Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Comuter is slow [Closed]

Started by ego10fan , Feb 14 2014 06:13 PM

  • This topic is locked This topic is locked

#1
ego10fan
Posted 14 February 2014 - 06:13 PM

ego10fan

    Member

  • Member
  • PipPip
  • 44 posts
I don't know what's up, I have avast antivirus and i've run several scans and they all say that my computer is clean. I can browse the internet just fine, but i suddenly have a problem with running applications such as skype. It will take about ten minutes to load and usually just crash and freeze up my whole computer. I run a windows 7 with an AMD A6-3620 quad core processor and I have never had a problem like this before. Here is my OTL:

OTL logfile created on: 2/14/2014 4:03:25 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Storage\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.48 Gb Total Physical Memory | 4.90 Gb Available Physical Memory | 65.60% Memory free
14.95 Gb Paging File | 11.53 Gb Available in Paging File | 77.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 914.81 Gb Total Space | 493.47 Gb Free Space | 53.94% Space Free | Partition Type: NTFS
Drive D: | 16.61 Gb Total Space | 2.07 Gb Free Space | 12.49% Space Free | Partition Type: NTFS

Computer Name: ALEX-HP | User Name: Storage | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/02/14 15:52:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Storage\Downloads\OTL.exe
PRC - [2014/02/10 21:45:53 | 001,824,000 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2014/02/10 16:02:40 | 084,622,848 | ---- | M] () -- C:\{$1021-2264-7533-8828$}\comhost.exe
PRC - [2014/02/09 21:57:54 | 003,767,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/02/09 21:57:54 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/02/06 20:42:12 | 000,080,160 | ---- | M] () -- C:\Program Files (x86)\RightSurf\bin\utilRightSurf.exe
PRC - [2014/02/05 14:22:52 | 000,080,160 | ---- | M] () -- C:\Program Files (x86)\RightSurf\updateRightSurf.exe
PRC - [2014/02/01 15:42:39 | 000,866,632 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/10/31 10:41:10 | 035,489,856 | ---- | M] (ooVoo LLC) -- C:\Program Files (x86)\oovoo\ooVoo.exe
PRC - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2013/06/25 15:03:22 | 000,675,584 | ---- | M] () -- C:\ProgramData\IBUpdaterService\ibsvc.exe
PRC - [2013/06/17 21:24:09 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/01/18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/08/12 08:54:32 | 001,128,952 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2008/11/20 09:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2003/04/06 00:06:58 | 000,028,672 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
PRC - [2003/04/05 23:37:10 | 000,323,646 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe


========== Modules (No Company Name) ==========

MOD - [2014/02/09 21:57:55 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/02/01 15:42:37 | 013,616,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
MOD - [2014/02/01 15:42:37 | 000,399,688 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppgooglenaclpluginchrome.dll
MOD - [2014/02/01 15:42:35 | 004,055,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
MOD - [2014/02/01 15:41:45 | 000,715,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll
MOD - [2014/02/01 15:41:45 | 000,100,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll
MOD - [2014/02/01 15:41:43 | 001,634,632 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
MOD - [2014/01/27 11:02:52 | 001,138,088 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2014/01/10 15:33:44 | 020,625,832 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2014/01/10 15:33:42 | 000,717,312 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013/12/12 14:19:40 | 000,142,848 | ---- | M] () -- C:\Program Files (x86)\Steam\libavresample-1.dll
MOD - [2013/11/04 17:12:06 | 000,890,592 | ---- | M] () -- C:\Program Files (x86)\Steam\libavutil-52.dll
MOD - [2013/06/14 15:49:12 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2013/06/14 15:49:12 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2013/06/14 15:49:12 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/08/27 20:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/08/27 20:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/02/09 21:57:54 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/02/06 02:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/26 21:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/12/19 15:32:12 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011/10/24 05:16:42 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/10/11 01:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2014/02/06 20:42:12 | 000,080,160 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RightSurf\bin\utilRightSurf.exe -- (Util RightSurf)
SRV - [2014/02/05 14:22:52 | 000,080,160 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RightSurf\updateRightSurf.exe -- (Update RightSurf)
SRV - [2014/01/28 16:55:21 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/03 18:51:18 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013/06/25 15:03:22 | 000,675,584 | ---- | M] () [Auto | Running] -- C:\ProgramData\IBUpdaterService\ibsvc.exe -- (IBUpdaterService)
SRV - [2013/06/17 21:24:09 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/01/18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/08/16 13:03:16 | 000,016,384 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe -- (CalendarSynchService)
SRV - [2011/08/12 08:54:32 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2010/10/12 09:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/02/09 21:57:57 | 001,038,072 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014/02/09 21:57:57 | 000,421,704 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014/02/09 21:57:57 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/02/09 21:57:57 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/02/09 21:57:57 | 000,080,184 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014/02/09 21:57:57 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/02/09 21:57:57 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/01/22 06:52:21 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/12/10 16:14:26 | 000,074,432 | ---- | M] (Razer, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\RzFilter.sys -- (RzFilter)
DRV:64bit: - [2013/07/14 13:50:11 | 000,111,696 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NIWinCDEmu.sys -- (NIWinCDEmu)
DRV:64bit: - [2013/06/26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2013/05/09 00:59:06 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013/03/31 18:32:04 | 000,082,600 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2013/03/31 18:32:04 | 000,042,664 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2013/02/22 21:44:51 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/12/06 09:42:12 | 002,350,176 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2012/11/17 06:22:26 | 000,105,624 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Tpkd.sys -- (Tpkd)
DRV:64bit: - [2012/10/16 20:04:10 | 000,123,664 | ---- | M] (High Criteria inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TotRec8.sys -- (TotRec8)
DRV:64bit: - [2012/08/23 06:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 06:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 06:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/17 22:09:38 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/07/05 18:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/07/05 18:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/06/06 20:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2012/05/21 17:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/05/09 11:50:24 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/05/09 11:50:24 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/04/17 18:13:32 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/04/17 17:42:14 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/04/09 09:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/18 05:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/01/18 05:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/11/03 03:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011/10/24 05:56:54 | 010,203,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/10/24 04:40:08 | 000,310,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/09/14 02:35:45 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/08/03 19:38:37 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2011/07/25 10:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symds64.sys -- (SymDS)
DRV:64bit: - [2010/11/20 19:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 19:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/11 00:11:52 | 000,141,384 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdserd.sys -- (sscdserd)
DRV:64bit: - [2010/11/11 00:11:50 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010/11/11 00:11:50 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)
DRV:64bit: - [2010/11/11 00:11:50 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2010/02/18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/08/21 00:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 16:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009/06/10 12:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/01/12 14:04:44 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130112.007\EX64.SYS -- (NAVEX15)
DRV - [2013/01/12 14:04:44 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013/01/12 14:04:44 | 000,126,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130112.007\ENG64.SYS -- (NAVENG)
DRV - [2012/10/23 15:34:23 | 001,384,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130107.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/09/26 23:09:08 | 000,077,004 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysWow64\drivers\AFS.SYS -- (AFS)
DRV - [2012/09/06 03:54:30 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130113.001\IDSvia64.sys -- (IDSVia64)
DRV - [2012/08/08 21:37:40 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmood...CtB&cr=30495404
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope = {27F932EF-5D6B-4AEF-A855-E8A7CABCB1E5}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmood...CtB&cr=30495404
IE - HKLM\..\SearchScopes\{7486BD2A-0307-6164-8127-53BFF248EBE9}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.search.as...2013-08-12&psv=
IE - HKCU\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {DC8537D2-46C8-4740-B4AE-9153E680C99E}
IE - HKCU\..\SearchScopes\{27F932EF-5D6B-4AEF-A855-E8A7CABCB1E5}: "URL" = http://search.condui...2483087232&UM=2
IE - HKCU\..\SearchScopes\{A602E022-0C78-4742-AAF5-ED63250FBE3B}: "URL" = http://search.genieo...q={searchTerms}
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKCU\..\SearchScopes\{DC8537D2-46C8-4740-B4AE-9153E680C99E}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{EFBF8077-8D2C-4031-8774-BE5EE79B6562}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_80.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_80.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2012/07/17 21:07:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2014/02/10 19:45:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Storage\AppData\Roaming\Mozilla\Extensions\[email protected] [2013/06/25 15:04:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Storage\AppData\Roaming\Mozilla\Extensions\[email protected] [2013/06/25 15:04:39 | 000,000,000 | ---D | M]

[2013/07/09 18:34:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Storage\AppData\Roaming\Mozilla\Extensions
[2013/06/25 15:04:39 | 000,000,000 | ---D | M] (Speed Analysis 2) -- C:\Users\Storage\AppData\Roaming\Mozilla\Extensions\[email protected]
[2013/05/09 22:17:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://search.condui...5821396318&UM=2
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_95.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - Extension: Google Drive = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\
CHR - Extension: Rainbow Dash Theme = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecjondhpjdpclmajhniogilladpgpjgi\1_0\
CHR - Extension: Custom Google\u2122 Background = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\jepibmfmhopgkplegmkjgifmhabbjadg\6.2.2_0\
CHR - Extension: Ponify = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaelfbndbnpddlehfmbhjnphpjljegae\0.96.4_0\
CHR - Extension: Google Wallet = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: HoofSounds = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\pakhjhphleppgakhlffhlfhbekfnobbk\1.121_0\

O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll File not found
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL File not found
O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\PROGRA~2\Funmoods\1.5.23.22\bh\escort.dll File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~2\Funmoods\1.5.23.22\escorTlbr.dll File not found
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42435041-3500-A76A-76A7-7A786E7484D7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4F564F32-5637-006A-76A7-7A786E7484D7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll File not found
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [OtShot] C:\Program Files (x86)\OtShot\otshot.exe -minimize File not found
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows COM Host] C:\{$1021-2264-7533-8828$}\comhost.exe -rundll32 /SYSTEM32 "C:\Windows\System32\taskmgr.exe" "C:\Program Files\Microsoft\Windows" File not found
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [ooVoo.exe] C:\program files (x86)\oovoo\oovoo.exe (ooVoo LLC)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - HKCU..\RunOnce: [Application Restart #1] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - Startup: C:\Users\Storage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google.com.url ()
F3:64bit: - HKCU WinNT: Load - (C:\{$1021-2264-7533-8828$}\comhost.exe) - C:\{$1021-2264-7533-8828$}\comhost.exe ()
F3 - HKCU WinNT: Load - (C:\{$1021-2264-7533-8828$}\comhost.exe) - C:\{$1021-2264-7533-8828$}\comhost.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://hp.digitalriv..._US&keywords=%w
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Find Software on HP Download Store (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C882AA94-6E83-4763-A643-0CBF69D7C1B0}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (expstart.exe) - C:\Windows\expstart.exe ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\avcenter.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\avguard.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\avp.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\bdagent.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\ccuac.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\ComboFix.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\egui.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\hijackthis.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\keyscrambler.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\mbam.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\MpCmdRun.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\MSASCui.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\MsMpEng.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\msseces.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\spybotsd.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\wireshark.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\zlclient.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\avcenter.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\avguard.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\avp.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\bdagent.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\ccuac.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\ComboFix.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\egui.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\hijackthis.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\keyscrambler.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\mbam.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\MpCmdRun.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\MSASCui.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\MsMpEng.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\msseces.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\spybotsd.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\wireshark.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\zlclient.exe: Debugger - nsjw.exe File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/02/13 15:59:38 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/02/11 19:55:02 | 000,000,000 | -H-D | C] -- C:\{$1021-2264-7533-8828$}
[2014/02/11 19:49:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FYZip
[2014/02/11 19:49:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FYZip
[2014/02/11 19:49:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
[2014/02/11 19:49:24 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Local\SearchProtect
[2014/02/10 12:43:12 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Roaming\SecondLife
[2014/02/10 12:43:10 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Local\SecondLife
[2014/02/09 22:02:50 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Roaming\AVAST Software
[2014/02/09 21:58:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/02/09 21:58:23 | 000,080,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/02/09 21:15:15 | 000,000,000 | ---D | C] -- C:\history
[2014/02/07 20:04:15 | 000,000,000 | ---D | C] -- C:\Users\Storage\Desktop\Wooden toaster
[2014/02/05 21:07:30 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Roaming\PhotoScape
[2014/02/05 21:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
[2014/02/05 21:07:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoScape
[2014/02/05 21:06:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RightSurf
[2014/02/01 19:50:52 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Local\Razer
[2014/01/31 17:53:10 | 000,074,432 | ---- | C] (Razer, Inc.) -- C:\Windows\SysNative\drivers\RzFilter.sys
[2014/01/31 17:52:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Razer
[2014/01/31 17:52:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer
[2014/01/29 20:33:43 | 000,000,000 | ---D | C] -- C:\Crash
[2014/01/29 16:43:04 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Local\SCE
[2014/01/24 21:04:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Second Life Viewer
[2014/01/24 21:04:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SecondLifeViewer
[2014/01/21 19:14:18 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Local\Blizzard Entertainment
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/02/14 16:05:33 | 000,213,080 | ---- | M] () -- C:\Users\Storage\AppData\Roaming\msconfig.ini
[2014/02/14 15:42:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/14 14:49:34 | 000,000,054 | ---- | M] () -- C:\Users\Storage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google.com.url
[2014/02/14 14:07:23 | 000,717,492 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/02/14 14:07:23 | 000,618,570 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/02/14 14:07:23 | 000,103,748 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/02/14 13:41:11 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/14 13:41:11 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/14 13:33:33 | 1726,414,847 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/12 22:51:55 | 000,775,482 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/02/11 20:46:04 | 000,000,406 | ---- | M] () -- C:\Windows\tasks\FreeFileViewerUpdateChecker.job
[2014/02/11 19:59:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1005UA.job
[2014/02/11 19:58:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1003UA.job
[2014/02/11 19:57:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/11 19:55:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/11 19:49:26 | 000,000,000 | ---- | M] () -- C:\END
[2014/02/11 09:59:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1005Core.job
[2014/02/11 08:57:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/11 06:58:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1003Core.job
[2014/02/10 16:02:40 | 084,622,848 | RHS- | M] () -- C:\ProgramData\668418588.exe
[2014/02/10 00:20:27 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/02/09 21:57:57 | 001,038,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/02/09 21:57:57 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/02/09 21:57:57 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/02/09 21:57:57 | 000,207,904 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/02/09 21:57:57 | 000,092,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/02/09 21:57:57 | 000,080,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/02/09 21:57:57 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/02/09 21:57:57 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/02/09 21:57:56 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/02/09 21:52:29 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2014/02/08 16:39:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForStorage.job
[2014/02/05 21:07:22 | 000,001,061 | ---- | M] () -- C:\Users\Storage\Application Data\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk
[2014/02/05 21:07:22 | 000,001,037 | ---- | M] () -- C:\Users\Storage\Desktop\PhotoScape.lnk
[2014/02/01 19:26:38 | 004,894,744 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/31 17:53:12 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RzFilter_01009.Wdf
[2014/01/24 21:04:49 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Second Life Viewer.lnk
[2014/01/24 21:03:49 | 031,478,056 | ---- | M] () -- C:\Users\Storage\Desktop\Second_Life_3_6_13_284995_i686_Setup.exe
[2014/01/23 16:56:44 | 000,000,222 | ---- | M] () -- C:\Users\Storage\Desktop\PlanetSide 2.url
[2014/01/22 06:52:21 | 000,064,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/02/13 05:48:59 | 000,000,054 | ---- | C] () -- C:\Users\Storage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google.com.url
[2014/02/11 19:55:12 | 000,212,568 | ---- | C] () -- C:\Users\Storage\AppData\Roaming\msconfig.ini
[2014/02/11 19:55:02 | 084,622,848 | RHS- | C] () -- C:\ProgramData\668418588.exe
[2014/02/09 21:58:37 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/02/05 21:07:22 | 000,001,061 | ---- | C] () -- C:\Users\Storage\Application Data\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk
[2014/02/05 21:07:22 | 000,001,037 | ---- | C] () -- C:\Users\Storage\Desktop\PhotoScape.lnk
[2014/01/31 17:53:12 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RzFilter_01009.Wdf
[2014/01/24 21:04:49 | 000,001,159 | ---- | C] () -- C:\Users\Public\Desktop\Second Life Viewer.lnk
[2014/01/24 21:03:55 | 031,478,056 | ---- | C] () -- C:\Users\Storage\Desktop\Second_Life_3_6_13_284995_i686_Setup.exe
[2014/01/23 16:56:44 | 000,000,222 | ---- | C] () -- C:\Users\Storage\Desktop\PlanetSide 2.url
[2013/06/04 16:03:21 | 000,925,184 | ---- | C] () -- C:\Windows\expstart.exe
[2013/06/02 18:21:59 | 000,000,258 | RHS- | C] () -- C:\Users\Storage\ntuser.pol
[2012/11/17 06:23:24 | 000,021,656 | ---- | C] () -- C:\Windows\SysWow64\drivers\iLokDrvr.sys
[2012/11/16 22:21:08 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2012/10/25 06:33:06 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/10/25 06:30:20 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/09/26 15:31:27 | 000,016,618 | ---- | C] () -- C:\Windows\hpomdl01.dat
[2012/09/14 22:43:29 | 000,290,184 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/09/14 22:43:25 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/08/08 23:40:32 | 000,065,576 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2012/08/08 23:40:28 | 000,022,560 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2012/07/22 22:21:04 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll
[2012/05/09 11:53:30 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/05/02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll

========== ZeroAccess Check ==========

[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 18:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 17:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/11/27 22:52:13 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\Ableton
[2013/08/20 15:16:05 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\Audacity
[2014/02/09 22:02:50 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\AVAST Software
[2013/06/25 15:20:38 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\BANDISOFT
[2013/07/20 17:17:25 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\Cycling '74
[2013/06/25 15:04:22 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\File Scout
[2013/08/09 15:41:15 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\FlvtoConverter
[2013/06/30 21:28:12 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\Free PDF Tablet
[2013/08/02 23:05:58 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\FreeFileViewer
[2013/06/10 21:35:33 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\LolClient
[2013/07/24 21:34:02 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\ooVoo Details
[2013/08/26 17:07:20 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\OpenCandy
[2013/07/30 13:25:28 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\Origin
[2013/11/28 19:34:34 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\PACE Anti-Piracy
[2014/02/05 21:10:24 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\PhotoScape
[2014/02/10 12:47:22 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\SecondLife
[2014/02/12 22:46:06 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\SoftGrid Client
[2013/06/25 15:04:38 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\SpeedAnalysis2
[2013/07/20 14:13:11 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\TotalRecorder
[2013/08/26 21:05:02 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\TuneUp Software
[2013/11/28 22:13:39 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 905 bytes -> C:\ProgramData\Microsoft:evOBYxnMtA2cQgs2hKaBxyTjiyQnD
@Alternate Data Stream - 1211 bytes -> C:\ProgramData\Microsoft:PAGdb0NTagRLZZN3SPxVtM0p
@Alternate Data Stream - 1173 bytes -> C:\ProgramData\Microsoft:IQu1DkEboX2aVjBWZ3qBUQR
@Alternate Data Stream - 1091 bytes -> C:\ProgramData\Microsoft:opqCDO43ziKlWCSfqh4bDBXW

< End of report >
  • 0

Advertisements

#2
godawgs
Posted 15 February 2014 - 04:04 PM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Hello ego10fan, :wave: Welcome to the forums!
:welcome:. My name is godawgs and I will be assisting you with your Virus / Malware issues.
I will start working on your Malware issues. This may, or may not, solve other issues you have with your machine. The fixes are specific to your problem and should only be used for this issue on this machine!

If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed.
If you have not, please adhere to the guidelines below and then carefully follow all future instructions:

You must reply to posts within four days. If you haven't replied within that time, the topic will be closed! If you need additional time to complete things, just let me know.
If you're not sure, or if something unexpected happens, Do NOT continue! Stop and ask!

This board can notify you when a new reply is added to a topic. Please read this topic to find out how to do that.

Please do not run any tools unless instructed to do so.
  • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability. Do as the instructions ask, nothing extra. Do Not run things twice unless instructed.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  • If I ask a Question just answer it, don't run anything unless directed to.
Please read every post completely before doing anything.
  • Pay special attention to the NOTE: lines, or anything in red. These entries identify an individual issue or important step in the cleanup process.
  • Please make sure you are saving and printing the instructions out prior to each fix, this way you will have them on hand just in case you are unable to access this site. Some of the steps I will be asking you to do may require you to boot into Safe Mode and this process will be much easier for you to perform if the instructions are printed out for you to follow.
  • Please do not use the Attachment feature for any log file. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
Logs from malware diagnostic or removal programs (OTL is one of them) can take some time to analyze.
  • I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forum, (sometimes :lol: )
  • Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
Lastly, Please be aware that removing Malware is a hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. Some infections are so severe that we might encounter situations where the only recourse is to re-format and re-install your operating system. Don't worry, this only happens in severe cases, but, sadly, it does happen.
In light of this be prepared to back up your data. Have means of backing up your data available.

IMPORTANT:Change your browser(s) to download any tools to the desktop.
Follow the directions here
For FireFox check the dot beside "Always ask me where to save files."
For Chrome, check the box beside "Ask where to save each file before downloading"
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

When OTL runs the first time it creates a file named Extras.txt. It should be in the same directory you ran OTL from (the C:\Users\Storage\Downloads folder). Please post the contents of that file.

While there is malware, browser hijackers and other malicious baddies on the computer, one of the factors causing the issue with opening program files is probably the two antivirus programs you have on the computer.

Multiple Antivirus Programs Installed

I see that you have more than one antivirus programs installed and running. You should only have one antivirus program installed and running. Antivirus programs run in the background providing continuous protection of your system. It's called Real-Time Protection, or scanning, and it uses system resources as it runs. Two or more antivirus programs running at the same time will use 2 or 3 times the amount of system resources, or more. Because each program wants control of the system, there will be conflicts caused, including false positives. The end result is actually LESS antivirus protection.

The log shows that you have both Symantic/Norton Internet Security and Avast that you listed. Did Norton come installed on the computer as a trial and did you uninstall Norton before installing Avast?
Either way we need to uninstall it if you want to keep Avast.

Things For Your Next Post:
Please post the logs in the order requested. Please don't attach the logs unless I request it.
1. Let me know which antivirus product you want to keep.
2. The Extras.txt log
  • 0

#3
ego10fan
Posted 15 February 2014 - 11:04 PM

ego10fan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
Yes, my computer came with norton and i did not uninstall it after the download expired, yet i do not see norton in my uninstall list. Sory but what is an Extras.txt log
  • 0

#4
godawgs
Posted 16 February 2014 - 10:51 AM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Hello,

Norton may not be in the list of installed programs, but it is still running on the system. We can still uninstall it but I need to see the Extras.txt log.

When OTL runs the first time it creates two logs. The OTL.txt log that you posted, and an Extras.txt log. The Extras log should have been saved in the same folder that you ran OTL from. In your case it would be the C:\Users\Storage\Downloads folder.
Please navigate to that folder, open the Extras.txt log, and copy/paste it here.
If the Extras.txt log isn't there it was probably deleted. Just let me know and we will get another one.

There is a good bit of malware on this system that needs to be killed, so please stay with me.
  • 0

#5
ego10fan
Posted 16 February 2014 - 05:20 PM

ego10fan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
found it thanks

OTL Extras logfile created on: 2/14/2014 4:03:25 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Storage\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.48 Gb Total Physical Memory | 4.90 Gb Available Physical Memory | 65.60% Memory free
14.95 Gb Paging File | 11.53 Gb Available in Paging File | 77.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 914.81 Gb Total Space | 493.47 Gb Free Space | 53.94% Space Free | Partition Type: NTFS
Drive D: | 16.61 Gb Total Space | 2.07 Gb Free Space | 12.49% Space Free | Partition Type: NTFS

Computer Name: ALEX-HP | User Name: Storage | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02849B5F-860F-4A68-854A-B7F6D25335DD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{03D651CB-764E-4E4B-97AD-9A1B25C33DE5}" = rport=138 | protocol=17 | dir=out | app=system |
"{04E32C7E-BC3E-4A0B-A71A-FF6B953CC078}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{05BF004C-5F99-4BBF-B95B-BE755184CD65}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0C02AED2-8B29-4A28-90C8-7851D3DE8EBE}" = rport=445 | protocol=6 | dir=out | app=system |
"{1385FA3D-2CDC-46CE-A565-189B191C3999}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1A0BE3BA-7BDA-4402-8478-9CAD7DF6E7C2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2B1FCF73-6CC6-426D-91A7-909267F5AFDB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2C37B4EB-0260-4885-92C0-4E917F110143}" = lport=138 | protocol=17 | dir=in | app=system |
"{33CDAB7D-A7CD-42C0-9831-C526DEAD6EFA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3CBC1ABD-991E-42B8-890D-E935E3AC6D36}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{48F6D128-91F1-4177-A75A-E7E63303CA67}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{49BB2F00-8F4C-404D-B30D-09F449BB9D18}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{500383CA-6656-4675-BA45-9138C3BEF6FD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{51CD9CC5-AB37-49D3-8DE2-2B30F5C05FEC}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{52706D09-6C9F-4E4C-973E-626B329156A9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{55EC6D5E-9D31-4796-8514-CE53944F9A98}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5AB23224-9899-40BF-9E1C-C7A8BBCC137F}" = rport=137 | protocol=17 | dir=out | app=system |
"{5D6913F8-56FC-4DF6-963B-25F1E77CE578}" = rport=10243 | protocol=6 | dir=out | app=system |
"{602F64CF-15B3-466A-9BFE-B541F3EDC634}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6772A5DD-61CA-4DB0-8E97-7B253B8035AF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{708538A9-39F9-4EA0-A2C7-5F1A4B4303CE}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{7A4AF54A-C7BD-4D07-AB73-1DA9231B8DF9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{7C4995B3-C239-4DCF-9414-423A0652DD17}" = lport=139 | protocol=6 | dir=in | app=system |
"{823F097D-25B0-48AD-BE68-BD0B187B7AD4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{871C418C-F10D-4E67-924E-72C50C1EBE82}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{878D3731-7783-4294-BB37-F4F56C7E9E7A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{91757F31-A0B7-42F2-84BB-20DA8A5303EF}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{959EE44E-146D-48FA-8D47-A3AD89ACFFD8}" = rport=139 | protocol=6 | dir=out | app=system |
"{AC034DE8-7656-4D31-8319-921D12BAABBF}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B10B3E95-7D2E-442B-AB9F-18D5B4D6F749}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{B2CE7D77-97F9-4687-8AB6-B62992939B1E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B3285455-7F0F-4710-89A2-0485D7C14B80}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=%systemroot%\microsoft.net\framework64\v3.0\windows communication foundation\smsvchost.exe |
"{B5ED15EC-9E28-496A-B513-5B4534FCACAB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B9C94D2C-AE5B-4C4E-ABB6-74A6025F9B30}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C4254D57-0A44-475C-9AD5-01F8C20DB7ED}" = lport=137 | protocol=17 | dir=in | app=system |
"{CC781384-9A20-4672-AF48-FDD79261CB38}" = lport=445 | protocol=6 | dir=in | app=system |
"{D7D8CFB4-7DB3-4853-AB42-A0E4D56B5D87}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E42C7CFB-A534-499C-BE62-867982CC0C7B}" = rport=2869 | protocol=6 | dir=out | app=system |
"{E47208EC-E73C-48E6-A09A-2697C778D5CD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EE8E4D45-5D1E-4A74-BBFA-CC93B924B55A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{FB9DCBAF-2CBC-4604-90AC-585C3724CB16}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01072BCA-A6BE-4926-AA74-87B0941E0A45}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{030494AE-F192-4110-BDF9-5FC3BFCB3771}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{04AF7839-B859-424A-879C-AA4791FB894D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{09053BF7-071C-4169-B47D-30B54CF04990}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{0EC084DD-64F5-453E-A511-85D0ADB83652}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{0F14440A-CC0A-4422-B17D-6C2A6936B10F}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base24944\sc2.exe |
"{10085E76-D697-49F8-977F-B7108825B74C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{103E6AB2-9996-46BB-9192-73CEB166EB49}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{12645853-F67B-444B-8813-1C68EEAF8BE5}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{13B6CD23-5A94-40C0-B494-5CCAE6E39DF5}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{14622B42-758F-438B-8A3D-09A297690ABB}" = protocol=17 | dir=in | app=c:\users\storage\appdata\roaming\utorrent\utorrent.exe |
"{1726DC43-1E06-428D-8DF1-15643D774838}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{172B4C32-00BB-4AA5-9D34-AB116A14838B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\microvolts\launcher.exe |
"{17F867F7-E1F2-4BC6-845D-72324CC27E49}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{19803EE6-2A9A-4B3B-8BB2-74D3A4A2B349}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{19DB866B-CE33-4243-875E-30C511226A06}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\combat arms\nmservice.exe |
"{1D93D853-0F41-49B0-8F10-E4BAE3AC6E56}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{1DC7641E-A32A-4B6A-BA5C-CDF77D3BB89C}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{1F564174-29E3-4C98-8BEA-784E14268A2C}" = protocol=6 | dir=in | app=c:\nexon\combat arms\nmservice.exe |
"{22DBC16C-404B-4E15-9036-5321F12D404A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{25643840-0BB9-4F3C-850D-6D163C20CD4C}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{26BC730A-4251-40AD-B7FA-5A13A2F662DD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\combat arms\calauncher.exe |
"{2BDB2F11-3370-444A-ABBB-07DBFEBCB4FE}" = dir=in | app=c:\program files (x86)\file type assistant\tsassist.exe |
"{2CB507DF-B907-4436-97DD-E7B68903652F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\maplestory\nxsteam.exe |
"{2F0BF9B0-B573-4EBC-9158-BD962D4AB8D5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{2F77B6FA-119D-4DDE-BD7E-5214D856355B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{2FEBC8EF-7A43-405A-9FCC-3F388992904B}" = protocol=17 | dir=in | app=c:\nexon\combat arms\nmservice.exe |
"{30683431-2AE4-4227-8DE7-A195C5C61815}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{31394DCE-C708-45C1-B5AC-A724BCDE939D}" = protocol=6 | dir=out | app=c:\program files (x86)\hewlett-packard\remote graphics receiver\rgreceiver.exe |
"{32E09ED3-4829-4420-BA89-5F8694B8163B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{3846D020-FCE1-46E1-AECA-3CBA0082B3A9}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe |
"{39963D7E-4A7C-4485-A689-84C06A120BF3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\microvolts\launcher.exe |
"{39F5A966-697B-401E-AB61-72BE7B83B12D}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{3D9B7BF2-4D50-4926-913E-ED9DEF30F0AE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{41212E04-6FEB-4F31-A76A-DEFC5207B053}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{41DCDF62-0890-41B8-8C59-69B713C43758}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{44587732-8931-4FBE-ACC4-7E93CC920956}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{4515EA41-31CE-4B5A-AC7B-B5425983D3EC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{46406057-7641-45D9-B282-D50F8FF1B647}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{4715BB83-F695-436C-8830-C2D516947D32}" = protocol=6 | dir=in | app=c:\nexon\combat arms\nmservice.exe |
"{4862450B-6847-4A5A-BF6B-3F110591B333}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{489145CD-6CC2-42DA-88BE-06CE2BDD1E28}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{4934F37A-5113-4105-AE81-025FF88CD6DA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{494AF655-EF0E-45D1-95FC-2930702819DB}" = protocol=6 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\apb.exe |
"{4C864E06-AB72-4BE0-8703-D228D4E623A2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\launchpad.exe |
"{4D72681F-670D-4843-9B42-4E189015D9CE}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpdevicedetection3.exe |
"{4DAF3D20-73BB-439F-9A2C-CB8E8B80FB1B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{53F3653F-C173-4FC2-B582-B43C751046A8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{54A9FB52-8E58-4BF9-93D9-589570E76988}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenautslauncher.exe |
"{55653EE4-9360-4226-B017-CCD32DFDAFE7}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{567BAB52-D50B-48DE-9D76-55B421CB3F6A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{59D28678-2765-41DF-9110-1E6592DC18BF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\combat arms\calauncher.exe |
"{5C19B85A-E04C-4222-AE70-A1F5217E5BFC}" = protocol=58 | dir=in | [email protected],-28545 |
"{5D3A9404-51F1-44E1-8F98-4402289D6258}" = protocol=17 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\apb.exe |
"{625E69A9-B99E-4458-9DC3-991FF830819A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\microvolts\launcher.exe |
"{668258CD-5FF6-4100-9879-F52152D87B09}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{66B4E440-1BF7-4493-A2CB-6BC1E9C14E63}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\combat arms\calauncher.exe |
"{68A6169D-2F9F-45DD-A2F2-76ECFB7F723C}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\hp linkup\hp linkup viewer.exe |
"{6D775FDB-2FBE-4D80-96CE-10C0525B719A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{708FBAAF-AA97-4EF6-B6B0-7E17513D7683}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{70AE9805-4A86-4306-B27A-0B10A52443DA}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{715E12BD-6CF2-4A5E-8DFC-84D2633146A4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7403CD91-5698-472F-AE1B-A45569F781D0}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base28667\sc2.exe |
"{758227EF-C514-4B24-979E-CBE2E6806151}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{76626FFE-2E24-4F1B-B13E-3BE8CE93D816}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{767266CC-53AE-4C93-9EB7-D48EA4D638FA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenautslauncher.exe |
"{7738D9E2-AA66-494D-AB9D-3F7B853A6CE3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{788646FF-1C59-41B1-AB18-73E153908DFA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sanctum\binaries\win32\sanctumgame-win32-shipping.exe |
"{78AD289F-9C64-492A-8AD5-10FEF3836418}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base24944\sc2.exe |
"{7AADD49D-32B4-49F6-82A2-A09BC6217927}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7C454BD0-2D96-4C47-9CF8-C17D43ECEF06}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{7C77DA2F-AD67-4A47-9E4D-DBF68C15C14B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{7FAA65AC-1393-49FF-853E-DB502A30FCC5}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8719F759-12BD-45D8-9D90-6759A19037F0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sanctum\binaries\win32\sanctumgame-win32-shipping.exe |
"{8796A4E8-E8D8-4649-A9DB-BD31BD79595A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\maplestory\nxsteam.exe |
"{89A31041-6DA9-4DA6-9CF4-FD7F9561262E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\combat arms\calauncher.exe |
"{8A3CDB37-DE80-4D67-B2EF-2859AADE159B}" = protocol=6 | dir=in | app=c:\users\storage\appdata\roaming\utorrent\utorrent.exe |
"{8B61CD23-FBB2-48CC-91BC-E05D26BC46FA}" = protocol=17 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{8C6C2166-4A03-4EA1-9F20-DD4D5CBCA796}" = protocol=58 | dir=in | [email protected],-148 |
"{8CC24179-1BA5-450D-9725-0ACECF88B965}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{8E52C187-3494-45E4-BDB5-4E7FF869879B}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{91DAF32B-F1D2-4AE2-BEDC-E4F86837D29D}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{9212FFF9-C643-4606-9112-46F7D0E3290D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\combat arms\nmservice.exe |
"{96EE3A5F-EE45-42A0-9DD4-47F4FAB41755}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{9B6A28F9-6002-4487-91A9-C9E2690EB0D9}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{9BA3BF2B-FA65-411C-875B-5C6D3E6C68CB}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{9C493F8E-ADFB-4EC3-BBA0-9295049D8CC1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9C8F8099-6B13-4A22-A4F4-65BFDF7AF4C7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9FA4F1A0-4795-4262-B8F9-09FC4F91D5C8}" = dir=in | app=c:\program files (x86)\freefileviewer\ffvcheckforupdates.exe |
"{9FDDC3EF-A632-48C6-97F8-B1978A510650}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{A0390D58-3770-400C-B074-A78752C59541}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{A2E92090-DF43-43D3-95DA-D17112880D58}" = protocol=17 | dir=out | app=c:\program files (x86)\hewlett-packard\hp linkup\hp linkup viewer.exe |
"{A3A177E5-81FF-43D0-AF9E-9221075DC48A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A4039957-48C4-472A-8136-2DE802BC30A3}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base28667\sc2.exe |
"{A4436374-D2DF-42CD-A3E7-F28CC3FE6905}" = protocol=1 | dir=in | [email protected],-28543 |
"{A5EB5F4C-182A-410C-97AD-0901CCC014CD}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{A75585F7-7E8C-4821-BD17-86FD0BE45689}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AB43142B-BF78-4D2B-AD79-D7AFD4171C2B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\microvolts\launcher.exe |
"{AB44B89F-3A1B-44A8-8E0B-758A37F11C28}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{B058D2FA-3DF7-4748-8E3E-63AF8E662C4A}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{B084F596-4CE8-4789-A6C1-A5DB47D5DD9D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B55815CC-0B3B-4B34-8ED0-3EF590B3383D}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{B5757A3B-F1A0-48D5-82B9-1B3E5976D48C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\microvolts\launcher.exe |
"{B5A74241-8208-440D-8F29-746EEB5BED02}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpwarrantychecker.exe |
"{B908B339-D55A-4727-B0E3-A453ADD63098}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\combat arms\calauncher.exe |
"{BADC3DC4-FC3F-450E-9B6B-55D85C28A7F9}" = protocol=17 | dir=in | app=c:\nexon\combat arms\nmservice.exe |
"{BCF172B1-4C47-463C-8C80-A6890E5622F5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{BD386478-25E9-419F-8F20-92BED6BB0738}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{BDFBE677-F291-4823-9D94-DC95CDC2A730}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{BE5E990F-5BF7-4D46-8A7F-6ECFD5CBD796}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base26490\sc2.exe |
"{BF6C1F26-5CB7-4374-A8CE-173AC7EAC212}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\combat arms\nmservice.exe |
"{BF9B2599-6C3F-4377-A6D9-AD0675DC51F5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\launchpad.exe |
"{C239433F-D026-4A40-9237-989C05E86BA8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{C6902FEA-2C5B-4D4D-9D06-BCB2E3F64F0B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\maplestory\nxsteam.exe |
"{C73EDD59-8F4E-4854-B889-579E313D4AEE}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{C7F07E5E-9937-468F-9507-D076473BB536}" = protocol=6 | dir=out | app=system |
"{C9520BF3-F6FA-4972-9BDC-8151DA2F26E1}" = protocol=6 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{C990925B-40E5-4929-9DFD-81B2366CBCF5}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{CA5EDEC7-E9C4-4C3B-A6B6-C203A4A99BC5}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{CB6B38D3-1D85-4B08-ABAE-A4C9DCE6BA4C}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{CF09F276-3997-46EB-9183-E1AE1F6E5D28}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\microvolts\launcher.exe |
"{CF6C82A9-DA48-4D13-9B0C-D3C9468D3E91}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base26490\sc2.exe |
"{D20D48B9-7244-4683-95D6-BF848169332F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe |
"{D5E82567-EDCF-431A-BB98-F686AB24FFF2}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{E1483FBE-7095-4746-81A2-411C47AC7D90}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{E382C9C5-DE8A-4010-9D3A-E29AA0578ECB}" = dir=in | app=c:\program files (x86)\file type assistant\tsassist.exe |
"{E41BA58B-CAAD-4E5D-8B05-00F03BA75418}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{E58873C3-EE61-4AA2-AEE8-FC43C9244EBD}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2006\agent.exe |
"{E6205AE3-DFD5-416E-A3FE-5C985F5FF389}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{E68B8AC0-8C89-422F-8B60-41BD08F612A8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\combat arms\calauncher.exe |
"{E7800A52-83F9-4173-B81F-6C2E7D447BC6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\microvolts\launcher.exe |
"{E7D3E2E3-B60F-4DE3-9283-AD4D7FA3EDFB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E8C4353B-3E32-436A-926C-3E1A6B4088F4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E953F4D0-AE2E-428A-AD94-286B7FCAD982}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\combat arms\nmservice.exe |
"{E9E1D05B-F872-4228-AFDA-9C20A758546A}" = protocol=58 | dir=out | [email protected],-28546 |
"{EC18D898-DA0A-4652-9CAD-7A7DFAB18A70}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{EEFA91D8-74E5-4788-9C4B-41267A3164BB}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{F2211FAE-D1B2-4ECB-8BA2-A71D67E2224D}" = protocol=1 | dir=out | [email protected],-28544 |
"{F492E4CB-2ED4-437B-8F1D-162FF5455F97}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\maplestory\nxsteam.exe |
"{F5029210-5446-441A-B9EC-BE860C0B3F78}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2006\agent.exe |
"{F8C5F39E-FBA0-43DE-A7B4-4D3CE7A7EFA8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\microvolts\launcher.exe |
"{F9D07DF1-64E0-486E-8903-694A5902EE6B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{F9EA308A-9D06-4FCE-A086-839CD6AA130A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{FB2691A7-8B1D-4985-9558-CDFAA570EDD9}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\remote graphics receiver\rgreceiver.exe |
"TCP Query User{1243AA81-DC4E-42D5-9326-80B2D0BBE518}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"TCP Query User{3B382A3B-8B5E-469D-B18A-6201C7E7113B}C:\program files (x86)\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"TCP Query User{531CAA4D-9B9E-4A47-8E05-C8BADD913CEA}C:\program files (x86)\origin games\battlefield 3\bf3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"TCP Query User{59437A66-67EF-4481-A0FF-EAF6551568F5}C:\program files (x86)\steam\steamapps\common\combat arms\engine.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\combat arms\engine.exe |
"TCP Query User{5CCCF4FA-AFE4-40DD-8803-3FC307FFA9E3}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"TCP Query User{A7DEEA74-4819-4988-9BED-EA8FA8F115A0}C:\program files (x86)\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"TCP Query User{AAAB23C6-8649-42AE-84C3-022ED0148649}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe |
"TCP Query User{ABFEEE36-A968-47F1-9952-46D87FAC7654}C:\nexon\combat arms\engine.exe" = protocol=6 | dir=in | app=c:\nexon\combat arms\engine.exe |
"TCP Query User{C1436C32-94BB-436F-9295-B3935816EC22}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{D3FB98C8-6826-4740-AA80-5AF1DE6581F7}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"TCP Query User{DDF2C0E2-32A6-4644-B445-3FA0EE970230}C:\program files (x86)\secondlifeviewer\slvoice.exe" = protocol=6 | dir=in | app=c:\program files (x86)\secondlifeviewer\slvoice.exe |
"TCP Query User{F291F0EF-B82C-4EAD-AEB8-A4E5CF1022F9}C:\users\storage\appdata\local\temp\iesearchprovider.exe" = protocol=6 | dir=in | app=c:\users\storage\appdata\local\temp\iesearchprovider.exe |
"TCP Query User{FE6C6739-9D02-493C-BF6C-857556FD453C}C:\nexon\combat arms\engine.exe" = protocol=6 | dir=in | app=c:\nexon\combat arms\engine.exe |
"UDP Query User{24A77F16-1F32-4483-9BDA-0B440C243507}C:\program files (x86)\origin games\battlefield 3\bf3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"UDP Query User{357B68FD-5465-4AA0-93E2-24E277116CD1}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{373121BF-E88B-4101-9E20-605F6D11D434}C:\nexon\combat arms\engine.exe" = protocol=17 | dir=in | app=c:\nexon\combat arms\engine.exe |
"UDP Query User{6258A8EC-A29B-47EE-B57B-D7472F8E3890}C:\program files (x86)\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"UDP Query User{870516AB-8B6C-4F5E-AC62-DD8D072F6F1C}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe |
"UDP Query User{8E212251-A752-427D-A905-819CF93CA0F6}C:\program files (x86)\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"UDP Query User{9E73048A-6E63-4266-9C10-F3E9EF1E99A2}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"UDP Query User{C9108EAD-6402-445C-941A-3C9E1C85991F}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"UDP Query User{D116F4F8-FDD3-4F9B-90C2-2093CBBD351B}C:\users\storage\appdata\local\temp\iesearchprovider.exe" = protocol=17 | dir=in | app=c:\users\storage\appdata\local\temp\iesearchprovider.exe |
"UDP Query User{D7F365D8-9C7D-4B0E-8FF8-6299AC64AB30}C:\program files (x86)\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tmnationsforever\tmforever.exe |
"UDP Query User{D98D37DF-2FF9-43DB-9739-F9136F84D658}C:\program files (x86)\steam\steamapps\common\combat arms\engine.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\combat arms\engine.exe |
"UDP Query User{EE405EFC-386B-4718-844A-9E98794F378D}C:\program files (x86)\secondlifeviewer\slvoice.exe" = protocol=17 | dir=in | app=c:\program files (x86)\secondlifeviewer\slvoice.exe |
"UDP Query User{F41900F7-0E8D-41D2-BAF3-704E6EC198EE}C:\nexon\combat arms\engine.exe" = protocol=17 | dir=in | app=c:\nexon\combat arms\engine.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01D57CF6-B5BC-4D03-AFF5-7960CFBD05A9}" = Native Instruments Guitar Rig 5
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0E086923-AAA3-4F98-A6E2-48B64CE27553}" = Native Instruments Reaktor Factory Selection
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{2BBE23DB-F92C-4319-9179-7E79717EE9AC}" = Native Instruments Komplete 8 Players
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{3145731D-C578-70ED-899F-7A670D2A6662}" = AMD Fuel
"{338CE2A1-7BD6-AC18-0069-4A90F7C3D836}" = AMD Steady Video Plug-In
"{34724174-5E63-4FD6-8319-7BCE70966441}" = Max 6.1.3
"{4864A628-EB43-4DB5-8DA3-B12F2C549E9E}" = Max 6.1.3 (x64)
"{4975DE61-6BF6-B9BC-1FDE-C04C5EC78E4C}" = AMD Media Foundation Decoders
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5552453B-BB76-45E3-973D-F95E458ED780}" = Native Instruments Kontakt 5
"{5E03A267-415E-5383-FA8F-3CE4145663B9}" = AMD Catalyst Install Manager
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6ECDAC2F-12C1-E49B-448E-6002368967E0}" = AMD Steady Video Plug-In
"{81E20D41-C277-4526-934D-F2380AF91B78}" = iCloud
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8812511F-8D8C-49D3-A711-C9650B2F5566}" = Native Instruments Guitar Rig Factory Selection for Maschine
"{89EE4A30-080F-2C95-6F78-C98D18FBD74D}" = AMD Accelerated Video Transcoding
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CF11D16-ECEB-90A5-A028-CA9E068D848B}" = ccc-utility64
"{A71060CF-81D0-EC17-2252-78CA0E96CCCF}" = AMD Drag and Drop Transcoding
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0FC9E28-1CE6-4A40-BEF1-C6E6EDFCA070}" = Native Instruments Kontakt Factory Selection
"{B34A07DD-C6F7-414A-AE63-01019482EAF0}" = HP Application Assistant
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{D9C50188-12D5-4D3E-8F00-682346C2AA5F}" = Microsoft Xbox 360 Accessories 1.2
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E9EA5F38-6299-45A1-9D23-F21729A19357}" = Native Instruments Reaktor 5

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{017F8447-2A1D-0DDB-B5D7-CA2BFACE2886}" = CCC Help French
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{054E9A1C-3EA2-C657-E787-FD8DCF5C3D3B}" = CCC Help Czech
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EEC4E49-D4C2-4E23-87F2-B5641F1A09E4}" = HP Clock
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{16FC3056-90C0-4757-8A68-64D8DA846ADA}" = Remote Graphics Receiver
"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A4F5611-13A0-4EBD-BFAF-156D5B5AC0ED}" = VirtualDJ LE (Numark)
"{1DE2BD51-0300-772D-5E18-F337D95D5687}" = CCC Help German
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20714B53-FC73-4F9C-9687-49EB237D6FD7}" = HP TouchSmart RecipeBox
"{224E8FEB-5C1F-077F-6FC5-602AC1AE644D}" = CCC Help Danish
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{275E9C49-C72F-D754-DEB7-77F10A9C00D8}" = CCC Help Japanese
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}" = HP Calendar
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{30049739-BE95-6591-B504-E6D7057D49CC}" = CCC Help Spanish
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}" = opensource
"{3D171340-B528-42E0-92E4-BDA7AEEF6F32}_is1" = Spot
"{3F1EB155-F96E-EB7B-2EF2-7375490E0FA9}" = CCC Help English
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4817D846-700B-474E-A31B-80892B3E92E3}" = Adobe After Effects CS6
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B023D7B-9E67-795D-FB31-B5E1F6DCA451}" = CCC Help Italian
"{4D090F70-6F08-4B60-9357-A1DFD4458F09}" = Microsoft Mathematics
"{55F6C486-8C75-2A72-DAFE-CE78A624C9F7}" = CCC Help Russian
"{56D4499E-AC3E-4B8D-91C9-C700C148C44B}" = Google Drive
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5AF23993-7152-1620-E43F-1B4542FB4F84}" = CCC Help Thai
"{63326924-3CAF-C858-3A8F-8598C87019D7}" = AMD VISION Engine Control Center
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63822E89-11AA-F8EC-D433-F72A85799EC0}" = CCC Help Greek
"{66361420-4905-AEB8-17AE-172FDD164A7E}" = CCC Help Polish
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Photo and Imaging 2.0 - All-in-One Drivers
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{769F2A4B-84A3-9486-ADD2-9E5AB4B4E1E3}" = Catalyst Control Center InstallProxy
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E750542-55BC-4300-8B7B-AC2A762FB435}" = HP LinkUp
"{8364E531-493B-4B05-8041-09D5CE38B975}" = HP Weather
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1" = HP Magic Canvas Tutorials
"{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}" = HP Notes
"{8773DD1C-5FB2-95B5-5A93-0EFEAC900A4D}" = CCC Help Norwegian
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8AE50893-3A87-4439-9A57-942ED43F7189}" = Facebook
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CCBB0BF-9CC1-1A65-BB93-56012A460EE6}" = CCC Help Portuguese
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = 802.11n Wireless LAN Card
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93FB47FB-4FDF-4131-B5FD-7A37883868E7}" = hp psc 2170 series
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Photo and Imaging 2.0 - All-in-One
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0A3CE05-96CB-52E9-434E-074F3BB7807E}" = CCC Help Turkish
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A35E58D6-2A0F-4051-983B-79342081338E}" = HP RSS
"{A393CDFF-BEB8-48EA-990D-2EB35B311D23}_is1" = Tap Tap Bear
"{A6AC699F-8315-40CA-8F70-E917494978AB}" = VirtualDJ Home FREE
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{A9C64319-932F-D02B-B14C-FFFC3EC49E77}" = CCC Help Chinese Standard
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{AF1604B3-183A-4400-B950-6B0BDD61ADC8}" = Luxe Voice Pack Editor
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B2B7B1C8-7C8B-476C-BE2C-049731C55992}" = HP Support Information
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Memories Disc
"{B5E09A5F-4934-4427-A243-6DD77303FE9C}" = Luxe USB Interface
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{C09DB932-7619-7B56-30E3-C0454811D6D7}" = CCC Help Korean
"{C22A4697-BD77-ACB1-744F-1FD0A0BFF798}" = CCC Help Swedish
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0661463-50F7-4A1E-83CB-37CC590589AE}_is1" = Metric Converter
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4B457B2-260F-C561-CA87-703BD3B724CA}" = Catalyst Control Center Graphics Previews Common
"{D6CDB506-297D-AE70-0EF6-DE5185F961BE}" = CCC Help Chinese Traditional
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DDFDC9D6-4220-41F8-BF9A-8E7512C4EF52}" = HP Magic Canvas
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{ECFD508E-68A2-91B2-46DD-1D03D783D94B}" = Catalyst Control Center Localization All
"{EDE361D5-35A5-DA7D-3462-C3DABD24029B}" = CCC Help Hungarian
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E7DD6A-AE2D-D706-BEB3-937F76CA6AE9}" = CCC Help Finnish
"{F56F54DD-BCB2-1221-2CB7-E983A5CF9D15}" = CCC Help Dutch
"{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}" = HP Setup
"{F89BADB0-D319-470E-8024-443EE3A3402B}" = TSHostedAppLauncher
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"77zip" = 77zip
"7-zip" = 7-zip v9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"APB Reloaded" = APB Reloaded
"Audacity_is1" = Audacity 2.0.3
"avast" = avast! Free Antivirus
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Battlelog Web Plugins" = Battlelog Web Plugins
"BitZipper_is1" = BitZipper 2013
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"Combat Arms" = Combat Arms
"ESN Sonar-0.70.4" = ESN Sonar
"Fraps" = Fraps
"Free PDF Tablet" = Free PDF Tablet
"FreeFileViewer_is1" = Free File Viewer 2012
"Friendship is Memories_is1" = Friendship is Memories
"FYZip" = FYZip 1.00
"Google Chrome" = Google Chrome
"HP PSC 2170 Series" = HP Photo and Imaging 2.0 - hp psc 2170 series
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"LAME_is1" = LAME v3.99.3 (for Windows)
"Live 8.2.2" = Live 8.2.2
"MapleStory" = MapleStory
"MapleStory Dual Blade" = MapleStory Dual Blade Screen Saver
"MapleStory Dual Blade Clock" = MapleStory Dual Blade Clock Screen Saver
"Motocross Madness Trial 1.0" = Microsoft Motocross Madness Trial
"Native Instruments Guitar Rig 5" = Native Instruments Guitar Rig 5
"Native Instruments Guitar Rig Factory Selection for Maschine" = Native Instruments Guitar Rig Factory Selection for Maschine
"Native Instruments Komplete 8 Players" = Native Instruments Komplete 8 Players
"Native Instruments Kontakt 5" = Native Instruments Kontakt 5
"Native Instruments Kontakt Factory Selection" = Native Instruments Kontakt Factory Selection
"Native Instruments Reaktor 5" = Native Instruments Reaktor 5
"Native Instruments Reaktor Factory Selection" = Native Instruments Reaktor Factory Selection
"Native Instruments Service Center" = Native Instruments Service Center
"NIS" = Norton Internet Security
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Origin" = Origin
"PDF Complete" = PDF Complete Special Edition
"PhotoScape" = PhotoScape
"PunkBusterSvc" = PunkBuster Services
"SecondLifeViewer" = SecondLifeViewer (remove only)
"StarCraft II" = StarCraft II
"Steam App 109400" = MicroVolts
"Steam App 204300" = Awesomenauts
"Steam App 212180" = Combat Arms
"Steam App 216150" = MapleStory
"Steam App 218230" = PlanetSide 2
"Steam App 440" = Team Fortress 2
"Steam App 730" = Counter-Strike: Global Offensive
"Steam App 91600" = Sanctum
"TmNationsForever_is1" = TmNationsForever
"TotalRecorder" = Total Recorder 8.4 Professional Edition
"Trusted Software Assistant_is1" = File Type Assistant
"Updater Service" = Updater Service
"Voxengo SPAN_is1" = Voxengo SPAN version 2.6
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WTA-165f9d32-a84a-4d1d-967b-92081484c1f1" = RollerCoaster Tycoon 3: Platinum
"WTA-1ed6e27b-5da4-46de-94aa-9fe14c2bcc6d" = John Deere Drive Green
"WTA-242a2852-bf5e-4679-b333-34229bdad259" = Cradle of Rome 2
"WTA-24523e56-21e4-44da-bb07-3cf3b7b2b0e8" = Bejeweled 3
"WTA-2967a8de-900a-4cab-9eb3-0c742b0aad50" = Dora's World Adventure
"WTA-347c2274-3854-4068-bfe5-1376d81e1376" = Torchlight
"WTA-467545f9-c261-4da6-a139-4d3011e4d69b" = Final Drive Fury
"WTA-48ff740a-ea35-4b95-89a8-c7c7bfd93fc3" = Virtual Villagers 4 - The Tree of Life
"WTA-4cf4a05f-944b-4527-9384-c55a2ebd6955" = Zuma's Revenge
"WTA-4d2dcda3-7435-47ed-aaaa-f3b52b211c65" = The Treasures of Mystery Island: The Ghost Ship
"WTA-4ec344ee-d784-4309-9262-7f9544c81373" = FATE
"WTA-4fa319c5-56a6-48f0-a2af-7a3c1c6e35c9" = Polar Golfer
"WTA-5374b362-d46b-4258-bc79-c10e505b4ec2" = Mah Jong Medley
"WTA-55d2aa9b-1bed-4d43-91e7-9c7a147efddb" = Chuzzle Deluxe
"WTA-5af68c9a-92c7-4e67-8093-809568e007de" = Polar Bowler
"WTA-60d72083-7a32-4c11-818f-4405351b74b6" = Hoyle Card Games
"WTA-630ed6af-a06e-4f51-bcdc-70911a1d333e" = Plants vs. Zombies - Game of the Year
"WTA-7167e51f-f8e3-47f5-85d7-7c6b5efaa921" = Farmscapes
"WTA-80523254-1ad9-437f-ac99-3b5740df674d" = Penguins!
"WTA-885e7b10-4aed-4546-b85c-ea3583f43fed" = Farm Frenzy
"WTA-9515af9f-5091-44c6-b495-cd4d0c529d87" = Luxor HD
"WTA-98340049-de87-43f0-947b-fff34ffdf7fd" = Jewel Quest Mysteries: The Seventh Gate Collector's Edition
"WTA-c8b89e9d-9653-4161-ac72-a802eadeff38" = Letters from Nowhere 2
"WTA-ce5bb1b6-2d15-402b-890e-4949eea393de" = Jewel Match 3
"WTA-f12ae0c7-00c7-44b7-aa58-d43573288378" = Poker Superstars III
"WTA-f7a38885-2d7d-4293-9168-ff0c04edc348" = Blackhawk Striker 2
"zk_sc" = zk_sc Screen Saver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2/14/2014 8:06:37 PM | Computer Name = Alex-HP | Source = ESENT | ID = 489
Description = DllHost (5176) WebCacheLocal: An attempt to open the file "C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log"
for read only access failed with system error 5 (0x00000005): "Access is denied.
". The open file operation will fail with error -1032 (0xfffffbf8).

Error - 2/14/2014 8:06:37 PM | Computer Name = Alex-HP | Source = ESENT | ID = 455
Description = DllHost (5176) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while
opening logfile C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error - 2/14/2014 8:06:47 PM | Computer Name = Alex-HP | Source = ESENT | ID = 489
Description = DllHost (5176) WebCacheLocal: An attempt to open the file "C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log"
for read only access failed with system error 5 (0x00000005): "Access is denied.
". The open file operation will fail with error -1032 (0xfffffbf8).

Error - 2/14/2014 8:06:47 PM | Computer Name = Alex-HP | Source = ESENT | ID = 455
Description = DllHost (5176) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while
opening logfile C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error - 2/14/2014 8:06:57 PM | Computer Name = Alex-HP | Source = ESENT | ID = 489
Description = DllHost (5176) WebCacheLocal: An attempt to open the file "C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log"
for read only access failed with system error 5 (0x00000005): "Access is denied.
". The open file operation will fail with error -1032 (0xfffffbf8).

Error - 2/14/2014 8:06:57 PM | Computer Name = Alex-HP | Source = ESENT | ID = 455
Description = DllHost (5176) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while
opening logfile C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error - 2/14/2014 8:07:07 PM | Computer Name = Alex-HP | Source = ESENT | ID = 489
Description = DllHost (5176) WebCacheLocal: An attempt to open the file "C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log"
for read only access failed with system error 5 (0x00000005): "Access is denied.
". The open file operation will fail with error -1032 (0xfffffbf8).

Error - 2/14/2014 8:07:07 PM | Computer Name = Alex-HP | Source = ESENT | ID = 455
Description = DllHost (5176) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while
opening logfile C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error - 2/14/2014 8:07:17 PM | Computer Name = Alex-HP | Source = ESENT | ID = 489
Description = DllHost (5176) WebCacheLocal: An attempt to open the file "C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log"
for read only access failed with system error 5 (0x00000005): "Access is denied.
". The open file operation will fail with error -1032 (0xfffffbf8).

Error - 2/14/2014 8:07:17 PM | Computer Name = Alex-HP | Source = ESENT | ID = 455
Description = DllHost (5176) WebCacheLocal: Error -1032 (0xfffffbf8) occurred while
opening logfile C:\Users\Storage\AppData\Local\Microsoft\Windows\WebCache\V01.log.

[ Hewlett-Packard Events ]
Error - 7/17/2012 5:49:53 PM | Computer Name = Alex-HP | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164 at System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) at System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) at System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) at System.Activator.CreateInstance(Type
type, Boolean nonPublic) at HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed()
StackTrace:
at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)

at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)

at System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) at System.Activator.CreateInstance(Type type, Boolean nonPublic)

at HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed() Source: mscorlib

Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: en-US RAM: 7656 Ram
Utilization: 20 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)

Error - 7/17/2012 5:49:54 PM | Computer Name = Alex-HP | Source = HPSFMsgr.exe | ID = 4000
Description = HP Error ID: -2147221164HPSFMsgr.exe at System.RuntimeTypeHandle.CreateInstance(RuntimeType
type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle&
ctor, Boolean& bNeedSecurityCheck) at System.RuntimeType.CreateInstanceSlow(Boolean
publicOnly, Boolean fillCache) at System.RuntimeType.CreateInstanceImpl(Boolean
publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) at System.Activator.CreateInstance(Type
type, Boolean nonPublic) at HPSA_Messenger.MessengerCom.TrayDeskBand.ShowTaskBar()
StackTrace:
at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly,
Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck)

at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache)

at System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks,
Boolean fillCache) at System.Activator.CreateInstance(Type type, Boolean nonPublic)

at HPSA_Messenger.MessengerCom.TrayDeskBand.ShowTaskBar() Source: mscorlib Name:
HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: en-US RAM: 7656 Ram
Utilization: 20 TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean,
Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef)

[ Media Center Events ]
Error - 9/27/2012 2:32:54 AM | Computer Name = Alex-HP | Source = MCUpdate | ID = 0
Description = 11:32:54 PM - Error connecting to the internet. 11:32:54 PM - Unable
to contact server..

Error - 9/27/2012 2:36:26 AM | Computer Name = Alex-HP | Source = MCUpdate | ID = 0
Description = 11:34:36 PM - Failed to retrieve NetTV (Error: The remote name could
not be resolved: 'data.tvdownload.microsoft.com')

Error - 9/27/2012 4:32:32 PM | Computer Name = Alex-HP | Source = MCUpdate | ID = 0
Description = 1:32:32 PM - Error connecting to the internet. 1:32:32 PM - Unable
to contact server..

Error - 9/27/2012 4:33:17 PM | Computer Name = Alex-HP | Source = MCUpdate | ID = 0
Description = 1:33:13 PM - Error connecting to the internet. 1:33:13 PM - Unable
to contact server..

Error - 9/28/2012 8:47:25 AM | Computer Name = Alex-HP | Source = MCUpdate | ID = 0
Description = 5:47:25 AM - Error connecting to the internet. 5:47:25 AM - Unable
to contact server..

Error - 9/28/2012 8:47:34 AM | Computer Name = Alex-HP | Source = MCUpdate | ID = 0
Description = 5:47:30 AM - Error connecting to the internet. 5:47:30 AM - Unable
to contact server..

Error - 9/28/2012 9:47:38 AM | Computer Name = Alex-HP | Source = MCUpdate | ID = 0
Description = 6:47:38 AM - Error connecting to the internet. 6:47:38 AM - Unable
to contact server..

Error - 9/28/2012 9:47:43 AM | Computer Name = Alex-HP | Source = MCUpdate | ID = 0
Description = 6:47:43 AM - Error connecting to the internet. 6:47:43 AM - Unable
to contact server..

Error - 9/28/2012 2:13:34 PM | Computer Name = Alex-HP | Source = MCUpdate | ID = 0
Description = 11:13:34 AM - Error connecting to the internet. 11:13:34 AM - Unable
to contact server..

[ System Events ]
Error - 2/14/2014 7:49:07 PM | Computer Name = Alex-HP | Source = Service Control Manager | ID = 7024
Description = The Windows Search service terminated with service-specific error
%%-2147217025.

Error - 2/14/2014 7:49:07 PM | Computer Name = Alex-HP | Source = Service Control Manager | ID = 7034
Description = The Windows Search service terminated unexpectedly. It has done this
22 time(s).

Error - 2/14/2014 7:50:11 PM | Computer Name = Alex-HP | Source = Service Control Manager | ID = 7024
Description = The Windows Search service terminated with service-specific error
%%-2147217025.

Error - 2/14/2014 7:50:11 PM | Computer Name = Alex-HP | Source = Service Control Manager | ID = 7034
Description = The Windows Search service terminated unexpectedly. It has done this
23 time(s).

Error - 2/14/2014 7:51:38 PM | Computer Name = Alex-HP | Source = Service Control Manager | ID = 7024
Description = The Windows Search service terminated with service-specific error
%%-2147217025.

Error - 2/14/2014 7:51:38 PM | Computer Name = Alex-HP | Source = Service Control Manager | ID = 7034
Description = The Windows Search service terminated unexpectedly. It has done this
24 time(s).

Error - 2/14/2014 7:52:53 PM | Computer Name = Alex-HP | Source = Service Control Manager | ID = 7024
Description = The Windows Search service terminated with service-specific error
%%-2147217025.

Error - 2/14/2014 7:52:53 PM | Computer Name = Alex-HP | Source = Service Control Manager | ID = 7034
Description = The Windows Search service terminated unexpectedly. It has done this
25 time(s).

Error - 2/14/2014 8:05:37 PM | Computer Name = Alex-HP | Source = Service Control Manager | ID = 7024
Description = The Windows Search service terminated with service-specific error
%%-1073473536.

Error - 2/14/2014 8:05:37 PM | Computer Name = Alex-HP | Source = Service Control Manager | ID = 7034
Description = The Windows Search service terminated unexpectedly. It has done this
26 time(s).


< End of report >
  • 0

#6
godawgs
Posted 17 February 2014 - 12:19 AM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Hi,

Thanks for the log. The Extras.txt log shows that the AVG antivirus has been installed at some point but isn't in the list of installed programs now, but does show that Norton is installed on the system.
The User Account Control has been turned off. This was most likely done by the malware. I am turning it back on. If you turned it off on purpose you can turn it back off but you really should leave this extra layer of protection turned on.
System Restore has been turned off. I am turning it back on.

Let's see what we can do. It might be helpful to download all of the tools you will need to the desktop at one time. And print these instructions or save them to a text file so you will have them to refer to as you complete the steps.


You have the following Peer-to-Peer program(s) installed:

uTorrent

GeeksToGo does not recommend using such programs, but you should read the description of Peer-to-Peer programs below before deciding for yourself.

Description of Peer-to-Peer (P2P) software.
P2P(Peer-to-Peer) may be a great way to get lots of seemingly freeware, but it is a great way to get infected as well. The program(s) may be safe, but there's no way to tell if the file being shared is infected. P2P programs, more often than not, install adware and/or spyware and worse still, some worms spread via P2P networks, infecting you as well.
Once upon a time, P2P file sharing was fairly safe. This is no longer true. P2P programs form a direct conduit inside your computer, their security measures are easily circumvented, and malware writers are increasingly exploiting them to spread their wares on to your computer. If your P2P program is not configured correctly, your computer may also be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

If you need convincing, please read these short reports on the dangers of peer-2-peer programs and file sharing. We advise removing any P2P programs you have now and avoiding this type of software application. Whether you remove them or not is your decision. But if you decide to keep and use Peer-to-Peer programs I can guarantee that you will be coming back to this forum or another malware forum. If you do choose to keep the program(s), please do not use it / them until the computer is clean and I give the all clear.

All programs, folders and files listed below in this color are optional removals, but if you uninstall the program(s) you must delete the folders and files in the corresponding colors. All programs in black are malware, viruses or out of date programs and must be deleted, along with the corresponding folders and files inred.


Step-1.

Malicious program uninstalls and Optional Removals

1. Please click the Start Orb Posted Image, click Control Panel. Under the Programs or Programs and Features heading click Uninstall a program
2. In the list of programs installed, locate the following program(s):

Free File Viewer 2012
Norton Internet Security
Updater Service
uTorrent

3. Right click each program and click Uninstall
4. After the programs have been uninstalled, close the Installed Programs window and the Control Panel.
5. Reboot the computer.

Delete the folders associated with the uninstalled programs.(Only do this if you uninstalled the program)

1. Using Windows Explorer (to get there right-click your Start button and click "Explore"), please delete the following folders(s) (if present):

C:\Users\Storage\AppData\Roaming\uTorrent

2. Close Windows Explorer.


Step-2.

Posted Image OTL Fix

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

1. Please copy all of the text in the quote box below (Do Not copy the word Quote. To do this, highlight everything
inside the quote box (except the word Quote) , right click and click Copy.

:COMMANDS
[createrestorepoint]

:OTL
PRC - [2014/02/10 16:02:40 | 084,622,848 | ---- | M] () -- C:\{$1021-2264-7533-8828$}\comhost.exe
PRC - [2014/02/06 20:42:12 | 000,080,160 | ---- | M] () -- C:\Program Files (x86)\RightSurf\bin\utilRightSurf.exe
PRC - [2014/02/05 14:22:52 | 000,080,160 | ---- | M] () -- C:\Program Files (x86)\RightSurf\updateRightSurf.exe
PRC - [2013/06/25 15:03:22 | 000,675,584 | ---- | M] () -- C:\ProgramData\IBUpdaterService\ibsvc.exe
SRV - [2014/02/06 20:42:12 | 000,080,160 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RightSurf\bin\utilRightSurf.exe -- (Util RightSurf)
SRV - [2014/02/05 14:22:52 | 000,080,160 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RightSurf\updateRightSurf.exe -- (Update RightSurf)
SRV - [2013/06/25 15:03:22 | 000,675,584 | ---- | M] () [Auto | Running] -- C:\ProgramData\IBUpdaterService\ibsvc.exe -- (IBUpdaterService)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmood...CtB&cr=30495404
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmood...CtB&cr=30495404
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.search.as...2013-08-12&psv=
IE - HKCU\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - No CLSID value found
IE - HKCU\..\SearchScopes\{27F932EF-5D6B-4AEF-A855-E8A7CABCB1E5}: "URL" = http://search.condui...2483087232&UM=2
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Storage\AppData\Roaming\Mozilla\Extensions\[email protected] [2013/06/25 15:04:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Storage\AppData\Roaming\Mozilla\Extensions\[email protected] [2013/06/25 15:04:39 | 000,000,000 | ---D | M]
[2013/06/25 15:04:39 | 000,000,000 | ---D | M] (Speed Analysis 2) -- C:\Users\Storage\AppData\Roaming\Mozilla\Extensions\[email protected]
O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\PROGRA~2\Funmoods\1.5.23.22\bh\escort.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~2\Funmoods\1.5.23.22\escorTlbr.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42435041-3500-A76A-76A7-7A786E7484D7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4F564F32-5637-006A-76A7-7A786E7484D7} - No CLSID value found.
O4 - HKLM..\Run: [OtShot] C:\Program Files (x86)\OtShot\otshot.exe -minimize File not found
O4 - HKLM..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 File not found
O4 - HKLM..\Run: [Windows COM Host] C:\{$1021-2264-7533-8828$}\comhost.exe -rundll32 /SYSTEM32 "C:\Windows\System32\taskmgr.exe" "C:\Program Files\Microsoft\Windows" File not found
O4 - HKCU..\Run: [AdobeBridge] File not found
F3:64bit: - HKCU WinNT: Load - (C:\{$1021-2264-7533-8828$}\comhost.exe) - C:\{$1021-2264-7533-8828$}\comhost.exe ()
F3 - HKCU WinNT: Load - (C:\{$1021-2264-7533-8828$}\comhost.exe) - C:\{$1021-2264-7533-8828$}\comhost.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O27:64bit: - HKLM IFEO\avcenter.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\avguard.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\avp.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\bdagent.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\ccuac.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\ComboFix.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\egui.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\hijackthis.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\keyscrambler.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\mbam.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\MpCmdRun.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\MSASCui.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\MsMpEng.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\msseces.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\spybotsd.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\wireshark.exe: Debugger - nsjw.exe File not found
O27:64bit: - HKLM IFEO\zlclient.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\avcenter.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\avguard.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\avp.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\bdagent.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\ccuac.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\ComboFix.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\egui.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\hijackthis.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\keyscrambler.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\mbam.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\MpCmdRun.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\MSASCui.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\MsMpEng.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\msseces.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\spybotsd.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\wireshark.exe: Debugger - nsjw.exe File not found
O27 - HKLM IFEO\zlclient.exe: Debugger - nsjw.exe File not found
[2014/02/11 19:49:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchProtect
[2014/02/11 19:49:24 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Local\SearchProtect
[2014/02/05 21:06:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RightSurf
[2014/02/11 20:46:04 | 000,000,406 | ---- | M] () -- C:\Windows\tasks\FreeFileViewerUpdateChecker.job
[2014/02/10 16:02:40 | 084,622,848 | RHS- | M] () -- C:\ProgramData\668418588.exe
[2013/08/26 17:07:20 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\OpenCandy
[2013/06/25 15:04:38 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\SpeedAnalysis2
[2013/08/26 21:05:02 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\TuneUp Software
@Alternate Data Stream - 905 bytes -> C:\ProgramData\Microsoft:evOBYxnMtA2cQgs2hKaBxyTjiyQnD
@Alternate Data Stream - 1211 bytes -> C:\ProgramData\Microsoft:PAGdb0NTagRLZZN3SPxVtM0p
@Alternate Data Stream - 1173 bytes -> C:\ProgramData\Microsoft:IQu1DkEboX2aVjBWZ3qBUQR
@Alternate Data Stream - 1091 bytes -> C:\ProgramData\Microsoft:opqCDO43ziKlWCSfqh4bDBXW

:REG
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = DWORD:1

:FILES
ipconfig /flushdns /c
C:\{$1021-2264-7533-8828$}
C:\Program Files (x86)\AVG Secure Search
C:\ProgramData\IBUpdaterService
C:\Program Files (x86)\OtShot
netsh advfirewall reset /c
netsh advfirewall set allprofiles state ON /c

:COMMANDS
[emptytemp]


Warning: This fix is relevant for this system and no other. If you are not this user, DO NOT follow these directions as they could damage the workings of your system.

2. Please re-open Posted Image on your desktop. To do that:
  • Vista and 7 users: Right click the icon and click Run as Administrator
3. Place the mouse pointer inside the Posted Image textbox, right click and click Paste. This will put the above script inside the textbox.
4. Click the Posted Image button.
5. Let the program run unhindered.
6. OTL may ask to reboot the machine. Please do so if asked.
7. Click the Posted Image button.
8. A report will open. Copy and Paste that report in your next reply.
9. If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date of the tool run).


Step-3.

Run aswMBR
  • Download aswMBR.exe to your desktop.
  • Right click the aswMBR.exe file and click Run as Administrator. If you get a UAC window, allow the file to run.
  • If it asks you if you want to download the latest virus definitions, click "No"
    Posted Image
  • Be sure the A/V Scan: is set to QuickScan
  • Click the "Scan" button to start the scan
    Posted Image
  • On completion of the scan click save log. Save it to your desktop and post in your next reply.
    Posted Image
NOTE: When you run aswMBR, if it is shutdown automatically, then it is most likely the infection detecting that aswMBR is running and terminating it. In this situation you should rename the executable (aswMBR.exe) to iexplore.exe and try it again.


Step-4.

AdwCleaner by Xplode

Download AdwCleaner. Click here and then click the Download Now @ BleepingComputer button. Save the file to the desktop.

NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

Close all open windows and browsers.
  • Right click the AdwCleaner icon Posted Image on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.

    Posted Image
  • Click the Scan button and wait for the scan to finish.
  • After the Scan has finished the window may or may not show what it found and above the progress bar you will see Pending. Please uncheck elements you don't want to remove. Please don't delete anything at this time.
  • Click the Report button to get the log.
  • Copy and Paste it into your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[R0].txt.
  • Click the X in the upper right corner of the program or click the File menu and click Exit to close the program.
NOTE: If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it.


Step-5.

Posted Image OTL Custom Scan

1. Please copy the text in the Quote box below, (Do Not copy the word Quote), and paste it in the Posted Image box in OTL. To do that:
  • Highlight everything inside the quote box, (except the word Quote), right click the mouse and click Copy.

createrestorepoint
netsvcs
baseservices
/md5start
rpcss.dll
explorer.exe
winlogon.exe
Userinit.exe
/md5stop
dir C:\* /c
dir "%systemdrive%\*" /S /A:L /C


2. Re-open Posted Imageon the desktop. To do that:
  • Vista / 7 Users: Right click on the icon and click Run as Administrator)
Make sure all other windows are closed.
  • You will see a console like the one below:

    Posted Image
  • Click the box beside Scan All Users at the top of the console.<---Very Important
  • Click the box beside Include 64bit Scans at the top of the console.
  • Make sure the Output box at the top is set to Standard Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Place the mouse pointer inside thePosted Image box, right click and click Paste. This will put the above script inside OTL
  • Click the Posted Image button. Do not change any settings unless otherwise told to do so.
  • Let the scan run uninterrupted.
  • When the scan completes, it will open OTL.Txt. This file is also saved in the same location as OTL (it should be on your desktop).
  • Please copy the contents of this file and paste it into your reply. To do that:
  • On the OTL.txt file Menu Bar click Edit then click Select All. This will highlight the contents of the file. Then click Copy.
  • Right click inside the forum post window then click Paste. This will paste the contents of the OTL.txt file in the in the post window.

Step-6.

Things For Your Next Post:
Please post the logs in the order requested. Please don't attach the logs unless I request it.
1. Let me know how the uninstalls went.
2. The OTL fixes log
3. The aswMBR log
4. The AdwCleaner[R0].txt log
5. The new OTL.txt log
  • 0

#7
ego10fan
Posted 17 February 2014 - 10:13 AM

ego10fan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
When uninstalling norton, i got a message that said "This program has already been uninstalled. Would you like to remove it from your installed list?" and i said yes.

Stupidly I lost the OTL fixes log. I had it copy/pasted into here, but then when closing my browser to run the AdwCleaner I lost it. Should I run the OTL fix again?


aswMBR log:
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-02-16 22:57:58
-----------------------------
22:57:58.133 OS Version: Windows x64 6.1.7601 Service Pack 1
22:57:58.133 Number of processors: 4 586 0x100
22:57:58.134 ComputerName: ALEX-HP UserName: Storage
22:58:00.592 Initialize success
22:58:03.444 AVAST engine defs: 14021601
22:58:30.860 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000007a
22:58:30.862 Disk 0 Vendor: Hitachi_ JP4O Size: 953869MB BusType: 11
22:58:30.870 Disk 0 MBR read successfully
22:58:30.872 Disk 0 MBR scan
22:58:30.875 Disk 0 Windows 7 default MBR code
22:58:30.878 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
22:58:30.885 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 936762 MB offset 206848
22:58:30.917 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17005 MB offset 1918695424
22:58:30.981 Disk 0 scanning C:\Windows\system32\drivers
22:58:42.442 Service scanning
22:59:03.730 Modules scanning
22:59:03.738 Disk 0 trace - called modules:
22:59:03.753 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa80066e52c0]<<sptd.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
22:59:04.084 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80077fc060]
22:59:04.096 3 CLASSPNP.SYS[fffff88001ab143f] -> nt!IofCallDriver -> [0xfffffa8007157530]
22:59:04.106 \Driver\amd_xata[0xfffffa8007142890] -> IRP_MJ_CREATE -> 0xfffffa80066e52c0
22:59:04.112 5 amd_xata.sys[fffff88000e33d00] -> nt!IofCallDriver -> \Device\0000007a[0xfffffa8007155550]
22:59:04.119 \Driver\amd_sata[0xfffffa8007130820] -> IRP_MJ_CREATE -> 0xfffffa80066e32c0
22:59:06.259 AVAST engine scan C:\Windows
22:59:09.735 AVAST engine scan C:\Windows\system32
23:01:32.715 AVAST engine scan C:\Windows\system32\drivers
23:02:02.648 AVAST engine scan C:\Users\Storage
23:11:55.633 AVAST engine scan C:\ProgramData
23:20:40.628 Scan finished successfully
23:23:36.932 Disk 0 MBR has been saved successfully to "C:\Users\Storage\Desktop\MBR.dat"
23:23:36.937 The log file has been saved successfully to "C:\Users\Storage\Desktop\aswMBR.txt"


AdwCleaner(R0).txt log

# AdwCleaner v3.018 - Report created 16/02/2014 at 23:28:34
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Storage - ALEX-HP
# Running from : C:\Users\Storage\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Program Files (x86)\Mozilla Firefox\user.js
File Found : C:\Users\Alex\AppData\Local\funmoods.crx
File Found : C:\Users\Alex\AppData\Local\funmoods-speeddial.crx
File Found : C:\Users\Storage\AppData\Roaming\speedanalysis.ico
File Found : C:\Users\Storage\Desktop\SpeedAnalysis.lnk
Folder Found : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcfbpbkoonbnoffgakelcebnjajoikkp
Folder Found : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcfbpbkoonbnoffgakelcebnjajoikkp
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\OApps
Folder Found C:\Program Files (x86)\SaveValet
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\Ask
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\otshot
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\otshot
Folder Found C:\ProgramData\Tarma Installer
Folder Found C:\Users\Alex\AppData\Local\apn
Folder Found C:\Users\Alex\AppData\Local\Bundled software uninstaller
Folder Found C:\Users\Alex\AppData\Local\Conduit
Folder Found C:\Users\Alex\AppData\Local\SwvUpdater
Folder Found C:\Users\Alex\AppData\LocalLow\BabylonToolbar
Folder Found C:\Users\Alex\AppData\LocalLow\Conduit
Folder Found C:\Users\Alex\AppData\LocalLow\Delta
Folder Found C:\Users\Alex\AppData\LocalLow\Funmoods
Folder Found C:\Users\Alex\AppData\LocalLow\internethelper3.1
Folder Found C:\Users\Alex\AppData\LocalLow\PriceGong
Folder Found C:\Users\Alex\AppData\Roaming\Babylon
Folder Found C:\Users\Alex\AppData\Roaming\OpenCandy
Folder Found C:\Users\Alex\AppData\Roaming\Searchprotect
Folder Found C:\Users\Alex\Documents\ShopToWin
Folder Found C:\Users\Storage\AppData\Local\Conduit
Folder Found C:\Users\Storage\AppData\LocalLow\Conduit
Folder Found C:\Users\Storage\AppData\LocalLow\PriceGong
Folder Found C:\Users\Storage\AppData\Roaming\file scout

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\smartbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Google\Chrome\Extensions\kcfbpbkoonbnoffgakelcebnjajoikkp
Key Found : HKCU\Software\Google\Chrome\Extensions\kcfbpbkoonbnoffgakelcebnjajoikkp
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{186E19A3-B909-4F48-B687-BB81EB8BC7CE}
Key Found : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Found : HKLM\SOFTWARE\Classes\f
Key Found : HKLM\SOFTWARE\Classes\funmoods.dskBnd
Key Found : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr
Key Found : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1
Key Found : HKLM\SOFTWARE\Classes\funmoodsApp.appCore
Key Found : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Found : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3241284
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3279141
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3289663
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3304782
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\SOFTWARE\f4d68dbd3bb840
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kcfbpbkoonbnoffgakelcebnjajoikkp
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kcfbpbkoonbnoffgakelcebnjajoikkp
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\Software\InstallIQ
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{625F420E-A4A9-4B40-BC23-716C1C43893A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\PricePeepInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\PricePeepInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Found : HKLM\Software\PIP
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Google Chrome v32.0.1700.107

[ File : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : icon_url
Found : search_url
Found : suggest_url
Found : suggest_url

[ File : C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : homepage
Found : homepage
Found : homepage

*************************

AdwCleaner[R0].txt - [18415 octets] - [16/02/2014 23:28:34]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [18476 octets] ##########




New OTL log:

OTL logfile created on: 2/16/2014 11:49:28 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Storage\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.48 Gb Total Physical Memory | 4.58 Gb Available Physical Memory | 61.27% Memory free
14.95 Gb Paging File | 11.74 Gb Available in Paging File | 78.49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 914.81 Gb Total Space | 524.22 Gb Free Space | 57.30% Space Free | Partition Type: NTFS
Drive D: | 16.61 Gb Total Space | 2.07 Gb Free Space | 12.49% Space Free | Partition Type: NTFS

Computer Name: ALEX-HP | User Name: Storage | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/02/14 15:52:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Storage\Downloads\OTL.exe
PRC - [2014/02/09 21:57:54 | 003,767,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/02/09 21:57:54 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/02/01 15:42:39 | 000,866,632 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2013/06/17 21:24:09 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/05/09 19:48:09 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2012/01/18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/08/12 08:54:32 | 001,128,952 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2008/11/20 09:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2003/04/05 23:37:10 | 000,323,646 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe


========== Modules (No Company Name) ==========

MOD - [2014/02/09 21:57:55 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/02/01 15:42:37 | 013,616,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
MOD - [2014/02/01 15:42:37 | 000,399,688 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppgooglenaclpluginchrome.dll
MOD - [2014/02/01 15:42:35 | 004,055,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
MOD - [2014/02/01 15:41:45 | 000,715,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll
MOD - [2014/02/01 15:41:45 | 000,100,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll
MOD - [2014/02/01 15:41:43 | 001,634,632 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/02/09 21:57:54 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/02/06 02:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/26 21:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/12/19 15:32:12 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011/10/24 05:16:42 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/10/11 01:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2014/01/28 16:55:21 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/03 18:51:18 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013/06/17 21:24:09 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/01/18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/08/16 13:03:16 | 000,016,384 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe -- (CalendarSynchService)
SRV - [2011/08/12 08:54:32 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2010/10/12 09:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/02/09 21:57:57 | 001,038,072 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014/02/09 21:57:57 | 000,421,704 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014/02/09 21:57:57 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/02/09 21:57:57 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/02/09 21:57:57 | 000,080,184 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014/02/09 21:57:57 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/02/09 21:57:57 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/01/22 06:52:21 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/12/10 16:14:26 | 000,074,432 | ---- | M] (Razer, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\RzFilter.sys -- (RzFilter)
DRV:64bit: - [2013/07/14 13:50:11 | 000,111,696 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NIWinCDEmu.sys -- (NIWinCDEmu)
DRV:64bit: - [2013/06/26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2013/05/09 00:59:06 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013/03/31 18:32:04 | 000,082,600 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2013/03/31 18:32:04 | 000,042,664 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2013/02/22 21:44:51 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/12/06 09:42:12 | 002,350,176 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2012/11/17 06:22:26 | 000,105,624 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Tpkd.sys -- (Tpkd)
DRV:64bit: - [2012/10/16 20:04:10 | 000,123,664 | ---- | M] (High Criteria inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TotRec8.sys -- (TotRec8)
DRV:64bit: - [2012/08/23 06:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 06:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 06:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/17 22:09:38 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/07/05 18:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/07/05 18:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/06/06 20:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2012/05/21 17:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/05/09 11:50:24 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/05/09 11:50:24 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/04/17 18:13:32 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/04/17 17:42:14 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/04/09 09:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/18 05:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/01/18 05:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/11/03 03:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011/10/24 05:56:54 | 010,203,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/10/24 04:40:08 | 000,310,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/09/14 02:35:45 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/08/03 19:38:37 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2011/07/25 10:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symds64.sys -- (SymDS)
DRV:64bit: - [2010/11/20 19:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 19:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/11 00:11:52 | 000,141,384 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdserd.sys -- (sscdserd)
DRV:64bit: - [2010/11/11 00:11:50 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010/11/11 00:11:50 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)
DRV:64bit: - [2010/11/11 00:11:50 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2010/02/18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/08/21 00:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 16:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009/06/10 12:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/01/12 14:04:44 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130112.007\EX64.SYS -- (NAVEX15)
DRV - [2013/01/12 14:04:44 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013/01/12 14:04:44 | 000,126,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130112.007\ENG64.SYS -- (NAVENG)
DRV - [2012/10/23 15:34:23 | 001,384,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130107.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/09/26 23:09:08 | 000,077,004 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysWow64\drivers\AFS.SYS -- (AFS)
DRV - [2012/09/06 03:54:30 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130113.001\IDSvia64.sys -- (IDSVia64)
DRV - [2012/08/08 21:37:40 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{7486BD2A-0307-6164-8127-53BFF248EBE9}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\..\SearchScopes,DefaultScope = {DC8537D2-46C8-4740-B4AE-9153E680C99E}
IE - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\..\SearchScopes\{A602E022-0C78-4742-AAF5-ED63250FBE3B}: "URL" = http://search.genieo...q={searchTerms}
IE - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\..\SearchScopes\{DC8537D2-46C8-4740-B4AE-9153E680C99E}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\..\SearchScopes\{EFBF8077-8D2C-4031-8774-BE5EE79B6562}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_80.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_80.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2012/07/17 21:07:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2014/02/10 19:45:08 | 000,000,000 | ---D | M]

[2014/02/16 22:45:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Storage\AppData\Roaming\Mozilla\Extensions
[2013/05/09 22:17:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://search.condui...5821396318&UM=2
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_95.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - Extension: Google Drive = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\
CHR - Extension: Rainbow Dash Theme = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecjondhpjdpclmajhniogilladpgpjgi\1_0\
CHR - Extension: Custom Google\u2122 Background = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\jepibmfmhopgkplegmkjgifmhabbjadg\6.2.2_0\
CHR - Extension: Ponify = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaelfbndbnpddlehfmbhjnphpjljegae\0.96.4_0\
CHR - Extension: Google Wallet = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: HoofSounds = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\pakhjhphleppgakhlffhlfhbekfnobbk\1.121_0\

O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll File not found
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll File not found
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll File not found
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk = File not found
O4 - Startup: C:\Users\Storage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google.com.url ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://hp.digitalriv..._US&keywords=%w
O7 - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Find Software on HP Download Store (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C882AA94-6E83-4763-A643-0CBF69D7C1B0}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041 Winlogon: Shell - (expstart.exe) - C:\Windows\expstart.exe ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/02/16 23:27:30 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/02/16 22:56:26 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Local\VirtualStore
[2014/02/16 22:45:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/02/15 23:00:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2014/02/13 15:59:38 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/02/12 22:50:28 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/02/12 22:49:48 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/02/12 22:49:48 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/02/12 22:49:47 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/02/12 22:49:47 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/02/12 22:49:46 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/02/12 22:49:46 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/02/12 22:49:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/02/12 22:49:45 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/02/12 22:49:45 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/02/12 22:49:44 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/02/12 22:49:44 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/02/12 22:49:44 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/02/12 22:49:44 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/02/12 22:49:44 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/02/12 22:49:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/02/12 22:49:44 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/02/12 22:49:43 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/02/12 22:49:43 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/02/12 22:49:43 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/02/12 22:49:43 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/02/12 22:49:41 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/02/12 22:49:41 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/02/12 22:49:38 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/02/12 22:14:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/02/12 22:14:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/02/12 22:13:50 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014/02/12 22:13:50 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014/02/12 22:13:50 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014/02/12 22:13:50 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014/02/12 22:13:49 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014/02/12 22:13:49 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014/02/12 22:13:49 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014/02/12 22:13:49 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014/02/12 22:13:49 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014/02/12 22:13:49 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014/02/12 22:13:49 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014/02/12 22:13:49 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014/02/12 22:13:49 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014/02/12 22:13:48 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014/02/12 22:13:48 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014/02/12 22:13:48 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014/02/12 22:13:48 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014/02/12 22:13:18 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/02/12 22:13:18 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/02/11 19:49:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FYZip
[2014/02/11 19:49:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FYZip
[2014/02/10 12:43:12 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Roaming\SecondLife
[2014/02/10 12:43:10 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Local\SecondLife
[2014/02/09 22:02:50 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Roaming\AVAST Software
[2014/02/09 21:58:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/02/09 21:58:23 | 000,080,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/02/09 21:16:05 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2014/02/09 21:16:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2014/02/09 21:16:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2014/02/09 21:15:59 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2014/02/09 21:15:59 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2014/02/09 21:15:59 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2014/02/09 21:15:52 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2014/02/09 21:15:52 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2014/02/09 21:15:52 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2014/02/09 21:15:52 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014/02/09 21:15:52 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2014/02/09 21:15:52 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2014/02/09 21:15:52 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2014/02/09 21:15:52 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2014/02/09 21:15:51 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2014/02/09 21:15:51 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2014/02/09 21:15:51 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2014/02/09 21:15:51 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2014/02/09 21:15:51 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2014/02/09 21:15:51 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2014/02/09 21:15:50 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014/02/09 21:15:50 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2014/02/09 21:15:50 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2014/02/09 21:15:49 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/02/09 21:15:49 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/02/09 21:15:15 | 000,000,000 | ---D | C] -- C:\history
[2014/02/09 21:10:44 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2014/02/09 21:10:44 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014/02/05 21:07:30 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Roaming\PhotoScape
[2014/02/05 21:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
[2014/02/05 21:07:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoScape
[2014/02/01 19:50:52 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Local\Razer
[2014/01/31 17:53:10 | 000,074,432 | ---- | C] (Razer, Inc.) -- C:\Windows\SysNative\drivers\RzFilter.sys
[2014/01/31 17:52:36 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2014/01/31 17:52:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Razer
[2014/01/31 17:52:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer
[2014/01/29 20:33:43 | 000,000,000 | ---D | C] -- C:\Crash
[2014/01/29 16:43:04 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Local\SCE
[2014/01/29 16:42:54 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2014/01/24 21:04:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Second Life Viewer
[2014/01/24 21:04:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SecondLifeViewer
[2014/01/21 19:14:18 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Local\Blizzard Entertainment
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/02/16 23:26:17 | 001,166,132 | ---- | M] () -- C:\Users\Storage\Desktop\AdwCleaner.exe
[2014/02/16 23:23:36 | 000,000,512 | ---- | M] () -- C:\Users\Storage\Desktop\MBR.dat
[2014/02/16 23:02:32 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/16 23:02:32 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/16 23:01:08 | 000,724,216 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/02/16 23:01:08 | 000,622,766 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/02/16 23:01:08 | 000,105,746 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/02/16 22:55:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/16 22:54:57 | 1726,414,847 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/16 22:45:07 | 000,371,116 | ---- | M] () -- C:\Users\Storage\AppData\Roaming\msconfig.ini
[2014/02/16 22:36:03 | 000,000,054 | ---- | M] () -- C:\Users\Storage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google.com.url
[2014/02/15 19:54:17 | 000,001,018 | ---- | M] () -- C:\Users\Storage\Application Data\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk
[2014/02/15 19:54:17 | 000,000,994 | ---- | M] () -- C:\Users\Storage\Desktop\Bandicam.lnk
[2014/02/12 22:51:55 | 000,775,482 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/02/11 19:59:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1005UA.job
[2014/02/11 19:58:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1003UA.job
[2014/02/11 19:57:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/11 19:55:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/11 19:49:26 | 000,000,000 | ---- | M] () -- C:\END
[2014/02/11 09:59:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1005Core.job
[2014/02/11 08:57:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/11 06:58:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1003Core.job
[2014/02/10 00:20:27 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/02/09 21:57:57 | 001,038,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/02/09 21:57:57 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/02/09 21:57:57 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/02/09 21:57:57 | 000,207,904 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/02/09 21:57:57 | 000,092,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/02/09 21:57:57 | 000,080,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/02/09 21:57:57 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/02/09 21:57:57 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/02/09 21:57:56 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/02/09 21:52:29 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2014/02/08 16:39:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForStorage.job
[2014/02/06 03:30:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/02/06 03:07:39 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/02/06 03:06:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/02/06 02:56:03 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/02/06 02:52:11 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/02/06 02:49:03 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/02/06 02:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/02/06 02:48:11 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/02/06 02:32:49 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/02/06 02:17:15 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/02/06 02:11:37 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/02/06 02:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/02/06 02:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/02/06 01:57:13 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/02/06 01:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/02/06 01:50:32 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/02/06 01:49:22 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/02/06 01:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/02/06 01:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/02/06 01:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/02/06 01:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/02/06 00:40:06 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/02/06 00:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/02/05 21:07:22 | 000,001,061 | ---- | M] () -- C:\Users\Storage\Application Data\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk
[2014/02/05 21:07:22 | 000,001,037 | ---- | M] () -- C:\Users\Storage\Desktop\PhotoScape.lnk
[2014/02/01 19:26:38 | 004,894,744 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/31 17:53:12 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RzFilter_01009.Wdf
[2014/01/31 17:52:30 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2014/01/28 16:55:21 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/01/28 16:55:21 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/01/24 21:04:49 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Second Life Viewer.lnk
[2014/01/24 21:03:49 | 031,478,056 | ---- | M] () -- C:\Users\Storage\Desktop\Second_Life_3_6_13_284995_i686_Setup.exe
[2014/01/23 16:56:44 | 000,000,222 | ---- | M] () -- C:\Users\Storage\Desktop\PlanetSide 2.url
[2014/01/22 06:52:21 | 000,064,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/02/16 23:26:11 | 001,166,132 | ---- | C] () -- C:\Users\Storage\Desktop\AdwCleaner.exe
[2014/02/16 23:23:36 | 000,000,512 | ---- | C] () -- C:\Users\Storage\Desktop\MBR.dat
[2014/02/13 05:48:59 | 000,000,054 | ---- | C] () -- C:\Users\Storage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google.com.url
[2014/02/11 19:55:12 | 000,371,116 | ---- | C] () -- C:\Users\Storage\AppData\Roaming\msconfig.ini
[2014/02/09 21:58:37 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/02/05 21:07:22 | 000,001,061 | ---- | C] () -- C:\Users\Storage\Application Data\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk
[2014/02/05 21:07:22 | 000,001,037 | ---- | C] () -- C:\Users\Storage\Desktop\PhotoScape.lnk
[2014/01/31 17:53:12 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RzFilter_01009.Wdf
[2014/01/24 21:04:49 | 000,001,159 | ---- | C] () -- C:\Users\Public\Desktop\Second Life Viewer.lnk
[2014/01/24 21:03:55 | 031,478,056 | ---- | C] () -- C:\Users\Storage\Desktop\Second_Life_3_6_13_284995_i686_Setup.exe
[2014/01/23 16:56:44 | 000,000,222 | ---- | C] () -- C:\Users\Storage\Desktop\PlanetSide 2.url
[2013/06/04 16:03:21 | 000,925,184 | ---- | C] () -- C:\Windows\expstart.exe
[2013/06/02 18:21:59 | 000,000,258 | RHS- | C] () -- C:\Users\Storage\ntuser.pol
[2012/11/17 06:23:24 | 000,021,656 | ---- | C] () -- C:\Windows\SysWow64\drivers\iLokDrvr.sys
[2012/11/16 22:21:08 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2012/10/25 06:33:06 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/10/25 06:30:20 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/09/26 15:31:27 | 000,016,618 | ---- | C] () -- C:\Windows\hpomdl01.dat
[2012/09/14 22:43:29 | 000,290,184 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/09/14 22:43:25 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/08/08 23:40:32 | 000,065,576 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2012/08/08 23:40:28 | 000,022,560 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2012/07/22 22:21:04 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll
[2012/05/09 11:53:30 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/05/02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll

========== ZeroAccess Check ==========

[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 18:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 17:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/11/04 11:04:24 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\.minecraft
[2012/07/23 19:56:38 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Atari
[2012/08/29 20:35:18 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Babylon
[2012/08/31 20:32:19 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\BANDISOFT
[2012/11/17 09:24:30 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/11/16 18:13:55 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/02/22 21:44:21 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DAEMON Tools Lite
[2013/02/09 18:28:13 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\FlvtoConverter
[2013/06/20 13:17:23 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Free PDF Tablet
[2012/07/22 22:21:07 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Leadertech
[2012/07/19 10:28:28 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\LolClient
[2012/09/14 21:58:55 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\ooVoo Details
[2012/10/12 21:52:41 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\OpenCandy
[2013/06/21 10:34:19 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Origin
[2012/11/16 22:21:08 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PACE Anti-Piracy
[2012/08/05 18:10:55 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PC Cleaners
[2012/08/05 18:10:59 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PCPro
[2012/11/17 09:22:22 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PDAppFlex
[2013/06/02 20:20:29 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\SearchProtect
[2013/08/12 23:39:52 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\SoftGrid Client
[2013/03/12 17:32:39 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\uTorrent
[2012/07/18 20:42:34 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\WinBatch
[2013/11/27 22:52:13 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\Ableton
[2013/08/20 15:16:05 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\Audacity
[2014/02/09 22:02:50 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\AVAST Software
[2013/06/25 15:20:38 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\BANDISOFT
[2013/07/20 17:17:25 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\Cycling '74
[2013/06/25 15:04:22 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\File Scout
[2013/08/09 15:41:15 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\FlvtoConverter
[2013/06/30 21:28:12 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\Free PDF Tablet
[2013/06/10 21:35:33 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\LolClient
[2013/07/24 21:34:02 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\ooVoo Details
[2013/07/30 13:25:28 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\Origin
[2013/11/28 19:34:34 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\PACE Anti-Piracy
[2014/02/05 21:10:24 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\PhotoScape
[2014/02/10 12:47:22 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\SecondLife
[2014/02/12 22:46:06 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\SoftGrid Client
[2013/07/20 14:13:11 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\TotalRecorder
[2014/02/16 22:40:00 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Custom Scans ==========

< OTL logfile created on: 2/16/2014 11:39:21 PM - Run 2 >
Invalid Switch: 2014 11:39:21 PM - Run 2

< OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Storage\Downloads >
[2009/07/13 21:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/13 21:08:49 | 000,032,568 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/07/19 11:22:54 | 000,000,864 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1003Core.job
[2012/07/19 11:22:54 | 000,000,916 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1003UA.job
[2012/09/30 08:49:35 | 000,000,848 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1005Core.job
[2012/09/30 08:49:35 | 000,000,900 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1005UA.job
[2013/05/16 11:42:30 | 000,000,890 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/05/16 11:42:30 | 000,000,894 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013/06/02 19:19:01 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013/06/14 16:11:30 | 000,000,340 | ---- | C] () -- C:\Windows\Tasks\HPCeeScheduleForStorage.job

< 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation >

< Internet Explorer (Version = 9.11.9600.16518) >

< Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy >
Invalid Switch: yyyy

< >

< 7.48 Gb Total Physical Memory | 5.02 Gb Available Physical Memory | 67.20% Memory free >

< 14.95 Gb Paging File | 12.16 Gb Available in Paging File | 81.34% Paging File free >

< Paging file location(s): ?:\pagefile.sys [binary data] >

< >

< %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) >

< Drive C: | 914.81 Gb Total Space | 524.24 Gb Free Space | 57.31% Space Free | Partition Type: NTFS >

< Drive D: | 16.61 Gb Total Space | 2.07 Gb Free Space | 12.49% Space Free | Partition Type: NTFS >

< >

< Computer Name: ALEX-HP | User Name: Storage | Logged in as Administrator. >

< Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans >

< Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days >

< >

< ========== Processes (SafeList) ========== >
Invalid Switch: color]

< >

< PRC - [2014/02/14 15:52:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Storage\Downloads\OTL.exe >
Invalid Switch: 14 15:52:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Storage\Downloads\OTL.exe

< PRC - [2014/02/09 21:57:54 | 003,767,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe >
Invalid Switch: 09 21:57:54 | 003,767,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe

< PRC - [2014/02/09 21:57:54 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe >
Invalid Switch: 09 21:57:54 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe

< PRC - [2014/02/01 15:42:39 | 000,866,632 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe >
Invalid Switch: 01 15:42:39 | 000,866,632 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< PRC - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe >
Invalid Switch: 26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

< PRC - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe >
Invalid Switch: 26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

< PRC - [2013/06/17 21:24:09 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe >
Invalid Switch: 17 21:24:09 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe

< PRC - [2012/01/18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe >
Invalid Switch: 18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

< PRC - [2011/08/12 08:54:32 | 001,128,952 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe >
Invalid Switch: 12 08:54:32 | 001,128,952 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe

< PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe >
Invalid Switch: 18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

< PRC - [2008/11/20 09:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe >
Invalid Switch: 20 09:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

< PRC - [2003/04/05 23:37:10 | 000,323,646 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe >
Invalid Switch: 05 23:37:10 | 000,323,646 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

< >

< >

< ========== Modules (No Company Name) ========== >
Invalid Switch: color]

< >

< MOD - [2014/02/09 21:57:55 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll >
Invalid Switch: 09 21:57:55 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll

< MOD - [2014/02/01 15:42:37 | 000,399,688 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppgooglenaclpluginchrome.dll >
Invalid Switch: 01 15:42:37 | 000,399,688 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppgooglenaclpluginchrome.dll

< MOD - [2014/02/01 15:42:35 | 004,055,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll >
Invalid Switch: 01 15:42:35 | 004,055,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll

< MOD - [2014/02/01 15:41:45 | 000,715,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll >
Invalid Switch: 01 15:41:45 | 000,715,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll

< MOD - [2014/02/01 15:41:45 | 000,100,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll >
Invalid Switch: 01 15:41:45 | 000,100,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll

< MOD - [2014/02/01 15:41:43 | 001,634,632 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll >
Invalid Switch: 01 15:41:43 | 001,634,632 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll

< >

< >

< ========== Services (SafeList) ========== >
Invalid Switch: color]

< >

< SRV:64bit: - [2014/02/09 21:57:54 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) >
Invalid Switch: 09 21:57:54 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

< SRV:64bit: - [2014/02/06 02:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) >
Invalid Switch: 06 02:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)

< SRV:64bit: - [2013/05/26 21:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) >
Invalid Switch: 26 21:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

< SRV:64bit: - [2012/12/19 15:32:12 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) >
Invalid Switch: 19 15:32:12 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)

< SRV:64bit: - [2011/10/24 05:16:42 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) >
Invalid Switch: 24 05:16:42 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

< SRV:64bit: - [2010/10/11 01:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc) >
Invalid Switch: 11 01:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)

< SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) >
Invalid Switch: 22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

< SRV - [2014/01/28 16:55:21 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) >
Invalid Switch: 28 16:55:21 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

< SRV - [2013/12/03 18:51:18 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) >
Invalid Switch: 03 18:51:18 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

< SRV - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) >
Invalid Switch: 26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

< SRV - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) >
Invalid Switch: 26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

< SRV - [2013/06/17 21:24:09 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) >
Invalid Switch: 17 21:24:09 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)

< SRV - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service) >
Invalid Switch: 27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)

< SRV - [2012/01/18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv) >
Invalid Switch: 18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)

< SRV - [2011/08/16 13:03:16 | 000,016,384 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe -- (CalendarSynchService) >
Invalid Switch: 16 13:03:16 | 000,016,384 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe -- (CalendarSynchService)

< SRV - [2011/08/12 08:54:32 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher) >
Invalid Switch: 12 08:54:32 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)

< SRV - [2010/10/12 09:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService) >
Invalid Switch: 12 09:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)

< SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) >
Invalid Switch: 18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

< SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) >
Invalid Switch: 10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

< >

< >

< ========== Driver Services (SafeList) ========== >
Invalid Switch: color]

< >

< DRV:64bit: - [2014/02/09 21:57:57 | 001,038,072 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) >
Invalid Switch: 09 21:57:57 | 001,038,072 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)

< DRV:64bit: - [2014/02/09 21:57:57 | 000,421,704 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) >
Invalid Switch: 09 21:57:57 | 000,421,704 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)

< DRV:64bit: - [2014/02/09 21:57:57 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm) >
Invalid Switch: 09 21:57:57 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)

< DRV:64bit: - [2014/02/09 21:57:57 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) >
Invalid Switch: 09 21:57:57 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)

< DRV:64bit: - [2014/02/09 21:57:57 | 000,080,184 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm) >
Invalid Switch: 09 21:57:57 | 000,080,184 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)

< DRV:64bit: - [2014/02/09 21:57:57 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) >
Invalid Switch: 09 21:57:57 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)

< DRV:64bit: - [2014/02/09 21:57:57 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) >
Invalid Switch: 09 21:57:57 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)

< DRV:64bit: - [2014/01/22 06:52:21 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) >
Invalid Switch: 22 06:52:21 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)

< DRV:64bit: - [2013/12/10 16:14:26 | 000,074,432 | ---- | M] (Razer, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\RzFilter.sys -- (RzFilter) >
Invalid Switch: 10 16:14:26 | 000,074,432 | ---- | M] (Razer, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\RzFilter.sys -- (RzFilter)

< DRV:64bit: - [2013/07/14 13:50:11 | 000,111,696 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NIWinCDEmu.sys -- (NIWinCDEmu) >
Invalid Switch: 14 13:50:11 | 000,111,696 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NIWinCDEmu.sys -- (NIWinCDEmu)

< DRV:64bit: - [2013/06/26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) >
Invalid Switch: 26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)

< DRV:64bit: - [2013/06/26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) >
Invalid Switch: 26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)

< DRV:64bit: - [2013/06/26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) >
Invalid Switch: 26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)

< DRV:64bit: - [2013/06/26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) >
Invalid Switch: 26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)

< DRV:64bit: - [2013/05/09 00:59:06 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd) >
Invalid Switch: 09 00:59:06 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)

< DRV:64bit: - [2013/03/31 18:32:04 | 000,082,600 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata) >
Invalid Switch: 31 18:32:04 | 000,082,600 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)

< DRV:64bit: - [2013/03/31 18:32:04 | 000,042,664 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata) >
Invalid Switch: 31 18:32:04 | 000,042,664 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)

< DRV:64bit: - [2013/02/22 21:44:51 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) >
Invalid Switch: 22 21:44:51 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

< DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) >
Invalid Switch: 13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

< DRV:64bit: - [2012/12/06 09:42:12 | 002,350,176 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x) >
Invalid Switch: 06 09:42:12 | 002,350,176 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)

< DRV:64bit: - [2012/11/17 06:22:26 | 000,105,624 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Tpkd.sys -- (Tpkd) >
Invalid Switch: 17 06:22:26 | 000,105,624 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Tpkd.sys -- (Tpkd)

< DRV:64bit: - [2012/10/16 20:04:10 | 000,123,664 | ---- | M] (High Criteria inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TotRec8.sys -- (TotRec8) >
Invalid Switch: 16 20:04:10 | 000,123,664 | ---- | M] (High Criteria inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TotRec8.sys -- (TotRec8)

< DRV:64bit: - [2012/08/23 06:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) >
Invalid Switch: 23 06:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

< DRV:64bit: - [2012/08/23 06:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) >
Invalid Switch: 23 06:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)

< DRV:64bit: - [2012/08/23 06:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) >
Invalid Switch: 23 06:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

< DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) >
Invalid Switch: 21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

< DRV:64bit: - [2012/07/17 22:09:38 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent) >
Invalid Switch: 17 22:09:38 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)

< DRV:64bit: - [2012/07/05 18:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtspx64.sys -- (SRTSPX) >
Invalid Switch: 05 18:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtspx64.sys -- (SRTSPX)

< DRV:64bit: - [2012/07/05 18:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtsp64.sys -- (SRTSP) >
Invalid Switch: 05 18:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtsp64.sys -- (SRTSP)

< DRV:64bit: - [2012/06/06 20:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ccsetx64.sys -- (ccSet_NIS) >
Invalid Switch: 06 20:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ccsetx64.sys -- (ccSet_NIS)

< DRV:64bit: - [2012/05/21 17:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symefa64.sys -- (SymEFA) >
Invalid Switch: 21 17:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symefa64.sys -- (SymEFA)

< DRV:64bit: - [2012/05/09 11:50:24 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) >
Invalid Switch: 09 11:50:24 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

< DRV:64bit: - [2012/05/09 11:50:24 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) >
Invalid Switch: 09 11:50:24 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

< DRV:64bit: - [2012/04/17 18:13:32 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symnets.sys -- (SymNetS) >
Invalid Switch: 17 18:13:32 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symnets.sys -- (SymNetS)

< DRV:64bit: - [2012/04/17 17:42:14 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ironx64.sys -- (SymIRON) >
Invalid Switch: 17 17:42:14 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ironx64.sys -- (SymIRON)

< DRV:64bit: - [2012/04/09 09:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2) >
Invalid Switch: 09 09:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)

< DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) >
Invalid Switch: 29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

< DRV:64bit: - [2012/01/18 05:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) >
Invalid Switch: 18 05:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)

< DRV:64bit: - [2012/01/18 05:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64) >
Invalid Switch: 18 05:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)

< DRV:64bit: - [2011/11/03 03:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) >
Invalid Switch: 03 03:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

< DRV:64bit: - [2011/10/24 05:56:54 | 010,203,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) >
Invalid Switch: 24 05:56:54 | 010,203,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

< DRV:64bit: - [2011/10/24 04:40:08 | 000,310,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) >
Invalid Switch: 24 04:40:08 | 000,310,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

< DRV:64bit: - [2011/09/14 02:35:45 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) >
Invalid Switch: 14 02:35:45 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

< DRV:64bit: - [2011/08/03 19:38:37 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) >
Invalid Switch: 03 19:38:37 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)

< DRV:64bit: - [2011/07/25 10:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symds64.sys -- (SymDS) >
Invalid Switch: 25 10:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symds64.sys -- (SymDS)

< DRV:64bit: - [2010/11/20 19:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) >
Invalid Switch: 20 19:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

< DRV:64bit: - [2010/11/20 19:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) >
Invalid Switch: 20 19:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

< DRV:64bit: - [2010/11/11 00:11:52 | 000,141,384 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdserd.sys -- (sscdserd) >
Invalid Switch: 11 00:11:52 | 000,141,384 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdserd.sys -- (sscdserd)

< DRV:64bit: - [2010/11/11 00:11:50 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm) >
Invalid Switch: 11 00:11:50 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)

< DRV:64bit: - [2010/11/11 00:11:50 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) >
Invalid Switch: 11 00:11:50 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)

< DRV:64bit: - [2010/11/11 00:11:50 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl) >
Invalid Switch: 11 00:11:50 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)

< DRV:64bit: - [2010/02/18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) >
Invalid Switch: 18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)

< DRV:64bit: - [2009/08/21 00:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) >
Invalid Switch: 21 00:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)

< DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) >
Invalid Switch: 13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

< DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) >
Invalid Switch: 13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

< DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) >
Invalid Switch: 13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

< DRV:64bit: - [2009/07/13 16:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc) >
Invalid Switch: 13 16:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)

< DRV:64bit: - [2009/06/10 12:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) >
Invalid Switch: 10 12:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

< DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) >
Invalid Switch: 10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

< DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) >
Invalid Switch: 10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

< DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) >
Invalid Switch: 10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

< DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) >
Invalid Switch: 10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

< DRV - [2013/01/12 14:04:44 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130112.007\EX64.SYS -- (NAVEX15) >
Invalid Switch: 12 14:04:44 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130112.007\EX64.SYS -- (NAVEX15)

< DRV - [2013/01/12 14:04:44 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) >
Invalid Switch: 12 14:04:44 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)

< DRV - [2013/01/12 14:04:44 | 000,126,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130112.007\ENG64.SYS -- (NAVENG) >
Invalid Switch: 12 14:04:44 | 000,126,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130112.007\ENG64.SYS -- (NAVENG)

< DRV - [2012/10/23 15:34:23 | 001,384,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130107.001\BHDrvx64.sys -- (BHDrvx64) >
Invalid Switch: 23 15:34:23 | 001,384,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130107.001\BHDrvx64.sys -- (BHDrvx64)

< DRV - [2012/09/26 23:09:08 | 000,077,004 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysWow64\drivers\AFS.SYS -- (AFS) >
Invalid Switch: 26 23:09:08 | 000,077,004 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysWow64\drivers\AFS.SYS -- (AFS)

< DRV - [2012/09/06 03:54:30 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130113.001\IDSvia64.sys -- (IDSVia64) >
Invalid Switch: 06 03:54:30 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130113.001\IDSvia64.sys -- (IDSVia64)

< DRV - [2012/08/08 21:37:40 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) >
Invalid Switch: 08 21:37:40 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)

< DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) >
Invalid Switch: 13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

< >

< >

< ========== Standard Registry (SafeList) ========== >
Invalid Switch: color]

< >

< >

< ========== Internet Explorer ========== >
Invalid Switch: color]

< >

< IE:64bit: - HKLM\..\SearchScopes,DefaultScope = >
Invalid Switch: b] - HKLM\..\SearchScopes,DefaultScope =

< IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF >

< IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms} >

< IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm >

< IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} >

< IE - HKLM\..\SearchScopes,DefaultScope = >

< IE - HKLM\..\SearchScopes\{7486BD2A-0307-6164-8127-53BFF248EBE9}: "URL" = http://www.bing.com/...rc=IE-SearchBox >

< IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF >

< IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms} >

< >

< IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1 >

< IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = >

< IE - HKCU\..\SearchScopes,DefaultScope = {DC8537D2-46C8-4740-B4AE-9153E680C99E} >

< IE - HKCU\..\SearchScopes\{A602E022-0C78-4742-AAF5-ED63250FBE3B}: "URL" = http://search.genieo...q={searchTerms} >

< IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPDTDF >

< IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms} >

< IE - HKCU\..\SearchScopes\{DC8537D2-46C8-4740-B4AE-9153E680C99E}: "URL" = http://search.yahoo....p={searchTerms} >

< IE - HKCU\..\SearchScopes\{EFBF8077-8D2C-4031-8774-BE5EE79B6562}: "URL" = http://www.bing.com/...rc=IE-SearchBox >

< IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 >

< >

< >

< ========== FireFox ========== >
Invalid Switch: color]

< >

< FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_80.dll File not found >
Invalid Switch: FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_80.dll File not found

< FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found >
Invalid Switch: GENUINE: disabled File not found

< FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) >
Invalid Switch: NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

< FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_80.dll () >
Invalid Switch: FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_80.dll ()

< FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found >
Invalid Switch: iTunes,version=: File not found

< FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () >
Invalid Switch: iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

< FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) >
Invalid Switch: esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

< FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB) >
Invalid Switch: npbattlelog,version=2.3.2: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)

< FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) >
Invalid Switch: DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

< FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) >
Invalid Switch: JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

< FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found >
Invalid Switch: GENUINE: disabled File not found

< FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) >
Invalid Switch: NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

< FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) >
Invalid Switch: SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

< FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) >
Invalid Switch: WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

< FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) >
Invalid Switch: WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

< FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) >
Invalid Switch: WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

< FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon) >
Invalid Switch: NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)

< FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) >
Invalid Switch: PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

< FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) >
Invalid Switch: Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

< FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) >
Invalid Switch: Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

< FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () >
Invalid Switch: GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

< >

< FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2012/07/17 21:07:15 | 000,000,000 | ---D | M] >
Invalid Switch: 17 21:07:15 | 000,000,000 | ---D | M]

< FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2014/02/10 19:45:08 | 000,000,000 | ---D | M] >
Invalid Switch: 10 19:45:08 | 000,000,000 | ---D | M]

< >

< [2014/02/16 22:45:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Storage\AppData\Roaming\Mozilla\Extensions >
Invalid Switch: 16 22:45:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Storage\AppData\Roaming\Mozilla\Extensions

< [2013/05/09 22:17:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions >
Invalid Switch: 09 22:17:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

< >

< ========== Chrome ========== >
Invalid Switch: color]

< >

< CHR - default_search_provider: Google (Enabled) >

< CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} >

< CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}, >

< CHR - homepage: http://search.condui...5821396318&UM=2 >
Invalid Switch: ?ctid=CT3289663&SearchSource=48&CUI=UN26624855821396318&UM=2

< CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll >

< CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer >

< CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll >

< CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll >

< CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll >

< CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll >

< CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll >

< CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll >

< CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll >

< CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL >

< CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll >

< CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll >

< CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll >

< CHR - plugin: Java™ Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll >

< CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll >

< CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll >

< CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll >

< CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll >

< CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_95.dll >

< CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll >

< CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll >

< CHR - Extension: Google Drive = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ >

< CHR - Extension: YouTube = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ >

< CHR - Extension: Adblock Plus = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\ >

< CHR - Extension: Rainbow Dash Theme = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecjondhpjdpclmajhniogilladpgpjgi\1_0\ >

< CHR - Extension: Custom Google\u2122 Background = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\jepibmfmhopgkplegmkjgifmhabbjadg\6.2.2_0\ >

< CHR - Extension: Ponify = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaelfbndbnpddlehfmbhjnphpjljegae\0.96.4_0\ >

< CHR - Extension: Google Wallet = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\ >

< CHR - Extension: HoofSounds = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\pakhjhphleppgakhlffhlfhbekfnobbk\1.121_0\ >

< >

< O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts >
Invalid Switch: 10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

< O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) >
Invalid Switch: b] - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

< O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) >
Invalid Switch: b] - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)

< O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) >
Invalid Switch: b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

< O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard) >
Invalid Switch: b] - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)

< O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll File not found >

< O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) >

< O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL File not found >

< O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) >

< O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) >

< O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) >

< O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) >

< O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) >
Invalid Switch: b] - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

< O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) >
Invalid Switch: b] - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

< O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll File not found >

< O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) >

< O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll File not found >

< O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) >
Invalid Switch: b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

< O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard) >
Invalid Switch: b] - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)

< O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation) >
Invalid Switch: b] - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)

< O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) >

< O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard) >
Invalid Switch: b] - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)

< O4 - Startup: C:\Users\Storage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google.com.url () >

< O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present >

< O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 >

< O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 >

< O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 >

< O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 >

< O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 >

< O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 >

< O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://hp.digitalriv..._US&keywords=%w >
Invalid Switch: store?Action=DisplayProductSearchResultsPage&SiteID=hpappli&Locale=en_US&keywords=%w

< O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Find Software on HP Download Store (Microsoft Corporation) >

< O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard) >
Invalid Switch: b] - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)

< O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard) >
Invalid Switch: b] - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)

< O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard) >

< O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard) >

< O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) >
Invalid Switch: b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

< O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) >

< O1364bit: - gopher Prefix: missing >
Invalid Switch: b] - gopher Prefix: missing

< O13 - gopher Prefix: missing >

< O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) >

< O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites) >

< O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites) >

< O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites) >

< O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 >

< O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C882AA94-6E83-4763-A643-0CBF69D7C1B0}: DhcpNameServer = 192.168.1.254 >

< O18:64bit: - Protocol\Handler\livecall - No CLSID value found >
Invalid Switch: b] - Protocol\Handler\livecall - No CLSID value found

< O18:64bit: - Protocol\Handler\msnim - No CLSID value found >
Invalid Switch: b] - Protocol\Handler\msnim - No CLSID value found

< O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found >
Invalid Switch: b] - Protocol\Handler\wlmailhtml - No CLSID value found

< O18:64bit: - Protocol\Handler\wlpg - No CLSID value found >
Invalid Switch: b] - Protocol\Handler\wlpg - No CLSID value found

< O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) >
Invalid Switch: mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

< O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) >
Invalid Switch: x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

< O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) >
Invalid Switch: mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

< O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) >
Invalid Switch: x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

< O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) >
Invalid Switch: b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

< O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) >
Invalid Switch: b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

< O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) >

< O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) >

< O20 - HKCU Winlogon: Shell - (expstart.exe) - C:\Windows\expstart.exe () >

< O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. >
Invalid Switch: b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

< O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. >

< O32 - HKLM CDRom: AutoRun - 1 >

< O34 - HKLM BootExecute: (autocheck autochk *) >

< O35:64bit: - HKLM\..comfile [open] -- "%1" %* >

< O35:64bit: - HKLM\..exefile [open] -- "%1" %* >

< O35 - HKLM\..comfile [open] -- "%1" %* >

< O35 - HKLM\..exefile [open] -- "%1" %* >

< O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* >

< O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* >

< O37 - HKLM\...com [@ = comfile] -- "%1" %* >

< O37 - HKLM\...exe [@ = exefile] -- "%1" %* >

< O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) >

< O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) >

< O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) >

< >

< ========== Files/Folders - Created Within 30 Days ========== >
Invalid Switch: color]

< >

< [2014/02/16 23:27:30 | 000,000,000 | ---D | C] -- C:\AdwCleaner >
Invalid Switch: 16 23:27:30 | 000,000,000 | ---D | C] -- C:\AdwCleaner

< [2014/02/16 22:56:26 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Local\VirtualStore >
Invalid Switch: 16 22:56:26 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Local\VirtualStore

< [2014/02/16 22:45:00 | 000,000,000 | ---D | C] -- C:\_OTL >
Invalid Switch: 16 22:45:00 | 000,000,000 | ---D | C] -- C:\_OTL

< [2014/02/15 23:00:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET >
Invalid Switch: 15 23:00:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET

< [2014/02/13 15:59:38 | 000,000,000 | -HSD | C] -- C:\Config.Msi >
Invalid Switch: 13 15:59:38 | 000,000,000 | -HSD | C] -- C:\Config.Msi

< [2014/02/11 19:49:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FYZip >
Invalid Switch: 11 19:49:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FYZip

< [2014/02/11 19:49:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FYZip >
Invalid Switch: 11 19:49:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FYZip

< [2014/02/10 12:43:12 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Roaming\SecondLife >
Invalid Switch: 10 12:43:12 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Roaming\SecondLife

< [2014/02/10 12:43:10 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Local\SecondLife >
Invalid Switch: 10 12:43:10 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Local\SecondLife

< [2014/02/09 22:02:50 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Roaming\AVAST Software >
Invalid Switch: 09 22:02:50 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Roaming\AVAST Software

< [2014/02/09 21:58:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast >
Invalid Switch: 09 21:58:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast

< [2014/02/09 21:58:23 | 000,080,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys >
Invalid Switch: 09 21:58:23 | 000,080,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys

< [2014/02/09 21:15:15 | 000,000,000 | ---D | C] -- C:\history >
Invalid Switch: 09 21:15:15 | 000,000,000 | ---D | C] -- C:\history

< [2014/02/05 21:07:30 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Roaming\PhotoScape >
Invalid Switch: 05 21:07:30 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Roaming\PhotoScape

< [2014/02/05 21:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape >
Invalid Switch: 05 21:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape

< [2014/02/05 21:07:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoScape >
Invalid Switch: 05 21:07:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoScape

< [2014/02/01 19:50:52 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Local\Razer >
Invalid Switch: 01 19:50:52 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Local\Razer

< [2014/01/31 17:53:10 | 000,074,432 | ---- | C] (Razer, Inc.) -- C:\Windows\SysNative\drivers\RzFilter.sys >
Invalid Switch: 31 17:53:10 | 000,074,432 | ---- | C] (Razer, Inc.) -- C:\Windows\SysNative\drivers\RzFilter.sys

< [2014/01/31 17:52:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Razer >
Invalid Switch: 31 17:52:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Razer

< [2014/01/31 17:52:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer >
Invalid Switch: 31 17:52:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer

< [2014/01/29 20:33:43 | 000,000,000 | ---D | C] -- C:\Crash >
Invalid Switch: 29 20:33:43 | 000,000,000 | ---D | C] -- C:\Crash

< [2014/01/29 16:43:04 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Local\SCE >
Invalid Switch: 29 16:43:04 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Local\SCE

< [2014/01/24 21:04:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Second Life Viewer >
Invalid Switch: 24 21:04:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Second Life Viewer

< [2014/01/24 21:04:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SecondLifeViewer >
Invalid Switch: 24 21:04:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SecondLifeViewer

< [2014/01/21 19:14:18 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Local\Blizzard Entertainment >
Invalid Switch: 21 19:14:18 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Local\Blizzard Entertainment

< [2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] >

< >

< ========== Files - Modified Within 30 Days ========== >
Invalid Switch: color]

< >

< [2014/02/16 23:26:17 | 001,166,132 | ---- | M] () -- C:\Users\Storage\Desktop\AdwCleaner.exe >
Invalid Switch: 16 23:26:17 | 001,166,132 | ---- | M] () -- C:\Users\Storage\Desktop\AdwCleaner.exe

< [2014/02/16 23:23:36 | 000,000,512 | ---- | M] () -- C:\Users\Storage\Desktop\MBR.dat >
Invalid Switch: 16 23:23:36 | 000,000,512 | ---- | M] () -- C:\Users\Storage\Desktop\MBR.dat

< [2014/02/16 23:02:32 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 >
Invalid Switch: 16 23:02:32 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

< [2014/02/16 23:02:32 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 >
Invalid Switch: 16 23:02:32 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

< [2014/02/16 23:01:08 | 000,724,216 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI >
Invalid Switch: 16 23:01:08 | 000,724,216 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

< [2014/02/16 23:01:08 | 000,622,766 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat >
Invalid Switch: 16 23:01:08 | 000,622,766 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

< [2014/02/16 23:01:08 | 000,105,746 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat >
Invalid Switch: 16 23:01:08 | 000,105,746 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

< [2014/02/16 22:55:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat >
Invalid Switch: 16 22:55:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

< [2014/02/16 22:54:57 | 1726,414,847 | -HS- | M] () -- C:\hiberfil.sys >
Invalid Switch: 16 22:54:57 | 1726,414,847 | -HS- | M] () -- C:\hiberfil.sys

< [2014/02/16 22:45:07 | 000,371,116 | ---- | M] () -- C:\Users\Storage\AppData\Roaming\msconfig.ini >
Invalid Switch: 16 22:45:07 | 000,371,116 | ---- | M] () -- C:\Users\Storage\AppData\Roaming\msconfig.ini

< [2014/02/16 22:36:03 | 000,000,054 | ---- | M] () -- C:\Users\Storage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google.com.url >
Invalid Switch: 16 22:36:03 | 000,000,054 | ---- | M] () -- C:\Users\Storage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google.com.url

< [2014/02/15 19:54:17 | 000,001,018 | ---- | M] () -- C:\Users\Storage\Application Data\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk >
Invalid Switch: 15 19:54:17 | 000,001,018 | ---- | M] () -- C:\Users\Storage\Application Data\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk

< [2014/02/15 19:54:17 | 000,000,994 | ---- | M] () -- C:\Users\Storage\Desktop\Bandicam.lnk >
Invalid Switch: 15 19:54:17 | 000,000,994 | ---- | M] () -- C:\Users\Storage\Desktop\Bandicam.lnk

< [2014/02/12 22:51:55 | 000,775,482 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI >
Invalid Switch: 12 22:51:55 | 000,775,482 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

< [2014/02/11 19:59:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1005UA.job >
Invalid Switch: 11 19:59:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1005UA.job

< [2014/02/11 19:58:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1003UA.job >
Invalid Switch: 11 19:58:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1003UA.job

< [2014/02/11 19:57:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job >
Invalid Switch: 11 19:57:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

< [2014/02/11 19:55:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job >
Invalid Switch: 11 19:55:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

< [2014/02/11 19:49:26 | 000,000,000 | ---- | M] () -- C:\END >
Invalid Switch: 11 19:49:26 | 000,000,000 | ---- | M] () -- C:\END

< [2014/02/11 09:59:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1005Core.job >
Invalid Switch: 11 09:59:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1005Core.job

< [2014/02/11 08:57:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job >
Invalid Switch: 11 08:57:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

< [2014/02/11 06:58:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1003Core.job >
Invalid Switch: 11 06:58:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1003Core.job

< [2014/02/10 00:20:27 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk >
Invalid Switch: 10 00:20:27 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk

< [2014/02/09 21:57:57 | 001,038,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys >
Invalid Switch: 09 21:57:57 | 001,038,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys

< [2014/02/09 21:57:57 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys >
Invalid Switch: 09 21:57:57 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys

< [2014/02/09 21:57:57 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe >
Invalid Switch: 09 21:57:57 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe

< [2014/02/09 21:57:57 | 000,207,904 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys >
Invalid Switch: 09 21:57:57 | 000,207,904 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys

< [2014/02/09 21:57:57 | 000,092,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys >
Invalid Switch: 09 21:57:57 | 000,092,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys

< [2014/02/09 21:57:57 | 000,080,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys >
Invalid Switch: 09 21:57:57 | 000,080,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys

< [2014/02/09 21:57:57 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys >
Invalid Switch: 09 21:57:57 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys

< [2014/02/09 21:57:57 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys >
Invalid Switch: 09 21:57:57 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys

< [2014/02/09 21:57:56 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr >
Invalid Switch: 09 21:57:56 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr

< [2014/02/09 21:52:29 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt >
Invalid Switch: 09 21:52:29 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt

< [2014/02/08 16:39:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForStorage.job >
Invalid Switch: 08 16:39:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForStorage.job

< [2014/02/05 21:07:22 | 000,001,061 | ---- | M] () -- C:\Users\Storage\Application Data\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk >
Invalid Switch: 05 21:07:22 | 000,001,061 | ---- | M] () -- C:\Users\Storage\Application Data\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk

< [2014/02/05 21:07:22 | 000,001,037 | ---- | M] () -- C:\Users\Storage\Desktop\PhotoScape.lnk >
Invalid Switch: 05 21:07:22 | 000,001,037 | ---- | M] () -- C:\Users\Storage\Desktop\PhotoScape.lnk

< [2014/02/01 19:26:38 | 004,894,744 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT >
Invalid Switch: 01 19:26:38 | 004,894,744 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

< [2014/01/31 17:53:12 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RzFilter_01009.Wdf >
Invalid Switch: 31 17:53:12 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RzFilter_01009.Wdf

< [2014/01/24 21:04:49 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Second Life Viewer.lnk >
Invalid Switch: 24 21:04:49 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Second Life Viewer.lnk

< [2014/01/24 21:03:49 | 031,478,056 | ---- | M] () -- C:\Users\Storage\Desktop\Second_Life_3_6_13_284995_i686_Setup.exe >
Invalid Switch: 24 21:03:49 | 031,478,056 | ---- | M] () -- C:\Users\Storage\Desktop\Second_Life_3_6_13_284995_i686_Setup.exe

< [2014/01/23 16:56:44 | 000,000,222 | ---- | M] () -- C:\Users\Storage\Desktop\PlanetSide 2.url >
Invalid Switch: 23 16:56:44 | 000,000,222 | ---- | M] () -- C:\Users\Storage\Desktop\PlanetSide 2.url

< [2014/01/22 06:52:21 | 000,064,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys >
Invalid Switch: 22 06:52:21 | 000,064,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys

< [2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] >

< >

< ========== Files Created - No Company Name ========== >
Invalid Switch: color]

< >

< [2014/02/16 23:26:11 | 001,166,132 | ---- | C] () -- C:\Users\Storage\Desktop\AdwCleaner.exe >
Invalid Switch: 16 23:26:11 | 001,166,132 | ---- | C] () -- C:\Users\Storage\Desktop\AdwCleaner.exe

< [2014/02/16 23:23:36 | 000,000,512 | ---- | C] () -- C:\Users\Storage\Desktop\MBR.dat >
Invalid Switch: 16 23:23:36 | 000,000,512 | ---- | C] () -- C:\Users\Storage\Desktop\MBR.dat

< [2014/02/13 05:48:59 | 000,000,054 | ---- | C] () -- C:\Users\Storage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google.com.url >
Invalid Switch: 13 05:48:59 | 000,000,054 | ---- | C] () -- C:\Users\Storage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google.com.url

< [2014/02/11 19:55:12 | 000,371,116 | ---- | C] () -- C:\Users\Storage\AppData\Roaming\msconfig.ini >
Invalid Switch: 11 19:55:12 | 000,371,116 | ---- | C] () -- C:\Users\Storage\AppData\Roaming\msconfig.ini

< [2014/02/09 21:58:37 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk >
Invalid Switch: 09 21:58:37 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk

< [2014/02/05 21:07:22 | 000,001,061 | ---- | C] () -- C:\Users\Storage\Application Data\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk >
Invalid Switch: 05 21:07:22 | 000,001,061 | ---- | C] () -- C:\Users\Storage\Application Data\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk

< [2014/02/05 21:07:22 | 000,001,037 | ---- | C] () -- C:\Users\Storage\Desktop\PhotoScape.lnk >
Invalid Switch: 05 21:07:22 | 000,001,037 | ---- | C] () -- C:\Users\Storage\Desktop\PhotoScape.lnk

< [2014/01/31 17:53:12 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RzFilter_01009.Wdf >
Invalid Switch: 31 17:53:12 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RzFilter_01009.Wdf

< [2014/01/24 21:04:49 | 000,001,159 | ---- | C] () -- C:\Users\Public\Desktop\Second Life Viewer.lnk >
Invalid Switch: 24 21:04:49 | 000,001,159 | ---- | C] () -- C:\Users\Public\Desktop\Second Life Viewer.lnk

< [2014/01/24 21:03:55 | 031,478,056 | ---- | C] () -- C:\Users\Storage\Desktop\Second_Life_3_6_13_284995_i686_Setup.exe >
Invalid Switch: 24 21:03:55 | 031,478,056 | ---- | C] () -- C:\Users\Storage\Desktop\Second_Life_3_6_13_284995_i686_Setup.exe

< [2014/01/23 16:56:44 | 000,000,222 | ---- | C] () -- C:\Users\Storage\Desktop\PlanetSide 2.url >
Invalid Switch: 23 16:56:44 | 000,000,222 | ---- | C] () -- C:\Users\Storage\Desktop\PlanetSide 2.url

< [2013/06/04 16:03:21 | 000,925,184 | ---- | C] () -- C:\Windows\expstart.exe >
Invalid Switch: 04 16:03:21 | 000,925,184 | ---- | C] () -- C:\Windows\expstart.exe

< [2013/06/02 18:21:59 | 000,000,258 | RHS- | C] () -- C:\Users\Storage\ntuser.pol >
Invalid Switch: 02 18:21:59 | 000,000,258 | RHS- | C] () -- C:\Users\Storage\ntuser.pol

< [2012/11/17 06:23:24 | 000,021,656 | ---- | C] () -- C:\Windows\SysWow64\drivers\iLokDrvr.sys >
Invalid Switch: 17 06:23:24 | 000,021,656 | ---- | C] () -- C:\Windows\SysWow64\drivers\iLokDrvr.sys

< [2012/11/16 22:21:08 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI >
Invalid Switch: 16 22:21:08 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI

< [2012/10/25 06:33:06 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat >
Invalid Switch: 25 06:33:06 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat

< [2012/10/25 06:30:20 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat >
Invalid Switch: 25 06:30:20 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat

< [2012/09/26 15:31:27 | 000,016,618 | ---- | C] () -- C:\Windows\hpomdl01.dat >
Invalid Switch: 26 15:31:27 | 000,016,618 | ---- | C] () -- C:\Windows\hpomdl01.dat

< [2012/09/14 22:43:29 | 000,290,184 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe >
Invalid Switch: 14 22:43:29 | 000,290,184 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe

< [2012/09/14 22:43:25 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe >
Invalid Switch: 14 22:43:25 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe

< [2012/08/08 23:40:32 | 000,065,576 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll >
Invalid Switch: 08 23:40:32 | 000,065,576 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll

< [2012/08/08 23:40:28 | 000,022,560 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll >
Invalid Switch: 08 23:40:28 | 000,022,560 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll

< [2012/07/22 22:21:04 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll >
Invalid Switch: 22 22:21:04 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll

< [2012/05/09 11:53:30 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin >
Invalid Switch: 09 11:53:30 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

< [2012/05/02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll >
Invalid Switch: 02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll

< >

< ========== ZeroAccess Check ========== >
Invalid Switch: color]

< >

< [2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini >
Invalid Switch: 13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

< >

< [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 >

< >

< [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] >

< >

< [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 >

< >

< [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] >

< >

< [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 >

< "" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 18:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation) >

< "ThreadingModel" = Apartment >

< >

< [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] >

< "" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 17:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) >

< "ThreadingModel" = Apartment >

< >

< [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 >

< "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) >

< "ThreadingModel" = Free >

< >

< [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] >

< "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) >

< "ThreadingModel" = Free >

< >

< [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 >

< "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) >

< "ThreadingModel" = Both >

< >

< [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] >

< >

< ========== LOP Check ========== >
Invalid Switch: color]

< >

< [2013/11/27 22:52:13 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\Ableton >
Invalid Switch: 27 22:52:13 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\Ableton

< [2013/08/20 15:16:05 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\Audacity >
Invalid Switch: 20 15:16:05 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\Audacity

< [2014/02/09 22:02:50 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\AVAST Software >
Invalid Switch: 09 22:02:50 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\AVAST Software

< [2013/06/25 15:20:38 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\BANDISOFT >
Invalid Switch: 25 15:20:38 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\BANDISOFT

< [2013/07/20 17:17:25 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\Cycling '74 >
Invalid Switch: 20 17:17:25 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\Cycling '74

< [2013/06/25 15:04:22 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\File Scout >
Invalid Switch: 25 15:04:22 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\File Scout

< [2013/08/09 15:41:15 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\FlvtoConverter >
Invalid Switch: 09 15:41:15 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\FlvtoConverter

< [2013/06/30 21:28:12 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\Free PDF Tablet >
Invalid Switch: 30 21:28:12 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\Free PDF Tablet

< [2013/06/10 21:35:33 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\LolClient >
Invalid Switch: 10 21:35:33 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\LolClient

< [2013/07/24 21:34:02 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\ooVoo Details >
Invalid Switch: 24 21:34:02 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\ooVoo Details

< [2013/07/30 13:25:28 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\Origin >
Invalid Switch: 30 13:25:28 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\Origin

< [2013/11/28 19:34:34 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\PACE Anti-Piracy >
Invalid Switch: 28 19:34:34 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\PACE Anti-Piracy

< [2014/02/05 21:10:24 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\PhotoScape >
Invalid Switch: 05 21:10:24 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\PhotoScape

< [2014/02/10 12:47:22 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\SecondLife >
Invalid Switch: 10 12:47:22 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\SecondLife

< [2014/02/12 22:46:06 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\SoftGrid Client >
Invalid Switch: 12 22:46:06 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\SoftGrid Client

< [2013/07/20 14:13:11 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\TotalRecorder >
Invalid Switch: 20 14:13:11 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\TotalRecorder

< [2014/02/16 22:40:00 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\uTorrent >
Invalid Switch: 16 22:40:00 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\uTorrent

< >

< ========== Purity Check ========== >
Invalid Switch: color]

< >

< >

< >

< < End of report > >

< End of report >
  • 0

#8
godawgs
Posted 17 February 2014 - 01:28 PM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts

When uninstalling norton, i got a message that said "This program has already been uninstalled. Would you like to remove it from your installed list?" and i said yes.

Fair enough, but Norton left a bunch of drivers and browser entries behind. That's not uncommon. It's one of the reasons I don't like Norton. It uses far too much system memory when it is installed and the uninstaller leaves a lot to be desired. We will remove them in this round.
Let me know how the computer is behaving after this round.

Stupidly I lost the OTL fixes log. I had it copy/pasted into here, but then when closing my browser to run the AdwCleaner I lost it. Should I run the OTL fix again?

Not a problem. We'll get it after the next fix.


Windows Sidebar Advice

Your log shows Windows sidebar running. I recommend that you disable the sidebar.

Microsoft has discovered a security vulnerability in Windows Sidebar and Gadgets. If you are not aware of this, Windows Sidebar(gadgets) has the potential to compromise the security of a machine it is running on as mentioned here. So it would be best to disable this feature.

Download the Disable Windows Sidebar and Gadgets Fix-it on this page to your desktop.

Once downloaded, double-click on MicrosoftFixit50906.msi >> follow the prompts >> reboot your machine if not advised to do so.



Step-1.

Posted Image OTL Fix

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

1. Please copy all of the text in the quote box below (Do Not copy the word Quote. To do this, highlight everything
inside the quote box (except the word Quote) , right click and click Copy.

:COMMANDS
[createrestorepoint]

:OTL
DRV:64bit: - [2012/07/17 22:09:38 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/07/05 18:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/07/05 18:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/06/06 20:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2012/05/21 17:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/04/17 18:13:32 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/04/17 17:42:14 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ironx64.sys -- (SymIRON)
DRV:64bit: - [2011/07/25 10:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symds64.sys -- (SymDS)
DRV - [2013/01/12 14:04:44 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130112.007\EX64.SYS -- (NAVEX15)
DRV - [2013/01/12 14:04:44 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013/01/12 14:04:44 | 000,126,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130112.007\ENG64.SYS -- (NAVENG)
DRV - [2012/10/23 15:34:23 | 001,384,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130107.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/09/06 03:54:30 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130113.001\IDSvia64.sys -- (IDSVia64)
DRV - [2012/08/08 21:37:40 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2012/07/17 21:07:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2014/02/10 19:45:08 | 000,000,000 | ---D | M]
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll File not found
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL File not found
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll File not found
O3 - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk = File not found
[2012/10/12 21:52:41 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\OpenCandy
[2013/06/02 20:20:29 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\SearchProtect

:FILES
C:\ProgramData\Norton
C:\Program Files (x86)\Common Files\Symantec Shared
C:\Program Files (x86)\Norton Internet Security

:COMMANDS
[emptytemp]


Warning: This fix is relevant for this system and no other. If you are not this user, DO NOT follow these directions as they could damage the workings of your system.

2. Please re-open Posted Image on your desktop. To do that:
  • Vista and 7 users: Right click the icon and click Run as Administrator
3. Place the mouse pointer inside the Posted Image textbox, right click and click Paste. This will put the above script inside the textbox.
4. Click the Posted Image button.
5. Let the program run unhindered.
6. OTL may ask to reboot the machine. Please do so if asked.
7. Click the Posted Image button.
8. A report will open. Copy and Paste that report in your next reply.
9. If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date of the tool run).


Step-2.

Change the Chrome HomePage

Open the Chrome browser.
  • Click on the Chrome menu icon, located in the upper right hand corner of your browser window. When the drop-down menu appears, select the choice labeled Settings. (See image below)

    Posted Image

    Chrome's Options should now be displayed in a new tab or window, depending on your settings. (See the image below)

    Posted Image
  • Click on Settings in the left menu pane, if it is not already selected.
  • Next, locate the Appearance section.
    • By default, the Home button is not visible on Chrome's main toolbar and the Show Home button option is disabled.
  • First, activate this option by clicking on the empty check box next to Show Home button.
  • When the Show Home button checkbox is selected, a web address appears below it.
  • Click the Change link. Look for a Conduit entry and change it to a new address, like http://www.google.com.
  • Finally, once you are satisfied with your new setting, click on the OK button.


Step-3.

Re-run AdwCleaner

Close all open windows and browsers.

  • Right click the AdwCleaner icon, click Run as administrator and accept the UAC prompt to run AdwCleaner.
  • Click the Scan button and wait for the scan to complete.
  • When the Scan has finished the Scan button will be grayed out and the Clean button will be activated.
  • Click the Clean button.
  • Everything checked will be deleted.
  • When the program has finished cleaning a report appears.
  • Once done it will ask to reboot, allow this

    Posted Image
  • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[S0].txt


Step-4

Scan with JRT:

Posted Image Please download Junkware Removal Tool to your desktop.

NOTE: Temporarily shut down your protection software now to avoid potential conflicts, how to do so can be read here.

  • Right click the JRT icon Posted Image and click Run as Administrator to run the application.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
NOTE: Reboot the machine and ensure that all security software is now enabled.


Step-5.

Posted Image OTL Custom Scan

1. Please copy the text in the Quote box below, (Do Not copy the word Quote), and paste it in the Posted Image box in OTL. To do that:
  • Highlight everything inside the quote box, (except the word Quote), right click the mouse and click Copy.

createrestorepoint
netsvcs
baseservices
/md5start
rpcss.dll
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
dir "%systemdrive%\*" /S /A:L /C
dir "C:\*" /c


2. Re-open Posted Imageon the desktop. To do that:
  • Vista / 7 Users: Right click on the icon and click Run as Administrator)
Make sure all other windows are closed.
  • You will see a console like the one below:

    Posted Image
  • Click the box beside Scan All Users at the top of the console
  • Click the box beside Include 64bit Scans at the top of the console.
  • Make sure the Output box at the top is set to Standard Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Place the mouse pointer inside thePosted Image box, right click and click Paste. This will put the above script inside OTL
  • Click the Posted Image button. Do not change any settings unless otherwise told to do so.
  • Let the scan run uninterrupted.
  • When the scan completes, it will open OTL.Txt. This file is also saved in the same location as OTL (it should be on your desktop).
  • Please copy the contents of this file and paste it into your reply. To do that:
  • On the OTL.txt file Menu Bar click Edit then click Select All. This will highlight the contents of the file. Then click Copy.
  • Right click inside the forum post window then click Paste. This will paste the contents of the OTL.txt file in the in the post window.

Step-6.

Things For Your Next Post:
Please post the logs in the order requested. Please don't attach the logs unless I request it.
1. Let me know how the computer is running now.
2. The OTL fixes log
3. The AdwCleaner[S0].txt log
4. The JRT.txt log
5. The new OTL.txt log
  • 0

#9
ego10fan
Posted 21 February 2014 - 08:04 AM

ego10fan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
posting to extend my 4 days. i'll try to do this tonight
  • 0

#10
godawgs
Posted 21 February 2014 - 10:34 AM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
:thumbsup:
  • 0

Advertisements

#11
ego10fan
Posted 24 February 2014 - 09:06 AM

ego10fan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
Here is the OTL fix:
All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Service SymEvent stopped successfully!
Service SymEvent deleted successfully!
C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS moved successfully.
Service SRTSPX stopped successfully!
Service SRTSPX deleted successfully!
C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtspx64.sys moved successfully.
Service SRTSP stopped successfully!
Service SRTSP deleted successfully!
C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtsp64.sys moved successfully.
Service ccSet_NIS stopped successfully!
Service ccSet_NIS deleted successfully!
C:\Windows\SysNative\drivers\NISx64\1309010.00E\ccsetx64.sys moved successfully.
Service SymEFA stopped successfully!
Service SymEFA deleted successfully!
C:\Windows\SysNative\drivers\NISx64\1309010.00E\symefa64.sys moved successfully.
Service SymNetS stopped successfully!
Service SymNetS deleted successfully!
C:\Windows\SysNative\drivers\NISx64\1309010.00E\symnets.sys moved successfully.
Service SymIRON stopped successfully!
Service SymIRON deleted successfully!
C:\Windows\SysNative\drivers\NISx64\1309010.00E\ironx64.sys moved successfully.
Service SymDS stopped successfully!
Service SymDS deleted successfully!
C:\Windows\SysNative\drivers\NISx64\1309010.00E\symds64.sys moved successfully.
Service NAVEX15 stopped successfully!
Service NAVEX15 deleted successfully!
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130112.007\EX64.SYS moved successfully.
Service eeCtrl stopped successfully!
Service eeCtrl deleted successfully!
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys moved successfully.
Service NAVENG stopped successfully!
Service NAVENG deleted successfully!
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130112.007\ENG64.SYS moved successfully.
Service BHDrvx64 stopped successfully!
Service BHDrvx64 deleted successfully!
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130107.001\BHDrvx64.sys moved successfully.
Service IDSVia64 stopped successfully!
Service IDSVia64 deleted successfully!
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130113.001\IDSvia64.sys moved successfully.
Service EraserUtilRebootDrv stopped successfully!
Service EraserUtilRebootDrv deleted successfully!
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys moved successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BBDA0591-3099-440a-AA10-41764D9DB4DB}\ not found.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\components folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\chrome\skin folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\chrome folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}\ not found.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\content folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\components folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\chrome\skin folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\chrome folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2055821690-4012621098-2342977204-1041\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\Sidebar deleted successfully.
File move failed. C:\Program Files (x86)\Windows Sidebar\sidebar.exe scheduled to be moved on reboot.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\Sidebar deleted successfully.
File move failed. C:\Program Files (x86)\Windows Sidebar\sidebar.exe scheduled to be moved on reboot.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\NCPluginUpdater deleted successfully.
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe moved successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk moved successfully.
C:\Users\Alex\AppData\Roaming\OpenCandy\OpenCandy_50C28A0C8DD6486298C102774F2663A8 folder moved successfully.
C:\Users\Alex\AppData\Roaming\OpenCandy\50C28A0C8DD6486298C102774F2663A8 folder moved successfully.
C:\Users\Alex\AppData\Roaming\OpenCandy folder moved successfully.
C:\Users\Alex\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository folder moved successfully.
C:\Users\Alex\AppData\Roaming\SearchProtect\ffprotect folder moved successfully.
C:\Users\Alex\AppData\Roaming\SearchProtect\Dialogs\spsd\images folder moved successfully.
C:\Users\Alex\AppData\Roaming\SearchProtect\Dialogs\spsd folder moved successfully.
C:\Users\Alex\AppData\Roaming\SearchProtect\Dialogs\spbd\images folder moved successfully.
C:\Users\Alex\AppData\Roaming\SearchProtect\Dialogs\spbd folder moved successfully.
C:\Users\Alex\AppData\Roaming\SearchProtect\Dialogs\lib folder moved successfully.
C:\Users\Alex\AppData\Roaming\SearchProtect\Dialogs folder moved successfully.
C:\Users\Alex\AppData\Roaming\SearchProtect\bin folder moved successfully.
C:\Users\Alex\AppData\Roaming\SearchProtect folder moved successfully.
========== FILES ==========
Folder move failed. C:\ProgramData\Norton scheduled to be moved on reboot.
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE folder moved successfully.
C:\Program Files (x86)\Common Files\Symantec Shared folder moved successfully.
Folder move failed. C:\Program Files (x86)\Norton Internet Security scheduled to be moved on reboot.
========== COMMANDS ==========

[EMPTYTEMP]

User: Alex
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Dad

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Mom

User: Natalie

User: Public

User: Storage
->Temp folder emptied: 166666 bytes
->Temporary Internet Files folder emptied: 128 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 421750542 bytes
->Flash cache emptied: 0 bytes

User: TEMP

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 37772 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 402.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02232014_204828

Files\Folders moved on Reboot...
File move failed. C:\Program Files (x86)\Windows Sidebar\sidebar.exe scheduled to be moved on reboot.
C:\ProgramData\Norton\{976C7F3A-DE2D-4d36-90A2-E3169FDD2206} folder moved successfully.
Folder move failed. C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\SrtETmp scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP\Quarantine scheduled to be moved on reboot.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\SRTSP folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\SymWidgets\ThreatMap folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\SymWidgets\SafeWeb folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\SymWidgets\onlinefamily folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\SymWidgets\NOBU folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\SymWidgets folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\symnetdrv folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\SymDS\Temp folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\SymDS folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\SRTSP folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\SPManifests folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\QuickStart folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\QBackup\{D4E19867-8A53-4F02-9120-B6E4C553CC1D} folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\QBackup\{CF3B604C-DCA8-4342-9AF6-97279736DB26} folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\QBackup\{CE8AA7EF-3E34-496D-B2B4-2E0AB914ABA0} folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\QBackup\{B9911D2F-EF92-4C19-B53C-0B94C701FB6B} folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\QBackup\{A604E550-4224-4D85-8E59-B666C34060BA} folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\QBackup\{620BE60F-B742-422F-8B40-F0EB6CAB1AA2} folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\QBackup\{5F7B37FD-79E1-46E1-A613-71813A1C1618} folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\QBackup\{48CF18C5-9CF7-4A23-A23B-B935B4537D5C} folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\QBackup\{3BE62F2D-1A42-4196-84A5-5E282E61CD64} folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\QBackup\{234BA57A-D371-497C-8472-54837327F912} folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\QBackup folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Product\Jobs folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Product folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\NUM folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\NPC folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\NCW folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\NCO folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\mapi folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\LuReg folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Lue\Logs folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Lue\Downloads\Partial folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Lue\Downloads folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Lue folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Logs folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IRON folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPUA folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPS folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IdentitySafeDataStore\S-1-5-21-2055821690-4012621098-2342977204-1041 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IdentitySafeDataStore\S-1-5-21-2055821690-4012621098-2342977204-1005 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IdentitySafeDataStore\S-1-5-21-2055821690-4012621098-2342977204-1004 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IdentitySafeDataStore\S-1-5-21-2055821690-4012621098-2342977204-1003 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IdentitySafeDataStore\S-1-5-21-2055821690-4012621098-2342977204-1000 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IdentitySafeDataStore folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Framework folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\ErrMgmt\Tasks folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\ErrMgmt\SCD folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\ErrMgmt\Queue\Staging folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\ErrMgmt\Queue\Incoming folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\ErrMgmt\Queue folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\ErrMgmt folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\DuLuCbkPkg folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\diStRptr folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\diMaster folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\WebProtectionDefs\newdefs-trigger folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\WebProtectionDefs\BinHub folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\WebProtectionDefs\20130113.012 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\WebProtectionDefs folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\TextHub folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\tagfiles folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\newdefs-trigger folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\BinHub folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130112.007 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120803.004 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\SRTSPSettingsDefs\newdefs-trigger folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\SRTSPSettingsDefs\BinHub folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\SRTSPSettingsDefs\20111006.018 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\SRTSPSettingsDefs folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\SbEngSCD\newdefs-trigger folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\SbEngSCD\BinHub folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\SbEngSCD\20120823.033 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\SbEngSCD folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IronWht\newdefs-trigger folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IronWht\BinHub folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IronWht\20130111.004 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IronWht folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IronRevo\newdefs-trigger folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IronRevo\BinHub folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IronRevo\20130112.005 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IronRevo folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IronCfg\newdefs-trigger folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IronCfg folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\newdefs-trigger folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\BinHub folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130113.001 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130111.002 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\EfaVTDefs\newdefs-trigger folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\EfaVTDefs\BinHub folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\EfaVTDefs\20121114.016 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\EfaVTDefs\20120731.038 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\EfaVTDefs folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\newdefs-trigger folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\BinHub folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130107.001 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\AntispamDefs\newdefs-trigger folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\AntispamDefs\BinHub folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\AntispamDefs\20130112.007 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\AntispamDefs folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CPDOEM folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Connections folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CmnClnt\_lck folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CmnClnt\ErrorInstances\E32D2AC1 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CmnClnt\ErrorInstances\E02E396E folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CmnClnt\ErrorInstances\DB331F7D folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CmnClnt\ErrorInstances\D5C5D84F folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CmnClnt\ErrorInstances\BE5EB49B folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CmnClnt\ErrorInstances\B9FA089E folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CmnClnt\ErrorInstances\9CD09E90 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CmnClnt\ErrorInstances\91B9BA66 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CmnClnt\ErrorInstances\833D70BF folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CmnClnt\ErrorInstances\462F6BEA folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CmnClnt\ErrorInstances\42F95FD9 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CmnClnt\ErrorInstances\2B935A6A folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CmnClnt\ErrorInstances\27A815C9 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CmnClnt\ErrorInstances\19E6E458 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CmnClnt\ErrorInstances folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CmnClnt\ccSubSDK folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CmnClnt\ccSetMgr folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CmnClnt\ccJobMgr folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CmnClnt\ccGLog folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CmnClnt\ccGEvt\Global folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CmnClnt\ccGEvt folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CmnClnt folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\39481\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\39481 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36321\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36321 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36319\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36319 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36209\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36209 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36207\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36207 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36205\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36205 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36203\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36203 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36201\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36201 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36199\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36199 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36197\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36197 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36195\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36195 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36193\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36193 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36191\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36191 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36189\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36189 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36187\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36187 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36185\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36185 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36183\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36183 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36181\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36181 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36179\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36179 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36177\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36177 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36175\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36175 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36173\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36173 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36171\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36171 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36169\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36169 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36167\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36167 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36165\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\36165 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\35067\3 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\35067 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\35065\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\35065 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26213\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26213 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26211\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26211 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26209\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26209 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26207\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26207 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26205\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26205 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26203\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26203 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26201\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26201 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26199\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26199 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26197\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26197 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26195\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26195 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26193\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26193 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26191\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26191 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26189\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26189 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26187\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26187 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26185\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26185 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26183\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26183 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26181\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26181 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26179\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26179 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26177\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26177 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26175\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26175 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26173\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26173 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26171\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26171 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26169\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\26169 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23147\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23147 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23145\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23145 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23143\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23143 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23141\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23141 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23139\1 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23139 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23137\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23137 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23135\1 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23135 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23133\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23133 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23131\1 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23131 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23129\1 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23129 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23127\1 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23127 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23125\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23125 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23123\1 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23123 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23121\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23121 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23119\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23119 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23117\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23117 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23115\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23115 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23113\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23113 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23111\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23111 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23109\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23109 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23107\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23107 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23105\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23105 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23103\1 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23103 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23101\1 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23101 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23099\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23099 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23097\0 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\23097 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\21853\3 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages\21853 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production\messages folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20\production folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com\pif20 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content\fe0001.symantec.com folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2\Content folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT\PIF2 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\CLT folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\BASH folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\AntiSpam folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28 folder moved successfully.
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7} folder moved successfully.
C:\ProgramData\Norton\{086A63F0-6B13-4F29-9695-134E7A01E963} folder moved successfully.
C:\ProgramData\Norton\LocalDumps folder moved successfully.
C:\ProgramData\Norton\00000082\0000011a\00000582 folder moved successfully.
C:\ProgramData\Norton\00000082\0000011a folder moved successfully.
C:\ProgramData\Norton\00000082 folder moved successfully.
C:\ProgramData\Norton folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\zh-TW folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\zh-CN folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\tr-TR folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\sv-SE folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\sk-SK folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\ru-RU folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\ro-RO folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\pt-PT folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\pt-BR folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\pl-PL folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\nl-NL folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\nb-NO folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\ko-KR folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\ja-JP folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\it-IT folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\images\red folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\images\orange folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\images\icons\tmap folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\images\icons\sweb folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\images\icons\nvip folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\images\icons\none folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\images\icons\nolf folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\images\icons\nobu folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\images\icons\mobi folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\images\icons folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\images\green folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\images folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\hu-HU folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\he-IL folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\fr-FR folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\fi-FI folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\es-ES folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\en-US folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\el-GR folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\de-DE folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\da-DK folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\cs-CZ folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget\ar-SA folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets\Norton.Gadget folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\Gadgets folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\images folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\1f\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\1f folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\1d\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\1d folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\1b\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\1b folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\19\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\19 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\18\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\18 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\16\02 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\16\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\16 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\15\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\15 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\14\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\14 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\13\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\13 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\12\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\12 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\11\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\11 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\10\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\10 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\0e\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\0e folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\0d\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\0d folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\0c\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\0c folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\0b\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\0b folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\0a\03 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\0a folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\09\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\09 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\08\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\08 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\07\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\07 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\06\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\06 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\05\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\05 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\04\02 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\04\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\04 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\01\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI\19.9.1.14 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\MUI folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Engine64\19.9.1.14\symim folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Engine64\19.9.1.14\spmanifests folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Engine64\19.9.1.14\microsoft.vc90.crt folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Engine64\19.9.1.14 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Engine64 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\spmanifests folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\microsoft.vc90.crt folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\jobs folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ips folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\images\misc folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\images folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\exts folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\cmnclnt\ccsubsdk folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\cmnclnt folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccglog folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccgevt\global folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccgevt folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Engine folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\zh-TW folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\zh-CN folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\tr-TR folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\sv-SE folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\sk-SK folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\ru-RU folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\ro-RO folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\pt-PT folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\pt-BR folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\pl-PL folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\nl-NL folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\nb-NO folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\ko-KR folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\ja-JP folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\it-IT folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\hu-HU folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\he-IL folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\fr-FR folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\fi-FI folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\es-ES folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\en-US folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\el-GR folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\de-DE folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\da-DK folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\cs-CZ folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\ar-SA folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\1F\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\1F folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\1D\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\1D folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\1B\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\1B folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\19\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\19 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\18\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\18 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\16\02 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\16\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\16 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\15\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\15 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\14\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\14 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\13\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\13 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\12\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\12 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\11\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\11 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\10\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\10 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\0E\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\0E folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\0D\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\0D folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\0C\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\0C folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\0B\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\0B folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\0A\03 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\0A folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\09\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\09 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\08\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\08 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\07\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\07 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\06\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\06 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\05\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\05 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\04\02 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\04\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\04 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\01\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28\01 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding\19.1.0.28 folder moved successfully.
C:\Program Files (x86)\Norton Internet Security\Branding folder moved successfully.
C:\Program Files (x86)\Norton Internet Security folder moved successfully.
C:\Users\Storage\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Storage\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...





Here is my ADWcleaner!!:
# AdwCleaner v3.019 - Report created 23/02/2014 at 21:31:05
# Updated 17/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Storage - ALEX-HP
# Running from : C:\Users\Storage\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\AI_RecycleBin
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\otshot
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\OApps
Folder Deleted : C:\Program Files (x86)\SaveValet
Folder Deleted : C:\Windows\SysWOW64\AI_RecycleBin
Folder Deleted : C:\Users\Alex\AppData\Local\apn
Folder Deleted : C:\Users\Alex\AppData\Local\Bundled software uninstaller
Folder Deleted : C:\Users\Alex\AppData\Local\Conduit
Folder Deleted : C:\Users\Alex\AppData\Local\filetypeassistant
Folder Deleted : C:\Users\Alex\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Alex\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Alex\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Alex\AppData\LocalLow\Delta
Folder Deleted : C:\Users\Alex\AppData\LocalLow\Funmoods
Folder Deleted : C:\Users\Alex\AppData\LocalLow\internethelper3.1
Folder Deleted : C:\Users\Alex\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Alex\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Alex\Documents\ShopToWin
Folder Deleted : C:\Users\Storage\AppData\Local\Conduit
Folder Deleted : C:\Users\Storage\AppData\Local\filetypeassistant
Folder Deleted : C:\Users\Storage\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Storage\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Storage\AppData\Roaming\file scout
Folder Deleted : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcfbpbkoonbnoffgakelcebnjajoikkp
[!] Folder Deleted : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcfbpbkoonbnoffgakelcebnjajoikkp
File Deleted : C:\END
File Deleted : C:\Users\Alex\AppData\Local\funmoods.crx
File Deleted : C:\Users\Alex\AppData\Local\funmoods-speeddial.crx
File Deleted : C:\Users\Storage\AppData\Roaming\speedanalysis.ico
File Deleted : C:\Users\Storage\Desktop\SpeedAnalysis.lnk
File Deleted : C:\Program Files (x86)\Mozilla Firefox\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKCU\Software\Google\Chrome\Extensions\kcfbpbkoonbnoffgakelcebnjajoikkp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kcfbpbkoonbnoffgakelcebnjajoikkp
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Key Deleted : HKLM\SOFTWARE\Classes\f
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\PricePeepInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\PricePeepInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\f4d68dbd3bb840
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3241284
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3279141
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289663
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3304782
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{186E19A3-B909-4F48-B687-BB81EB8BC7CE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{625F420E-A4A9-4B40-BC23-716C1C43893A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\RightSurf
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\RightSurf
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Google Chrome v33.0.1750.117

[ File : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url
Deleted : search_url
Deleted : suggest_url

[ File : C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage

*************************

AdwCleaner[R0].txt - [18905 octets] - [16/02/2014 23:28:34]
AdwCleaner[R1].txt - [19320 octets] - [23/02/2014 21:24:37]
AdwCleaner[S0].txt - [18774 octets] - [23/02/2014 21:31:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [18835 octets] ##########





The JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Storage on Sun 02/23/2014 at 21:39:14.82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\strongvaultapp_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\strongvaultapp_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501158}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby-20120921_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby-20120921_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501158}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby-20120921_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby-20120921_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A602E022-0C78-4742-AAF5-ED63250FBE3B}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\pc1data"
Successfully deleted: [Folder] "C:\Users\Storage\appdata\local\cre"
Successfully deleted: [Folder] "C:\Program Files (x86)\buzzsocialpoints"
Successfully deleted: [Folder] "C:\Program Files (x86)\pc cleaners"
Successfully deleted: [Folder] "C:\Windows\buzzsocialpointschecker"
Successfully deleted: [Empty Folder] C:\Users\Storage\appdata\local\{0D9D7990-2B48-441C-ACAA-4B82B3E65082}
Successfully deleted: [Empty Folder] C:\Users\Storage\appdata\local\{53015FE1-A63E-4548-B80F-52D538191B55}
Successfully deleted: [Empty Folder] C:\Users\Storage\appdata\local\{562F4F40-AC24-4963-823D-37B2FD494139}
Successfully deleted: [Empty Folder] C:\Users\Storage\appdata\local\{5F46075A-BC68-4B9E-B75B-E125C5B2EBAB}
Successfully deleted: [Empty Folder] C:\Users\Storage\appdata\local\{C954759D-B129-4D57-B915-4E592DC9A6F1}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 02/23/2014 at 21:46:40.07
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






and here is the 2nd OTL log:
OTL logfile created on: 2/24/2014 6:36:30 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Storage\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.48 Gb Total Physical Memory | 5.67 Gb Available Physical Memory | 75.88% Memory free
14.95 Gb Paging File | 12.85 Gb Available in Paging File | 85.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 914.81 Gb Total Space | 524.50 Gb Free Space | 57.33% Space Free | Partition Type: NTFS
Drive D: | 16.61 Gb Total Space | 2.07 Gb Free Space | 12.49% Space Free | Partition Type: NTFS

Computer Name: ALEX-HP | User Name: Storage | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/02/19 17:03:06 | 000,859,464 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/02/14 15:52:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Storage\Downloads\OTL.exe
PRC - [2014/02/09 21:57:54 | 003,767,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/02/09 21:57:54 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2013/06/17 21:24:09 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/01/18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/08/12 08:54:32 | 001,128,952 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2008/11/20 09:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2003/04/05 23:37:10 | 000,323,646 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe


========== Modules (No Company Name) ==========

MOD - [2014/02/19 17:03:05 | 000,394,568 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppgooglenaclpluginchrome.dll
MOD - [2014/02/19 17:03:04 | 013,632,840 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll
MOD - [2014/02/19 17:03:03 | 004,060,488 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll
MOD - [2014/02/19 17:02:59 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libglesv2.dll
MOD - [2014/02/19 17:02:58 | 000,100,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libegl.dll
MOD - [2014/02/19 17:02:56 | 001,647,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll
MOD - [2014/02/19 17:02:54 | 000,051,016 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
MOD - [2014/02/09 21:57:55 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/02/09 21:57:54 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/02/06 02:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/26 21:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/12/19 15:32:12 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011/10/24 05:16:42 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/10/11 01:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2014/01/28 16:55:21 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/03 18:51:18 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013/06/17 21:24:09 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/01/18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/08/16 13:03:16 | 000,016,384 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe -- (CalendarSynchService)
SRV - [2011/08/12 08:54:32 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2010/10/12 09:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/02/09 21:57:57 | 001,038,072 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014/02/09 21:57:57 | 000,421,704 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014/02/09 21:57:57 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/02/09 21:57:57 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/02/09 21:57:57 | 000,080,184 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014/02/09 21:57:57 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/02/09 21:57:57 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/01/22 06:52:21 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/12/10 16:14:26 | 000,074,432 | ---- | M] (Razer, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\RzFilter.sys -- (RzFilter)
DRV:64bit: - [2013/07/14 13:50:11 | 000,111,696 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NIWinCDEmu.sys -- (NIWinCDEmu)
DRV:64bit: - [2013/06/26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2013/05/09 00:59:06 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013/03/31 18:32:04 | 000,082,600 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2013/03/31 18:32:04 | 000,042,664 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2013/02/22 21:44:51 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/12/06 09:42:12 | 002,350,176 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2012/11/17 06:22:26 | 000,105,624 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Tpkd.sys -- (Tpkd)
DRV:64bit: - [2012/10/16 20:04:10 | 000,123,664 | ---- | M] (High Criteria inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TotRec8.sys -- (TotRec8)
DRV:64bit: - [2012/08/23 06:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 06:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 06:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/05/09 11:50:24 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/05/09 11:50:24 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/04/09 09:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2)
DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/18 05:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/01/18 05:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/11/03 03:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011/10/24 05:56:54 | 010,203,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/10/24 04:40:08 | 000,310,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/09/14 02:35:45 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/08/03 19:38:37 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/20 19:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 19:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/11 00:11:52 | 000,141,384 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdserd.sys -- (sscdserd)
DRV:64bit: - [2010/11/11 00:11:50 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010/11/11 00:11:50 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)
DRV:64bit: - [2010/11/11 00:11:50 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2010/02/18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/08/21 00:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 16:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009/06/10 12:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/09/26 23:09:08 | 000,077,004 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysWow64\drivers\AFS.SYS -- (AFS)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{7486BD2A-0307-6164-8127-53BFF248EBE9}: "URL" = http://www.bing.com/...rc=IE-SearchBox


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\..\SearchScopes\{DC8537D2-46C8-4740-B4AE-9153E680C99E}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\..\SearchScopes\{EFBF8077-8D2C-4031-8774-BE5EE79B6562}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_80.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_80.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.3.2: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()


[2014/02/16 22:45:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Storage\AppData\Roaming\Mozilla\Extensions
[2013/05/09 22:17:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://search.condui...5821396318&UM=2
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live ™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_95.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - Extension: Google Drive = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\
CHR - Extension: Rainbow Dash Theme = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecjondhpjdpclmajhniogilladpgpjgi\1_0\
CHR - Extension: Custom Googleâ„¢ Background = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\jepibmfmhopgkplegmkjgifmhabbjadg\6.2.2_0\
CHR - Extension: Ponify = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaelfbndbnpddlehfmbhjnphpjljegae\0.96.4_0\
CHR - Extension: Google Wallet = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Google Wallet = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: HoofSounds = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\pakhjhphleppgakhlffhlfhbekfnobbk\1.121_0\
CHR - Extension: HoofSounds = C:\Users\Storage\AppData\Local\Google\Chrome\User Data\Default\Extensions\pakhjhphleppgakhlffhlfhbekfnobbk\1.212_0\

O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - Startup: C:\Users\Storage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google.com.url ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://hp.digitalriv..._US&keywords=%w
O7 - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Find Software on HP Download Store (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C882AA94-6E83-4763-A643-0CBF69D7C1B0}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-2055821690-4012621098-2342977204-1041 Winlogon: Shell - (expstart.exe) - C:\Windows\expstart.exe ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


========== Files/Folders - Created Within 30 Days ==========

[2014/02/23 21:38:28 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/02/23 21:37:56 | 001,037,734 | ---- | C] (Thisisu) -- C:\Users\Storage\Desktop\JRT.exe
[2014/02/16 23:27:30 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/02/16 22:56:26 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Local\VirtualStore
[2014/02/16 22:45:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/02/15 23:00:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2014/02/13 15:59:38 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/02/12 22:50:28 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/02/12 22:49:48 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/02/12 22:49:48 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/02/12 22:49:47 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/02/12 22:49:47 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/02/12 22:49:46 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/02/12 22:49:46 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/02/12 22:49:46 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/02/12 22:49:45 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/02/12 22:49:45 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/02/12 22:49:44 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/02/12 22:49:44 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/02/12 22:49:44 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/02/12 22:49:44 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/02/12 22:49:44 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/02/12 22:49:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/02/12 22:49:44 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/02/12 22:49:43 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/02/12 22:49:43 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/02/12 22:49:43 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/02/12 22:49:43 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/02/12 22:49:41 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/02/12 22:49:41 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/02/12 22:49:38 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/02/12 22:14:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/02/12 22:14:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/02/12 22:13:50 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014/02/12 22:13:50 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014/02/12 22:13:50 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014/02/12 22:13:50 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014/02/12 22:13:49 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014/02/12 22:13:49 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014/02/12 22:13:49 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014/02/12 22:13:49 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014/02/12 22:13:49 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014/02/12 22:13:49 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014/02/12 22:13:49 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014/02/12 22:13:49 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014/02/12 22:13:49 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014/02/12 22:13:48 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014/02/12 22:13:48 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014/02/12 22:13:48 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014/02/12 22:13:48 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014/02/12 22:13:18 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/02/12 22:13:18 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/02/11 19:49:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FYZip
[2014/02/11 19:49:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FYZip
[2014/02/10 12:43:12 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Roaming\SecondLife
[2014/02/10 12:43:10 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Local\SecondLife
[2014/02/09 22:02:50 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Roaming\AVAST Software
[2014/02/09 21:58:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/02/09 21:58:23 | 000,080,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/02/09 21:16:05 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2014/02/09 21:16:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2014/02/09 21:16:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2014/02/09 21:15:59 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2014/02/09 21:15:59 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2014/02/09 21:15:59 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2014/02/09 21:15:52 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2014/02/09 21:15:52 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2014/02/09 21:15:52 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2014/02/09 21:15:52 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014/02/09 21:15:52 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2014/02/09 21:15:52 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2014/02/09 21:15:52 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2014/02/09 21:15:52 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2014/02/09 21:15:51 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2014/02/09 21:15:51 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2014/02/09 21:15:51 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2014/02/09 21:15:51 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2014/02/09 21:15:51 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2014/02/09 21:15:51 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2014/02/09 21:15:50 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014/02/09 21:15:50 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2014/02/09 21:15:50 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2014/02/09 21:15:49 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/02/09 21:15:49 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/02/09 21:15:15 | 000,000,000 | ---D | C] -- C:\history
[2014/02/09 21:10:44 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2014/02/09 21:10:44 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014/02/05 21:07:30 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Roaming\PhotoScape
[2014/02/05 21:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
[2014/02/05 21:07:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoScape
[2014/02/01 19:50:52 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Local\Razer
[2014/01/31 17:53:10 | 000,074,432 | ---- | C] (Razer, Inc.) -- C:\Windows\SysNative\drivers\RzFilter.sys
[2014/01/31 17:52:36 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2014/01/31 17:52:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Razer
[2014/01/31 17:52:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer
[2014/01/29 20:33:43 | 000,000,000 | ---D | C] -- C:\Crash
[2014/01/29 16:43:04 | 000,000,000 | ---D | C] -- C:\Users\Storage\AppData\Local\SCE
[2014/01/29 16:42:54 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/02/24 06:33:51 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/24 06:33:51 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/24 06:30:46 | 000,724,216 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/02/24 06:30:46 | 000,622,766 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/02/24 06:30:46 | 000,105,746 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/02/24 06:26:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/24 06:26:17 | 1726,414,847 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/23 21:38:03 | 001,037,734 | ---- | M] (Thisisu) -- C:\Users\Storage\Desktop\JRT.exe
[2014/02/23 21:22:05 | 001,241,834 | ---- | M] () -- C:\Users\Storage\Desktop\AdwCleaner.exe
[2014/02/17 21:56:44 | 000,984,576 | ---- | M] () -- C:\Users\Storage\Desktop\MicrosoftFixit50906.msi
[2014/02/16 23:23:36 | 000,000,512 | ---- | M] () -- C:\Users\Storage\Desktop\MBR.dat
[2014/02/16 22:45:07 | 000,371,116 | ---- | M] () -- C:\Users\Storage\AppData\Roaming\msconfig.ini
[2014/02/16 22:36:03 | 000,000,054 | ---- | M] () -- C:\Users\Storage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google.com.url
[2014/02/15 19:54:17 | 000,001,018 | ---- | M] () -- C:\Users\Storage\Application Data\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk
[2014/02/15 19:54:17 | 000,000,994 | ---- | M] () -- C:\Users\Storage\Desktop\Bandicam.lnk
[2014/02/12 22:51:55 | 000,775,482 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/02/11 19:59:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1005UA.job
[2014/02/11 19:58:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1003UA.job
[2014/02/11 19:57:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/11 19:55:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/11 09:59:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1005Core.job
[2014/02/11 08:57:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/11 06:58:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2055821690-4012621098-2342977204-1003Core.job
[2014/02/10 00:20:27 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/02/09 21:57:57 | 001,038,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/02/09 21:57:57 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/02/09 21:57:57 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/02/09 21:57:57 | 000,207,904 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/02/09 21:57:57 | 000,092,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/02/09 21:57:57 | 000,080,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/02/09 21:57:57 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/02/09 21:57:57 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/02/09 21:57:56 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/02/09 21:52:29 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2014/02/08 16:39:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForStorage.job
[2014/02/06 03:30:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/02/06 03:07:39 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/02/06 03:06:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/02/06 02:56:03 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/02/06 02:52:11 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/02/06 02:49:03 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/02/06 02:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/02/06 02:48:11 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/02/06 02:32:49 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/02/06 02:17:15 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/02/06 02:11:37 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/02/06 02:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/02/06 02:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/02/06 01:57:13 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/02/06 01:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/02/06 01:50:32 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/02/06 01:49:22 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/02/06 01:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/02/06 01:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/02/06 01:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/02/06 01:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/02/06 00:40:06 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/02/06 00:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/02/05 21:07:22 | 000,001,061 | ---- | M] () -- C:\Users\Storage\Application Data\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk
[2014/02/05 21:07:22 | 000,001,037 | ---- | M] () -- C:\Users\Storage\Desktop\PhotoScape.lnk
[2014/02/01 19:26:38 | 004,894,744 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/31 17:53:12 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RzFilter_01009.Wdf
[2014/01/31 17:52:30 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2014/01/28 16:55:21 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/01/28 16:55:21 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/02/23 21:21:21 | 001,241,834 | ---- | C] () -- C:\Users\Storage\Desktop\AdwCleaner.exe
[2014/02/17 21:56:43 | 000,984,576 | ---- | C] () -- C:\Users\Storage\Desktop\MicrosoftFixit50906.msi
[2014/02/16 23:23:36 | 000,000,512 | ---- | C] () -- C:\Users\Storage\Desktop\MBR.dat
[2014/02/13 05:48:59 | 000,000,054 | ---- | C] () -- C:\Users\Storage\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google.com.url
[2014/02/11 19:55:12 | 000,371,116 | ---- | C] () -- C:\Users\Storage\AppData\Roaming\msconfig.ini
[2014/02/09 21:58:37 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/02/05 21:07:22 | 000,001,061 | ---- | C] () -- C:\Users\Storage\Application Data\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk
[2014/02/05 21:07:22 | 000,001,037 | ---- | C] () -- C:\Users\Storage\Desktop\PhotoScape.lnk
[2014/01/31 17:53:12 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RzFilter_01009.Wdf
[2013/06/04 16:03:21 | 000,925,184 | ---- | C] () -- C:\Windows\expstart.exe
[2013/06/02 18:21:59 | 000,000,258 | RHS- | C] () -- C:\Users\Storage\ntuser.pol
[2012/11/17 06:23:24 | 000,021,656 | ---- | C] () -- C:\Windows\SysWow64\drivers\iLokDrvr.sys
[2012/11/16 22:21:08 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2012/10/25 06:33:06 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/10/25 06:30:20 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/09/26 15:31:27 | 000,016,618 | ---- | C] () -- C:\Windows\hpomdl01.dat
[2012/09/14 22:43:29 | 000,290,184 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/09/14 22:43:25 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/08/08 23:40:32 | 000,065,576 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2012/08/08 23:40:28 | 000,022,560 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2012/07/22 22:21:04 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll
[2012/05/09 11:53:30 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/05/02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll

========== ZeroAccess Check ==========

[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 18:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 17:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/11/04 11:04:24 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\.minecraft
[2012/07/23 19:56:38 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Atari
[2012/08/31 20:32:19 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\BANDISOFT
[2012/11/17 09:24:30 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/11/16 18:13:55 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/02/22 21:44:21 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DAEMON Tools Lite
[2013/02/09 18:28:13 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\FlvtoConverter
[2013/06/20 13:17:23 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Free PDF Tablet
[2012/07/22 22:21:07 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Leadertech
[2012/07/19 10:28:28 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\LolClient
[2012/09/14 21:58:55 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\ooVoo Details
[2013/06/21 10:34:19 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Origin
[2012/11/16 22:21:08 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PACE Anti-Piracy
[2012/08/05 18:10:55 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PC Cleaners
[2012/08/05 18:10:59 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PCPro
[2012/11/17 09:22:22 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PDAppFlex
[2013/08/12 23:39:52 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\SoftGrid Client
[2013/03/12 17:32:39 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\uTorrent
[2012/07/18 20:42:34 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\WinBatch
[2013/11/27 22:52:13 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\Ableton
[2013/08/20 15:16:05 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\Audacity
[2014/02/09 22:02:50 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\AVAST Software
[2013/06/25 15:20:38 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\BANDISOFT
[2013/07/20 17:17:25 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\Cycling '74
[2013/08/09 15:41:15 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\FlvtoConverter
[2013/06/30 21:28:12 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\Free PDF Tablet
[2013/06/10 21:35:33 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\LolClient
[2013/07/24 21:34:02 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\ooVoo Details
[2013/07/30 13:25:28 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\Origin
[2013/11/28 19:34:34 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\PACE Anti-Piracy
[2014/02/05 21:10:24 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\PhotoScape
[2014/02/10 12:47:22 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\SecondLife
[2014/02/12 22:46:06 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\SoftGrid Client
[2013/07/20 14:13:11 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\TotalRecorder
[2014/02/16 22:40:00 | 000,000,000 | ---D | M] -- C:\Users\Storage\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Custom Scans ==========

========== Base Services ==========
SRV:64bit: - [2009/07/13 17:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2013/02/26 21:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/13 17:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010/11/20 19:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/20 19:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2013/09/24 17:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 17:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 17:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/04 14:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013/07/08 21:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013/07/08 20:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/20 19:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/20 19:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 19:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2012/05/09 11:43:30 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/13 17:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 17:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 17:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/13 17:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010/11/20 19:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/07/13 17:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 17:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 17:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 17:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 17:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012/10/03 09:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/13 17:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2012/05/09 11:45:47 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/02/10 22:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2013/09/24 17:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/13 17:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/20 19:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/20 19:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/20 19:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2013/09/24 17:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/07/13 17:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/11/20 19:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/20 19:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 19:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/20 19:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/20 19:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 19:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/13 17:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/04/30 21:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/20 19:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/20 19:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/20 19:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/20 19:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2013/05/26 21:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/11/20 19:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/20 19:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/20 19:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/20 19:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/20 19:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/13 17:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/02 14:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/20 19:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/13 17:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/20 19:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< MD5 for: EXPLORER.EXE >
[2012/05/09 11:44:02 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2012/05/09 11:44:02 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2012/05/09 11:44:02 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\W7SOC\explorer.exe
[2012/05/09 11:44:02 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2012/05/09 11:44:02 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 19:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2012/05/09 11:44:02 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2012/05/09 11:44:02 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 19:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: RPCSS.DLL >
[2010/11/20 19:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\SysNative\rpcss.dll
[2010/11/20 19:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll

< MD5 for: SVCHOST.EXE >
[2009/07/13 17:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 17:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 17:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 17:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 19:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 19:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 19:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 19:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 19:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 19:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C is OS
Volume Serial Number is D28D-97D1
Directory of C:\
07/13/2009 09:08 PM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
07/13/2009 09:08 PM <JUNCTION> Application Data [C:\ProgramData]
07/13/2009 09:08 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/13/2009 09:08 PM <JUNCTION> Documents [C:\Users\Public\Documents]
07/13/2009 09:08 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/13/2009 09:08 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/13/2009 09:08 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
07/13/2009 09:08 PM <SYMLINKD> All Users [C:\ProgramData]
07/13/2009 09:08 PM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\Alex
07/17/2012 01:46 PM <JUNCTION> Application Data [C:\Users\Alex\AppData\Roaming]
07/17/2012 01:46 PM <JUNCTION> Cookies [C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Cookies]
07/17/2012 01:46 PM <JUNCTION> Local Settings [C:\Users\Alex\AppData\Local]
07/17/2012 01:46 PM <JUNCTION> My Documents [C:\Users\Alex\Documents]
07/17/2012 01:46 PM <JUNCTION> NetHood [C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/17/2012 01:46 PM <JUNCTION> PrintHood [C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/17/2012 01:46 PM <JUNCTION> Recent [C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Recent]
07/17/2012 01:46 PM <JUNCTION> SendTo [C:\Users\Alex\AppData\Roaming\Microsoft\Windows\SendTo]
07/17/2012 01:46 PM <JUNCTION> Start Menu [C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu]
07/17/2012 01:46 PM <JUNCTION> Templates [C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Alex\AppData\Local
07/17/2012 01:46 PM <JUNCTION> Application Data [C:\Users\Alex\AppData\Local]
07/17/2012 01:46 PM <JUNCTION> History [C:\Users\Alex\AppData\Local\Microsoft\Windows\History]
07/17/2012 01:46 PM <JUNCTION> Temporary Internet Files [C:\Users\Alex\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Alex\Documents
07/17/2012 01:46 PM <JUNCTION> My Music [C:\Users\Alex\Music]
07/17/2012 01:46 PM <JUNCTION> My Pictures [C:\Users\Alex\Pictures]
07/17/2012 01:46 PM <JUNCTION> My Videos [C:\Users\Alex\Videos]
0 File(s) 0 bytes
Directory of C:\Users\All Users
07/13/2009 09:08 PM <JUNCTION> Application Data [C:\ProgramData]
07/13/2009 09:08 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/13/2009 09:08 PM <JUNCTION> Documents [C:\Users\Public\Documents]
07/13/2009 09:08 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/13/2009 09:08 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/13/2009 09:08 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
07/13/2009 09:08 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
07/13/2009 09:08 PM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
07/13/2009 09:08 PM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
07/13/2009 09:08 PM <JUNCTION> My Documents [C:\Users\Default\Documents]
07/13/2009 09:08 PM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/13/2009 09:08 PM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/13/2009 09:08 PM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/13/2009 09:08 PM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/13/2009 09:08 PM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/13/2009 09:08 PM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
07/13/2009 09:08 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
07/13/2009 09:08 PM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/13/2009 09:08 PM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
07/13/2009 09:08 PM <JUNCTION> My Music [C:\Users\Default\Music]
07/13/2009 09:08 PM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
07/13/2009 09:08 PM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
07/13/2009 09:08 PM <JUNCTION> My Music [C:\Users\Public\Music]
07/13/2009 09:08 PM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
07/13/2009 09:08 PM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Storage
06/02/2013 06:21 PM <JUNCTION> Application Data [C:\Users\Storage\AppData\Roaming]
06/02/2013 06:21 PM <JUNCTION> Cookies [C:\Users\Storage\AppData\Roaming\Microsoft\Windows\Cookies]
06/02/2013 06:21 PM <JUNCTION> Local Settings [C:\Users\Storage\AppData\Local]
06/02/2013 06:21 PM <JUNCTION> My Documents [C:\Users\Storage\Documents]
06/02/2013 06:21 PM <JUNCTION> NetHood [C:\Users\Storage\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
06/02/2013 06:21 PM <JUNCTION> PrintHood [C:\Users\Storage\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
06/02/2013 06:21 PM <JUNCTION> Recent [C:\Users\Storage\AppData\Roaming\Microsoft\Windows\Recent]
06/02/2013 06:21 PM <JUNCTION> SendTo [C:\Users\Storage\AppData\Roaming\Microsoft\Windows\SendTo]
06/02/2013 06:21 PM <JUNCTION> Start Menu [C:\Users\Storage\AppData\Roaming\Microsoft\Windows\Start Menu]
06/02/2013 06:21 PM <JUNCTION> Templates [C:\Users\Storage\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Storage\AppData\Local
06/02/2013 06:21 PM <JUNCTION> Application Data [C:\Users\Storage\AppData\Local]
06/02/2013 06:21 PM <JUNCTION> History [C:\Users\Storage\AppData\Local\Microsoft\Windows\History]
06/02/2013 06:21 PM <JUNCTION> Temporary Internet Files [C:\Users\Storage\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Storage\Documents
06/02/2013 06:21 PM <JUNCTION> My Music [C:\Users\Storage\Music]
06/02/2013 06:21 PM <JUNCTION> My Pictures [C:\Users\Storage\Pictures]
06/02/2013 06:21 PM <JUNCTION> My Videos [C:\Users\Storage\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
66 Dir(s) 562,857,185,280 bytes free

< dir "C:\*" /c >
Volume in drive C is OS
Volume Serial Number is D28D-97D1
Directory of C:\
02/23/2014 09:31 PM <DIR> AdwCleaner
11/06/2012 05:48 PM <DIR> AMD
02/26/2013 08:57 PM <DIR> components
01/29/2014 08:33 PM <DIR> Crash
10/12/2012 06:48 PM 0 extensions.sqlite
02/11/2013 08:15 PM <DIR> Firefox
08/31/2012 07:43 PM <DIR> Fraps
02/09/2014 09:15 PM <DIR> history
07/19/2012 09:49 AM <DIR> League of legends
08/30/2012 01:15 AM 421,200 msvcp100.dll
08/16/2012 10:38 PM 773,968 msvcr100.dll
09/03/2013 06:37 PM <DIR> Nexon
07/13/2009 07:20 PM <DIR> PerfLogs
01/01/2014 05:16 PM <DIR> Program Files
02/23/2014 09:41 PM <DIR> Program Files (x86)
07/19/2012 09:50 AM <DIR> Riot Games
12/22/2013 08:59 PM 90,488 send to warren.jpg
11/16/2012 06:06 PM <DIR> Sierra
11/22/2012 12:13 PM <DIR> SWSETUP
10/27/2013 12:17 PM <DIR> Users
02/23/2014 09:41 PM <DIR> Windows
02/16/2014 10:45 PM <DIR> _OTL
4 File(s) 1,285,656 bytes
18 Dir(s) 562,857,189,376 bytes free

< End of report >
  • 0

#12
ego10fan
Posted 24 February 2014 - 09:07 AM

ego10fan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
as for how my computer is running, i'll let you know after school today
  • 0

#13
godawgs
Posted 24 February 2014 - 10:58 AM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
The logs look better. But we still have some work to do.

Is search.conduit still your Chrome home page? Did you reset it?


Step-1.

Uninstall a Program

1. Please click the Start Orb Posted Image, click Control Panel. Under the Programs or Programs and Features heading click Uninstall a program
2. In the list of programs installed, locate the following program(s):

77zip

3. Right click each program and click Uninstall
4. After the programs have been uninstalled, close the Installed Programs window and the Control Panel.
5. Reboot the computer.

Delete the folders associated with the uninstalled programs.(Only do this if you uninstalled the program)

1. Using Windows Explorer (to get there right-click your Start button and click "Explore"), please delete the following folders(s) (if present):

C:\Program Files (86)\77zip

2. Close Windows Explorer.

Before running Steps 2 and 3, please disable any screen saver you have running.


Step-2.

Posted ImageMalwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware from Here or Here

Once downloaded, close all programs and browsers on your computer and disable any screen saver you might have running.

Right click the mbam-setup.exe file and click Run As Administrator, then click the Continue button on the UAC window.
  • When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings.
  • When the program has finished installing, make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    Posted Image
    • MBAM will now automatically start and you will see a message stating that you should update the program before performing a scan.
    • As MBAM will automatically update itself after the install, you can press the OK button to close that box and you will now be at the main program as shown below.
    NOTE: When the program loads, Decline the Malwarebytes' Anti-Malware Trial (You can activate this when we've finished, if you so wish)

    Posted Image
  • On the Scanner tab, make sure the the Perform full scan option is selected and then click on the Scan button to start scanning your computer.
    MBAM will now start scanning your computer for malware. This process can take quite a while, so I suggest you go and do something else and periodically check on the status of the scan. When MBAM is scanning it will look like the image below.

    Posted Image
  • When the scan is finished a message box will appear as shown in the image below.

    Posted Image

    You should click on the OK button to close the message box and continue with the removal process.
  • You will now be back at the main Scanner screen. At this point you should click on the Show Results button.
  • A screen displaying all the malware that the program found will be shown as seen in the image below. Please note that the infections found may be different than what is shown in the image.

    Posted Image
  • Make sure that everything is checked EXCEPT items in System Restore (see the image below), and click Remove Selected<---Very Important.

    Posted Image
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
I would suggest that you keep this antimalware program. Run a Quick Scan frequently and a Full Scan every week or so. Update the definition files before running a scan. Click the Update tab and update from there.


Step-3.

Run ESET Online Scanner:

Note: Optimized for Internet Explorer but you can use Chrome or Mozilla FireFox for this scan.

Important! You will need to disable your currently installed Anti-Virus program, how to do so can be read here.

Vista / 7 users: You will need to to right-click on either the Internet Explorer or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Please go here then click on:

    Posted Image

    Note: If using Mozilla Firefox a window will open telling you that you will need to download the ESET Smart Installer. Click on esetsmartinstaller_enu.exe to download the Smart Installer. Save it to the desktop.
    When prompted double click on the Posted Image icon on the desktop. After successful installation of ESET Smart Installer ESET Online Scanner is launched in a new window.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • A new window will open:

    Posted Image
  • Select the option YES, I accept the Terms of Use then click on:

    Posted Image
  • When prompted allow the Add-On/Active X to install. The following window will open:

    Posted Image

    • Uncheck the box beside Remove Found Threats
    • Check the box Scan archives.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Wait for the scan to finish. Do not touch either the Mouse or keyboard during the scan. Otherwise it may stall.
When The Scan is Complete:

A.
If No Threats Were Found:
  • Put a checkmark in Uninstall application on close
  • Close the program
  • Report to me that nothing was found
B.
If Threats Were Found:
  • Click on list of threats found
  • Click on export to text file and save it to the desktop as ESET SCAN.txt
  • Click on Back
  • Put a checkmark in Uninstall application on close Be sure you have saved the file first
  • Click on Finish
  • Close the program
Don't forget to enable your Antivirus program and screen saver.


Step-4.

Run Farbar Service Scanner

Please download Farbar Service Scanner to the desktop.
  • Right click the FSS.exe file, click Run as Administrator and OK any UAC prompts.

    Posted Image
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

Step-5.

Run Security Check

Download Security Check from here or here and save it to the Desktop.
  • Right click the SecurityCheck icon Posted Image and click Run as Administrator to run the application. Allow any UAC warnings.
  • Follow the onscreen instructions inside of the black box.

    Posted Image
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
NOTE: If SecurityCheck aborts and you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED! try rebooting the system and then run SecurityCheck again.


Things For Your Next Post:
Please post the logs in the order requested. Please don't attach the logs unless I request it.
1. Answer my questions above.
2. The MalwareBytes log
3. The ESET scan log (IF it found anything). If it didn't just let me know.
4. The FSS.txt log
5. The checkup.txt log
  • 0

#14
ego10fan
Posted 27 February 2014 - 09:46 PM

ego10fan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
I promise to do this on friday :/
  • 0

#15
ego10fan
Posted 01 March 2014 - 12:23 PM

ego10fan

    Member

  • Topic Starter
  • Member
  • PipPip
  • 44 posts
Vista / 7 users: You will need to to right-click on either the Internet Explorer or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
^ I didn't understand this step. So I just downloaded ESET scanner with chrome, and it worked just fine.

So here's all my logs:
malware bites:::


Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.28.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Storage :: ALEX-HP [administrator]

Protection: Disabled

2/28/2014 2:46:15 PM
mbam-log-2014-02-28 (14-46-15).txt

Scan type: Full scan (C:\|D:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 553094
Time elapsed: 1 hour(s), 28 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CF190686-9E72-403C-B99D-682ABDB63C5B} (PUP.Optional.TopArcadeHits.A) -> No action taken.
HKLM\SOFTWARE\Google\Chrome\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp (PUP.Optional.WhiteSmoke.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{625F420E-A4A9-4B40-BC23-716C1C43893A} (Adware.Adurr) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 25
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir (PUP.Optional.Conduit) -> No action taken.
C:\AdwCleaner\Quarantine\C\Users\Storage\AppData\Roaming\file scout\filescout.exe.vir (PUP.Optional.FileScout.A) -> No action taken.
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\amtlib.dll (PUP.RiskwareTool.CK) -> No action taken.
C:\Riot Games\League of Legends\RADS\projects\lol_game_client_en_us\managedfiles\0.0.0.157\DATA\Sounds\FMOD\BitZipper2013TrialSetupEn.7z (PUP.Optional.InstallIQ) -> No action taken.
C:\Users\Alex\Desktop\garbadge\old game installers\Minecraft_Allmyapps.exe (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Alex\Downloads\DTLite4461-0328.exe (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Alex\Downloads\FreePDFTabletInstall.exe (PUP.Optional.Spigot.A) -> No action taken.
C:\Users\Storage\Downloads\7zip_installer_d162802.exe (PUP.Optional.InstallIQ) -> No action taken.
C:\Users\Storage\Downloads\BitZipper2013TrialSetupEn.exe (PUP.Optional.InstallIQ) -> No action taken.
C:\Users\Storage\Downloads\freedownloadmanager-setup.exe (PUP.DownloadAdmin) -> No action taken.
C:\Users\Storage\Downloads\freefileviewer_730.exe (PUP.Optional.InstallIQ) -> No action taken.
C:\Users\Storage\Downloads\iTunes_Setup.exe (PUP.Optional.IBryte.A) -> No action taken.
C:\Users\Storage\Downloads\PhotoScapeSetup.exe (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Storage\Downloads\Adobe After Effects CS6\Patch\32bit\amtlib.dll (PUP.RiskwareTool.CK) -> No action taken.
C:\Users\Storage\Downloads\Adobe After Effects CS6\Patch\64bit\amtlib.dll (PUP.RiskwareTool.CK) -> No action taken.
C:\_OTL\MovedFiles\02162014_224500\C_Program Files (x86)\RightSurf\updateRightSurf.exe (PUP.Optional.RightSurf.A) -> No action taken.
C:\_OTL\MovedFiles\02162014_224500\C_Program Files (x86)\RightSurf\bin\utilRightSurf.exe (PUP.Optional.RightSurf.A) -> No action taken.
C:\_OTL\MovedFiles\02232014_204828\C_Users\Alex\AppData\Roaming\SearchProtect\bin\uninstall.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\$RECYCLE.BIN\S-1-5-21-2055821690-4012621098-2342977204-1000\$RQAQ6TK\Sony Vegas 10.0C (32 bit)\Patch Vegas Pro 10.00 By MrAxr.zip (RiskWare.Tool.HCK) -> Quarantined and deleted successfully.
C:\$RECYCLE.BIN\S-1-5-21-2055821690-4012621098-2342977204-1041\$RNVUKYH.exe (Adware.InstallBrain) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Uninstall Information\Ib\97\3867\ib_uninstall.exe (Adware.InstallBrain) -> Quarantined and deleted successfully.
C:\Users\Storage\Desktop\Producer Starter Pack\iZotope Trash v1.14 VST DX AS RTAS HTDM By Adrian Dennis\iZotope Trash v1.14 VST DX AS RTAS HTDM By Adrian Dennis\A.C. Patch\keygen.rar (Trojan.Agent.ck) -> Quarantined and deleted successfully.
C:\Users\Storage\Desktop\Producer Starter Pack\iZotope Trash v1.14 VST DX AS RTAS HTDM By Adrian Dennis\iZotope Trash v1.14 VST DX AS RTAS HTDM By Adrian Dennis\A.C. Patch\keygen\keygen.exe (Trojan.Agent.ck) -> Quarantined and deleted successfully.
C:\_OTL\MovedFiles\02162014_224500\C_ProgramData\IBUpdaterService\ibsvc.exe (Adware.InstallBrain) -> Quarantined and deleted successfully.
C:\Users\Storage\AppData\Roaming\msconfig.ini (Trojan.Agent) -> Quarantined and deleted successfully.

(end)



ESET SCAN:
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir Win32/Toolbar.Conduit.Y potentially unwanted application
C:\AdwCleaner\Quarantine\C\ProgramData\apn\APN-Stub\W3IV6-G\APNIC.7z.vir Win32/Bundled.Toolbar.Ask.B potentially unsafe application
C:\AdwCleaner\Quarantine\C\ProgramData\apn\APN-Stub\W3IV6-G\APNIC.dll.vir Win32/Bundled.Toolbar.Ask.B potentially unsafe application
C:\AdwCleaner\Quarantine\C\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcfbpbkoonbnoffgakelcebnjajoikkp\10.22.0.588_0\TBHostSupport\TBHostSupport.dll.vir a variant of Win32/Toolbar.Conduit.AA potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcfbpbkoonbnoffgakelcebnjajoikkp\10.22.5.510_0\TBHostSupport\TBHostSupport.dll.vir a variant of Win32/Toolbar.Conduit.AA potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Alex\AppData\LocalLow\internethelper3.1\hk64tbInt0.dll.vir a variant of Win64/Toolbar.Conduit.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Alex\AppData\LocalLow\internethelper3.1\hk64tbInte.dll.vir a variant of Win64/Toolbar.Conduit.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Alex\AppData\LocalLow\internethelper3.1\hktbInt0.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Alex\AppData\LocalLow\internethelper3.1\hktbInte.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Alex\AppData\LocalLow\internethelper3.1\ldrtbInt0.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Alex\AppData\LocalLow\internethelper3.1\ldrtbInte.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Alex\AppData\LocalLow\internethelper3.1\tbInt0.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Alex\AppData\LocalLow\internethelper3.1\tbInt1.dll.vir Win32/Toolbar.Conduit.Y potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Alex\AppData\LocalLow\internethelper3.1\tbInte.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Storage\AppData\Roaming\file scout\filescout.exe.vir Win32/FileScout.A potentially unwanted application
C:\Riot Games\League of Legends\RADS\projects\lol_game_client_en_us\managedfiles\0.0.0.157\DATA\Sounds\FMOD\BitZipper2013TrialSetupEn.7z a variant of Win32/InstallIQ potentially unwanted application
C:\Users\Alex\AppData\Local\Flvto Converter\FlvtoConverterSetupV0.3.2.exe Win32/InstallMonetizer.AN potentially unwanted application
C:\Users\Alex\AppData\LocalLow\uTorrentControl_v2\hk64tbuTo0.dll a variant of Win64/Toolbar.Conduit.B potentially unwanted application
C:\Users\Alex\AppData\LocalLow\uTorrentControl_v2\hk64tbuTo2.dll a variant of Win64/Toolbar.Conduit.B potentially unwanted application
C:\Users\Alex\AppData\LocalLow\uTorrentControl_v2\hktbuTo0.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application
C:\Users\Alex\AppData\LocalLow\uTorrentControl_v2\hktbuTo2.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application
C:\Users\Alex\AppData\LocalLow\uTorrentControl_v2\ldrtbuTo0.dll a variant of Win32/Toolbar.Conduit.P potentially unwanted application
C:\Users\Alex\AppData\LocalLow\uTorrentControl_v2\ldrtbuTo2.dll a variant of Win32/Toolbar.Conduit.P potentially unwanted application
C:\Users\Alex\AppData\LocalLow\uTorrentControl_v2\ldrtbuTor.dll a variant of Win32/Toolbar.Conduit.P potentially unwanted application
C:\Users\Alex\AppData\LocalLow\uTorrentControl_v2\tbuTo0.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application
C:\Users\Alex\AppData\LocalLow\uTorrentControl_v2\tbuTo1.dll Win32/Toolbar.Conduit.Y potentially unwanted application
C:\Users\Alex\AppData\LocalLow\uTorrentControl_v2\tbuTo2.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application
C:\Users\Alex\AppData\LocalLow\uTorrentControl_v2\tbuTor.dll a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\Users\Alex\AppData\LocalLow\uTorrentControl_v2\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll a variant of Win32/PriceGong.A potentially unwanted application
C:\Users\Alex\Desktop\garbadge\old game installers\Minecraft_Allmyapps.exe Win32/OpenCandy potentially unsafe application
C:\Users\Alex\Desktop\garbadge\old game installers\RuneScape.exe Win32/Toolbar.Conduit potentially unwanted application
C:\Users\Alex\Documents\APNSetup1.exe a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application
C:\Users\Alex\Downloads\cbsidlm-tr1_10a-Daemon_Tools_Lite-SEO-10778842.exe Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Alex\Downloads\DTLite4461-0328.exe Win32/DownWare.L potentially unwanted application
C:\Users\Alex\Downloads\FreePDFTabletInstall.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application
C:\Users\Alex\Downloads\setup.exe Win32/Toolbar.Conduit potentially unwanted application
C:\Users\Storage\Desktop\Producer Starter Pack.zip a variant of Win32/Keygen.AD potentially unsafe application
C:\Users\Storage\Desktop\Producer Starter Pack\OhmForce Ohmicide Pro 1.10 VST\OhmForce Ohmicide Pro 1.10 (Keygen).exe a variant of Win32/Keygen.AD potentially unsafe application
C:\Users\Storage\Desktop\Producer Starter Pack\Rob.Papen.Predator.VSTi.v1.1.Incl.Keygen-AiR\keygen.exe a variant of Win32/Keygen.AD potentially unsafe application
C:\Users\Storage\Downloads\7zip_installer_d162802.exe a variant of Win32/InstallIQ.A potentially unwanted application
C:\Users\Storage\Downloads\Ableton Live v8.3 + Max4Live + Crack (PC).rar a variant of Win32/HackTool.Patcher.AD potentially unsafe application
C:\Users\Storage\Downloads\AL9S 9.0.4 (x64).rar a variant of Win32/HackTool.Patcher.AD potentially unsafe application
C:\Users\Storage\Downloads\AL9S 9.0.4 x64.rar a variant of Win32/HackTool.Patcher.AD potentially unsafe application
C:\Users\Storage\Downloads\BitZipper2013TrialSetupEn.exe a variant of Win32/InstallIQ potentially unwanted application
C:\Users\Storage\Downloads\FL Studio Producer Edition 11.0.2 + Plugins Bundle.rar Win32/OpenCandy potentially unsafe application
C:\Users\Storage\Downloads\FlvtoYoutubeDownloaderSetup (1).exe Win32/InstallMonetizer.AN potentially unwanted application
C:\Users\Storage\Downloads\FlvtoYoutubeDownloaderSetup.exe Win32/InstallMonetizer.AN potentially unwanted application
C:\Users\Storage\Downloads\freedownloadmanager-setup.exe Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Storage\Downloads\freefileviewer_730.exe a variant of Win32/InstallIQ.A potentially unwanted application
C:\Users\Storage\Downloads\fyzip-setup.exe Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Storage\Downloads\InternetExplorerSetup-13204601-zbsb.exe a variant of Win32/InstallCore.JE.gen potentially unwanted application
C:\Users\Storage\Downloads\iTunes_Setup.exe a variant of Win32/AdWare.iBryte.K.gen application
C:\Users\Storage\Downloads\PhotoScapeSetup-4793172-zbsb.exe a variant of Win32/InstallCore.JE.gen potentially unwanted application
C:\Users\Storage\Downloads\PhotoScapeSetup.exe Win32/OpenCandy potentially unsafe application
C:\Users\Storage\Downloads\TinyMediaPlayer_RocketFuelInstaller.exe a variant of Win32/Verti.A potentially unwanted application
C:\Users\Storage\Downloads\WinZip175.exe a variant of Win32/OpenInstall potentially unwanted application
C:\Windows\Installer\365322.msi a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application
C:\Windows\Installer\MSI4E76.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\Installer\MSI5882.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\Installer\MSI5B98.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\Installer\MSI5BEE.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\Installer\MSI7CF3.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\Installer\MSI810A.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\Installer\MSIA73B.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-OVO2V7[1].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-OVO2V7[2].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-OVO2V7[3].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-OVO2V7[4].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-OVO2V7[5].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-OVO2V7[6].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-OVO2V7[1].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-OVO2V7[2].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-OVO2V7[3].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-OVO2V7[4].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-OVO2V7[5].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-OVO2V7[6].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\_OTL\MovedFiles\02162014_224500\C_Program Files (x86)\RightSurf\updateRightSurf.exe a variant of Win32/BrowseFox.G potentially unwanted application
C:\_OTL\MovedFiles\02162014_224500\C_Program Files (x86)\RightSurf\bin\RightSurfBrowserFilter.exe a variant of MSIL/BrowseFox.B potentially unwanted application
C:\_OTL\MovedFiles\02162014_224500\C_Program Files (x86)\RightSurf\bin\utilRightSurf.exe a variant of Win32/BrowseFox.G potentially unwanted application
C:\_OTL\MovedFiles\02232014_204828\C_Users\Alex\AppData\Roaming\OpenCandy\50C28A0C8DD6486298C102774F2663A8\OCBrowserHelper_1.0.3.85.dll a variant of Win32/OpenCandy.A potentially unsafe application
C:\_OTL\MovedFiles\02232014_204828\C_Users\Alex\AppData\Roaming\OpenCandy\50C28A0C8DD6486298C102774F2663A8\setup_759.exe Win32/Amonetize potentially unwanted application
C:\_OTL\MovedFiles\02232014_204828\C_Users\Alex\AppData\Roaming\SearchProtect\ffprotect\application.js Win32/Conduit.SearchProtect.A potentially unwanted application
C:\_OTL\MovedFiles\02232014_204828\C_Users\Alex\AppData\Roaming\SearchProtect\ffprotect\nsprotector.js Win32/Conduit.SearchProtect.A potentially unwanted application





FSS:
Farbar Service Scanner Version: 25-02-2014
Ran by Storage (administrator) on 01-03-2014 at 10:15:39
Running from "C:\Users\Storage\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****




Security Check:
Results of screen317's Security Check version 0.99.79
Windows 7 Service Pack 1 x64
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
JavaFX 2.1.1
Java 7 Update 25
Java version out of Date!
Adobe Flash Player 13.0.0.80 Flash Player out of Date!
Google Chrome 32.0.1700.107
Google Chrome 33.0.1750.117
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 2%
````````````````````End of Log``````````````````````
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP