This topic is locked
Noticed that my system is running slow and that it keeps sayin that my flash player is down. My web browser seems to be hijacked. Keeps changing my home page and search engine. Suspect it may be from facebook ads.
OTL logfile created on: 3/25/2014 12:50:16 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\owner\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.99 Gb Total Physical Memory | 0.98 Gb Available Physical Memory | 32.62% Memory free
6.18 Gb Paging File | 3.96 Gb Available in Paging File | 64.03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.29 Gb Total Space | 115.77 Gb Free Space | 52.55% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 4.14 Gb Free Space | 41.38% Space Free | Partition Type: NTFS
Computer Name: OWNER-PC | User Name: owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/03/25 12:49:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\owner\Desktop\OTL.exe
PRC - [2014/03/19 15:54:10 | 003,584,184 | ---- | M] (ShowMyPC) -- C:\Users\owner\AppData\Local\Temp\ShowMyPC\smpc3160\SMPCSetup.exe
PRC - [2014/03/13 11:35:24 | 004,233,744 | ---- | M] (iolo technologies, LLC) -- C:\Program Files\iolo\System Mechanic\SystemGuardAlerter.exe
PRC - [2014/03/13 11:07:08 | 004,492,776 | ---- | M] (iolo technologies, LLC) -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
PRC - [2014/03/12 14:03:26 | 001,863,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
PRC - [2014/03/12 13:03:08 | 000,841,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_12_0_0_77_ActiveX.exe
PRC - [2014/02/06 21:18:44 | 000,021,536 | ---- | M] (Smartbar) -- C:\Users\owner\AppData\Local\Smartbar\Application\SnapDo.exe
PRC - [2014/02/06 21:17:28 | 000,012,832 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\Lrcnta.exe
PRC - [2014/02/06 19:22:58 | 003,767,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/02/06 19:22:58 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/01/23 18:12:52 | 000,091,936 | ---- | M] (PureLeads) -- C:\Program Files\PureLeads\PureLeadsSvc.exe
PRC - [2014/01/23 18:12:52 | 000,083,232 | ---- | M] (PureLeads) -- C:\Program Files\PureLeads\PureLeadsTray.exe
PRC - [2014/01/23 18:12:50 | 003,690,784 | ---- | M] (Sendori) -- C:\Program Files\PureLeads\plsapp.exe
PRC - [2014/01/23 18:12:50 | 000,024,352 | ---- | M] (sendori) -- C:\Program Files\PureLeads\PureLeads.Service.exe
PRC - [2013/12/18 13:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/06/26 19:23:04 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 19:23:00 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2012/09/17 06:39:30 | 000,171,600 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/20 21:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/01 22:44:32 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/04/17 00:05:52 | 000,021,504 | ---- | M] (UPEK Inc.) -- C:\Program Files\Fingerprint Reader Suite\upeksvr.exe
========== Modules (No Company Name) ==========
MOD - [2014/03/24 14:05:38 | 008,013,664 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2014/03/24 14:05:38 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.OLE.Interop.dll
MOD - [2014/03/24 14:05:34 | 000,146,464 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll
MOD - [2014/03/12 14:03:25 | 016,276,872 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_12_0_0_77.dll
MOD - [2014/02/16 10:39:38 | 003,578,992 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014/02/13 04:39:01 | 000,447,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\8b9ad2e65926aab95d1f1518accb51f5\UIAutomationClient.ni.dll
MOD - [2014/02/13 04:37:47 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\9f3c96d8466cab4684312622d13781b7\CustomMarshalers.ni.dll
MOD - [2014/02/13 04:36:32 | 000,187,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\b01fbd25bd6023d6b2d960d7bda323af\UIAutomationTypes.ni.dll
MOD - [2014/02/13 04:36:22 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e3ab5ab0fbb86c36425e6902e54a547b\System.Runtime.Remoting.ni.dll
MOD - [2014/02/13 04:36:18 | 011,909,120 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\2183861863b3c98036f0d75f303d2a65\System.Web.ni.dll
MOD - [2014/02/13 04:36:07 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\890433199e7e462f76600e3aa64e435e\System.Web.Services.ni.dll
MOD - [2014/02/13 04:36:00 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\d17ceca243fabda73eefb21d9bd072df\System.Configuration.ni.dll
MOD - [2014/02/13 04:34:34 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f87e71868aedbc6c4e8fe7160d17c4ab\System.Xml.ni.dll
MOD - [2014/02/13 04:34:17 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d2b605fc7deda872727d1ed37710420e\System.Windows.Forms.ni.dll
MOD - [2014/02/13 04:34:08 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8e6265a54260bddfc05951e764f5bc48\System.Drawing.ni.dll
MOD - [2014/02/13 04:33:10 | 003,325,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d981bccab40fbbdc1d35bf2a58c947b7\WindowsBase.ni.dll
MOD - [2014/02/13 04:33:07 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\957628d9dd7b3bf370a56dca7835a997\System.ni.dll
MOD - [2014/02/13 04:32:56 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\694a37a84dee2cd2609a1dfab27c0433\mscorlib.ni.dll
MOD - [2014/02/06 21:19:26 | 000,052,256 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\srut.dll
MOD - [2014/02/06 21:19:22 | 000,020,512 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\srsbs.dll
MOD - [2014/02/06 21:19:16 | 000,014,880 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\srpdm.dll
MOD - [2014/02/06 21:19:14 | 000,247,328 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\srns.dll
MOD - [2014/02/06 21:19:12 | 000,037,408 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\srbu.dll
MOD - [2014/02/06 21:19:10 | 000,063,520 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\srau.dll
MOD - [2014/02/06 21:19:08 | 000,058,400 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\spbl.dll
MOD - [2014/02/06 21:19:08 | 000,054,304 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\sppsm.dll
MOD - [2014/02/06 21:19:00 | 000,025,632 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
MOD - [2014/02/06 21:18:58 | 000,152,608 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
MOD - [2014/02/06 21:18:58 | 000,053,280 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
MOD - [2014/02/06 21:18:54 | 000,017,440 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
MOD - [2014/02/06 21:18:50 | 000,166,432 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
MOD - [2014/02/06 21:18:48 | 000,059,424 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
MOD - [2014/02/06 21:18:46 | 002,310,688 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
MOD - [2014/02/06 21:18:46 | 000,033,824 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
MOD - [2014/02/06 21:18:46 | 000,014,368 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
MOD - [2014/02/06 21:18:44 | 000,728,096 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
MOD - [2014/02/06 21:18:44 | 000,082,464 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
MOD - [2014/02/06 21:18:38 | 000,193,056 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\sgmu.dll
MOD - [2014/02/06 21:18:38 | 000,013,344 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\siem.dll
MOD - [2014/02/06 21:18:36 | 000,014,368 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\sgml.dll
MOD - [2014/02/06 21:17:28 | 000,048,160 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
MOD - [2014/02/06 21:17:28 | 000,020,512 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\lrcnt.dll
MOD - [2014/02/06 21:17:28 | 000,012,832 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\Lrcnta.exe
MOD - [2014/02/06 21:15:12 | 000,061,440 | ---- | M] () -- C:\Users\owner\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
MOD - [2014/01/07 14:31:57 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/11/21 14:24:12 | 000,068,696 | ---- | M] () -- C:\Program Files\ShowMyPCService\screenhooks.dll
MOD - [2013/05/08 04:00:25 | 000,474,112 | ---- | M] () -- C:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll
MOD - [2009/03/29 23:42:11 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2008/12/18 04:55:28 | 000,054,784 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll
========== Services (SafeList) ==========
SRV - [2014/03/13 11:07:08 | 004,492,776 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2014/03/12 14:03:27 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/02/16 10:39:39 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/02/06 19:22:58 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/01/23 18:12:52 | 000,091,936 | ---- | M] (PureLeads) [Auto | Running] -- C:\Program Files\PureLeads\PureLeadsSvc.exe -- (PlsvcV1)
SRV - [2014/01/23 18:12:50 | 003,690,784 | ---- | M] (Sendori) [Auto | Running] -- C:\Program Files\PureLeads\plsapp.exe -- (plsapp)
SRV - [2014/01/23 18:12:50 | 000,024,352 | ---- | M] (sendori) [Auto | Running] -- C:\Program Files\PureLeads\PureLeads.Service.exe -- (PlsvcV2)
SRV - [2013/12/18 13:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/21 14:24:02 | 000,815,704 | ---- | M] (GlavSoft LLC.) [Auto | Stopped] -- C:\Program Files\ShowMyPCService\tvnserver.exe -- (tvnserver)
SRV - [2013/08/14 16:19:24 | 000,039,056 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/06/26 19:23:04 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 19:23:00 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2012/09/17 06:39:30 | 000,171,600 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor11.0)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/09/23 23:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) [Disabled | Stopped] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/01 22:44:32 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2008/01/01 22:44:26 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Disabled | Stopped] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Auto | Stopped] -- System32\Drivers\Ca1528av.sys -- (Ca1528av)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\Bulk1528.sys -- (Bulk1528)
DRV - [2014/02/06 19:23:03 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/02/06 19:23:03 | 000,410,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2014/02/06 19:23:03 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/02/06 19:23:03 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014/02/06 19:23:02 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2014/01/10 15:24:33 | 000,026,136 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2014/01/07 14:31:59 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/01/07 14:31:59 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/12/03 10:54:50 | 000,068,464 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\PDFsFilter.sys -- (PDFsFilter)
DRV - [2013/12/03 10:54:48 | 000,026,248 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElRawDsk.sys -- (ElRawDisk)
DRV - [2013/06/26 19:23:04 | 000,020,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2013/06/26 19:23:00 | 000,197,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2013/06/26 19:23:00 | 000,024,232 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2013/06/26 19:22:58 | 000,583,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2011/08/15 14:51:40 | 000,054,144 | ---- | M] (Fengtao Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dvdfab.sys -- (dvdfab)
DRV - [2008/12/18 04:55:10 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/04/22 01:11:54 | 000,111,616 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2008/01/20 21:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2008/01/01 22:44:40 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/12/03 00:59:06 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007/12/03 00:58:50 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/06/22 17:59:24 | 000,479,232 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2007/02/28 06:25:46 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/02/28 06:25:44 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/02/28 06:25:44 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/02/06 16:38:02 | 000,028,288 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2006/11/10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2001/09/13 21:35:58 | 000,027,519 | ---- | M] (Linksys) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USB100M.SYS -- (USB-100)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.c...&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.c...&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://search.conduit.com/?ctid=CT [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?...42&ocid=U142DHP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?...42&ocid=U142DHP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.c...&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.c...&q={searchTerms}
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...&q={searchTerms}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.condui...archTerms}=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.startup.homepage: "http://feed.snapdo.c..._3isIrK7VTqkGRK"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2013.75
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - prefs.js..keyword.URL: "http://feed.snapdo.c...8kqRcfeoxih63="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/02/06 19:23:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2014/02/03 16:14:03 | 000,000,000 | ---D | M]
[2012/02/01 16:16:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\Mozilla\Extensions
[2014/03/24 16:06:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\140ox05w.default-1393965298370\extensions
[2014/02/16 10:39:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/02/16 10:39:39 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/02/06 19:23:24 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.msn.com/?...42&ocid=U142DHP
CHR - Extension: Google Docs = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Webexp Enhanced = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dffkkngemcheealimpeioaeilpcpopfl\1.1_0\
CHR - Extension: avast! Online Security = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: RealDownloader = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0\
CHR - Extension: iLivid New Tabs = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbajpeofkjjeiamcglnmldoboonfkiol\5.0.0.7254_0\
CHR - Extension: WhiteSmoke New = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi\10.16.4.12_0\
CHR - Extension: MediaPlayerEnhance = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\crossrider
CHR - Extension: MediaPlayerEnhance = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.69_0\
CHR - Extension: Google Wallet = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (ArcadeFrontier Addon) - {6C8DB2EC-499B-4897-A784-0E3186C97E9D} - C:\Users\owner\AppData\Local\ArcadeFrontier\ArcadeFrontier.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [PureLeads Tray] C:\Program Files\PureLeads\PureLeadsTray.exe (PureLeads)
O4 - HKLM..\Run: [tvncontrol] C:\Program Files\ShowMyPCService\tvnserver.exe (GlavSoft LLC.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Browser Infrastructure Helper] C:\Users\owner\AppData\Local\Smartbar\Application\SnapDo.exe (Smartbar)
O4 - HKLM..\RunOnce: [SpUninstallCleanUp] REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - Reg Error: Value error. File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\plsapp.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\plsapp.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\plsapp.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\plsapp.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\plsapp.dll (Sendori)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F283D49-F73F-494F-9C7F-B3468800B59F}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\System32\vrlogon.dll (UPEK Inc.)
O20 - Winlogon\Notify\psfus: DllName - (C:\Windows\system32\psqlpwd.dll) - C:\Windows\System32\psqlpwd.dll (UPEK Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0f417dcb-4d4f-11e3-921e-0023ae1aea80}\Shell - "" = AutoRun
O33 - MountPoints2\{0f417dcb-4d4f-11e3-921e-0023ae1aea80}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{10bbdcef-6a91-11e3-8981-b5f0848fc86e}\Shell - "" = AutoRun
O33 - MountPoints2\{10bbdcef-6a91-11e3-8981-b5f0848fc86e}\Shell\AutoRun\command - "" = F:\menu.exe
O34 - HKLM BootExecute: (o)
O34 - HKLM BootExecute: ("쀀ឩҰ")
O34 - HKLM BootExecute: (3)
O34 - HKLM BootExecute: ("Tracks files that are managed by Elements Organizer")
O34 - HKLM BootExecute: ("쀀ឩҰ")
O34 - HKLM BootExecute: (0)
O34 - HKLM BootExecute: ("SOFTWARE\Mozilla\Mozilla Firefox 26.0\extensions")
O34 - HKLM BootExecute: (뚐ᙔ끘፭뤐Ȫ.)
O34 - HKLM BootExecute: ("㍼ፄĀ")
O34 - HKLM BootExecute: (Ā)
O34 - HKLM BootExecute: ("")
O34 - HKLM BootExecute: ()
O34 - HKLM BootExecute: (鴬ᡝ)
O34 - HKLM BootExecute: (Ѐ뼔൨Ā)
O34 - HKLM BootExecute: (ؕ)
O34 - HKLM BootExecute: (229)
O34 - HKLM BootExecute: ("먁ڦҰ")
O34 - HKLM BootExecute: (ù)
O34 - HKLM BootExecute: (COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_001c11ba\ComponentFamilies\x86_microsoft-windows-crypt32-dll.resources_31bf3856ad364e35_en-us_5d347fe5c94357c3\f256!crypt32.dll.mui\f3e9c6f667cbf5a94577044def2f9c858ffe3d79f98384f24c48692b201a7884)
O34 - HKLM BootExecute: ("iolobtdfg C:\Windows\system32")
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x86 - (C:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll) - C:\Program Files\Search Results Toolbar\Datamngr\apcrtldr.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2014/03/25 12:47:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\owner\Desktop\OTL.exe
[2014/03/25 11:39:07 | 000,000,000 | ---D | C] -- C:\Program Files\ShowMyPCService
[2014/03/24 14:05:31 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\LPT
[2014/03/24 14:05:27 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\Smartbar
[2014/03/24 14:03:57 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\Downloaded Installations
[2014/03/24 12:52:50 | 000,026,248 | ---- | C] (EldoS Corporation) -- C:\Windows\System32\drivers\ElRawDsk.sys
[2014/03/04 16:21:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/03/04 15:35:04 | 000,000,000 | ---D | C] -- C:\Users\owner\Desktop\Old Firefox Data
[2014/02/27 12:42:08 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Roaming\LegacyInteractive
[2014/02/27 12:41:21 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Roaming\Oberon Media
[2014/02/27 12:41:14 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games of the Month
[2014/02/27 12:41:05 | 000,000,000 | ---D | C] -- C:\Program Files\Oberon Media SIDR
[2014/02/27 12:40:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Oberon Media
[2014/02/27 12:36:27 | 000,354,592 | ---- | C] (Sendori) -- C:\Windows\System32\plsapp.dll
[2014/02/27 12:36:24 | 000,000,000 | ---D | C] -- C:\ProgramData\PureLeads
[2014/02/27 12:36:21 | 000,000,000 | ---D | C] -- C:\Program Files\PureLeads
[2014/02/27 12:36:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Oberon Media
[2014/02/27 12:36:08 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Roaming\OpenCandy
[2014/02/27 12:35:41 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArcadeFrontier
[2014/02/27 12:35:39 | 000,000,000 | ---D | C] -- C:\Users\owner\AppData\Local\ArcadeFrontier
========== Files - Modified Within 30 Days ==========
[2014/03/25 12:53:34 | 000,000,268 | ---- | M] () -- C:\Windows\tasks\ArcadeFrontier.job
[2014/03/25 12:49:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\owner\Desktop\OTL.exe
[2014/03/25 12:39:28 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/03/25 12:39:28 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/03/25 12:28:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/25 12:03:17 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/03/25 10:39:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/03/24 14:22:41 | 000,656,642 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/03/24 14:22:41 | 000,124,946 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/03/24 14:15:57 | 001,584,568 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/03/24 12:44:53 | 000,001,947 | ---- | M] () -- C:\Users\owner\Desktop\System Mechanic.lnk
[2014/03/13 11:25:20 | 000,041,616 | ---- | M] (iolo technologies, LLC) -- C:\Windows\System32\iolobtdfg.exe
[2014/03/13 11:25:10 | 000,023,568 | ---- | M] (iolo technologies, LLC) -- C:\Windows\System32\smrgdf.exe
[2014/03/13 11:08:38 | 002,097,984 | ---- | M] (iolo technologies, LLC) -- C:\Windows\System32\Incinerator32.dll
[2014/03/10 14:54:31 | 000,001,076 | ---- | M] () -- C:\Users\owner\Documents\-.facebook.com
[2014/03/04 16:26:24 | 000,009,504 | ---- | M] () -- C:\Users\owner\Documents\cc_20140304_152615.reg
[2014/03/04 16:21:40 | 000,000,840 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/02/27 12:41:14 | 000,002,227 | ---- | M] () -- C:\Users\owner\Desktop\Criminal Minds.lnk
[2014/02/27 12:41:00 | 000,001,172 | ---- | M] () -- C:\Users\owner\Desktop\Games of the Month.lnk
[2014/02/27 12:35:11 | 000,000,000 | ---- | M] () -- C:\END
========== Files Created - No Company Name ==========
[2014/03/10 14:54:31 | 000,001,076 | ---- | C] () -- C:\Users\owner\Documents\-.facebook.com
[2014/03/04 16:26:17 | 000,009,504 | ---- | C] () -- C:\Users\owner\Documents\cc_20140304_152615.reg
[2014/03/04 15:47:23 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/27 12:41:14 | 000,002,227 | ---- | C] () -- C:\Users\owner\Desktop\Criminal Minds.lnk
[2014/02/27 12:41:00 | 000,001,172 | ---- | C] () -- C:\Users\owner\Desktop\Games of the Month.lnk
[2014/02/27 12:35:39 | 000,000,268 | ---- | C] () -- C:\Windows\tasks\ArcadeFrontier.job
[2014/01/07 14:32:20 | 000,180,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/01/07 14:32:20 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/12/26 15:05:40 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys.sum
[2013/12/26 15:05:40 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSP.sys.sum
[2013/12/26 15:05:40 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSnx.sys.sum
[2013/07/19 07:17:41 | 000,000,000 | ---- | C] () -- C:\Users\owner\AppData\Roaming\SharedSettings.ccs
[2013/07/16 23:58:03 | 000,074,703 | ---- | C] () -- C:\Windows\System32\mfc45.dat
[2012/07/07 16:40:33 | 000,611,158 | ---- | C] () -- C:\Users\owner\DVDFab 8 Qt.lnk
[2012/04/04 13:14:35 | 000,006,013 | ---- | C] () -- C:\Windows\hplj1010.ini
[2012/01/17 11:29:12 | 000,000,212 | ---- | C] () -- C:\Users\owner\AppData\Roaming\wklnhst.dat
[2011/12/12 15:43:55 | 000,781,312 | -HS- | C] () -- C:\Users\owner\ehthumbs_vista.db
[2011/11/14 14:05:16 | 000,000,552 | ---- | C] () -- C:\Users\owner\AppData\Local\d3d8caps.dat
[2011/08/13 08:18:43 | 000,006,648 | ---- | C] () -- C:\Users\owner\AppData\Local\d3d9caps.dat
[2011/02/19 14:23:01 | 000,106,496 | ---- | C] () -- C:\Users\owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/06/26 22:20:54 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\ARA
[2014/01/02 17:30:55 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\AVAST Software
[2014/02/18 18:40:35 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\BitTorrent
[2012/02/06 11:40:53 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/08/17 23:21:55 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\com.hwp.HWPLauncher
[2013/09/17 21:46:12 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\DVDFab9
[2014/01/05 13:26:23 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\freegames111
[2014/02/17 15:57:22 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
[2013/11/13 16:47:33 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\ImgBurn
[2014/02/17 15:41:12 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\IminentToolbar
[2013/07/10 15:50:33 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Instant Housecall
[2014/02/24 20:06:26 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\iolo
[2014/01/10 16:09:40 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\ioloGovernor
[2014/02/27 12:42:08 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\LegacyInteractive
[2014/02/03 16:29:23 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\LibreOffice
[2013/12/26 11:53:03 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\newnext.me
[2014/02/27 12:41:22 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Oberon Media
[2014/03/24 14:03:53 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\OpenCandy
[2011/08/15 22:37:55 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\PCDr
[2013/11/14 13:05:03 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\QBOSSCD
[2014/02/13 04:26:31 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\SoftGrid Client
[2012/01/17 11:29:13 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\Template
[2012/02/02 16:18:25 | 000,000,000 | ---D | M] -- C:\Users\owner\AppData\Roaming\TP
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 376 bytes -> C:\ProgramData\TEMP:214562D2
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:373E1720
< End of report >
Sign In
Create Account
