Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Tuvaro hijack, and plenty of other issues. [Closed]

Started by Maxgreen1 , Apr 04 2014 10:24 PM

  • This topic is locked This topic is locked

#1
Maxgreen1
Posted 04 April 2014 - 10:24 PM

Maxgreen1

    New Member

  • Member
  • Pip
  • 3 posts

I'm working on a laptop for a friend of mine. It wasn't connecting to the internet. I went into internet settings and saw that the settings were all weird, it had him connecting through a vpn network. I set it back to normal settings, and got the internet to work again... only to see that he had a weird home page, www-search.net (don't go there). It's the stereotype adware, and it makes general browsing dangerous. I installed Advanced systemcare and its malware fighter, and uninstalled the malicious programs. Nothing was showing up. McAfee and Lavasoft's ad-aware didn't detect anything, but tuvaro was obviously still there (even after changing the default home pages multiple times). I followed some internet removal guides with little success, including running Rkill . Installing malwarebytes helped most, as it stops most PUP and malicious programs from coming through. I changed all the internet shortcuts to include https://www.google.com in the properties tab, to force it straight to the specific site. Malwarebytes will detect viruses over and over again after each reboot, and so I'm yet to get rid of this for good.

 

It is a windows 7, i believe 4 gb of ram. Thank you for your help in advance,

 

Max


  • 0

Advertisements

#2
Essexboy
Posted 05 April 2014 - 05:02 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Hi there first I will need to take a look at the system

 

Download OTL  to your Desktop
Secondary link

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

    OTL_Main_Tutorial.gif

  • Select All Users
  • Select LOP and Purity
  • Under the Custom Scan box paste this in

    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    c:\program files (x86)\Google\Desktop
    c:\program files\Google\Desktop
    dir "%systemdrive%\*" /S /A:L /C
    /md5start
    rpcss.dll
    /md5stop
    CREATERESTOREPOINT

  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Attach  both logs


  • 0

#3
Maxgreen1
Posted 06 April 2014 - 06:28 PM

Maxgreen1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

Thank you! I'll do that and get back to you with those logs


  • 0

#4
Maxgreen1
Posted 09 April 2014 - 12:26 AM

Maxgreen1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

I attached the logs, and I can post them here also, for convenience.

edit: commentary on tightvnc and teamviewer showing up in the logs: I use either of these to access the laptop remotely, as I did to run the OTL scan.

 

OTL.Txt

 

OTL logfile created on: 4/8/2014 10:31:25 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\zeinab\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.95 Gb Total Physical Memory | 4.74 Gb Available Physical Memory | 59.65% Memory free
15.90 Gb Paging File | 12.17 Gb Available in Paging File | 76.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 681.47 Gb Total Space | 585.94 Gb Free Space | 85.98% Space Free | Partition Type: NTFS
Drive D: | 16.87 Gb Total Space | 1.82 Gb Free Space | 10.77% Space Free | Partition Type: NTFS
 
Computer Name: ZEINAB-HP | User Name: zeinab | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/04/08 22:29:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\zeinab\Downloads\OTL.exe
PRC - [2014/04/03 09:49:12 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/04/03 09:49:12 | 000,857,912 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/04/03 09:49:06 | 006,963,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/04/02 21:34:38 | 000,318,864 | ---- | M] (Outfox Tv Productions Pty Ltd) -- c:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
PRC - [2014/04/02 06:27:36 | 004,972,864 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014/04/02 06:27:36 | 004,529,472 | ---- | M] (TeamViewer GmbH) -- c:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe
PRC - [2014/04/02 06:27:35 | 012,877,632 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
PRC - [2014/04/02 06:05:16 | 000,238,400 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
PRC - [2014/04/01 21:22:00 | 000,610,704 | ---- | M] (Outfox Tv Productions Pty Ltd) -- C:\Program Files\OutfoxTV\OutfoxTvService.exe
PRC - [2014/03/24 21:45:30 | 000,259,472 | ---- | M] (Outfox Tv Productions Pty Ltd) -- C:\Program Files\OutfoxTV\OutfoxTvUpdater.exe
PRC - [2014/03/17 15:35:04 | 000,807,800 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
PRC - [2014/03/10 16:04:46 | 004,469,536 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe
PRC - [2014/03/03 09:53:02 | 001,363,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/03/03 09:52:32 | 001,748,608 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014/02/27 10:48:08 | 001,592,640 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
PRC - [2014/02/27 08:19:59 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Buzz-it-soft\Buzz-it155.exe
PRC - [2014/02/13 07:01:52 | 000,487,518 | ---- | M] () -- C:\monitor.exe
PRC - [2014/02/11 17:08:58 | 002,288,928 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
PRC - [2014/01/24 16:09:44 | 000,342,336 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2014/01/21 08:35:24 | 000,586,840 | ---- | M] (Support.com, Inc.) -- C:\Program Files (x86)\AOL Computer Checkup\sdcService.exe
PRC - [2014/01/14 14:50:06 | 000,881,952 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
PRC - [2014/01/07 23:06:02 | 001,265,608 | ---- | M] (Objectify Media Inc) -- C:\Program Files (x86)\Web Protect\PCProtect.exe
PRC - [2013/12/18 11:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/09/07 10:20:56 | 000,071,224 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\AOL Desktop 9.7b\waol.exe
PRC - [2013/09/07 10:20:48 | 000,045,624 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\AOL Desktop 9.7b\shellmon.exe
PRC - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2013/05/26 23:17:58 | 000,311,696 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
PRC - [2012/06/28 18:41:48 | 000,691,592 | ---- | M] (2X Software Ltd.) -- C:\Program Files (x86)\2X\Client\TUXCredProv.exe
PRC - [2012/03/05 13:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/10/12 23:11:34 | 002,068,856 | ---- | M] (Flexera Software LLC.) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2011/10/12 23:11:32 | 001,446,264 | ---- | M] (Flexera Software LLC.) -- C:\ProgramData\FLEXnet\Connect\11\agent.exe
PRC - [2011/09/28 16:18:02 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2011/05/20 11:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/12/22 13:25:02 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/12/22 13:24:58 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/11/26 07:09:12 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
PRC - [2010/04/23 12:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/23 12:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/23 12:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/03/08 00:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\Common Files\AOL\1322623786\ee\aolsoftware.exe
PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2006/10/23 05:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/03/12 21:43:11 | 016,276,872 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
MOD - [2013/12/02 19:06:40 | 001,281,312 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Scan.dll
MOD - [2013/10/25 12:08:02 | 000,517,408 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll
MOD - [2013/09/07 10:20:57 | 000,048,640 | ---- | M] () -- C:\Program Files (x86)\AOL Desktop 9.7b\zlib.dll
MOD - [2013/09/07 10:19:37 | 021,117,440 | ---- | M] () -- C:\Program Files (x86)\AOL Desktop 9.7b\libcef.dll
MOD - [2013/09/07 10:19:35 | 000,648,704 | ---- | M] () -- C:\Program Files (x86)\AOL Desktop 9.7b\libGLESv2.dll
MOD - [2013/09/07 10:19:35 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\AOL Desktop 9.7b\libEGL.dll
MOD - [2013/01/15 18:47:56 | 000,893,248 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/04/01 21:22:00 | 000,610,704 | ---- | M] (Outfox Tv Productions Pty Ltd) [Auto | Running] -- C:\Program Files\OutfoxTV\OutfoxTvService.exe -- (OutfoxTvService)
SRV:64bit: - [2014/03/24 21:45:30 | 000,259,472 | ---- | M] (Outfox Tv Productions Pty Ltd) [Auto | Running] -- C:\Program Files\OutfoxTV\OutfoxTvUpdater.exe -- (OutfoxTvUpdater)
SRV:64bit: - [2014/03/12 21:27:57 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/03/04 01:39:36 | 002,541,928 | ---- | M] (Search Module Ltd.) [Auto | Running] -- C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe -- (SMUpd)
SRV:64bit: - [2014/01/28 02:14:46 | 000,178,528 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\McAPExe.exe -- (McAPExe)
SRV:64bit: - [2014/01/27 09:37:08 | 000,185,792 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2014/01/27 09:31:12 | 000,219,752 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2014/01/21 04:04:28 | 001,025,712 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe -- (mfecore)
SRV:64bit: - [2013/09/06 10:32:06 | 000,288,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe -- (McComponentHostService)
SRV:64bit: - [2013/08/02 18:52:58 | 000,602,944 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2013/07/30 12:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2013/07/30 12:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV:64bit: - [2013/07/30 12:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2013/07/30 12:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2013/07/30 12:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV:64bit: - [2013/07/19 12:21:14 | 002,179,056 | ---- | M] (GlavSoft LLC.) [Auto | Running] -- C:\Program Files\TightVNC\tvnserver.exe -- (tvnserver)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/09/18 21:40:00 | 000,311,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2012/09/18 21:39:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2012/04/25 14:02:52 | 000,031,000 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2012/02/26 05:07:52 | 002,669,840 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2012/02/26 05:07:42 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2012/02/26 05:07:32 | 000,626,960 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2012/02/26 05:07:26 | 000,148,752 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2012/01/17 16:12:28 | 000,135,952 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012/01/09 12:39:44 | 000,659,968 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2011/06/14 10:31:06 | 000,498,688 | ---- | M] (Red Bend Ltd.) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent)
SRV:64bit: - [2011/06/14 10:26:20 | 000,986,112 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv)
SRV:64bit: - [2010/10/11 02:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/13 18:39:31 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rundll32.exe -- (70e6ca8c)
SRV - [2014/04/03 09:49:12 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/04/03 09:49:12 | 000,857,912 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/04/02 18:06:55 | 000,350,504 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\EnhanceTronic\bin\utilEnhanceTronic.exe -- (Util EnhanceTronic)
SRV - [2014/04/02 18:03:42 | 000,350,504 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\EnhanceTronic\updateEnhanceTronic.exe -- (Update EnhanceTronic)
SRV - [2014/04/02 06:27:36 | 004,972,864 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014/03/29 23:39:20 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/03/17 15:35:04 | 000,807,800 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2014/03/15 01:40:31 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/03/12 21:43:12 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/03/03 09:53:02 | 001,363,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/03/03 09:52:32 | 001,748,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/02/27 08:19:59 | 000,192,512 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Buzz-it-soft\Buzz-it155.exe -- (Buzz-it)
SRV - [2014/02/18 06:47:06 | 000,036,392 | ---- | M] (Just Develop It) [Auto | Stopped] -- C:\Program Files (x86)\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2014/02/13 06:43:24 | 000,034,244 | ---- | M] () [Auto | Stopped] -- C:\monitorsvc.exe -- (ProtectMonitor)
SRV - [2014/02/06 22:19:20 | 000,032,288 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\LPT\srpts.exe -- (LPTSystemUpdater)
SRV - [2014/01/24 16:09:44 | 000,342,336 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2014/01/21 08:35:24 | 000,586,840 | ---- | M] (Support.com, Inc.) [Auto | Running] -- C:\Program Files (x86)\AOL Computer Checkup\SDCService.exe -- (AOL Computer Checkup)
SRV - [2014/01/14 14:50:06 | 000,881,952 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe -- (AdvancedSystemCareService7)
SRV - [2014/01/07 23:06:02 | 001,265,608 | ---- | M] (Objectify Media Inc) [On_Demand | Running] -- C:\Program Files (x86)\Web Protect\PCProtect.exe -- (PCProtect)
SRV - [2013/12/18 11:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/05 18:30:04 | 000,040,448 | ---- | M] () [Auto | Stopped] -- C:\ProgramData\InternetUpdater\InternetUpdaterService.exe -- (InternetUpdater)
SRV - [2013/12/03 17:10:24 | 002,151,200 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2013/11/04 19:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/07/30 14:29:36 | 000,834,664 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Windows\Temp\0281641396962214mcinst.exe -- (0281641396962214mcinstcleanup)
SRV - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013/06/20 22:13:00 | 000,042,504 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\ConservativeTalkNow_4n\bar\1.bin\4nbarsvc.exe -- (ConservativeTalkNow_4nService)
SRV - [2013/05/26 23:17:58 | 000,311,696 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe -- (DragonSvc)
SRV - [2012/06/28 18:41:48 | 000,691,592 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\2X\Client\\TUXCredProv.exe -- (2X SSO Service)
SRV - [2012/03/05 13:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2012/01/11 05:47:25 | 002,413,056 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/09/28 16:18:02 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)
SRV - [2011/05/20 11:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/03/01 21:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/17 22:48:24 | 000,265,544 | ---- | M] (HP) [Auto | Stopped] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2010/12/22 13:25:02 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/12/22 13:24:58 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/11/26 07:09:12 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2006/10/23 05:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe -- (AOL ACS)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/04/08 22:19:19 | 000,119,512 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/04/07 22:07:28 | 000,033,008 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2014/04/03 09:51:16 | 000,063,192 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/04/03 09:50:58 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014/03/29 23:41:08 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2014/03/29 23:40:50 | 011,530,992 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwsw00.sys -- (NETwNs64)
DRV:64bit: - [2014/03/29 23:39:14 | 005,363,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2014/03/29 23:38:07 | 000,888,536 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2014/03/29 23:37:42 | 000,043,840 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2014/03/29 23:37:42 | 000,031,040 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2014/03/29 09:38:16 | 000,061,120 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wStLibG64.sys -- (wStLibG64)
DRV:64bit: - [2014/03/04 01:39:28 | 000,041,320 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys -- (SMUpdd)
DRV:64bit: - [2014/03/04 00:46:50 | 000,359,128 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2014/03/04 00:45:44 | 000,084,992 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpusb.sys -- (bpusb)
DRV:64bit: - [2014/03/04 00:45:44 | 000,084,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpenum.sys -- (bpenum)
DRV:64bit: - [2014/02/21 21:03:37 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2014/02/21 21:03:37 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2014/02/21 21:03:37 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/01/27 09:43:26 | 000,070,592 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2014/01/27 09:37:32 | 000,344,688 | ---- | M] (McAfee, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2014/01/27 09:33:26 | 000,783,864 | ---- | M] (McAfee, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2014/01/27 09:31:34 | 000,520,696 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2014/01/27 09:30:06 | 000,311,600 | ---- | M] (McAfee, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2014/01/27 09:29:22 | 000,180,272 | ---- | M] (McAfee, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2014/01/21 03:50:24 | 000,096,592 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk)
DRV:64bit: - [2014/01/21 03:50:02 | 000,422,712 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc)
DRV:64bit: - [2013/12/24 11:40:32 | 000,021,184 | ---- | M] (IObit) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2013/09/23 14:49:22 | 000,197,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2013/06/26 19:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 19:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 19:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 19:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2013/06/04 19:07:44 | 000,095,152 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2012/09/18 21:40:00 | 000,535,552 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/09 12:32:40 | 000,195,584 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012/01/09 12:32:40 | 000,195,584 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011/12/08 06:33:53 | 000,208,896 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011/12/08 06:33:53 | 000,091,648 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011/12/08 06:32:09 | 001,451,056 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/08/24 21:09:36 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/08/24 21:09:36 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/08/05 13:34:02 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011/08/05 13:34:00 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011/05/20 10:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/05/19 13:25:10 | 000,182,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpmp.sys -- (bpmp)
DRV:64bit: - [2011/05/17 09:27:54 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010/11/20 20:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 20:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/10/15 01:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/07/28 09:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 14:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 14:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 14:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 13:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 13:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006/11/29 15:24:49 | 000,024,064 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wanatw64.sys -- (wanatw)
DRV - [2014/03/17 09:42:14 | 000,052,072 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files (x86)\ShopperPro\JSDriver\1.30.1.146\jsdrv.sys -- (SPDRIVER_1.30.1.146)
DRV - [2013/12/20 06:49:02 | 000,058,728 | ---- | M] (YTDownloader) [Kernel | Auto | Running] -- C:\Program Files (x86)\YTDownloader\sbmntr.sys -- (sbmntr)
DRV - [2013/11/19 16:10:36 | 000,034,848 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2013/11/19 16:10:36 | 000,023,016 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2013/07/18 17:45:46 | 000,056,584 | ---- | M] (Exent Technologies Ltd.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Hoopla\X5XSEx_Pr152.sys -- (X5XSEx_Pr152)
DRV - [2013/03/23 15:48:48 | 000,023,048 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{1C32D7D2-72B5-4CE9-894E-210A8B8D4480}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://www-search.ne...q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,NewTabPageShow = 1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}
IE - HKLM\..\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}: "URL" = http://www.google.co...utputEncoding?}
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.c...q={searchTerms}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.c...q={searchTerms}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.snapdo.c...YgtwUf93wSZCn3g,
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.c...q={searchTerms}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.c...q={searchTerms}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\.DEFAULT\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...q={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.c...q={searchTerms}
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.c...q={searchTerms}
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.snapdo.c...YgtwUf93wSZCn3g,
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.c...q={searchTerms}
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.c...q={searchTerms}
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-18\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...q={searchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.c...q={searchTerms}
IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.c...q={searchTerms}
IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.snapdo.c...YgtwUf93wSZCn3g,
IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.c...q={searchTerms}
IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.c...q={searchTerms}
IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...q={searchTerms}
IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
 
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001\SOFTWARE\Microsoft\Internet Explorer\Main,NewTabPageShow = 1
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.google.com/ [binary data]
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.outfox.tv/?referid=
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.google.com
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001\..\SearchScopes,DefaultScope = {7F4EFF06-7032-458e-AE16-1C1D8255C28A}
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001\..\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}: "URL" = http://www.google.co...utputEncoding?}
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://www-search.ne...q={searchTerms}
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:13828
 
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,NewTabPageShow = 1
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.google.com/ [binary data]
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.outfox.tv/?referid=
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.google.com
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes,DefaultScope = {7F4EFF06-7032-458e-AE16-1C1D8255C28A}
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}: "URL" = http://www.google.co...utputEncoding?}
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://www-search.ne...q={searchTerms}
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:13828
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Search Module"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.outfox.tv...id=|about:home"
FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - prefs.js..keyword.URL: "http://www-search.ne...ef0cbab4c6,&q="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Citrix.com/npican: C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ConservativeTalkNow_4n.com/Plugin: C:\Program Files (x86)\ConservativeTalkNow_4n\bar\1.bin\NP4nStub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@ei.MyFunCards_5m.com/Plugin: C:\Program Files (x86)\MyFunCards_5mEI\Installr\1.bin\NP5mEISB.dll File not found
FF - HKLM\Software\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0: C:\Program Files (x86)\Hoopla\npExentCtl.dll (Exent Technologies Ltd.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=3: C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=9: C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\nuance.com/DragonRIAPlugin: C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\npDgnRia.dll (Nuance Communications Inc.)
FF - HKLM\Software\MozillaPlugins\www.exent.com/GameTreatWidget: C:\Program Files (x86)\Hoopla\NPGameTreatPlugin.dll File not found
FF - HKCU\Software\MozillaPlugins\@lightspark.github.com/Lightspark;version=1: C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll ( )
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\zeinab\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\zeinab\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\zeinab\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]_4n.com: C:\Program Files (x86)\ConservativeTalkNow_4n\bar\1.bin [2014/03/27 22:18:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2013/05/26 23:14:40 | 000,136,309 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Perk Prize Panel\FF\
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}: C:\Users\zeinab\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\ [2014/03/21 17:38:30 | 000,000,000 | ---D | M]
 
[2014/03/24 15:04:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\zeinab\AppData\Roaming\Mozilla\Extensions
[2013/12/26 23:04:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\zeinab\AppData\Roaming\Mozilla\Firefox\extensions
[2013/12/26 23:04:35 | 000,000,000 | ---D | M] (Websteroids) -- C:\Users\zeinab\AppData\Roaming\Mozilla\Firefox\extensions\[email protected]
[2014/04/02 18:33:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\zeinab\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
[2014/04/02 21:33:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\zeinab\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions
[2014/03/22 11:58:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\zeinab\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins
[2014/03/27 22:17:39 | 000,000,000 | ---D | M] (Ads Removal) -- C:\Users\zeinab\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\[email protected]
[2014/04/02 21:33:48 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\zeinab\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\[email protected]
[2014/03/30 19:08:57 | 000,000,000 | ---D | M] (TidyNetwork) -- C:\Users\zeinab\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\[email protected]
[2014/04/06 10:05:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\zeinab\AppData\Roaming\Mozilla\Firefox\Profiles\ir5d2jtb.default\extensions
[2014/03/24 15:08:40 | 000,000,000 | ---D | M] ("Snap.Do ") -- C:\Users\zeinab\AppData\Roaming\Mozilla\Firefox\Profiles\ir5d2jtb.default\extensions\{{InstallationHashID}}
[2014/03/27 22:16:50 | 000,000,000 | ---D | M] (Ad-Aware Security Add-on) -- C:\Users\zeinab\AppData\Roaming\Mozilla\Firefox\Profiles\ir5d2jtb.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
[2014/03/27 22:16:50 | 000,000,000 | ---D | M] (Ads Removal) -- C:\Users\zeinab\AppData\Roaming\Mozilla\Firefox\Profiles\ir5d2jtb.default\extensions\[email protected]
[2014/04/02 21:33:49 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\zeinab\AppData\Roaming\Mozilla\Firefox\Profiles\ir5d2jtb.default\extensions\[email protected]
[2014/03/28 22:28:52 | 000,000,000 | ---D | M] (BetteorPricoeCheci) -- C:\Users\zeinab\AppData\Roaming\Mozilla\Firefox\Profiles\ir5d2jtb.default\extensions\[email protected]
[2014/03/27 22:23:38 | 000,002,417 | ---- | M] () -- C:\Users\zeinab\AppData\Roaming\Mozilla\Firefox\Profiles\ir5d2jtb.default\searchplugins\Web Search.xml
[2014/03/24 15:04:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/03/24 15:04:28 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\zeinab\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\
CHR - Extension: No name found = C:\Users\zeinab\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag\1.0.0.317_0\
CHR - Extension: No name found = C:\Users\zeinab\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag\1.0.1.41_0\
CHR - Extension: No name found = C:\Users\zeinab\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen\1.0.0_0\
CHR - Extension: First user = C:\Users\zeinab\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod\1.0.0_0\
CHR - Extension: Websteroids = C:\Users\zeinab\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.53_0\
CHR - Extension: No name found = C:\Users\zeinab\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.33_0\
CHR - Extension: No name found = C:\Users\zeinab\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.0.0_0\
CHR - Extension: No name found = C:\Users\zeinab\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.2.0.10_0\
CHR - Extension: No name found = C:\Users\zeinab\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgacjdfplhakjfljpbbagagjcbccpmnl\1.26.26_0\crossrider
CHR - Extension: No name found = C:\Users\zeinab\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgacjdfplhakjfljpbbagagjcbccpmnl\1.26.26_0\
CHR - Extension: No name found = C:\Users\zeinab\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
CHR - Extension: No name found = C:\Users\zeinab\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_1\
CHR - Extension: Google Wallet = C:\Users\zeinab\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Google Wallet = C:\Users\zeinab\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Google Wallet = C:\Users\zeinab\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Google Wallet = C:\Users\zeinab\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_2\
CHR - Extension: Google Wallet = C:\Users\zeinab\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_3\
CHR - Extension: Google Wallet = C:\Users\zeinab\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_4\
CHR - Extension: No name found = C:\Users\zeinab\AppData\Local\Google\Chrome\User Data\Default\Extensions\npggpidhikddlecjmgfbohpnhaifchki\1.2.0.15_0\
 
Hosts file not found
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
O2:64bit: - BHO: (Object Browser) - {11111111-1111-1111-1111-110311281150} - C:\Program Files (x86)\Object Browser\Object Browser-bho64.dll ()
O2:64bit: - BHO: (iWebar) - {11111111-1111-1111-1111-110311551110} - C:\Program Files (x86)\iWebar\iWebar-bho64.dll ()
O2:64bit: - BHO: (no name) - {11111111-1111-1111-1111-110511031168} - No CLSID value found.
O2:64bit: - BHO: (no name) - {11111111-1111-1111-1111-110511071176} - No CLSID value found.
O2:64bit: - BHO: (Slick Savings) - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - C:\Users\zeinab\AppData\Roaming\Slick Savings\Coupons64.dll ()
O2:64bit: - BHO: (no name) - {83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} - No CLSID value found.
O2:64bit: - BHO: (deal4me) - {841F609A-4D38-E0DD-6933-A6CE40F3079A} - C:\ProgramData\deal4me\C.x64.dll ()
O2:64bit: - BHO: (no name) - {8582D7E6-2ACA-36C1-E6CC-6C7EAF3AC7F9} - No CLSID value found.
O2:64bit: - BHO: (no name) - {93DBF2BB-A2B3-4683-A92E-57E60751F346} - No CLSID value found.
O2:64bit: - BHO: (no name) - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - No CLSID value found.
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2:64bit: - BHO: (no name) - {FC4DBA8C-2CC8-4741-BCE5-ADAC3EEA50B0} - No CLSID value found.
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.9\iobitappsToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Object Browser) - {11111111-1111-1111-1111-110311281150} - C:\Program Files (x86)\Object Browser\Object Browser-bho.dll ()
O2 - BHO: (iWebar) - {11111111-1111-1111-1111-110311551110} - C:\Program Files (x86)\iWebar\iWebar-bho.dll ()
O2 - BHO: (no name) - {11111111-1111-1111-1111-110511071176} - No CLSID value found.
O2 - BHO: (Slick Savings) - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - C:\Users\zeinab\AppData\Roaming\Slick Savings\Coupons.dll ()
O2 - BHO: (Perk Prize Panel) - {47F3EB15-C230-4A0B-BE4B-D527FF483B48} - C:\Program Files (x86)\Perk Prize Panel\pp.dll ()
O2 - BHO: (no name) - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} - No CLSID value found.
O2 - BHO: (no name) - {8582D7E6-2ACA-36C1-E6CC-6C7EAF3AC7F9} - No CLSID value found.
O2 - BHO: (WordExtra) - {8BA97046-C600-4264-B367-5DEFD9FC505F} - C:\Users\zeinab\AppData\Roaming\WordExtra\temp.dat ()
O2 - BHO: (no name) - {93DBF2BB-A2B3-4683-A92E-57E60751F346} - No CLSID value found.
O2 - BHO: (Ads Removal) - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
O2 - BHO: (no name) - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Search Assistant BHO) - {af77c74d-a46e-4671-afa0-1a09b1d4be39} - C:\Program Files (x86)\ConservativeTalkNow_4n\bar\1.bin\4nSrcAs.dll (MindSpark)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (no name) - {D0C21091-FF8E-432C-9006-0540E81BA9D7} - No CLSID value found.
O2 - BHO: (no name) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (EnhanceTronic) - {f530d5e8-9d18-4cba-b7cc-95944f9ebe3d} - C:\Program Files (x86)\EnhanceTronic\EnhanceTronicBHO.dll ()
O2 - BHO: (no name) - {FC4DBA8C-2CC8-4741-BCE5-ADAC3EEA50B0} - No CLSID value found.
O2 - BHO: (no name) - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.9\iobitappsToolbarIE64.dll (Spigot, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\8.9\iobitappsToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (ConservativeTalkNow) - {533329c9-ca91-42a2-8792-7f91c7b4172a} - C:\Program Files (x86)\ConservativeTalkNow_4n\bar\1.bin\4nbar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3:64bit: - HKU\S-1-5-21-697961089-2797053259-1168498779-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [tvncontrol] C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001..\Run: [AOL Fast Start] C:\Program Files (x86)\AOL Desktop 9.7b\AOL.EXE (AOL Inc.)
O4 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Flexera Software LLC.)
O4 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001..\Run: [Updater] C:\ProgramData\Updater\updater.exe ()
O4 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001..\Run: [WebInternetSecurity] "C:\Users\zeinab\AppData\Local\WebInternetSecurity\WebInternetSecurity.exe" File not found
O4 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [AOL Fast Start] C:\Program Files (x86)\AOL Desktop 9.7b\AOL.EXE (AOL Inc.)
O4 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Flexera Software LLC.)
O4 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [Updater] C:\ProgramData\Updater\updater.exe ()
O4 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [WebInternetSecurity] "C:\Users\zeinab\AppData\Local\WebInternetSecurity\WebInternetSecurity.exe" File not found
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001..\RunOnce: [Application Restart #1] C:\Program Files (x86)\Software Updater\SoftwareUpdater.exe /RestartByRestartManager:AF3B64C2-C791-4535-B262-2A9C8D2890D3 /RestartByRestartManager:68BE2FCD-D551-4259-A843-E7CA0D6092AB /RestartByRestartManager:E2111935-D1C6-42bb-B207-4D0D606DF244 /RestartByRestartManager:4A23CE73-6E7E-4c48-B25D-266492F33918 /RestartByRestartManager:E78841DB-729E-473b-989C-A3B071283E22 File not found
O4 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\RunOnce: [Application Restart #1] C:\Program Files (x86)\Software Updater\SoftwareUpdater.exe /RestartByRestartManager:AF3B64C2-C791-4535-B262-2A9C8D2890D3 /RestartByRestartManager:68BE2FCD-D551-4259-A843-E7CA0D6092AB /RestartByRestartManager:E2111935-D1C6-42bb-B207-4D0D606DF244 /RestartByRestartManager:4A23CE73-6E7E-4c48-B25D-266492F33918 /RestartByRestartManager:E78841DB-729E-473b-989C-A3B071283E22 File not found
O4 - Startup: C:\Users\zeinab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SDCDisabled [2014/04/02 21:38:48 | 000,000,000 | -H-D | M]
F3:64bit: - HKU\S-1-5-21-697961089-2797053259-1168498779-1001 WinNT: Load - (c:\users\zeinab\msxvgexu.exe) -  File not found
F3 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001 WinNT: Load - (c:\users\zeinab\msxvgexu.exe) -  File not found
F3:64bit: - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 WinNT: Load - (c:\users\zeinab\msxvgexu.exe) -  File not found
F3 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 WinNT: Load - (c:\users\zeinab\msxvgexu.exe) -  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
O7 - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
O7 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O7 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
O7 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Superfish - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - Reg Error: Key error. File not found
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\PCProtect64.dll (Objectify Media Inc)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\PCProtect64.dll (Objectify Media Inc)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\PCProtect64.dll (Objectify Media Inc)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\PCProtect64.dll (Objectify Media Inc)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\PCProtect64.dll (Objectify Media Inc)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\PCProtect.dll (Objectify Media Inc)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\PCProtect.dll (Objectify Media Inc)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\PCProtect.dll (Objectify Media Inc)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\PCProtect.dll (Objectify Media Inc)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWow64\PCProtect.dll (Objectify Media Inc)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001\..Trusted Domains: aol.com ([objects] * is out of zone range -  5)
O15 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001\..Trusted Domains: genieo.com ([search] http in Trusted sites)
O15 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001\..Trusted Ranges: Range1 ([*] in Trusted sites)
O15 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..Trusted Domains: aol.com ([objects] * is out of zone range -  5)
O15 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..Trusted Domains: genieo.com ([search] http in Trusted sites)
O15 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..Trusted Ranges: Range1 ([*] in Trusted sites)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.6.0.cab (DLM Control)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}  (ExentInf Class)
O16 - DPF: {A08D2318-19E6-4332-A741-87FBBD3984CD} https://hpfweb.prime...r/mckapprun.cab (McKesson Application Launcher Control)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://medplus.webe...br/ieatgpc1.cab (GpcContainer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 184.172.114.130,208.43.110.90
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{061F9C90-E267-4A7A-AEB5-3BD880CDD3B6}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{061F9C90-E267-4A7A-AEB5-3BD880CDD3B6}: NameServer = 184.172.114.130,208.43.110.90
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{30F65D6B-C0A8-4B16-A6FE-F6BC48584B33}: NameServer = 184.172.114.130,208.43.110.90
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4EEF04F3-B27E-447E-9CDD-81409380D488}: NameServer = 184.172.114.130,208.43.110.90
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 184.172.114.130,208.43.110.90
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D241584-7D8A-4949-A04B-E936158AB508}: NameServer = 184.172.114.130,208.43.110.90
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D16FD921-7ADC-42C1-B0A2-26B91C0DE298}: NameServer = 184.172.114.130,208.43.110.90
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) -  File not found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL) - C:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll ()
O20 - AppInit_DLLs: (c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll) -  File not found
O20 - AppInit_DLLs: (c:\progra~2\optimi~1\optpro~1.dll) - c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{96c7c53f-65dd-11e2-89b9-00038a000015}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (RegistryDefragBootTime.exe)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/04/08 06:05:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2014/04/07 22:07:28 | 000,033,008 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys
[2014/04/06 10:06:43 | 000,000,000 | ---D | C] -- C:\Users\zeinab\Desktop\mt san dimas
[2014/04/04 20:57:14 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\zeinab\Desktop\aswmbr.exe
[2014/04/04 20:52:11 | 000,000,000 | ---D | C] -- C:\Users\zeinab\AppData\Roaming\TightVNC
[2014/04/04 20:44:35 | 000,000,000 | ---D | C] -- C:\Users\zeinab\AppData\Roaming\TeamViewer
[2014/04/04 18:21:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TightVNC
[2014/04/04 18:21:16 | 000,000,000 | ---D | C] -- C:\ProgramData\TightVNC
[2014/04/04 18:21:16 | 000,000,000 | ---D | C] -- C:\Program Files\TightVNC
[2014/04/04 18:06:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2014/04/02 22:45:16 | 000,000,000 | ---D | C] -- C:\Users\zeinab\Desktop\mt parkside
[2014/04/02 18:27:20 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/04/02 18:26:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/04/02 18:26:02 | 000,088,280 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/04/02 18:26:02 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/04/02 18:26:02 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/04/02 18:26:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/04/02 18:26:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/03/30 19:10:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flash Update
[2014/03/30 19:10:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Flash Update
[2014/03/30 19:08:56 | 000,000,000 | ---D | C] -- C:\Users\zeinab\AppData\Local\TidyNetwork
[2014/03/30 19:08:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TidyNetwork
[2014/03/30 19:01:51 | 000,000,000 | ---D | C] -- C:\Users\zeinab\Documents\April2014StrokeCALLCALENDAR
[2014/03/29 23:41:08 | 001,795,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01011.dll
[2014/03/29 23:41:08 | 000,099,288 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys
[2014/03/29 23:40:50 | 011,530,992 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\NETwsw00.sys
[2014/03/29 23:39:20 | 000,279,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\IntelCpHeciSvc.exe
[2014/03/29 23:39:20 | 000,116,224 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v3347.dll
[2014/03/29 23:39:19 | 000,524,800 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhsip64.dll
[2014/03/29 23:39:19 | 000,519,680 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhsip32.dll
[2014/03/29 23:39:19 | 000,515,568 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2014/03/29 23:39:19 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2014/03/29 23:39:19 | 000,439,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrom.lrc
[2014/03/29 23:39:19 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2014/03/29 23:39:19 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2014/03/29 23:39:19 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2014/03/29 23:39:19 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2014/03/29 23:39:19 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2014/03/29 23:39:19 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2014/03/29 23:39:19 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2014/03/29 23:39:19 | 000,410,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2014/03/29 23:39:19 | 000,216,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhcp64.dll
[2014/03/29 23:39:19 | 000,180,224 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhcp32.dll
[2014/03/29 23:39:19 | 000,172,016 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2014/03/29 23:39:18 | 000,439,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2014/03/29 23:39:18 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2014/03/29 23:39:18 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2014/03/29 23:39:18 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2014/03/29 23:39:18 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhrv.lrc
[2014/03/29 23:39:18 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2014/03/29 23:39:18 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2014/03/29 23:39:18 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2014/03/29 23:39:18 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2014/03/29 23:39:18 | 000,432,128 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2014/03/29 23:39:18 | 000,431,104 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2014/03/29 23:39:17 | 009,007,616 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll
[2014/03/29 23:39:17 | 000,442,880 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
[2014/03/29 23:39:17 | 000,442,352 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2014/03/29 23:39:17 | 000,440,320 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2014/03/29 23:39:17 | 000,439,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2014/03/29 23:39:17 | 000,438,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2014/03/29 23:39:17 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2014/03/29 23:39:17 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2014/03/29 23:39:17 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2014/03/29 23:39:17 | 000,429,056 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2014/03/29 23:39:17 | 000,428,544 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2014/03/29 23:39:17 | 000,330,752 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2014/03/29 23:39:17 | 000,254,960 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2014/03/29 23:39:17 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2014/03/29 23:39:17 | 000,028,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2014/03/29 23:39:17 | 000,025,088 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2014/03/29 23:39:16 | 003,511,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmjit64.dll
[2014/03/29 23:39:16 | 003,121,152 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmjit32.dll
[2014/03/29 23:39:16 | 001,040,384 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll
[2014/03/29 23:39:16 | 000,931,840 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll
[2014/03/29 23:39:16 | 000,575,488 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfx11cmrt64.dll
[2014/03/29 23:39:16 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2014/03/29 23:39:15 | 012,617,216 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll
[2014/03/29 23:39:15 | 000,542,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfx11cmrt32.dll
[2014/03/29 23:39:14 | 005,363,200 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2014/03/29 23:39:12 | 011,176,448 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
[2014/03/29 23:39:11 | 013,031,424 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\ig4icd64.dll
[2014/03/29 23:39:11 | 010,812,928 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\ig4icd32.dll
[2014/03/29 23:39:11 | 005,904,880 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe
[2014/03/29 23:39:11 | 000,399,856 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2014/03/29 23:39:11 | 000,175,104 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2014/03/29 23:39:09 | 000,185,840 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\difx64.exe
[2014/03/29 23:38:07 | 000,888,536 | ---- | C] (Realtek                                            ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2014/03/29 23:38:07 | 000,073,800 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2014/03/29 23:37:42 | 000,043,840 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\Accelerometer.sys
[2014/03/29 23:33:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
[2014/03/29 09:38:16 | 000,061,120 | ---- | C] (StdLib) -- C:\Windows\SysNative\drivers\wStLibG64.sys
[2014/03/28 22:52:28 | 000,000,000 | ---D | C] -- C:\Users\zeinab\AppData\Local\Apple Computer
[2014/03/28 22:52:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/03/28 22:51:12 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2014/03/28 22:51:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2014/03/28 22:50:21 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/03/28 22:50:20 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/03/28 22:50:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/03/28 22:50:20 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/03/28 22:48:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2014/03/28 22:47:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2014/03/28 22:41:32 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2014/03/28 22:41:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2014/03/28 22:28:34 | 000,000,000 | ---D | C] -- C:\ProgramData\PriincceCoUpone
[2014/03/26 23:32:49 | 000,000,000 | ---D | C] -- C:\Users\zeinab\AppData\Roaming\Lavasoft
[2014/03/24 15:50:12 | 000,000,000 | ---D | C] -- C:\Users\zeinab\AppData\Roaming\LavasoftStatistics
[2014/03/24 15:22:30 | 000,000,000 | ---D | C] -- C:\Users\zeinab\AppData\Local\Macromedia
[2014/03/24 15:18:29 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2014/03/24 15:17:46 | 000,000,000 | ---D | C] -- C:\Users\zeinab\AppData\Local\adawarebp
[2014/03/24 15:17:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2014/03/24 15:17:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2014/03/24 15:16:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2014/03/24 15:15:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lavasoft
[2014/03/24 15:12:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2014/03/24 15:04:37 | 000,000,000 | ---D | C] -- C:\Users\zeinab\AppData\Local\Mozilla
[2014/03/24 15:04:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/03/24 15:04:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014/03/24 15:04:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/03/24 14:58:38 | 000,000,000 | ---D | C] -- C:\Windows\tasks\TaskDisabled
[2014/03/24 14:56:14 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/03/24 14:56:05 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/03/24 14:56:05 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/03/24 14:17:50 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\subinacl.exe
[2014/03/24 14:17:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft
[2014/03/24 14:17:35 | 000,000,000 | ---D | C] -- C:\Program Files\Adware-Removal-Tool
[2014/03/23 12:52:53 | 000,000,000 | ---D | C] -- C:\Users\zeinab\AppData\Roaming\Media Player Classic
[2014/03/22 12:08:22 | 000,000,000 | -H-D | C] -- C:\Users\zeinab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SDCDisabled
[2014/03/22 12:08:08 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SDCDisabled
[2014/03/21 17:40:40 | 000,000,000 | ---D | C] -- C:\Users\zeinab\AppData\Local\BenchUpdater
[2014/03/21 17:40:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebInternetSecurity
[2014/03/21 17:40:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Webinternetsecurity
[2014/03/21 17:40:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bench
[2014/03/21 17:39:49 | 000,000,000 | ---D | C] -- C:\ProgramData\VisualBee
[2014/03/21 17:39:44 | 000,000,000 | ---D | C] -- C:\Users\zeinab\AppData\Local\emaze
[2014/03/21 17:38:32 | 000,000,000 | ---D | C] -- C:\Users\zeinab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GreatArcadeHits
[2014/03/21 17:38:29 | 000,000,000 | ---D | C] -- C:\Users\zeinab\AppData\Local\GreatArcadeHits
[2014/03/21 17:01:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2014/03/21 17:01:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit Apps Toolbar
[2014/03/21 13:24:58 | 000,000,000 | ---D | C] -- C:\Users\zeinab\AppData\Local\Packages
[2014/03/21 13:24:27 | 000,000,000 | ---D | C] -- C:\ProgramData\deal4me
[2014/03/14 22:28:03 | 000,000,000 | ---D | C] -- C:\Users\zeinab\Documents\April2014ONCALLCALENDAR
[2014/03/12 21:27:58 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/03/12 21:27:58 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/03/12 21:27:58 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/03/12 21:27:57 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/03/12 21:27:57 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/03/12 21:27:57 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/03/12 21:27:57 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/03/12 21:27:57 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/03/12 21:27:57 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/03/12 21:27:57 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/03/12 21:27:57 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/03/12 21:27:57 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/03/12 21:27:57 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/03/12 21:27:57 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/03/12 21:27:57 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/03/12 21:27:57 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/03/12 21:27:57 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/03/12 21:27:57 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/03/12 21:27:57 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/03/12 21:27:57 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/03/12 21:27:57 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/03/12 21:27:57 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/03/12 21:27:57 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/03/12 21:27:57 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/03/12 21:27:28 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/03/12 21:27:28 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/03/12 21:26:52 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2014/03/12 21:26:52 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2014/03/12 21:26:29 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2014/03/12 21:16:54 | 005,777,288 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2014/03/09 23:38:16 | 000,000,000 | ---D | C] -- C:\Remote Programs
[2014/03/09 23:38:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Hoopla
[2014/03/09 23:37:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightspark 0.5.3-git
[2014/03/09 23:37:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lightspark 0.5.3-git
[2014/03/09 23:37:52 | 000,058,264 | ---- | C] (Exent Technologies Ltd.) -- C:\Windows\ExentInfo.exe
[2014/03/09 23:37:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hoopla
[2014/03/09 23:37:14 | 000,000,000 | ---D | C] -- C:\Users\zeinab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
[2014/03/09 23:37:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2011/09/28 16:18:32 | 000,020,944 | ---- | C] (Intel Corporation) -- C:\Users\zeinab\AppData\Roaming\JomCap.dll
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Users\zeinab\AppData\Local\*.tmp files -> C:\Users\zeinab\AppData\Local\*.tmp -> ]
[10 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/04/08 22:47:53 | 000,001,447 | ---- | M] () -- C:\Users\zeinab\Desktop\Internet Explorer (No Add-ons).lnk
[2014/04/08 22:43:05 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/04/08 22:43:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\SaveSenseLiveUpdateTaskMachineUA.job
[2014/04/08 22:23:34 | 000,037,232 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/08 22:23:34 | 000,037,232 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/08 22:22:00 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\SaveSense.job
[2014/04/08 22:19:19 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/04/08 22:18:00 | 000,000,276 | ---- | M] () -- C:\Windows\tasks\GreatArcadeHits.job
[2014/04/08 22:04:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\bench-sys.job
[2014/04/08 22:03:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/08 22:01:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-697961089-2797053259-1168498779-1001UA.job
[2014/04/08 21:59:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-697961089-2797053259-1168498779-1001UA.job
[2014/04/08 21:32:25 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-697961089-2797053259-1168498779-1001Core.job
[2014/04/08 21:22:56 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForzeinab.job
[2014/04/08 21:19:20 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\Buzz-it Update.job
[2014/04/08 21:19:20 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\bench-S-1-5-21-697961089-2797053259-1168498779-1001.job
[2014/04/08 21:19:19 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-697961089-2797053259-1168498779-1001Core.job
[2014/04/08 06:14:25 | 000,023,852 | ---- | M] () -- C:\Users\zeinab\Documents\OfferDr.JeffreyMora.pdf
[2014/04/08 06:05:42 | 000,001,763 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2014/04/08 06:02:11 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/04/07 23:34:37 | 000,002,528 | ---- | M] () -- C:\Users\zeinab\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/04/07 23:34:37 | 000,001,593 | ---- | M] () -- C:\Users\zeinab\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/04/07 22:35:01 | 000,285,279 | ---- | M] () -- C:\Users\zeinab\Documents\April2014StrokeCALLCALENDAR.zip
[2014/04/07 22:19:48 | 000,002,093 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
[2014/04/07 22:13:48 | 000,000,286 | ---- | M] () -- C:\Windows\tasks\Driver Booster Update.job
[2014/04/07 22:13:34 | 000,000,476 | ---- | M] () -- C:\Windows\tasks\SMW_UpdateTask_Time_3533393831363639302d5755326c785a5a5737414534.job
[2014/04/07 22:10:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/07 22:10:25 | 2106,478,591 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/07 22:07:37 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
[2014/04/07 22:07:28 | 000,033,008 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys
[2014/04/05 19:44:48 | 000,000,408 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for zeinab.job
[2014/04/05 14:35:30 | 002,027,980 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/04/05 14:35:30 | 000,598,396 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/04/05 14:35:30 | 000,006,514 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/04/05 12:01:32 | 000,002,675 | ---- | M] () -- C:\Users\zeinab\AppData\Roaming\SAS7_000.DAT
[2014/04/05 09:29:33 | 000,001,133 | ---- | M] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2014/04/04 21:14:08 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\zeinab\Desktop\aswmbr.exe
[2014/04/04 18:40:25 | 000,001,153 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/04/04 18:32:11 | 000,344,448 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/04/04 18:20:19 | 002,367,488 | ---- | M] () -- C:\Users\zeinab\Desktop\tightvnc-2.7.10-setup-64bit.msi
[2014/04/04 18:06:17 | 000,001,122 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014/04/04 18:00:52 | 000,001,062 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/03 09:51:16 | 000,063,192 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/04/03 09:51:04 | 000,088,280 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/04/03 09:50:58 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/04/02 18:58:51 | 000,001,256 | ---- | M] () -- C:\Users\zeinab\Desktop\Startup Manager.lnk
[2014/04/02 18:27:56 | 000,290,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\subinacl.exe
[2014/03/31 06:29:02 | 000,000,109 | ---- | M] () -- C:\Users\zeinab\AppData\Roaming\WB.CFG
[2014/03/29 23:41:12 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
[2014/03/29 23:41:08 | 001,795,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01011.dll
[2014/03/29 23:41:08 | 000,099,288 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys
[2014/03/29 23:40:50 | 011,530,992 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\NETwsw00.sys
[2014/03/29 23:39:20 | 000,279,024 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\IntelCpHeciSvc.exe
[2014/03/29 23:39:20 | 000,272,928 | ---- | M] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2014/03/29 23:39:20 | 000,272,928 | ---- | M] () -- C:\Windows\SysNative\igvpkrng600.bin
[2014/03/29 23:39:20 | 000,116,224 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v3347.dll
[2014/03/29 23:39:20 | 000,058,109 | ---- | M] () -- C:\Windows\SysNative\iglhxo64_dev.vp
[2014/03/29 23:39:20 | 000,017,058 | ---- | M] () -- C:\Windows\SysNative\iglhxs64.vp
[2014/03/29 23:39:19 | 001,981,696 | ---- | M] () -- C:\Windows\SysNative\iglhxa64.cpa
[2014/03/29 23:39:19 | 000,524,800 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\iglhsip64.dll
[2014/03/29 23:39:19 | 000,519,680 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\iglhsip32.dll
[2014/03/29 23:39:19 | 000,515,568 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2014/03/29 23:39:19 | 000,439,296 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2014/03/29 23:39:19 | 000,439,296 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrrom.lrc
[2014/03/29 23:39:19 | 000,438,784 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2014/03/29 23:39:19 | 000,438,784 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2014/03/29 23:39:19 | 000,438,784 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2014/03/29 23:39:19 | 000,437,760 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2014/03/29 23:39:19 | 000,437,760 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2014/03/29 23:39:19 | 000,437,760 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2014/03/29 23:39:19 | 000,437,760 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2014/03/29 23:39:19 | 000,437,248 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2014/03/29 23:39:19 | 000,410,624 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2014/03/29 23:39:19 | 000,216,064 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\iglhcp64.dll
[2014/03/29 23:39:19 | 000,180,224 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\iglhcp32.dll
[2014/03/29 23:39:19 | 000,172,016 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2014/03/29 23:39:19 | 000,064,000 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll
[2014/03/29 23:39:19 | 000,059,425 | ---- | M] () -- C:\Windows\SysNative\iglhxo64.vp
[2014/03/29 23:39:19 | 000,059,398 | ---- | M] () -- C:\Windows\SysNative\iglhxg64.vp
[2014/03/29 23:39:19 | 000,059,230 | ---- | M] () -- C:\Windows\SysNative\iglhxc64.vp
[2014/03/29 23:39:19 | 000,059,104 | ---- | M] () -- C:\Windows\SysNative\iglhxc64_dev.vp
[2014/03/29 23:39:19 | 000,058,796 | ---- | M] () -- C:\Windows\SysNative\iglhxg64_dev.vp
[2014/03/29 23:39:19 | 000,001,074 | ---- | M] () -- C:\Windows\SysNative\iglhxa64.vp
[2014/03/29 23:39:18 | 009,007,616 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll
[2014/03/29 23:39:18 | 000,439,808 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2014/03/29 23:39:18 | 000,438,784 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2014/03/29 23:39:18 | 000,438,784 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2014/03/29 23:39:18 | 000,438,784 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrhrv.lrc
[2014/03/29 23:39:18 | 000,438,272 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2014/03/29 23:39:18 | 000,438,272 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2014/03/29 23:39:18 | 000,437,760 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2014/03/29 23:39:18 | 000,435,712 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2014/03/29 23:39:18 | 000,432,128 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2014/03/29 23:39:18 | 000,431,104 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2014/03/29 23:39:17 | 000,442,880 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
[2014/03/29 23:39:17 | 000,442,352 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2014/03/29 23:39:17 | 000,440,320 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2014/03/29 23:39:17 | 000,439,808 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2014/03/29 23:39:17 | 000,438,784 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2014/03/29 23:39:17 | 000,438,272 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2014/03/29 23:39:17 | 000,437,248 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2014/03/29 23:39:17 | 000,435,712 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2014/03/29 23:39:17 | 000,429,056 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2014/03/29 23:39:17 | 000,428,544 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2014/03/29 23:39:17 | 000,384,512 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll
[2014/03/29 23:39:17 | 000,330,752 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2014/03/29 23:39:17 | 000,254,960 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2014/03/29 23:39:17 | 000,142,336 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2014/03/29 23:39:17 | 000,126,976 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2014/03/29 23:39:17 | 000,028,672 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2014/03/29 23:39:17 | 000,025,088 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
[2014/03/29 23:39:17 | 000,009,728 | ---- | M] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2014/03/29 23:39:16 | 003,511,296 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxcmjit64.dll
[2014/03/29 23:39:16 | 003,121,152 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmjit32.dll
[2014/03/29 23:39:16 | 001,040,384 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll
[2014/03/29 23:39:16 | 000,931,840 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll
[2014/03/29 23:39:16 | 000,575,488 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igfx11cmrt64.dll
[2014/03/29 23:39:16 | 000,542,720 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igfx11cmrt32.dll
[2014/03/29 23:39:15 | 012,617,216 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll
[2014/03/29 23:39:15 | 011,049,472 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igdumd32.dll
[2014/03/29 23:39:14 | 005,363,200 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2014/03/29 23:39:13 | 000,098,304 | ---- | M] () -- C:\Windows\SysNative\igdde64.dll
[2014/03/29 23:39:13 | 000,077,312 | ---- | M] () -- C:\Windows\SysWow64\igdde32.dll
[2014/03/29 23:39:12 | 013,031,424 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\ig4icd64.dll
[2014/03/29 23:39:12 | 012,859,392 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\igd10umd64.dll
[2014/03/29 23:39:12 | 011,176,448 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
[2014/03/29 23:39:12 | 000,963,452 | ---- | M] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2014/03/29 23:39:12 | 000,963,452 | ---- | M] () -- C:\Windows\SysNative\igcodeckrng600.bin
[2014/03/29 23:39:11 | 010,812,928 | ---- | M] (Intel Corporation) -- C:\Windows\SysWow64\ig4icd32.dll
[2014/03/29 23:39:11 | 005,904,880 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe
[2014/03/29 23:39:11 | 000,399,856 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2014/03/29 23:39:11 | 000,223,664 | ---- | M] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2014/03/29 23:39:11 | 000,175,104 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2014/03/29 23:39:11 | 000,144,645 | ---- | M] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2014/03/29 23:39:11 | 000,142,882 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2014/03/29 23:39:11 | 000,141,838 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2014/03/29 23:39:11 | 000,137,889 | ---- | M] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2014/03/29 23:39:11 | 000,126,300 | ---- | M] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2014/03/29 23:39:11 | 000,124,650 | ---- | M] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2014/03/29 23:39:11 | 000,110,592 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll
[2014/03/29 23:39:11 | 000,000,268 | ---- | M] () -- C:\Windows\SysNative\GfxUI.exe.config
[2014/03/29 23:39:10 | 000,194,245 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2014/03/29 23:39:10 | 000,146,004 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources
[2014/03/29 23:39:10 | 000,144,260 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2014/03/29 23:39:10 | 000,144,020 | ---- | M] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2014/03/29 23:39:10 | 000,142,877 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2014/03/29 23:39:10 | 000,142,717 | ---- | M] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2014/03/29 23:39:10 | 000,137,784 | ---- | M] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2014/03/29 23:39:09 | 000,210,106 | ---- | M] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2014/03/29 23:39:09 | 000,185,840 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\difx64.exe
[2014/03/29 23:39:09 | 000,166,170 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2014/03/29 23:39:09 | 000,163,421 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2014/03/29 23:39:09 | 000,159,008 | ---- | M] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2014/03/29 23:39:09 | 000,149,682 | ---- | M] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2014/03/29 23:39:09 | 000,148,042 | ---- | M] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2014/03/29 23:39:09 | 000,147,393 | ---- | M] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2014/03/29 23:39:09 | 000,147,288 | ---- | M] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2014/03/29 23:39:09 | 000,145,491 | ---- | M] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2014/03/29 23:39:09 | 000,143,932 | ---- | M] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2014/03/29 23:39:09 | 000,142,289 | ---- | M] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2014/03/29 23:39:09 | 000,142,008 | ---- | M] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2014/03/29 23:39:09 | 000,141,049 | ---- | M] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources
[2014/03/29 23:39:09 | 000,137,141 | ---- | M] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2014/03/29 23:39:09 | 000,132,623 | ---- | M] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2014/03/29 23:38:07 | 000,888,536 | ---- | M] (Realtek                                            ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2014/03/29 23:38:07 | 000,107,552 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2014/03/29 23:38:07 | 000,073,800 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2014/03/29 23:37:42 | 000,043,840 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\Accelerometer.sys
[2014/03/29 23:37:42 | 000,031,040 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\hpdskflt.sys
[2014/03/29 23:33:40 | 000,001,140 | ---- | M] () -- C:\Users\Public\Desktop\Driver Booster.lnk
[2014/03/29 09:38:16 | 000,061,120 | ---- | M] (StdLib) -- C:\Windows\SysNative\drivers\wStLibG64.sys
[2014/03/28 22:52:23 | 000,001,743 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/03/28 22:21:09 | 000,001,805 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2014/03/24 20:34:23 | 000,538,160 | ---- | M] () -- C:\Users\zeinab\Documents\BMWEncore.png
[2014/03/22 12:35:44 | 000,000,289 | ---- | M] () -- C:\prefs.js
[2014/03/21 17:40:12 | 000,001,196 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/03/21 17:40:08 | 000,000,872 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.old
[2014/03/20 06:54:25 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForZEINAB-HP$.job
[2014/03/17 22:06:06 | 005,474,816 | ---- | M] () -- C:\Users\zeinab\Documents\Lemiroirnaturel-JL.pps
[2014/03/16 22:55:28 | 000,002,228 | ---- | M] () -- C:\Users\Public\Desktop\AOL Computer Checkup.lnk
[2014/03/14 22:28:02 | 000,038,916 | ---- | M] () -- C:\Users\zeinab\Documents\April2014ONCALLCALENDAR.zip
[2014/03/13 06:52:48 | 000,072,765 | ---- | M] () -- C:\Users\zeinab\Documents\emailDocumentController.do.pdf
[2014/03/12 21:43:12 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/03/12 21:43:12 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/03/12 21:43:06 | 005,777,288 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2014/03/12 21:27:58 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/03/12 21:27:58 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/03/12 21:27:58 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/03/12 21:27:57 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/03/12 21:27:57 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/03/12 21:27:57 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/03/12 21:27:57 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/03/12 21:27:57 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/03/12 21:27:57 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/03/12 21:27:57 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/03/12 21:27:57 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/03/12 21:27:57 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/03/12 21:27:57 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/03/12 21:27:57 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/03/12 21:27:57 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/03/12 21:27:57 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/03/12 21:27:57 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/03/12 21:27:57 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/03/12 21:27:57 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/03/12 21:27:57 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/03/12 21:27:57 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/03/12 21:27:57 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/03/12 21:27:57 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/03/12 21:27:57 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/03/12 21:27:28 | 000,624,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/03/12 21:27:28 | 000,509,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/03/12 21:26:52 | 000,484,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2014/03/12 21:26:52 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2014/03/12 21:26:29 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2014/03/09 23:38:17 | 000,000,066 | ---- | M] () -- C:\Windows\GPlrLanc.dat
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Users\zeinab\AppData\Local\*.tmp files -> C:\Users\zeinab\AppData\Local\*.tmp -> ]
[10 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/04/08 21:22:56 | 000,000,336 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForzeinab.job
[2014/04/08 06:14:24 | 000,023,852 | ---- | C] () -- C:\Users\zeinab\Documents\OfferDr.JeffreyMora.pdf
[2014/04/07 22:13:34 | 000,000,476 | ---- | C] () -- C:\Windows\tasks\SMW_UpdateTask_Time_3533393831363639302d5755326c785a5a5737414534.job
[2014/04/07 22:07:37 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
[2014/04/04 18:41:55 | 000,001,559 | ---- | C] () -- C:\Users\zeinab\Desktop\Internet Explorer (No Add-ons).lnk
[2014/04/04 18:06:17 | 000,001,134 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
[2014/04/04 18:06:17 | 000,001,122 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014/04/03 15:47:38 | 002,367,488 | ---- | C] () -- C:\Users\zeinab\Desktop\tightvnc-2.7.10-setup-64bit.msi
[2014/04/02 18:58:51 | 000,001,256 | ---- | C] () -- C:\Users\zeinab\Desktop\Startup Manager.lnk
[2014/04/02 18:26:20 | 000,001,062 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/30 19:01:48 | 000,285,279 | ---- | C] () -- C:\Users\zeinab\Documents\April2014StrokeCALLCALENDAR.zip
[2014/03/29 23:41:12 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
[2014/03/29 23:39:20 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2014/03/29 23:39:20 | 000,272,928 | ---- | C] () -- C:\Windows\SysNative\igvpkrng600.bin
[2014/03/29 23:39:20 | 000,017,058 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2014/03/29 23:39:19 | 001,981,696 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2014/03/29 23:39:19 | 000,059,425 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp
[2014/03/29 23:39:19 | 000,059,398 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp
[2014/03/29 23:39:19 | 000,059,230 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp
[2014/03/29 23:39:19 | 000,059,104 | ---- | C] () -- C:\Windows\SysNative\iglhxc64_dev.vp
[2014/03/29 23:39:19 | 000,058,796 | ---- | C] () -- C:\Windows\SysNative\iglhxg64_dev.vp
[2014/03/29 23:39:19 | 000,058,109 | ---- | C] () -- C:\Windows\SysNative\iglhxo64_dev.vp
[2014/03/29 23:39:19 | 000,001,074 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.vp
[2014/03/29 23:39:17 | 000,009,728 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2014/03/29 23:39:13 | 000,098,304 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll
[2014/03/29 23:39:13 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2014/03/29 23:39:12 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2014/03/29 23:39:12 | 000,963,452 | ---- | C] () -- C:\Windows\SysNative\igcodeckrng600.bin
[2014/03/29 23:39:11 | 000,223,664 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2014/03/29 23:39:11 | 000,144,645 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2014/03/29 23:39:11 | 000,142,882 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2014/03/29 23:39:11 | 000,141,838 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2014/03/29 23:39:11 | 000,137,889 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2014/03/29 23:39:11 | 000,126,300 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2014/03/29 23:39:11 | 000,124,650 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2014/03/29 23:39:11 | 000,000,268 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config
[2014/03/29 23:39:10 | 000,194,245 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2014/03/29 23:39:10 | 000,146,004 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources
[2014/03/29 23:39:10 | 000,144,260 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2014/03/29 23:39:10 | 000,144,020 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2014/03/29 23:39:10 | 000,142,877 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2014/03/29 23:39:10 | 000,142,717 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2014/03/29 23:39:09 | 000,210,106 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2014/03/29 23:39:09 | 000,166,170 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2014/03/29 23:39:09 | 000,163,421 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2014/03/29 23:39:09 | 000,159,008 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2014/03/29 23:39:09 | 000,149,682 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2014/03/29 23:39:09 | 000,148,042 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2014/03/29 23:39:09 | 000,147,393 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2014/03/29 23:39:09 | 000,147,288 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2014/03/29 23:39:09 | 000,145,491 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2014/03/29 23:39:09 | 000,143,932 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2014/03/29 23:39:09 | 000,142,289 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2014/03/29 23:39:09 | 000,142,008 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2014/03/29 23:39:09 | 000,141,049 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources
[2014/03/29 23:39:09 | 000,137,784 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2014/03/29 23:39:09 | 000,137,141 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2014/03/29 23:39:09 | 000,132,623 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2014/03/29 23:33:41 | 000,000,286 | ---- | C] () -- C:\Windows\tasks\Driver Booster Update.job
[2014/03/29 23:33:40 | 000,001,140 | ---- | C] () -- C:\Users\Public\Desktop\Driver Booster.lnk
[2014/03/28 22:52:23 | 000,001,743 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/03/28 22:21:09 | 000,001,805 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2014/03/24 20:34:14 | 000,538,160 | ---- | C] () -- C:\Users\zeinab\Documents\BMWEncore.png
[2014/03/24 15:04:29 | 000,001,275 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/03/24 15:04:29 | 000,001,153 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/03/21 17:40:04 | 000,000,346 | ---- | C] () -- C:\Windows\tasks\bench-sys.job
[2014/03/21 17:40:04 | 000,000,346 | ---- | C] () -- C:\Windows\tasks\bench-S-1-5-21-697961089-2797053259-1168498779-1001.job
[2014/03/21 17:39:44 | 000,001,248 | ---- | C] () -- C:\Users\zeinab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Create Amazing Presentations.lnk
[2014/03/21 17:38:30 | 000,000,276 | ---- | C] () -- C:\Windows\tasks\GreatArcadeHits.job
[2014/03/17 22:05:23 | 005,474,816 | ---- | C] () -- C:\Users\zeinab\Documents\Lemiroirnaturel-JL.pps
[2014/03/14 22:28:02 | 000,038,916 | ---- | C] () -- C:\Users\zeinab\Documents\April2014ONCALLCALENDAR.zip
[2014/03/13 06:52:47 | 000,072,765 | ---- | C] () -- C:\Users\zeinab\Documents\emailDocumentController.do.pdf
[2014/03/09 23:38:17 | 000,000,066 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2014/03/05 23:09:03 | 000,003,976 | ---- | C] () -- C:\Windows\SysWow64\PCProtect.ini
[2014/03/05 23:09:03 | 000,002,184 | ---- | C] () -- C:\Windows\SysWow64\PCProtectOff.ini
[2014/02/23 22:01:35 | 000,000,283 | ---- | C] () -- C:\Windows\winros.ini
[2014/02/01 23:04:41 | 000,001,196 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/01/18 23:38:01 | 000,000,109 | ---- | C] () -- C:\Users\zeinab\AppData\Roaming\WB.CFG
[2013/08/03 23:12:05 | 000,002,675 | ---- | C] () -- C:\Users\zeinab\AppData\Roaming\SAS7_000.DAT
[2012/11/29 19:34:11 | 000,234,544 | ---- | C] () -- C:\Windows\RegBootClean64.exe
[2012/06/27 06:35:16 | 000,450,560 | ---- | C] () -- C:\Windows\SysWow64\AscSQLite.dll
 
========== ZeroAccess Check ==========
 
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/02/28 21:19:05 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\2XClient
[2014/01/22 21:31:41 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\Blio
[2014/01/10 20:24:23 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\CompuClever
[2014/03/07 00:08:17 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\Genieo
[2012/03/12 21:13:52 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\ICAClient
[2012/09/24 20:45:51 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\IDT
[2012/08/01 19:56:04 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\iMedica
[2014/02/21 21:36:59 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\IObit
[2013/08/03 22:52:28 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\Nuance
[2014/02/28 08:50:11 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\Optimizer Pro
[2014/03/05 23:06:47 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\PC Health Kit
[2014/01/18 22:38:05 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\SaveSense
[2014/03/27 22:17:40 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\Slick Savings
[2012/11/04 22:13:42 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\SoftGrid Client
[2011/11/28 19:11:52 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\Synaptics
[2014/02/21 20:40:13 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\Systweak
[2014/04/04 21:16:50 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\TeamViewer
[2012/11/21 21:53:42 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\Thinstall
[2014/04/04 20:52:11 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\TightVNC
[2011/12/03 00:09:41 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\TP
[2014/03/27 22:17:40 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\VOPackage
[2014/02/27 23:30:35 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\WildTangent
[2011/12/09 06:54:44 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\Windows Live Writer
[2014/02/24 21:52:18 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\WordExtra
[2012/10/18 08:56:33 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\_MDLogs
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
========== Base Services ==========
SRV:64bit: - [2009/07/13 18:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2013/02/26 22:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/13 18:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010/11/20 20:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/20 20:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2013/09/24 18:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 18:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 18:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/04 15:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013/07/08 22:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013/07/08 21:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/20 20:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/20 20:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 20:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011/08/24 21:07:02 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/13 18:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 18:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 18:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/13 18:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010/11/20 20:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/07/13 18:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 18:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 18:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 18:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 18:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012/10/03 10:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/13 18:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011/05/24 04:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/02/10 23:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2013/09/24 18:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/13 18:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/20 20:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/20 20:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/20 20:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2013/09/24 18:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/07/13 18:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/11/20 20:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/20 20:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 20:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/20 20:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/20 20:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 20:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/13 18:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/04/30 22:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/20 20:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/20 20:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/20 20:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/20 20:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/11/20 20:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/20 20:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/20 20:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/20 20:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/20 20:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/13 18:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/02 15:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/20 20:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/13 18:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/20 20:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
 
< %SYSTEMDRIVE%\*.exe >
[2014/02/13 07:01:52 | 000,487,518 | ---- | M] () -- C:\monitor.exe
[2014/02/13 06:43:24 | 000,034,244 | ---- | M] () -- C:\monitorsvc.exe
[2013/03/11 12:19:10 | 000,401,408 | ---- | M] () -- C:\wget.exe
 
< c:\program files (x86)\Google\Desktop >
[2009/07/13 22:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/13 22:08:49 | 000,032,560 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/11/28 22:50:01 | 000,000,860 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-697961089-2797053259-1168498779-1001Core.job
[2011/11/28 22:50:01 | 000,000,912 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-697961089-2797053259-1168498779-1001UA.job
[2012/04/04 21:56:55 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012/11/21 22:13:05 | 000,000,344 | ---- | C] () -- C:\Windows\Tasks\HPCeeScheduleForZEINAB-HP$.job
[2013/02/21 10:36:22 | 000,000,894 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/02/21 10:36:22 | 000,000,898 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013/03/20 09:24:39 | 000,000,408 | -H-- | C] () -- C:\Windows\Tasks\Norton Security Scan for zeinab.job
[2013/03/24 09:54:52 | 000,000,910 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-697961089-2797053259-1168498779-1001Core.job
[2013/03/24 09:54:52 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-697961089-2797053259-1168498779-1001UA.job
[2014/01/18 22:38:06 | 000,000,296 | ---- | C] () -- C:\Windows\Tasks\SaveSense.job
[2014/01/18 22:38:14 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
[2014/02/27 08:20:01 | 000,000,386 | ---- | C] () -- C:\Windows\Tasks\Buzz-it Update.job
[2014/03/21 17:38:30 | 000,000,276 | ---- | C] () -- C:\Windows\Tasks\GreatArcadeHits.job
[2014/03/21 17:40:04 | 000,000,346 | ---- | C] () -- C:\Windows\Tasks\bench-S-1-5-21-697961089-2797053259-1168498779-1001.job
[2014/03/21 17:40:04 | 000,000,346 | ---- | C] () -- C:\Windows\Tasks\bench-sys.job
[2014/03/29 23:33:41 | 000,000,286 | ---- | C] () -- C:\Windows\Tasks\Driver Booster Update.job
[2014/04/07 22:13:34 | 000,000,476 | ---- | C] () -- C:\Windows\Tasks\SMW_UpdateTask_Time_3533393831363639302d5755326c785a5a5737414534.job
[2014/04/08 21:22:56 | 000,000,336 | ---- | C] () -- C:\Windows\Tasks\HPCeeScheduleForzeinab.job
 
< c:\program files\Google\Desktop >
 
< dir "%systemdrive%\*" /S /A:L /C >
 Volume in drive C has no label.
 Volume Serial Number is BA59-74C6
 Directory of C:\
07/13/2009  10:08 PM    <JUNCTION>     Documents and Settings [C:\Users]
               0 File(s)              0 bytes
 Directory of C:\Program Files (x86)\Evernote
08/24/2011  09:24 PM    <SYMLINKD>     Evernote3.5 [C:\Program Files (x86)\Evernote\Evernote]
               0 File(s)              0 bytes
 Directory of C:\ProgramData
07/13/2009  10:08 PM    <JUNCTION>     Application Data [C:\ProgramData]
07/13/2009  10:08 PM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
07/13/2009  10:08 PM    <JUNCTION>     Documents [C:\Users\Public\Documents]
07/13/2009  10:08 PM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
07/13/2009  10:08 PM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/13/2009  10:08 PM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users
07/13/2009  10:08 PM    <SYMLINKD>     All Users [C:\ProgramData]
07/13/2009  10:08 PM    <JUNCTION>     Default User [C:\Users\Default]
               0 File(s)              0 bytes
 Directory of C:\Users\All Users
07/13/2009  10:08 PM    <JUNCTION>     Application Data [C:\ProgramData]
07/13/2009  10:08 PM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
07/13/2009  10:08 PM    <JUNCTION>     Documents [C:\Users\Public\Documents]
07/13/2009  10:08 PM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
07/13/2009  10:08 PM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/13/2009  10:08 PM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default
07/13/2009  10:08 PM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Roaming]
07/13/2009  10:08 PM    <JUNCTION>     Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
07/13/2009  10:08 PM    <JUNCTION>     Local Settings [C:\Users\Default\AppData\Local]
07/13/2009  10:08 PM    <JUNCTION>     My Documents [C:\Users\Default\Documents]
07/13/2009  10:08 PM    <JUNCTION>     NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/13/2009  10:08 PM    <JUNCTION>     PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/13/2009  10:08 PM    <JUNCTION>     Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/13/2009  10:08 PM    <JUNCTION>     SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/13/2009  10:08 PM    <JUNCTION>     Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/13/2009  10:08 PM    <JUNCTION>     Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\AppData\Local
07/13/2009  10:08 PM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Local]
07/13/2009  10:08 PM    <JUNCTION>     History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/13/2009  10:08 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\Documents
07/13/2009  10:08 PM    <JUNCTION>     My Music [C:\Users\Default\Music]
07/13/2009  10:08 PM    <JUNCTION>     My Pictures [C:\Users\Default\Pictures]
07/13/2009  10:08 PM    <JUNCTION>     My Videos [C:\Users\Default\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Public\Documents
07/13/2009  10:08 PM    <JUNCTION>     My Music [C:\Users\Public\Music]
07/13/2009  10:08 PM    <JUNCTION>     My Pictures [C:\Users\Public\Pictures]
07/13/2009  10:08 PM    <JUNCTION>     My Videos [C:\Users\Public\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\zeinab
11/28/2011  07:00 PM    <JUNCTION>     Application Data [C:\Users\zeinab\AppData\Roaming]
11/28/2011  07:00 PM    <JUNCTION>     Cookies [C:\Users\zeinab\AppData\Roaming\Microsoft\Windows\Cookies]
11/28/2011  07:00 PM    <JUNCTION>     Local Settings [C:\Users\zeinab\AppData\Local]
11/28/2011  07:00 PM    <JUNCTION>     My Documents [C:\Users\zeinab\Documents]
11/28/2011  07:00 PM    <JUNCTION>     NetHood [C:\Users\zeinab\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
11/28/2011  07:00 PM    <JUNCTION>     PrintHood [C:\Users\zeinab\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
11/28/2011  07:00 PM    <JUNCTION>     Recent [C:\Users\zeinab\AppData\Roaming\Microsoft\Windows\Recent]
11/28/2011  07:00 PM    <JUNCTION>     SendTo [C:\Users\zeinab\AppData\Roaming\Microsoft\Windows\SendTo]
11/28/2011  07:00 PM    <JUNCTION>     Start Menu [C:\Users\zeinab\AppData\Roaming\Microsoft\Windows\Start Menu]
11/28/2011  07:00 PM    <JUNCTION>     Templates [C:\Users\zeinab\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\zeinab\AppData\Local
11/28/2011  07:00 PM    <JUNCTION>     Application Data [C:\Users\zeinab\AppData\Local]
11/28/2011  07:00 PM    <JUNCTION>     History [C:\Users\zeinab\AppData\Local\Microsoft\Windows\History]
11/28/2011  07:00 PM    <JUNCTION>     Temporary Internet Files [C:\Users\zeinab\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\zeinab\AppData\LocalLow
12/20/2012  09:00 PM    <JUNCTION>     PlayReady [C:\ProgramData\Microsoft\PlayReady]
               0 File(s)              0 bytes
 Directory of C:\Users\zeinab\Documents
11/28/2011  07:00 PM    <JUNCTION>     My Music [C:\Users\zeinab\Music]
11/28/2011  07:00 PM    <JUNCTION>     My Pictures [C:\Users\zeinab\Pictures]
11/28/2011  07:00 PM    <JUNCTION>     My Videos [C:\Users\zeinab\Videos]
               0 File(s)              0 bytes
     Total Files Listed:
               0 File(s)              0 bytes
              52 Dir(s)  629,132,521,472 bytes free
 
< MD5 for: RPCSS.DLL  >
[2010/11/20 20:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\SysNative\rpcss.dll
[2010/11/20 20:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 246 bytes -> C:\ProgramData\Temp:7FFED16F
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:612B5BD9
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:373E1720
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1

< End of report >
 

 

Extras.Txt

 

OTL Extras logfile created on: 4/8/2014 10:31:25 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\zeinab\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.95 Gb Total Physical Memory | 4.74 Gb Available Physical Memory | 59.65% Memory free
15.90 Gb Paging File | 12.17 Gb Available in Paging File | 76.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 681.47 Gb Total Space | 585.94 Gb Free Space | 85.98% Space Free | Partition Type: NTFS
Drive D: | 16.87 Gb Total Space | 1.82 Gb Free Space | 10.77% Space Free | Partition Type: NTFS
 
Computer Name: ZEINAB-HP | User Name: zeinab | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-697961089-2797053259-1168498779-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistHiDefMedia] -- "C:\Program Files (x86)\HiDefMedia\HiDefMedia\HiDefMedia.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithHiDefMedia] -- "C:\Program Files (x86)\HiDefMedia\HiDefMedia\HiDefMedia.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistHiDefMedia] -- "C:\Program Files (x86)\HiDefMedia\HiDefMedia\HiDefMedia.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithHiDefMedia] -- "C:\Program Files (x86)\HiDefMedia\HiDefMedia\HiDefMedia.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{030F99EF-ADFD-41FB-88B0-5C5290977A09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0BCCADFC-D362-45A2-A88B-6B0B951B3D71}" = lport=138 | protocol=17 | dir=in | app=system |
"{0C0B1C38-500F-43FF-B73C-89C3FF44B0DF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1FBEA035-A30F-4288-8B7E-D391A6D65D2D}" = lport=137 | protocol=17 | dir=in | app=system |
"{249883D2-0F47-4F7B-B6FD-485A23BF7E67}" = rport=137 | protocol=17 | dir=out | app=system |
"{26069B9D-B804-4781-BD7B-921C4A319E40}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2680757B-1067-4472-B32A-31C2AAE71954}" = rport=10243 | protocol=6 | dir=out | app=system |
"{30F01288-B9F3-450B-832F-00616F78FB07}" = lport=139 | protocol=6 | dir=in | app=system |
"{3C9BD12E-772B-4B97-A0EA-85E646176630}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{50EC6090-677B-4744-90F1-1BFBD702ABF9}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{7CB4DA8D-FE6C-4576-BD34-E51338DDECCB}" = rport=138 | protocol=17 | dir=out | app=system |
"{862D67B6-5D89-4961-9A3B-EDEE97603DB7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A252CCA8-5D21-4912-9509-57D3A30029DA}" = rport=445 | protocol=6 | dir=out | app=system |
"{AF972255-3CF5-4DCA-B513-C0411C00A295}" = rport=139 | protocol=6 | dir=out | app=system |
"{B2133F8B-7A74-4BEE-925B-E4E2EB5AA9A5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B306EB81-D740-4BA2-9B8A-543FA82086BA}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B3783EA6-8C0C-4F0B-B888-5A34F8ADB152}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B460B001-CD6A-4763-A4DB-133E85B0E807}" = lport=51001 | protocol=6 | dir=in | name=dragon smart phone server |
"{CCF4AAE2-6326-4EE6-8CE7-DFE5558E7C10}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DBB87177-61D1-4163-8567-99BD802FC015}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DE15CD8A-F79D-42AF-AA89-B05D2B5A1016}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E5212861-9CE5-4CBD-9157-91EE556CEAE7}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{EF3D68F6-84EB-4E3B-9946-4E271641726B}" = lport=445 | protocol=6 | dir=in | app=system |
"{F0A7887F-9CFA-4535-8907-D159EF09AFC3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0122A2AA-76BA-4601-A966-0B48F0111689}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{050561FC-7094-43F1-B56C-4B15B06B78FC}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{0779772E-535E-491F-B18C-F6189A4D4CCF}" = protocol=17 | dir=in | app=c:\program files (x86)\aol desktop 9.7\waol.exe |
"{0AE04EF4-031E-49DC-88C6-6C26668A4A7D}" = protocol=17 | dir=in | app=c:\program files (x86)\aol desktop 9.6\waol.exe |
"{0BADB049-67B5-4653-ACDE-D28F8C114B00}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{0E1C551B-82E2-4486-A1EC-8904CA830405}" = protocol=17 | dir=in | app=c:\program files (x86)\aol desktop 9.7a\waol.exe |
"{1A114A38-837C-40BE-9E28-8DA01FC42C39}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1D9F2C5F-8C78-4930-A73A-F6D07789261C}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{1E301CBE-C7B7-45A7-A8CB-2B4A56C1B890}" = protocol=6 | dir=in | app=c:\program files (x86)\aol desktop 9.6\aolbrowser\aolbrowser.exe |
"{1E986227-46C7-446E-BCF3-612B2EF0C13D}" = protocol=6 | dir=in | app=c:\program files (x86)\aol desktop 9.7\waol.exe |
"{1F69579D-2D6D-4D42-86F5-988C0F4F1088}" = protocol=6 | dir=in | app=c:\program files (x86)\aol desktop 9.7b\aolbrowser\aolbrowser.exe |
"{21B42123-7320-43C2-B8B1-7AB422E03882}" = protocol=17 | dir=in | app=c:\program files (x86)\aol desktop 9.7b\waol.exe |
"{2253F53D-591F-4515-8716-372EAB3E704C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{2685634A-7476-46B3-851F-CDF890509D6D}" = protocol=1 | dir=in | [email protected],-28543 |
"{34B7DE14-03EA-4BEA-9467-CA7E55A0253D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{404D4338-156D-4DA8-A9AC-14C0E59E9D1F}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{42374CE6-6FDB-4BB9-B5DE-E3A363A1CCF1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4427B6B7-5B8D-4B63-AA69-AC84C4E24B15}" = protocol=17 | dir=in | app=c:\program files\intel\wimax\bin\dmagent.exe |
"{44E66E99-0DDD-4581-8004-FC9BFE2A4AF1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{46CA15A4-FBA5-444B-B366-4739B48381E3}" = dir=in | app=c:\windows\system32\ezsharedsvchost.exe |
"{4DA55E9F-C9F2-4996-AC96-1B6D9006D7CD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4E0D16EE-B9DA-42DA-88AB-29069F63FCF3}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{4F51E5BA-C512-4286-8954-04BE9E117A27}" = protocol=6 | dir=in | app=c:\program files (x86)\aol desktop 9.7b\waol.exe |
"{5247B58F-4DEB-4487-85C4-94ED6ABEA7A3}" = protocol=6 | dir=in | app=c:\program files (x86)\aol desktop 9.7a\aolbrowser\aolbrowser.exe |
"{549AD5C9-56F6-4E72-BB51-862C38013531}" = protocol=6 | dir=in | app=c:\program files (x86)\aol desktop 9.7\aolbrowser\aolbrowser.exe |
"{5D0B2489-D57D-4070-83B8-559BF7320463}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5D61211E-6DBA-47D9-B3AF-74A45FCB0DB8}" = dir=in | app=c:\program files (x86)\easybits for kids\ezdesktop.exe |
"{5D74D940-5987-4CD1-8DB3-153199BE620D}" = protocol=6 | dir=in | app=c:\program files (x86)\aol desktop 9.7a\waol.exe |
"{5E5EF667-AF54-48D0-BF72-0F06EE2A6853}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6415E4C0-DD25-4A5A-91E7-3801294341FE}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1322623786\ee\aolsoftware.exe |
"{66D97AE1-92CB-4877-B73A-82CA55BDBAE6}" = protocol=17 | dir=in | app=c:\program files (x86)\aol desktop 9.6\aolbrowser\aolbrowser.exe |
"{66DB2AE4-CD89-458B-B72C-70B72995A23D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{679BBCA2-D8C1-49D9-BF18-7FAB17861197}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{6B8C88BA-D4CB-404D-A867-84678C520C1F}" = protocol=6 | dir=in | app=c:\program files (x86)\aol desktop 9.6\waol.exe |
"{71E8EA7B-29CD-4A21-AA84-839284E46725}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpdevicedetection3.exe |
"{72CCCDFD-4014-4997-949E-6F592C82DDCF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{75CD274D-B1D7-4157-897E-669054F5EA7F}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpwarrantychecker.exe |
"{764CF12D-C20E-4F70-9525-E578007D3F6C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7AEF8436-C301-4292-9C59-F9592D68F356}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{7FC7FEF5-F309-423E-9BE9-FF6283F74DD2}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe |
"{849897F9-4629-44B8-9891-DCC11988DDFD}" = protocol=17 | dir=in | app=c:\program files\intel\wimax\bin\appsrv.exe |
"{86B41449-4FB1-4069-B3B6-343063563DB4}" = protocol=1 | dir=out | [email protected],-28544 |
"{8A1DA7B3-85C6-49DE-A05E-86389E9170E8}" = protocol=6 | dir=in | app=c:\program files\intel\wimax\bin\appsrv.exe |
"{987D23AE-7BBF-4098-B69C-90EBE85D5CB6}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{9A5DA3F3-429B-4C18-85AB-33D7492ECAA9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9FCB5622-2693-49F7-8309-57A7F4AAC424}" = protocol=6 | dir=in | app=c:\program files (x86)\aol desktop 9.7\aol.exe |
"{A011D2E0-3D5D-4F90-B6EE-D309DDAFD9DF}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{AA606D54-EDC7-4C3D-814C-CCB87C2F1D81}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{ABAD4808-8C00-4D85-944F-0B2E0D0476EC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AEC6AA48-681B-4CA1-A242-E333F32FA6F3}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{AFB1A1C1-5A3D-4A2A-B733-39C7E450785D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B01E3BD3-851A-49C1-9283-CCC704A81C01}" = protocol=17 | dir=in | app=c:\program files (x86)\aol desktop 9.7\aol.exe |
"{B287695B-FDA0-450B-B38F-6394599DD903}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1322623786\ee\aolsoftware.exe |
"{BA9458C7-52D4-470D-885A-A336F8E96CE8}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{BBAB4D60-2AEA-4DB0-889B-71E2CEF8A7A1}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe |
"{BC3F14D7-AFD0-4850-8757-FC6111A1E4B1}" = protocol=58 | dir=in | [email protected],-28545 |
"{BC9C9395-0C75-4DFC-A44B-DD7B8881C181}" = protocol=6 | dir=in | app=c:\program files\intel\wimax\bin\dmagent.exe |
"{BD4CD415-D61D-489F-A070-64092E66CE66}" = protocol=17 | dir=in | app=c:\program files (x86)\aol desktop 9.7a\aolbrowser\aolbrowser.exe |
"{C0468D2E-F0CE-4DCC-B150-541E975D1418}" = protocol=17 | dir=in | app=c:\program files (x86)\roxio\roxionow player\rnowshell.exe |
"{C4D167D9-DCE6-4E06-BFCE-068782B4C3E2}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C7F8C1A2-AFDB-4409-A1AC-241A0C79772F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{C8BCD3C3-D1DA-45ED-883F-1B16756B5E49}" = protocol=6 | dir=out | app=system |
"{D98B62B4-4CB4-48A9-B0A0-3791C555D5C4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{DA9E37C9-125A-420E-8EE3-DDB47424C1EC}" = dir=in | app=c:\users\zeinab\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{DF16B107-9921-4B65-8631-3EA51CEF3745}" = protocol=6 | dir=in | app=c:\program files (x86)\roxio\roxionow player\rnowshell.exe |
"{E4ADDD72-30C9-4A02-9DE5-6C40550FF7B0}" = protocol=17 | dir=in | app=c:\program files (x86)\aol desktop 9.7b\aolbrowser\aolbrowser.exe |
"{E9347BE1-AA14-4072-B3B3-81467FD5B887}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EC8B20E2-A032-4704-9B43-E8F69022736D}" = protocol=58 | dir=out | [email protected],-28546 |
"{F15847E2-E513-4D5C-9945-46F12C6C5C24}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{F7FEF457-EE18-49B9-AE04-E1B1882E6135}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{F8453A71-9B60-4D32-A20B-FB7AEA41D58D}" = protocol=17 | dir=in | app=c:\program files (x86)\aol desktop 9.7\aolbrowser\aolbrowser.exe |
"{F85DA7DA-C3B1-4757-8417-BEB538F455FF}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{FA81CEBA-EEDB-48AD-9716-F0B7EEA7F0E4}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"TCP Query User{2B2C7BE3-DDCF-46C6-9E28-3E2E829845D1}C:\program files (x86)\2x\client\tsclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\2x\client\tsclient.exe |
"TCP Query User{917E295A-F6BE-4867-99A4-7A21EA5253B7}C:\users\zeinab\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe" = protocol=6 | dir=in | app=c:\users\zeinab\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe |
"TCP Query User{9198BEA9-5D5C-48EB-A6F5-46CA080E64FA}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{93C630BA-74E8-4D8B-92D4-3D944C2AE030}C:\program files (x86)\2x\client\appserverclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\2x\client\appserverclient.exe |
"UDP Query User{56CCA32F-6FF3-4B41-8E55-F0B64EC75891}C:\program files (x86)\2x\client\appserverclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\2x\client\appserverclient.exe |
"UDP Query User{6D283962-683A-4DAB-AFCE-C9F3E029288F}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{7DBD912C-0F85-4905-8FDB-835452BD1C35}C:\program files (x86)\2x\client\tsclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\2x\client\tsclient.exe |
"UDP Query User{8F59B54E-81DE-4EC1-A9AC-D86CB84BEB67}C:\users\zeinab\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe" = protocol=17 | dir=in | app=c:\users\zeinab\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}" = AuthenTec TrueAPI
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{37EC048A-81A2-452A-8D1F-3BE2018E767D}" = Intel® PROSet/Wireless for Bluetooth® + High Speed
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5C1DA3D9-F590-4317-A4FB-274F658E504B}" = Intel® PROSet/Wireless WiMAX Software
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{787136D2-F0F8-4625-AA3F-72D7795AC842}" = Apple Mobile Device Support
"{79174AF2-6CB1-42F5-981E-66DCA49391D0}" = Validity WBF DDK
"{81E20D41-C277-4526-934D-F2380AF91B78}" = iCloud
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B8BA155B-1E75-405F-9CB4-8A99615D09DC}" = iTunes
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D2372F87-7DA2-47F7-A102-AF2181B8EAA2}" = TightVNC
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{DFB497E0-CE3F-40FC-9596-FC7A48775DE4}" = HP 3D DriveGuard
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E2D0B67F-8032-4E11-87C6-C8C721D331B3}" = Intel® PROSet/Wireless WiFi Software
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"EnhanceTronic" = EnhanceTronic
"Level Quality Watcher" = SavingsBull
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"MyPC Backup" = MyPC Backup
"ProInst" = Intel PROSet Wireless
"SuperFast PC" = SuperFast PC
"SynTPDeinstKey" = Synaptics TouchPad Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EDEB615-1A60-425E-8306-0E10519C7B55}" = RoxioNow Player
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore
"{1606C5A0-DCD7-4543-A185-FAAD210E5284}" = Citrix Receiver(Aero)
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{210A03F5-B2ED-4947-B27E-516F50CBB292}" = HP Setup
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v1.5.2.3456
"{26A24AE4-039D-4CA4-87B4-2F83217045F0}" = Java 7 Update 45
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 51
"{26B4D0E1-6F6D-48DF-8719-80276A259F7E}" = CWA Reminder by We-Care.com v4.1.26.3
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}" = Hoopla
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{387B63A5-5016-1015-B06B-A9A1030E3125}" = Intel® Identity Protection Technology 1.2.22.0
"{3A787631-66A2-4634-B928-A37E73B58FB6}" = Slick Savings
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{3E6D7195-3B74-46AF-9BD1-49EBECD0A455}" = Citrix Receiver(DV)
"{42D65288-92F3-4AD6-892C-DFEE475F69A9}" = Citrix Receiver Updater
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53B17A98-5BF0-40BC-AAFF-850A357975AC}" = HP Quick Launch
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6BDC0D7C-9E42-4667-8FA9-2F26A2FEF4D0}" = Citrix Receiver(USB)
"{6DDE8071-E4BA-461B-8A96-990DFAA0EBD1}" = SavingsBull
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7257132D-7F65-41E6-A90F-43BF6099461A}" = Intel® WiDi
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{739A6D0C-CA8D-4955-8E3D-58D1847327AC}" = Online Plug-in
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.13
"{7BCD1A5E-F903-48C9-9CB2-37E5A6FB2111}" = Blio
"{7E799992-5DA0-4A1A-9443-B1836B063FEC}" = HP Power Manager
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{812D1E5A-B61E-4143-8ADB-48CE7BDDF10E}" = EEG Anywhere 2.1
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83A375B6-6FC2-4F8A-948E-E506DB9DCDF0}" = HP Documentation
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{88CDD50D-28E1-4B40-8F6C-83E0FCA8C158}" = 2X Client
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{962CB079-85E6-405F-8704-1C62365AE46F}" = HP Software Framework
"{9A0FE2C0-7A7E-444E-8BD4-087178A91865}" = Online Plug-in
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}" = Apple Application Support
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.9) MUI
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{BB285C9F-C821-4770-8970-56C4AB52C87E}" = Skype Click to Call
"{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}" = LPT System Updater Service
"{BCFAA37D-A6DB-43BF-A351-43F183E52D07}" = HP SimplePass 2011
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C43164B6-92B1-4919-836D-AAEB09AE7F23}" = InstallPDFDrivers
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5D422B9-6976-4E98-8DDF-9632CB515D7E}" = Dragon NaturallySpeaking 12
"{D67AEDE1-BCCF-4C5D-BF4F-A08FE92075B7}" = Citrix Receiver Inside
"{D86C82B0-1F02-816A-5F3D-6466F6A67566}" = PriincceCoUpone
"{DB1C49C7-AC32-4785-A281-774744FC78F5}" = Citrix Authentication Manager
"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = Recovery Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}" = HP Support Assistant
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC94A726-7636-4693-9627-D8A8B44793EE}" = Citrix Receiver (HDX Flash Redirection)
"{ED1BD69A-07E3-418C-91F1-D856582581BF}" = HP On Screen Display
"{EE68B04B-ABF4-4E83-87FF-42AF4C3F1D5B}" = IObit Apps Toolbar v8.9
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F605992E-FD5B-46D7-AFDA-FDB1AB00F829}" = Self-service Plug-in
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.2
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FB385922-2E32-4462-A7DC-27159614A660}" = Snap.Do
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"3FA2E4E4-9229-4bdd-AB9C-53AE43229164_is1" = Wizefinder
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Advanced SystemCare 7_is1" = Advanced SystemCare 7
"AOL Computer Checkup" = AOL Computer Checkup
"AOL Toolbar" = AOL Toolbar
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"CitrixOnlinePluginPackWeb" = Citrix Receiver
"ConservativeTalkNow_4nbar Uninstall" = ConservativeTalkNow Toolbar
"DMUninstaller" = DMUninstaller
"Driver Booster_is1" = Driver Booster
"EasyBits Magic Desktop" = Magic Desktop
"fd36ee07-913b-4369-a9c3-27f047eb0211" = Buzz-it
"HiDef Media Player" = HiDef Media Player 1.1.12
"Highlightly" = Highlightly
"HP DVB-T TV Tuner" = HP DVB-T TV Tuner 8.0.64.43
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InternetUpdater" = Internet Updater
"IObit Malware Fighter_is1" = IObit Malware Fighter
"IObit Surfing Protection_is1" = Surfing Protection
"IObitUninstall" = IObit Uninstaller
"iWebar" = iWebar
"Lightspark" = Lightspark 0.5.3-git
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.1.1004
"Mozilla Firefox 28.0 (x86 en-US)" = Mozilla Firefox 28.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee SecurityCenter
"NSS" = Norton Security Scan
"Object Browser" = Object Browser
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"Optimizer Pro_is1" = Optimizer Pro v3.2
"PC Health Kit_is1" = PC Health Kit v3.2
"Plus-HD-7.5" = Plus-HD-7.5
"PriceGong" = PriceGong 2.6.11
"SaveSense" = SaveSense (remove only)
"Search module" = Search module
"ShopperPro" = Shopper-Pro
"Smart Defrag 3_is1" = Smart Defrag 3
"SoftwareUpdUtility" = Download Updater (AOL Inc.)
"TeamViewer 9" = TeamViewer 9
"ViewpointMediaPlayer" = Viewpoint Media Player
"VIP Access SDK" = VIP Access SDK (1.1.0.4)
"VLC media player" = VLC media player 2.1.2
"VOPackage" = VO Package
"W1Z3F33D-CD0C-4AC4-86B4-X11E5511AA18_is1" = WizeFeed 2.1.5
"W1Z3T4D3-L00K-1T1Z-H3R3-UN1NST4LLTH3_is1" = Wizetrade® Stocks
"Webinternetsecurity" = WebInternetSecurity
"Websteroids" = Websteroids
"WindowShopper" = WindowShopper
"WinLiveSuite" = Windows Live Essentials
"wp-cb" = Web Protect for Windows
"Yahoo! Companion" = Yahoo! Toolbar
"YTDownloader" = YTDownloader
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-697961089-2797053259-1168498779-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"{856AD396-519D-4C7A-BED6-6785F64924BC}" = GreatArcadeHits
"{9efbe73b-3a4f-4c28-a343-79dd78a9831a}" = Snap.Do Engine
"AOL Toolbar" = AOL Toolbar
"genieo" = Genieo
"Google Chrome" = Google Chrome
"SaveSense" = SaveSense
"StormAlerts" = StormAlerts
"TidyNetwork" = TidyNetwork
"Ultra File Opener" = Ultra File Opener
"ValueApps" = ValueApps
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 4/7/2014 12:52:59 AM | Computer Name = zeinab-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 4/7/2014 12:52:59 AM | Computer Name = zeinab-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6614
 
Error - 4/7/2014 12:52:59 AM | Computer Name = zeinab-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6614
 
Error - 4/8/2014 1:07:01 AM | Computer Name = zeinab-HP | Source = VSS | ID = 12305
Description =
 
Error - 4/8/2014 1:10:51 AM | Computer Name = zeinab-HP | Source = Application Error | ID = 1000
Description = Faulting application name: TrueSuiteService.exe, version: 5.1.0.495,
 time stamp: 0x4d5dea79  Faulting module name: TrueSuiteService.exe, version: 5.1.0.495,
 time stamp: 0x4d5dea79  Exception code: 0xc0000417  Fault offset: 0x0001263a  Faulting
 process id: 0x7c  Faulting application start time: 0x01cf52e8e00c82fd  Faulting application
 path: C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe  Faulting module
 path: C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe  Report Id:
26b532cf-bedc-11e3-b302-00038a000015
 
Error - 4/8/2014 1:11:34 AM | Computer Name = zeinab-HP | Source = WinMgmt | ID = 10
Description =
 
Error - 4/8/2014 1:13:39 AM | Computer Name = zeinab-HP | Source = WinMgmt | ID = 10
Description =
 
Error - 4/8/2014 9:57:01 AM | Computer Name = zeinab-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 4/8/2014 9:57:01 AM | Computer Name = zeinab-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2886
 
Error - 4/8/2014 9:57:01 AM | Computer Name = zeinab-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2886
 
Error - 4/8/2014 9:57:05 AM | Computer Name = zeinab-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 4/8/2014 9:57:05 AM | Computer Name = zeinab-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6740
 
Error - 4/8/2014 9:57:05 AM | Computer Name = zeinab-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6740
 
[ Hewlett-Packard Events ]
Error - 1/1/2013 3:03:31 PM | Computer Name = zeinab-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Message: Object reference not set to an instance of an object.  StackTrace:
   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Source: HP.SupportFramework.Utilities    Name: HPSF.exe  Version: 07.00.01.01
Path:
 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  Format: en-US
RAM:
 8139  Ram Utilization: 20  TargetSite: Void loadActiveCheckResult(Boolean)  
 
Error - 1/1/2013 3:11:34 PM | Computer Name = zeinab-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Message: Object reference not set to an instance of an object.  StackTrace:
   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Source: HP.SupportFramework.Utilities    Name: HPSF.exe  Version: 07.00.01.01
Path:
 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  Format: en-US
RAM:
 8139  Ram Utilization: 20  TargetSite: Void loadActiveCheckResult(Boolean)  
 
Error - 1/1/2013 3:47:39 PM | Computer Name = zeinab-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Message: Object reference not set to an instance of an object.  StackTrace:
   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Source: HP.SupportFramework.Utilities    Name: HPSF.exe  Version: 07.00.01.01
Path:
 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  Format: en-US
RAM:
 8139  Ram Utilization: 20  TargetSite: Void loadActiveCheckResult(Boolean)  
 
Error - 1/1/2013 3:47:56 PM | Computer Name = zeinab-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Message: Object reference not set to an instance of an object.  StackTrace:
   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Source: HP.SupportFramework.Utilities    Name: HPSF.exe  Version: 07.00.01.01
Path:
 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  Format: en-US
RAM:
 8139  Ram Utilization: 20  TargetSite: Void loadActiveCheckResult(Boolean)  
 
Error - 1/1/2013 3:48:05 PM | Computer Name = zeinab-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Message: Object reference not set to an instance of an object.  StackTrace:
   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Source: HP.SupportFramework.Utilities    Name: HPSF.exe  Version: 07.00.01.01
Path:
 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  Format: en-US
RAM:
 8139  Ram Utilization: 20  TargetSite: Void loadActiveCheckResult(Boolean)  
 
Error - 1/1/2013 3:48:22 PM | Computer Name = zeinab-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Message: Object reference not set to an instance of an object.  StackTrace:
   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Source: HP.SupportFramework.Utilities    Name: HPSF.exe  Version: 07.00.01.01
Path:
 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  Format: en-US
RAM:
 8139  Ram Utilization: 20  TargetSite: Void loadActiveCheckResult(Boolean)  
 
Error - 1/1/2013 6:03:53 PM | Computer Name = zeinab-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Message: Object reference not set to an instance of an object.  StackTrace:
   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Source: HP.SupportFramework.Utilities    Name: HPSF.exe  Version: 07.00.01.01
Path:
 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  Format: en-US
RAM:
 8139  Ram Utilization: 20  TargetSite: Void loadActiveCheckResult(Boolean)  
 
Error - 1/1/2013 6:04:08 PM | Computer Name = zeinab-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Message: Object reference not set to an instance of an object.  StackTrace:
   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Source: HP.SupportFramework.Utilities    Name: HPSF.exe  Version: 07.00.01.01
Path:
 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  Format: en-US
RAM:
 8139  Ram Utilization: 20  TargetSite: Void loadActiveCheckResult(Boolean)  
 
Error - 1/1/2013 6:04:27 PM | Computer Name = zeinab-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Message: Object reference not set to an instance of an object.  StackTrace:
   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Source: HP.SupportFramework.Utilities    Name: HPSF.exe  Version: 07.00.01.01
Path:
 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  Format: en-US
RAM:
 8139  Ram Utilization: 20  TargetSite: Void loadActiveCheckResult(Boolean)  
 
Error - 1/1/2013 6:05:25 PM | Computer Name = zeinab-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Message: Object reference not set to an instance of an object.  StackTrace:
   at HP.SupportFramework.Utilities.HPSAIssues.ActionItemCollection.loadActiveCheckResult(Boolean
 includeIgnored)  Source: HP.SupportFramework.Utilities    Name: HPSF.exe  Version: 07.00.01.01
Path:
 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  Format: en-US
RAM:
 8139  Ram Utilization: 20  TargetSite: Void loadActiveCheckResult(Boolean)  
 
[ HP Software Framework Events ]
Error - 4/10/2012 8:53:48 PM | Computer Name = zeinab-HP | Source = CaslWmi | ID = 5
Description = 2012/04/10 17:53:48.640|000008D0|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 4/18/2012 1:31:34 AM | Computer Name = zeinab-HP | Source = CaslWmi | ID = 5
Description = 2012/04/17 22:31:34.749|00001CD0|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 4/25/2012 12:25:55 AM | Computer Name = zeinab-HP | Source = CaslWmi | ID = 5
Description = 2012/04/24 21:25:55.164|00002584|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 4/25/2012 12:27:24 AM | Computer Name = zeinab-HP | Source = CaslWmi | ID = 5
Description = 2012/04/24 21:27:24.953|00000DA8|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 4/25/2012 12:27:28 AM | Computer Name = zeinab-HP | Source = CaslWmi | ID = 5
Description = 2012/04/24 21:27:28.910|00000B18|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 5/2/2012 12:32:15 AM | Computer Name = zeinab-HP | Source = CaslWmi | ID = 5
Description = 2012/05/01 21:32:15.967|00000200|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 5/9/2012 1:53:39 AM | Computer Name = zeinab-HP | Source = CaslWmi | ID = 5
Description = 2012/05/08 22:53:39.303|00002D10|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 5/15/2012 2:36:05 PM | Computer Name = zeinab-HP | Source = CaslWmi | ID = 5
Description = 2012/05/15 11:36:05.043|00000EF8|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 5/15/2012 2:37:23 PM | Computer Name = zeinab-HP | Source = CaslWmi | ID = 5
Description = 2012/05/15 11:37:23.709|0000153C|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 5/15/2012 2:37:30 PM | Computer Name = zeinab-HP | Source = CaslWmi | ID = 5
Description = 2012/05/15 11:37:30.409|00001868|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
[ System Events ]
Error - 4/9/2014 12:19:18 AM | Computer Name = zeinab-HP | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.
 
Error - 4/9/2014 12:19:18 AM | Computer Name = zeinab-HP | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.
 
Error - 4/9/2014 12:19:21 AM | Computer Name = zeinab-HP | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.
 
Error - 4/9/2014 12:19:24 AM | Computer Name = zeinab-HP | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.
 
Error - 4/9/2014 12:19:52 AM | Computer Name = zeinab-HP | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
 response from the AudioEndpointBuilder service.
 
Error - 4/9/2014 12:20:16 AM | Computer Name = zeinab-HP | Source = Service Control Manager | ID = 7001
Description = The McAfee Personal Firewall Service service depends on the Windows
 Firewall service which failed to start because of the following error:   %%1058
 
Error - 4/9/2014 12:50:17 AM | Computer Name = zeinab-HP | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.
 
Error - 4/9/2014 1:19:17 AM | Computer Name = zeinab-HP | Source = Service Control Manager | ID = 7024
Description = The HomeGroup Listener service terminated with service-specific error
 %%-2147023143.
 
Error - 4/9/2014 1:19:32 AM | Computer Name = zeinab-HP | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.
 
Error - 4/9/2014 1:49:33 AM | Computer Name = zeinab-HP | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.
 
 
< End of report >
 

Attached Files

  • Attached File  Extras.Txt   102.79KB   164 downloads
  • Attached File  OTL.Txt   321.95KB   91 downloads

Edited by Maxgreen1, 09 April 2014 - 12:30 AM.

  • 0

#5
Essexboy
Posted 09 April 2014 - 03:58 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK this is a bit of a mess, the OTL fix may well take a while to run


Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    OTL_Fix.GIF
:Commands
[CREATERESTOREPOINT]

:OTL
SRV:64bit: - [2014/04/01 21:22:00 | 000,610,704 | ---- | M] (Outfox Tv Productions Pty Ltd) [Auto | Running] -- C:\Program Files\OutfoxTV\OutfoxTvService.exe -- (OutfoxTvService)
SRV:64bit: - [2014/03/24 21:45:30 | 000,259,472 | ---- | M] (Outfox Tv Productions Pty Ltd) [Auto | Running] -- C:\Program Files\OutfoxTV\OutfoxTvUpdater.exe -- (OutfoxTvUpdater)
SRV:64bit: - [2014/03/04 01:39:36 | 002,541,928 | ---- | M] (Search Module Ltd.) [Auto | Running] -- C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe -- (SMUpd)
SRV - [2014/03/17 15:35:04 | 000,807,800 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2014/02/27 08:19:59 | 000,192,512 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Buzz-it-soft\Buzz-it155.exe -- (Buzz-it)
SRV - [2014/02/18 06:47:06 | 000,036,392 | ---- | M] (Just Develop It) [Auto | Stopped] -- C:\Program Files (x86)\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2013/12/05 18:30:04 | 000,040,448 | ---- | M] () [Auto | Stopped] -- C:\ProgramData\InternetUpdater\InternetUpdaterService.exe -- (InternetUpdater)
SRV - [2013/06/20 22:13:00 | 000,042,504 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\ConservativeTalkNow_4n\bar\1.bin\4nbarsvc.exe -- (ConservativeTalkNow_4nService)
DRV - [2014/03/17 09:42:14 | 000,052,072 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files (x86)\ShopperPro\JSDriver\1.30.1.146\jsdrv.sys -- (SPDRIVER_1.30.1.146)
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.c...q={searchTerms}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.c...q={searchTerms}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.snapdo.c...YgtwUf93wSZCn3g,
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.c...q={searchTerms}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.c...q={searchTerms}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\.DEFAULT\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...q={searchTerms}
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.c...q={searchTerms}
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.c...q={searchTerms}
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.snapdo.c...YgtwUf93wSZCn3g,
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.c...q={searchTerms}
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.c...q={searchTerms}
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-18\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...q={searchTerms}
IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.c...q={searchTerms}
IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.c...q={searchTerms}
IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.snapdo.c...YgtwUf93wSZCn3g,
IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.c...q={searchTerms}
IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.c...q={searchTerms}
IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...q={searchTerms}
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.outfox.tv/?referid=
IE - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.outfox.tv/?referid=
FF - prefs.js..browser.startup.homepage: "http://www.outfox.tv...id=|about:home"
FF - HKLM\Software\MozillaPlugins\@ConservativeTalkNow_4n.com/Plugin: C:\Program Files (x86)\ConservativeTalkNow_4n\bar\1.bin\NP4nStub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@ei.MyFunCards_5m.com/Plugin: C:\Program Files (x86)\MyFunCards_5mEI\Installr\1.bin\NP5mEISB.dll File not found
FF - HKLM\Software\MozillaPlugins\www.exent.com/GameTreatWidget: C:\Program Files (x86)\Hoopla\NPGameTreatPlugin.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]_4n.com: C:\Program Files (x86)\ConservativeTalkNow_4n\bar\1.bin [2014/03/27 22:18:57 | 000,000,000 | ---D | M]
[2014/03/24 15:08:40 | 000,000,000 | ---D | M] ("Snap.Do ") -- C:\Users\zeinab\AppData\Roaming\Mozilla\Firefox\Profiles\ir5d2jtb.default\extensions\{{InstallationHashID}}
[2014/03/28 22:28:52 | 000,000,000 | ---D | M] (BetteorPricoeCheci) -- C:\Users\zeinab\AppData\Roaming\Mozilla\Firefox\Profiles\ir5d2jtb.default\extensions\[email protected]
[2014/03/27 22:23:38 | 000,002,417 | ---- | M] () -- C:\Users\zeinab\AppData\Roaming\Mozilla\Firefox\Profiles\ir5d2jtb.default\searchplugins\Web Search.xml
O2:64bit: - BHO: (Object Browser) - {11111111-1111-1111-1111-110311281150} - C:\Program Files (x86)\Object Browser\Object Browser-bho64.dll ()
O2:64bit: - BHO: (iWebar) - {11111111-1111-1111-1111-110311551110} - C:\Program Files (x86)\iWebar\iWebar-bho64.dll ()
O2:64bit: - BHO: (no name) - {11111111-1111-1111-1111-110511031168} - No CLSID value found.
O2:64bit: - BHO: (no name) - {11111111-1111-1111-1111-110511071176} - No CLSID value found.
O2:64bit: - BHO: (Slick Savings) - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - C:\Users\zeinab\AppData\Roaming\Slick Savings\Coupons64.dll ()
O2:64bit: - BHO: (no name) - {83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} - No CLSID value found.
O2:64bit: - BHO: (deal4me) - {841F609A-4D38-E0DD-6933-A6CE40F3079A} - C:\ProgramData\deal4me\C.x64.dll ()
O2:64bit: - BHO: (no name) - {8582D7E6-2ACA-36C1-E6CC-6C7EAF3AC7F9} - No CLSID value found.
O2:64bit: - BHO: (no name) - {93DBF2BB-A2B3-4683-A92E-57E60751F346} - No CLSID value found.
O2:64bit: - BHO: (no name) - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - No CLSID value found.
O2:64bit: - BHO: (no name) - {FC4DBA8C-2CC8-4741-BCE5-ADAC3EEA50B0} - No CLSID value found.
O2 - BHO: (Object Browser) - {11111111-1111-1111-1111-110311281150} - C:\Program Files (x86)\Object Browser\Object Browser-bho.dll ()
O2 - BHO: (iWebar) - {11111111-1111-1111-1111-110311551110} - C:\Program Files (x86)\iWebar\iWebar-bho.dll ()
O2 - BHO: (no name) - {11111111-1111-1111-1111-110511071176} - No CLSID value found.
O2 - BHO: (Slick Savings) - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - C:\Users\zeinab\AppData\Roaming\Slick Savings\Coupons.dll ()
O2 - BHO: (Perk Prize Panel) - {47F3EB15-C230-4A0B-BE4B-D527FF483B48} - C:\Program Files (x86)\Perk Prize Panel\pp.dll ()
O2 - BHO: (no name) - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - No CLSID value found.
O2 - BHO: (no name) - {83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} - No CLSID value found.
O2 - BHO: (no name) - {8582D7E6-2ACA-36C1-E6CC-6C7EAF3AC7F9} - No CLSID value found.
O2 - BHO: (WordExtra) - {8BA97046-C600-4264-B367-5DEFD9FC505F} - C:\Users\zeinab\AppData\Roaming\WordExtra\temp.dat ()
O2 - BHO: (no name) - {93DBF2BB-A2B3-4683-A92E-57E60751F346} - No CLSID value found.
O2 - BHO: (no name) - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - No CLSID value found.
O2 - BHO: (Search Assistant BHO) - {af77c74d-a46e-4671-afa0-1a09b1d4be39} - C:\Program Files (x86)\ConservativeTalkNow_4n\bar\1.bin\4nSrcAs.dll (MindSpark)
O2 - BHO: (no name) - {D0C21091-FF8E-432C-9006-0540E81BA9D7} - No CLSID value found.
O2 - BHO: (no name) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - No CLSID value found.
O2 - BHO: (EnhanceTronic) - {f530d5e8-9d18-4cba-b7cc-95944f9ebe3d} - C:\Program Files (x86)\EnhanceTronic\EnhanceTronicBHO.dll ()
O2 - BHO: (no name) - {FC4DBA8C-2CC8-4741-BCE5-ADAC3EEA50B0} - No CLSID value found.
O2 - BHO: (no name) - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ConservativeTalkNow) - {533329c9-ca91-42a2-8792-7f91c7b4172a} - C:\Program Files (x86)\ConservativeTalkNow_4n\bar\1.bin\4nbar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001..\Run: [Updater] C:\ProgramData\Updater\updater.exe ()
O4 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001..\Run: [WebInternetSecurity] "C:\Users\zeinab\AppData\Local\WebInternetSecurity\WebInternetSecurity.exe" File not found
O4 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [Updater] C:\ProgramData\Updater\updater.exe ()
O4 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [WebInternetSecurity] "C:\Users\zeinab\AppData\Local\WebInternetSecurity\WebInternetSecurity.exe" File not found
O4 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001..\RunOnce: [Application Restart #1] C:\Program Files (x86)\Software Updater\SoftwareUpdater.exe /RestartByRestartManager:AF3B64C2-C791-4535-B262-2A9C8D2890D3 /RestartByRestartManager:68BE2FCD-D551-4259-A843-E7CA0D6092AB /RestartByRestartManager:E2111935-D1C6-42bb-B207-4D0D606DF244 /RestartByRestartManager:4A23CE73-6E7E-4c48-B25D-266492F33918 /RestartByRestartManager:E78841DB-729E-473b-989C-A3B071283E22 File not found
O4 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\RunOnce: [Application Restart #1] C:\Program Files (x86)\Software Updater\SoftwareUpdater.exe /RestartByRestartManager:AF3B64C2-C791-4535-B262-2A9C8D2890D3 /RestartByRestartManager:68BE2FCD-D551-4259-A843-E7CA0D6092AB /RestartByRestartManager:E2111935-D1C6-42bb-B207-4D0D606DF244 /RestartByRestartManager:4A23CE73-6E7E-4c48-B25D-266492F33918 /RestartByRestartManager:E78841DB-729E-473b-989C-A3B071283E22 File not found
F3:64bit: - HKU\S-1-5-21-697961089-2797053259-1168498779-1001 WinNT: Load - (c:\users\zeinab\msxvgexu.exe) -  File not found
F3 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001 WinNT: Load - (c:\users\zeinab\msxvgexu.exe) -  File not found
F3:64bit: - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 WinNT: Load - (c:\users\zeinab\msxvgexu.exe) -  File not found
F3 - HKU\S-1-5-21-697961089-2797053259-1168498779-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 WinNT: Load - (c:\users\zeinab\msxvgexu.exe) -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\PCProtect64.dll (Objectify Media Inc)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\PCProtect64.dll (Objectify Media Inc)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\PCProtect64.dll (Objectify Media Inc)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\PCProtect64.dll (Objectify Media Inc)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\PCProtect64.dll (Objectify Media Inc)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\PCProtect.dll (Objectify Media Inc)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\PCProtect.dll (Objectify Media Inc)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\PCProtect.dll (Objectify Media Inc)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\PCProtect.dll (Objectify Media Inc)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWow64\PCProtect.dll (Objectify Media Inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) -  File not found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL) - C:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll ()
O20 - AppInit_DLLs: (c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll) -  File not found
O20 - AppInit_DLLs: (c:\progra~2\optimi~1\optpro~1.dll) - c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll ()
[2014/03/28 22:28:34 | 000,000,000 | ---D | C] -- C:\ProgramData\PriincceCoUpone
[2014/03/21 17:40:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebInternetSecurity
[2014/03/21 17:40:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Webinternetsecurity
[2014/03/21 17:01:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2014/03/21 13:24:27 | 000,000,000 | ---D | C] -- C:\ProgramData\deal4me
[2014/03/09 23:37:14 | 000,000,000 | ---D | C] -- C:\Users\zeinab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
[2014/03/09 23:37:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2014/04/08 22:43:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\SaveSenseLiveUpdateTaskMachineUA.job
[2014/04/08 22:22:00 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\SaveSense.job
[2014/04/08 21:19:20 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\Buzz-it Update.job
[2014/03/05 23:09:03 | 000,003,976 | ---- | C] () -- C:\Windows\SysWow64\PCProtect.ini
[2014/03/05 23:09:03 | 000,002,184 | ---- | C] () -- C:\Windows\SysWow64\PCProtectOff.ini
[2014/02/28 08:50:11 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\Optimizer Pro
[2014/01/18 22:38:05 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\SaveSense
[2014/03/27 22:17:40 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\Slick Savings
[2014/02/21 20:40:13 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\Systweak
[2014/04/04 21:16:50 | 000,000,000 | ---D | M] -- C:\Users\zeinab\AppData\Roaming\TeamViewer
[2014/01/18 22:38:06 | 000,000,296 | ---- | C] () -- C:\Windows\Tasks\SaveSense.job
[2014/01/18 22:38:14 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
[2014/02/27 08:20:01 | 000,000,386 | ---- | C] () -- C:\Windows\Tasks\Buzz-it Update.job
[2014/03/21 17:38:30 | 000,000,276 | ---- | C] () -- C:\Windows\Tasks\GreatArcadeHits.job

:Files
C:\Users\zeinab\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgacjdfplhakjfljpbbagagjcbccpmnl
C:\Program Files\OutfoxTV
C:\Program Files\Common Files\Goobzo
C:\Program Files (x86)\Application Updater
C:\Program Files (x86)\Buzz-it-soft
C:\Program Files (x86)\MyPC Backup
C:\ProgramData\InternetUpdater
C:\Program Files (x86)\ConservativeTalkNow_4n
C:\Program Files (x86)\ShopperPro
C:\Program Files (x86)\MyFunCards_5mEI
C:\Program Files (x86)\Object Browser
C:\Program Files (x86)\iWebar
C:\Users\zeinab\AppData\Roaming\Slick Savings
C:\ProgramData\deal4me
C:\Program Files (x86)\Perk Prize Panel
C:\Users\zeinab\AppData\Roaming\WordExtra
C:\ProgramData\Updater
C:\Users\zeinab\AppData\Local\WebInternetSecurity
C:\Program Files (x86)\Software Updater
C:\PROGRA~2\SearchProtect
C:\Program Files (x86)\Optimizer Pro
netsh advfirewall reset /c
netsh advfirewall set allprofiles state ON /c
ipconfig /flushdns /c
netsh winsock reset catalog /c
netsh int ip reset c:\resetlog.txt  /c
ipconfig /release /c
ipconfig /renew /c

:Commands
[resethosts]
[emptytemp]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

  • 0

#6
Essexboy
Posted 16 April 2014 - 02:20 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP