Version: 1.1 - Webexp Enhanced) <==== ATTENTION
WebTablet FB Plugin 32 bit (x32 Version: 2.1.0.2 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (Version: 2.1.0.2 - Wacom Technology Corp.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Movie Maker 2.6 (x32 Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (x32 Version: 4.20.0 - win.rar GmbH)

==================== Restore Points =========================

16-01-2014 22:37:43 Windows Update
21-01-2014 19:39:01 Windows Update
21-01-2014 22:55:46 Installed Splashtop Streamer.
21-01-2014 22:59:41 Device Driver Package Install: Splashtop Inc. Monitors
23-01-2014 04:12:03 HPSF Restore Point
25-01-2014 03:42:55 Windows Update
25-01-2014 07:53:38 Windows Modules Installer
27-01-2014 21:31:36 Windows Update
27-01-2014 21:40:42 Windows Defender Checkpoint
27-01-2014 22:14:45 zoek.exe restore point

==================== Hosts content: ==========================

2009-07-13 21:34 - 2013-04-26 01:31 - 00000878 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0F7FF4B8-2915-480E-BE3B-7591BE862371} - System32\Tasks\Safe Saver-codedownloader => C:\Program Files (x86)\Safe Saver\Safe Saver-codedownloader.exe
Task: {19115EF8-9702-4CCA-B3B1-2DF41BFCA889} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-27] (Google Inc.)
Task: {1EFD3500-48C3-4B68-BFE3-136E81ADD383} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
Task: {358E9F26-0F15-4F5F-86B3-C9F5B83E8073} - System32\Tasks\Safe Saver-firefoxinstaller => C:\Program Files (x86)\Safe Saver\Safe Saver-firefoxinstaller.exe
Task: {3AFFD0E9-B0D3-4A11-88E9-86AA7DF9D0CA} - System32\Tasks\HPCeeScheduleForAARONS-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {463D73E6-B699-488D-9B8A-90A5DB530D14} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-27] (Google Inc.)
Task: {48F04C03-DE0D-46D1-AEE3-D768F58CABC3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {4D911614-0140-49A3-BA6D-ECB22061B3AE} - System32\Tasks\AdobeAAMUpdater-1.0-Aarons-HP-Aarons => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {60090C76-6585-4259-8503-60F54EE515EB} - System32\Tasks\Test TimeTrigger => C:\Users\Gabe\AppData\Local\Temp\Runner.exe <==== ATTENTION
Task: {7523D4D6-30B9-4535-9833-920BDF68728D} - System32\Tasks\Safe Saver-enabler => C:\Program Files (x86)\Safe Saver\Safe Saver-enabler.exe <==== ATTENTION
Task: {79365052-E51F-4C42-BC4F-7B53D5682161} - System32\Tasks\VisualBeeRecovery => C:\Users\Gabe\AppData\Local\VisualBeeExe\VisualBeeRecovery.exe
Task: {9BF559D5-26FF-408E-837B-985606EF4811} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-25] (Adobe Systems Incorporated)
Task: {A048CD7F-C316-4DDB-9E97-30294C47701C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company)
Task: {A5D4CB4C-872E-4882-A312-3DF48D1B9E93} - System32\Tasks\HPCeeScheduleForAarons => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {A6C526F5-2C68-439C-B659-AB9069136FA4} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-10-06] (CyberLink)
Task: {C07F10D8-79DC-4F59-833B-04DDB33ED568} - System32\Tasks\Safe Saver-chromeinstaller => C:\Program Files (x86)\Safe Saver\Safe Saver-chromeinstaller.exe
Task: {C8414ADB-CB54-4AB0-888B-B189EC3BF602} - System32\Tasks\Norton Security Scan for Aarons => C:\Program Files (x86)\Norton Security Scan\Engine\4.0.0.48\Nss.exe [2013-05-07] (Symantec Corporation)
Task: {E6D5AF10-58C9-42D2-9BF3-8C23C9915441} - System32\Tasks\HPCeeScheduleForGabe => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {F020A4A5-16DD-4A89-8583-3244366C9EA4} - System32\Tasks\AdobeAAMUpdater-1.0-Aarons-HP-Gabe => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {F6F76818-125E-4E9E-AB52-95F29CFB6EBA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2012-02-22] (Microsoft)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForAARONS-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForAarons.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForGabe.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\Norton Security Scan for Aarons.job => C:\PROGRA~2\NORTON~2\Engine\400~1.48\Nss.exe
Task: C:\Windows\Tasks\Safe Saver-chromeinstaller.job => C:\Program Files (x86)\Safe Saver\Safe Saver-chromeinstaller.exe
Task: C:\Windows\Tasks\Safe Saver-codedownloader.job => C:\Program Files (x86)\Safe Saver\Safe Saver-codedownloader.exe
Task: C:\Windows\Tasks\Safe Saver-enabler.job => C:\Program Files (x86)\Safe Saver\Safe Saver-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Safe Saver-firefoxinstaller.job => C:\Program Files (x86)\Safe Saver\Safe Saver-firefoxinstaller.exe

==================== Loaded Modules (whitelisted) =============

2013-06-19 23:45 - 2013-06-19 23:45 - 03317616 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
2013-03-26 22:31 - 2012-12-11 12:07 - 01184640 _____ () C:\Program Files\Tablet\Pen\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:AD022376
AlternateDataStreams: C:\ProgramData\Temp:D346F792

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (01/27/2014 05:54:07 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2014 05:43:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2014 05:02:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2014 04:50:29 PM) (Source: Application Error) (User: )
Description: Faulting application name: Gorilla_Uninstaller_Download_File.exe, version: 1.0.0.1, time stamp: 0x52e6d2f3
Faulting module name: Gorilla_Uninstaller_Download_File.exe, version: 1.0.0.1, time stamp: 0x52e6d2f3
Exception code: 0xc0000417
Fault offset: 0x00124653
Faulting process id: 0x20e4
Faulting application start time: 0xGorilla_Uninstaller_Download_File.exe0
Faulting application path: Gorilla_Uninstaller_Download_File.exe1
Faulting module path: Gorilla_Uninstaller_Download_File.exe2
Report Id: Gorilla_Uninstaller_Download_File.exe3

Error: (01/27/2014 04:40:41 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {a9571071-495b-4c8a-9c19-5fb34f7f6a97}

Error: (01/27/2014 04:33:21 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2014 04:28:48 PM) (Source: WTabletServiceCon) (User: )
Description: Prefs: Failed to get user path

Error: (01/27/2014 11:04:37 AM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (01/27/2014 10:56:01 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/26/2014 10:04:21 PM) (Source: Application Error) (User: )
Description: Faulting application name: WerFault.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc2d9
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x0005b263
Faulting process id: 0x1d78
Faulting application start time: 0xWerFault.exe0
Faulting application path: WerFault.exe1
Faulting module path: WerFault.exe2
Report Id: WerFault.exe3

System errors:
=============
Error: (01/27/2014 05:54:51 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/27/2014 05:44:21 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/27/2014 05:22:28 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (01/27/2014 05:22:28 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (01/27/2014 05:22:28 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (01/27/2014 05:22:27 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (01/27/2014 05:22:27 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (01/27/2014 05:22:27 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (01/27/2014 05:22:26 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (01/27/2014 05:22:26 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Microsoft Office Sessions:
=========================
Error: (01/27/2014 05:54:07 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2014 05:43:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2014 05:02:42 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2014 04:50:29 PM) (Source: Application Error)(User: )
Description: Gorilla_Uninstaller_Download_File.exe1.0.0.152e6d2f3Gorilla_Uninstaller_Download_File.exe1.0.0.152e6d2f3c00004170012465320e401cf1ba9acc21cc1C:\Users\Gabe\Downloads\Gorilla_Uninstaller_Download_File.exeC:\Users\Gabe\Downloads\Gorilla_Uninstaller_Download_File.exe090324a7-879d-11e3-bfe9-2c27d7d4d60a

Error: (01/27/2014 04:40:41 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.

Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {a9571071-495b-4c8a-9c19-5fb34f7f6a97}

Error: (01/27/2014 04:33:21 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2014 04:28:48 PM) (Source: WTabletServiceCon)(User: )
Description: Prefs: Failed to get user path

Error: (01/27/2014 11:04:37 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (01/27/2014 10:56:01 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/26/2014 10:04:21 PM) (Source: Application Error)(User: )
Description: WerFault.exe6.1.7600.163854a5bc2d9ntdll.dll6.1.7601.18247521ea8e7c00000050005b2631d7801cf1b0c7545d30eC:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\ntdll.dllb75f753e-86ff-11e3-97ae-2c27d7d4d60a

==================== Memory info ===========================

Percentage of memory in use: 35%
Total physical RAM: 3834.9 MB
Available physical RAM: 2483.91 MB
Total Pagefile: 9584.08 MB
Available Pagefile: 8130.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:450.84 GB) (Free:211.71 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:14.63 GB) (Free:1.62 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 8D715ADE)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=451 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================

#6
emeraldnzl

Posted 27 January 2014 - 05:24 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Hello seniorj12,

Looking better.

Now

Download the attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

After that

Please download ComboFix from this location:

Link

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.

Double click on ComboFix.exe & follow the prompts.
If you have an older Operating System you may be asked whether you want to install the Recovery Console. Click yes and follow any prompts.
Your desktop may go blank. This is normal.
ComboFix may appear to be doing nothing for quite long periods, this is normal, just leave it to do it's job.
ComboFix may reboot your machine. This is normal too.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.

When you return please post
Fixlog.txt
ComboFix.txt

#7
seniorj12

Posted 28 January 2014 - 08:50 AM

New Member

Topic Starter
Member
9 posts

I did the last step, that you told me to. I started it last night, my screen went blank with white lines going vertically across my screen. I know you said this is normal, but it hasn't changed yet... Is this normal?

#8
emeraldnzl

Posted 28 January 2014 - 12:58 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Hello seniorj12,

Sorry for the delay in getting back to you. Unfortunately where I am it was the early hours of the morning when you posted and I was sound asleep.

What is the situation now?

Here are some options to try if it's just that ComboFix is stalled.

Combofix can take a long time especially if the computer is severely infected.

Having said that it can sometimes get conflict from other programs on the machine or an infection can stop it.

It may appear as if ComboFix has stopped working. To verify it is still running please do one of the following below.

Check your computer clock. If it is still running then so is ComboFix
Open Task Manager and select the Applications Tab. If the status of AutoScan is Running, then ComboFix is running
Open Task Manager and select the Processes Tab. Under Image Name look for files ending in .3xe. If there are fluctuating numbers under CPU and Mem
Usage then ComboFix is running

If ComboFix is definitely stalled then:

Open Task Manager and look for the following ComboFix related processes:

PEV.exe
NirCmd.cfxxe
PEV.cfxxe
SED
GREP
Any file that has the extension *.3XE

One at a time, right-click and select End Process.

With luck that will free ComboFix and allow it to continue. If that doesn't work then you will need to reboot the computer manually.

If you have to reboot manually come back and tell me.

#9
seniorj12

Posted 28 January 2014 - 06:27 PM

New Member

Topic Starter
Member
9 posts

The computer was unresponsive so I had to reboot it.

#10
emeraldnzl

Posted 28 January 2014 - 06:31 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Before we try ComboFix again (it will often run okay on the second run) did you carry out the FRST fix?

If so, let's have a look at the Fixlog.txt and see what it tells us.

#11
seniorj12

Posted 28 January 2014 - 08:28 PM

New Member

Topic Starter
Member
9 posts

Here is the fixlog.

Attached Files

Fixlog.txt 3.07KB 204 downloads

#12
emeraldnzl

Posted 28 January 2014 - 08:46 PM

GeekU Instructor

GeekU Moderator
20,051 posts

That looks fine.

Let's have another try with ComboFix. This time we will rename it before we use it.

Please delete your version of ComboFix, including the folders C:\Qoobox and C:\Combofix if they are there.

After that

Download Combofix from of the link below. You must rename it before saving it. Save it to your desktop.

Link

Save as Confuse.exe

Rename ComboFix to Confuse.exe

--------------------------------------------------------------------

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.

Double click on Confuse.exe & follow the prompts.

When finished, it will produce a report for you.
Please post the C:\ComboFix.txt for review.

If you run into difficulties similar to last time check post #8 and follow the actions there.

#13
seniorj12

Posted 29 January 2014 - 06:02 PM

New Member

Topic Starter
Member
9 posts

It took some time but here it is the combofix log.

Attached Files

ComboFix.txt 36.49KB 192 downloads

#14
emeraldnzl

Posted 29 January 2014 - 06:21 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Hello again seniorj12,

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

Click the green ESET Online Scanner box
Tick the box next to YES, I accept the Terms of Use
then click on: Start
You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
Make sure that the option Scan archives is checked.
If you are given an option to quarantine files ensure the scan is set to do so.
Now click on Advanced Settings and select the following:
- Scan for potentially unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth Technology
Click on Start
The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
When completed the Online Scan will begin automatically. The scan may take several hours.
Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
When completed select Uninstall application on close, before you do that though, make sure you copy the logfile to notepad somewhere you can find it again
Then click on: Finish
Copy and paste that log as a reply to this topic and tell me how your machine is now.