Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Removal of Malware From My Computer

Started by JohnnyTurn , Apr 22 2014 07:32 PM

Please log in to reply

#16
JohnnyTurn

Posted 26 April 2014 - 09:49 AM

Member

Topic Starter
Member
35 posts

Hello,

I tried opening OTL.exe again and it finally opened. I copied and pasted the text in the Custom Scans/Fixes and pressed Run Fix. The log that showed up after is below.

I am going to do run the quick scan now.

Thank you,

JohnnyTurn

04262014_102817.log

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Error: No service named mfevtp was found to stop!
Unable to delete service\driver key mfevtp.
File move failed. C:\Windows\SysNative\mfevtps.exe scheduled to be moved on reboot.
Error: No service named mfefire was found to stop!
Unable to delete service\driver key mfefire.
File move failed. C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe scheduled to be moved on reboot.
Error: No service named McShield was found to stop!
Unable to delete service\driver key McShield.
File move failed. C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe scheduled to be moved on reboot.
Service McODS stopped successfully!
Service McODS deleted successfully!
File move failed. C:\Program Files\mcafee\virusscan\mcods.exe scheduled to be moved on reboot.
Service McAWFwk stopped successfully!
Service McAWFwk deleted successfully!
File move failed. c:\Program Files\mcafee\msc\McAWFwk.exe scheduled to be moved on reboot.
Service MSK80Service stopped successfully!
Service MSK80Service deleted successfully!
File move failed. C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe scheduled to be moved on reboot.
Service McProxy stopped successfully!
Service McProxy deleted successfully!
File move failed. C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe scheduled to be moved on reboot.
Service McOobeSv stopped successfully!
Service McOobeSv deleted successfully!
File move failed. C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe scheduled to be moved on reboot.
Service McNASvc stopped successfully!
Service McNASvc deleted successfully!
File move failed. C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe scheduled to be moved on reboot.
Service McNaiAnn stopped successfully!
Service McNaiAnn deleted successfully!
File move failed. C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe scheduled to be moved on reboot.
Service mcmscsvc stopped successfully!
Service mcmscsvc deleted successfully!
File move failed. C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe scheduled to be moved on reboot.
Error: No service named McMPFSvc was found to stop!
Unable to delete service\driver key McMPFSvc.
File move failed. C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe scheduled to be moved on reboot.
Error: Unable to stop service Util SecretSauce!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util SecretSauce deleted successfully.
C:\Program Files (x86)\SecretSauce\bin\utilSecretSauce.exe moved successfully.
Error: Unable to stop service Update SecretSauce!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update SecretSauce deleted successfully.
C:\Program Files (x86)\SecretSauce\updateSecretSauce.exe moved successfully.
Error: No service named mfefirek was found to stop!
Unable to delete service\driver key mfefirek.
File move failed. C:\Windows\SysNative\drivers\mfefirek.sys scheduled to be moved on reboot.
Error: No service named mfewfpk was found to stop!
Unable to delete service\driver key mfewfpk.
File move failed. C:\Windows\SysNative\drivers\mfewfpk.sys scheduled to be moved on reboot.
Error: No service named mfeavfk was found to stop!
Unable to delete service\driver key mfeavfk.
File move failed. C:\Windows\SysNative\drivers\mfeavfk.sys scheduled to be moved on reboot.
Error: No service named mfeapfk was found to stop!
Unable to delete service\driver key mfeapfk.
File move failed. C:\Windows\SysNative\drivers\mfeapfk.sys scheduled to be moved on reboot.
Error: No service named mferkdet was found to stop!
Unable to delete service\driver key mferkdet.
File move failed. C:\Windows\SysNative\drivers\mferkdet.sys scheduled to be moved on reboot.
Service mfenlfk stopped successfully!
Service mfenlfk deleted successfully!
File move failed. C:\Windows\SysNative\drivers\mfenlfk.sys scheduled to be moved on reboot.
Error: No service named cfwids was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cfwids deleted successfully.
C:\Windows\SysNative\drivers\cfwids.sys moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\bProtector Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@mcafee.com/MSC,version=10\ deleted successfully.
File move failed. c:\progra~2\mcafee\msc\npmcsn~1.dll scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\pokki.com/PokkiDownloadHelper\ deleted successfully.
C:\Users\turnerboy01\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D19CA586-DD6C-4a0a-96F8-14644F340D60}\ not found.
Folder move failed. C:\Program Files (x86)\Common Files\McAfee\SystemCore\components scheduled to be moved on reboot.
Folder move failed. C:\Program Files (x86)\Common Files\McAfee\SystemCore scheduled to be moved on reboot.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}\ deleted successfully.
File move failed. C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20120624210925.dll scheduled to be moved on reboot.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ffd0ef2-dbe9-483a-80c4-d2c331da1ce4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ffd0ef2-dbe9-483a-80c4-d2c331da1ce4}\ deleted successfully.
C:\Program Files (x86)\SecretSauce\SecretSauceBHO.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}\ deleted successfully.
C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\bh\mixidj.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51c78168-ead3-43b1-abda-f288b583e6c0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{51c78168-ead3-43b1-abda-f288b583e6c0}\ deleted successfully.
File C:\Program Files (x86)\SecretSauce\SecretSauceBHO.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}\ deleted successfully.
File move failed. C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120731234912.dll scheduled to be moved on reboot.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}\ deleted successfully.
C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidjTlbr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\mobilegeni daemon deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\NextLive deleted successfully.
C:\Users\turnerboy01\AppData\Roaming\newnext.me\nengine.dll moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Pokki deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\UpdateChecker deleted successfully.
C:\Program Files (x86)\SqueakyChocolate\UpdateChecker\UpdateCheckerApp.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\turnerboy01\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\turnerboy01\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64 deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ not found.
C:\Program Files (x86)\GUM48B2.tmp\GoogleCrashHandler.exe deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\GoogleCrashHandler64.exe deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\GoogleUpdate.exe deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\GoogleUpdateBroker.exe deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\GoogleUpdateHelper.msi deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\GoogleUpdateOnDemand.exe deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\GoogleUpdateSetup.exe deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdate.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_am.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_ar.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_bg.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_bn.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_ca.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_cs.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_da.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_de.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_el.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_en-GB.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_en.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_es-419.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_es.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_et.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_fa.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_fi.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_fil.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_fr.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_gu.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_hi.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_hr.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_hu.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_id.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_is.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_it.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_iw.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_ja.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_kn.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_ko.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_lt.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_lv.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_ml.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_mr.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_ms.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_nl.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_no.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_pl.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_pt-BR.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_pt-PT.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_ro.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_ru.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_sk.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_sl.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_sr.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_sv.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_sw.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_ta.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_te.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_th.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_tr.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_uk.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_ur.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_vi.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_zh-CN.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\goopdateres_zh-TW.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\npGoogleUpdate3.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\psmachine.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp\psuser.dll deleted successfully.
C:\Program Files (x86)\GUM48B2.tmp folder deleted successfully.
C:\Windows\Tasks\RegClean Pro_DEFAULT.job moved successfully.
C:\Users\turnerboy01\Desktop\Clean Registry for Free!.lnk moved successfully.
C:\Windows\Tasks\AutoKMS.job moved successfully.
ADS C:\ProgramData\Temp:56E2E879 deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\turnerboy01\Downloads\cmd.bat deleted successfully.
C:\Users\turnerboy01\Downloads\cmd.txt deleted successfully.
File\Folder C:\Program Files (x86)\SecretSauce\bin\utilSecretSauce.exe not found.
File\Folder C:\Program Files (x86)\SecretSauce\updateSecretSauce.exe not found.
C:\Program Files (x86)\SecretSauce\bin\SecretSauce.BrowserAdapter.exe moved successfully.
C:\Users\turnerboy01\AppData\Local\Pokki\Engine\pokki.exe moved successfully.
C:\Users\turnerboy01\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll moved successfully.
C:\Users\turnerboy01\AppData\Local\Pokki\Engine\avformat-54.dll moved successfully.
C:\Users\turnerboy01\AppData\Local\Pokki\Engine\avutil-51.dll moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 55424 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: turnerboy01
->Temp folder emptied: 1128710186 bytes
->Temporary Internet Files folder emptied: 28067419 bytes
->FireFox cache emptied: 45643111 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 56476 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 295342 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 9408624 bytes

Total Files Cleaned = 1,156.00 mb

C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.69.0 log created on 04262014_102817

Edited by JohnnyTurn, 26 April 2014 - 09:51 AM.

#17
JohnnyTurn

Posted 26 April 2014 - 09:52 AM

Member

Topic Starter
Member
35 posts

04262014_102817.log

#18
zep516

Posted 26 April 2014 - 11:38 AM

Trusted Helper

Malware Removal
8,093 posts

Go back to post #2

Can you run adwcleaner tool, JRT tool and Malwarebytes scan as outlined in post #2. Try to do that and post the required logs. Also post a fresh OTL Log, that is right click on OTL, choose "Run as Administrator" and do a Run Scan.

In your next reply post the following logs.

AdwCleaner[S0].txt
JRT.txt
MBAM Log report.
Fresh otl log

Thanks
Joe

#19
JohnnyTurn

Posted 26 April 2014 - 10:05 PM

Member

Topic Starter
Member
35 posts

Hello,

For the OTL Log, I used the Quick Scan instead of the Run Scan. The logs are below.

Thank You,

JohnnyTurn

OTL.txt

OTL logfile created on: 4/26/2014 11:06:59 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\turnerboy01\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.91 Gb Total Physical Memory | 1.38 Gb Available Physical Memory | 47.47% Memory free
5.82 Gb Paging File | 3.44 Gb Available in Paging File | 59.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 278.46 Gb Total Space | 220.99 Gb Free Space | 79.36% Space Free | Partition Type: NTFS

Computer Name: TURNERBOY01-PC | User Name: turnerboy01 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/04/26 10:56:18 | 004,110,992 | ---- | M] (Speedbit Ltd.) -- C:\Program Files (x86)\DAP\DAP.exe
PRC - [2014/04/26 00:33:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\turnerboy01\Downloads\OTL.exe
PRC - [2014/04/13 23:50:50 | 000,770,832 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
PRC - [2014/04/13 23:49:18 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
PRC - [2014/04/11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014/04/11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/03/14 18:01:24 | 000,277,616 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/03/12 19:27:54 | 001,863,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
PRC - [2014/03/11 23:36:06 | 000,193,696 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
PRC - [2014/02/20 23:25:06 | 002,357,984 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
PRC - [2014/02/20 23:25:06 | 000,208,600 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe
PRC - [2014/02/20 23:25:06 | 000,044,768 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BDSurrogateHost.exe
PRC - [2014/02/20 23:25:04 | 000,370,400 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BDRuntimeHost.exe
PRC - [2014/02/20 23:25:04 | 000,173,280 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
PRC - [2014/02/20 23:25:04 | 000,153,312 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe
PRC - [2013/10/23 18:48:06 | 000,101,888 | ---- | M] (Freemake) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
PRC - [2013/08/07 04:42:30 | 004,308,320 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013/07/25 19:58:40 | 001,517,224 | ---- | M] (SPEEDbit) -- C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe
PRC - [2013/07/25 19:58:40 | 000,298,152 | ---- | M] (SPEEDbit) -- C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe
PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/16 03:07:06 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012/12/10 12:01:20 | 007,751,096 | ---- | M] (Systweak Inc) -- C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe
PRC - [2012/07/13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2012/02/16 12:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2012/02/01 11:50:58 | 000,968,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
PRC - [2012/01/27 16:30:16 | 000,465,216 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2012/01/26 21:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2012/01/26 21:47:36 | 004,293,952 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/02/01 13:20:48 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 13:20:46 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2011/01/12 18:00:42 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

========== Modules (No Company Name) ==========

MOD - [2014/04/26 11:01:07 | 000,040,960 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\YouTubeCom.dll
MOD - [2014/04/26 11:01:07 | 000,012,288 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\zidducom.dll
MOD - [2014/04/26 11:01:07 | 000,011,776 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\ZShareMa.dll
MOD - [2014/04/26 11:01:07 | 000,010,752 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\zsharenet.dll
MOD - [2014/04/26 11:01:06 | 000,016,384 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\wuploadCom.dll
MOD - [2014/04/26 11:01:06 | 000,012,800 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\XSevenTo.dll
MOD - [2014/04/26 11:01:06 | 000,010,752 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\weupcoil.dll
MOD - [2014/04/26 11:01:05 | 000,032,768 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\UploadStationCom.dll
MOD - [2014/04/26 11:01:05 | 000,010,752 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\UploadingCom.dll
MOD - [2014/04/26 11:01:04 | 000,012,800 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\SpdFileCom.dll
MOD - [2014/04/26 11:01:04 | 000,011,264 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\UniBytesCom.dll
MOD - [2014/04/26 11:01:04 | 000,010,752 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\ShareFlareNet.dll
MOD - [2014/04/26 11:01:03 | 000,028,672 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\rapidsharecom.dll
MOD - [2014/04/26 11:01:03 | 000,024,576 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\OronCom.dll
MOD - [2014/04/26 11:01:03 | 000,015,360 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\NetLoadIn.dll
MOD - [2014/04/26 11:01:03 | 000,009,216 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\SendSpaceCom.dll
MOD - [2014/04/26 11:01:02 | 000,028,672 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\mediafirecom.dll
MOD - [2014/04/26 11:01:02 | 000,016,896 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\MetaCafeCom.dll
MOD - [2014/04/26 11:01:02 | 000,010,240 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\MegaUploadCom.dll
MOD - [2014/04/26 11:01:01 | 000,014,848 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\HotFileCom.dll
MOD - [2014/04/26 11:01:01 | 000,012,800 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\LetItBitNet.dll
MOD - [2014/04/26 11:01:01 | 000,011,776 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\fivegiganet.dll
MOD - [2014/04/26 11:01:00 | 000,028,672 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\filesoniccom.dll
MOD - [2014/04/26 11:01:00 | 000,028,672 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\fileservecom.dll
MOD - [2014/04/26 11:01:00 | 000,009,216 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\FilesTubeCom.dll
MOD - [2014/04/26 11:00:59 | 000,019,456 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\FileJungleCom.dll
MOD - [2014/04/26 11:00:59 | 000,013,824 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\FilePostCom.dll
MOD - [2014/04/26 11:00:59 | 000,011,776 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\FileFlyerCom.dll
MOD - [2014/04/26 11:00:58 | 000,012,800 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\ExtaBitCom.dll
MOD - [2014/04/26 11:00:58 | 000,012,288 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\FileFactoryCom.dll
MOD - [2014/04/26 11:00:57 | 000,016,896 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\DepositFilesCom.dll
MOD - [2014/04/26 11:00:56 | 000,013,312 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\DailyMotionCom.dll
MOD - [2014/04/26 11:00:56 | 000,009,728 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_4\DataFileHostCom.dll
MOD - [2014/03/28 15:18:40 | 000,121,560 | ---- | M] () -- C:\Users\turnerboy01\AppData\Local\Microsoft\BingDesktop\en-US\Apps\Wallpaper_5386c77076d04cf9a8b5d619b4cba48e\1.3.402\wallpaper.dll
MOD - [2014/03/14 18:01:06 | 003,641,968 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/03/12 19:27:52 | 016,276,872 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
MOD - [2014/03/04 03:36:58 | 000,525,944 | ---- | M] () -- C:\Program Files\Common Files\SpeedBit\SBUpdate\sbfi32.dll
MOD - [2013/10/11 00:25:35 | 001,707,008 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\a6cea04538cb0bcbd7e390c4f74a54ae\System.ServiceModel.Web.ni.dll
MOD - [2013/10/11 00:25:29 | 000,401,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\f649d62e3881b7aa46c41feca60dd136\System.Xml.Linq.ni.dll
MOD - [2013/10/10 23:08:58 | 001,084,928 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\84b77ca258c3d14bbe1e21963d9b7c0e\System.IdentityModel.ni.dll
MOD - [2013/10/10 23:08:56 | 017,477,632 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\d1ff2718e3a4a2c007933dbd5ee34102\System.ServiceModel.ni.dll
MOD - [2013/10/10 23:08:03 | 002,297,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\77fbfbe5ab052a6e9e14cad25270d2b2\System.Core.ni.dll
MOD - [2013/10/10 06:45:44 | 014,340,096 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\dba2af83dea2935fe58bcb3d5a806718\PresentationFramework.ni.dll
MOD - [2013/10/10 06:45:22 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e1d6482355cf83afab1904ee0cd72168\System.Windows.Forms.ni.dll
MOD - [2013/10/10 06:45:10 | 012,238,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\bedfa42c231e4f5dc4a02b9d1ff5d62a\PresentationCore.ni.dll
MOD - [2013/10/10 06:44:57 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\01e2b3170ba115d1c719f0eab8510323\WindowsBase.ni.dll
MOD - [2013/10/10 06:44:51 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\aafdc594aaeb62d1ebfbb827aa9f059b\System.Configuration.ni.dll
MOD - [2013/09/14 00:53:14 | 001,358,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\4bb16ba6ef1293f411f53ee7d9f2c138\System.WorkflowServices.ni.dll
MOD - [2013/09/14 00:47:43 | 011,914,752 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\ef36f3c4cd9ee00b718011b9c873720c\System.Web.ni.dll
MOD - [2013/09/13 20:51:44 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/09/13 20:51:20 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/09/05 01:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2013/08/15 13:27:45 | 002,347,008 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\33edad650db790234dd99a7f63c082a7\System.Runtime.Serialization.ni.dll
MOD - [2013/08/15 13:27:42 | 000,256,000 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\444524d4496e2182917654d468638841\SMDiagnostics.ni.dll
MOD - [2013/08/14 22:06:27 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f5cff49f1a827754ae2ba6d951b12a07\System.Drawing.ni.dll
MOD - [2013/08/14 22:04:50 | 005,464,064 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cea6226854fbf75dc05bd2fb98357e81\System.Xml.ni.dll
MOD - [2013/08/14 22:03:45 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\4802a2f7b7a69969a7cec274030aa373\System.ni.dll
MOD - [2013/07/11 14:58:53 | 000,368,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2013/07/11 14:56:07 | 011,499,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2012/02/01 11:50:58 | 000,968,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
MOD - [2012/02/01 11:44:34 | 008,151,040 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
MOD - [2012/02/01 11:44:34 | 002,278,400 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
MOD - [2012/01/26 21:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014/03/04 03:37:04 | 002,541,688 | ---- | M] (Speedbit Ltd.) [Auto | Running] -- C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe -- (SBUpd)
SRV:64bit: - [2013/12/16 04:04:40 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/10/23 18:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/10/23 18:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/05/25 17:13:54 | 000,162,224 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/05/25 16:59:02 | 000,210,616 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/05/25 16:58:32 | 000,199,304 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/05/27 14:06:16 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2009/03/03 05:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2014/04/13 23:50:50 | 000,770,832 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe -- (BstHdUpdaterSvc)
SRV - [2014/04/13 23:49:18 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2014/04/13 23:48:56 | 000,402,192 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2014/04/11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/04/11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/03/14 18:01:23 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/03/12 19:28:00 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/03/11 23:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE -- (BBUpdate)
SRV - [2014/03/11 23:36:06 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE -- (BBSvc)
SRV - [2014/02/20 23:25:04 | 000,173,280 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2013/10/23 18:48:06 | 000,101,888 | ---- | M] (Freemake) [Auto | Running] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2013/08/07 04:42:30 | 004,308,320 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/07/25 19:58:40 | 000,298,152 | ---- | M] (SPEEDbit) [Auto | Running] -- C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/16 03:07:06 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/07/13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/16 12:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011/02/01 13:20:48 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/01 13:20:46 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011/01/12 18:00:42 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/11/25 05:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 05:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/08/25 20:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/04/19 12:29:29 | 000,061,120 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wStLibG64.sys -- (wStLibG64)
DRV:64bit: - [2014/03/04 03:37:06 | 000,041,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\SpeedBit\SBUpdate\sbw.sys -- (SBUpdd)
DRV:64bit: - [2013/09/27 10:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/09/12 15:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/04/17 21:55:54 | 004,719,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/22 13:29:46 | 000,647,208 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,487,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/02/22 13:29:46 | 000,289,664 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,160,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/06/16 14:40:20 | 000,176,000 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/27 14:06:16 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/03/31 22:35:12 | 000,355,960 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011/03/25 21:17:48 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/12 17:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/29 19:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/10/19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/15 04:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2006/11/01 04:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2014/04/13 23:49:10 | 000,121,616 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.speedbit.com/?s=E4Pb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = http://g.msn.com/USCON/1
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Speedbit"
FF - prefs.js..browser.search.defaulturl: "http://go.speedbit.c...aspx?s=D7Qb&q="
FF - prefs.js..browser.search.order.1: "Speedbit Search"
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledAddons: %7B345422e3-72fa-447a-9550-97803edfacf3%7D:1.0.1
FF - prefs.js..extensions.enabledAddons: daplinkchecker%40speedbit.com:1.0.1.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - prefs.js..keyword.URL: "http://go.speedbit.c...={searchTerms}"

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\turnerboy01\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\turnerboy01\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\turnerboy01\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\turnerboy01\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\turnerboy01\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/06/25 16:52:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\DAP\daplinkchecker [2014/04/26 10:57:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/06/25 16:52:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Program Files (x86)\DAP\DAPFireFox [2014/04/26 10:57:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/07/31 23:20:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\turnerboy01\AppData\Roaming\Mozilla\Extensions
[2014/04/21 15:41:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\turnerboy01\AppData\Roaming\Mozilla\Firefox\Profiles\9b6vg25t.default-1398104825782\extensions
[2014/04/25 01:47:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\turnerboy01\AppData\Roaming\Mozilla\Firefox\Profiles\wzall3dw.default\extensions
[2014/04/20 17:01:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\turnerboy01\AppData\Roaming\Mozilla\Firefox\Profiles\zzpfo3pm.default-1398028751237\extensions
[2014/04/21 15:41:52 | 000,667,234 | ---- | M] () (No name found) -- C:\Users\turnerboy01\AppData\Roaming\Mozilla\Firefox\Profiles\9b6vg25t.default-1398104825782\extensions\[email protected]
[2014/04/21 14:21:09 | 000,007,095 | ---- | M] () (No name found) -- C:\Users\turnerboy01\AppData\Roaming\Mozilla\Firefox\Profiles\9b6vg25t.default-1398104825782\extensions\{345422e3-72fa-447a-9550-97803edfacf3}.xpi
[2014/04/25 01:47:47 | 000,007,095 | ---- | M] () (No name found) -- C:\Users\turnerboy01\AppData\Roaming\Mozilla\Firefox\Profiles\wzall3dw.default\extensions\{345422e3-72fa-447a-9550-97803edfacf3}.xpi
[2014/04/20 16:41:17 | 000,172,824 | ---- | M] () (No name found) -- C:\Users\turnerboy01\AppData\Roaming\Mozilla\Firefox\Profiles\zzpfo3pm.default-1398028751237\extensions\[email protected]
[2014/04/20 17:01:21 | 000,007,095 | ---- | M] () (No name found) -- C:\Users\turnerboy01\AppData\Roaming\Mozilla\Firefox\Profiles\zzpfo3pm.default-1398028751237\extensions\{345422e3-72fa-447a-9550-97803edfacf3}.xpi
[2014/04/25 10:22:01 | 000,002,530 | ---- | M] () -- C:\Users\turnerboy01\AppData\Roaming\Mozilla\Firefox\Profiles\wzall3dw.default\searchplugins\speedbit.xml
[2014/03/14 18:00:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/03/14 18:00:44 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/04/26 10:57:15 | 000,000,000 | ---D | M] (DAP Link Checker) -- C:\PROGRAM FILES (X86)\DAP\DAPLINKCHECKER

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://go.speedbit.com/?s=E4Pb
CHR - Extension: No name found = C:\Users\turnerboy01\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: No name found = C:\Users\turnerboy01\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\turnerboy01\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\turnerboy01\AppData\Local\Google\Chrome\User Data\Default\Extensions\boipimhfjpakfgckhbljjengakjhkcbp\1.2_0\
CHR - Extension: No name found = C:\Users\turnerboy01\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\turnerboy01\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0\
CHR - Extension: No name found = C:\Users\turnerboy01\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.2.15747.10003_0\
CHR - Extension: No name found = C:\Users\turnerboy01\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\turnerboy01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/04/26 10:33:10 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2:64bit: - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2:64bit: - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SpeedBit Link Verification Helper) - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files (x86)\DAP\LinkVerifier.dll (Speedbit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKCU..\Run: [DownloadAccelerator] C:\Program Files (x86)\DAP\DAP.EXE (Speedbit Ltd.)
O4 - HKCU..\Run: [SpeedBitVideoAccelerator] C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe (SPEEDbit)
O4 - HKCU..\RunOnce: [Uninstall C:\Users\turnerboy01\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64] C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\turnerboy01\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm ()
O8:64bit: - Extra context menu item: &Verify with DAP - C:\Program Files (x86)\DAP\dapverify.htm ()
O8:64bit: - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm ()
O8 - Extra context menu item: &Verify with DAP - C:\Program Files (x86)\DAP\dapverify.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm ()
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (SPEEDbit)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creat...102/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...30321/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.183.0.76 65.183.0.86
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{508C166C-565F-4E3D-8A9C-44B84AF9BCF3}: DhcpNameServer = 65.183.0.76 65.183.0.86
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe ()
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/04/26 10:12:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2014/04/26 01:24:08 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/04/24 11:49:53 | 000,000,000 | -HSD | C] -- C:\found.000
[2014/04/21 13:04:41 | 000,000,000 | ---D | C] -- C:\windows\Minidump
[2014/04/21 11:16:18 | 000,000,000 | ---D | C] -- C:\Users\turnerboy01\AppData\Roaming\vlc
[2014/04/20 17:57:23 | 000,000,000 | ---D | C] -- C:\Users\turnerboy01\Documents\My DAP Downloads
[2014/04/20 17:57:13 | 000,000,000 | ---D | C] -- C:\Users\turnerboy01\AppData\Roaming\SpeedBit
[2014/04/20 17:57:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Download Accelerator Plus (DAP)
[2014/04/20 17:56:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAP
[2014/04/20 16:19:16 | 000,000,000 | ---D | C] -- C:\Users\turnerboy01\Desktop\Old Firefox Data
[2014/04/19 18:46:26 | 000,000,000 | ---D | C] -- C:\windows\SysNative\catroot
[2014/04/19 17:55:40 | 000,000,000 | ---D | C] -- C:\Users\turnerboy01\AppData\Local\Installer
[2014/04/19 17:33:43 | 000,000,000 | ---D | C] -- C:\Users\turnerboy01\AppData\Local\CrashRpt
[2014/04/19 12:29:28 | 000,061,120 | ---- | C] (StdLib) -- C:\windows\SysNative\drivers\wStLibG64.sys
[2014/04/19 00:44:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
[2014/04/19 00:44:59 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacks
[2014/04/19 00:44:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BlueStacks
[2014/04/19 00:43:07 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacksSetup

========== Files - Modified Within 30 Days ==========

[2014/04/26 11:05:15 | 000,020,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/26 11:05:15 | 000,020,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/26 11:01:48 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/26 11:00:56 | 000,001,350 | ---- | M] () -- C:\Users\turnerboy01\Desktop\Clean Registry for Free!.lnk
[2014/04/26 11:00:29 | 000,000,266 | ---- | M] () -- C:\windows\tasks\AutoKMS.job
[2014/04/26 11:00:16 | 000,000,904 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/04/26 10:59:52 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/04/26 10:59:39 | 2343,780,352 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/26 10:33:10 | 000,000,098 | ---- | M] () -- C:\windows\SysNative\drivers\etc\Hosts
[2014/04/26 10:27:03 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/04/26 10:06:36 | 159,017,424 | ---- | M] () -- C:\windows\MEMORY.DMP
[2014/04/26 01:21:37 | 000,001,193 | ---- | M] () -- C:\Users\turnerboy01\Documents\Trojan.rtf
[2014/04/26 00:42:04 | 000,000,952 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-125378133-1179762245-3844155704-1000UA.job
[2014/04/26 00:42:03 | 000,000,930 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-125378133-1179762245-3844155704-1000Core.job
[2014/04/26 00:36:01 | 000,000,932 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-125378133-1179762245-3844155704-1000UA.job
[2014/04/25 22:36:01 | 000,000,880 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-125378133-1179762245-3844155704-1000Core.job
[2014/04/25 09:57:51 | 001,843,824 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/04/25 09:57:51 | 000,533,258 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/04/25 09:57:51 | 000,005,792 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/04/25 07:49:06 | 000,002,298 | ---- | M] () -- C:\Users\turnerboy01\Documents\Important Bookmarks.rtf
[2014/04/24 18:40:27 | 000,034,500 | ---- | M] () -- C:\Users\turnerboy01\Documents\Malware off my computer.rtf
[2014/04/24 15:57:02 | 000,109,696 | ---- | M] () -- C:\windows\SysWow64\EasyHook64.dll
[2014/04/23 10:49:32 | 000,003,073 | ---- | M] () -- C:\Users\turnerboy01\Documents\Malware Removal Instructions.rtf
[2014/04/22 13:28:40 | 000,002,010 | ---- | M] () -- C:\Users\turnerboy01\Documents\Bio lab.rtf
[2014/04/22 13:21:57 | 000,001,532 | ---- | M] () -- C:\Users\turnerboy01\Desktop\addons.mozilla.org.cer
[2014/04/22 13:18:53 | 000,002,164 | ---- | M] () -- C:\Users\turnerboy01\Documents\addons.mozilla.org.crt
[2014/04/22 13:13:16 | 000,001,532 | ---- | M] () -- C:\Users\turnerboy01\Desktop\trusted publishers.cer
[2014/04/21 16:06:45 | 000,000,448 | ---- | M] () -- C:\Users\turnerboy01\Documents\Documentikl.rtf
[2014/04/19 20:03:51 | 000,004,267 | ---- | M] () -- C:\Users\turnerboy01\Documents\bookmarks.rtf
[2014/04/19 20:02:22 | 000,275,673 | ---- | M] () -- C:\Users\turnerboy01\Documents\bookmarks_4_19_14.html
[2014/04/19 18:41:25 | 000,000,302 | ---- | M] () -- C:\Users\turnerboy01\Documents\kknklnkll.rtf
[2014/04/19 12:29:29 | 000,061,120 | ---- | M] (StdLib) -- C:\windows\SysNative\drivers\wStLibG64.sys
[2014/04/14 06:58:10 | 000,000,243 | ---- | M] () -- C:\Users\turnerboy01\Documents\hh.rtf
[2014/04/10 19:18:21 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/04/09 18:00:42 | 000,000,296 | ---- | M] () -- C:\windows\tasks\RegClean Pro_UPDATES.job

========== Files Created - No Company Name ==========

[2014/04/26 10:42:13 | 000,001,350 | ---- | C] () -- C:\Users\turnerboy01\Desktop\Clean Registry for Free!.lnk
[2014/04/26 10:36:46 | 000,000,266 | ---- | C] () -- C:\windows\tasks\AutoKMS.job
[2014/04/25 08:25:53 | 000,001,193 | ---- | C] () -- C:\Users\turnerboy01\Documents\Trojan.rtf
[2014/04/25 07:49:05 | 000,002,298 | ---- | C] () -- C:\Users\turnerboy01\Documents\Important Bookmarks.rtf
[2014/04/24 15:58:02 | 000,109,696 | ---- | C] () -- C:\windows\SysWow64\EasyHook64.dll
[2014/04/24 15:40:11 | 159,017,424 | ---- | C] () -- C:\windows\MEMORY.DMP
[2014/04/23 10:49:31 | 000,003,073 | ---- | C] () -- C:\Users\turnerboy01\Documents\Malware Removal Instructions.rtf
[2014/04/22 20:16:13 | 000,034,500 | ---- | C] () -- C:\Users\turnerboy01\Documents\Malware off my computer.rtf
[2014/04/22 13:28:39 | 000,002,010 | ---- | C] () -- C:\Users\turnerboy01\Documents\Bio lab.rtf
[2014/04/22 13:21:49 | 000,001,532 | ---- | C] () -- C:\Users\turnerboy01\Desktop\addons.mozilla.org.cer
[2014/04/22 13:18:53 | 000,002,164 | ---- | C] () -- C:\Users\turnerboy01\Documents\addons.mozilla.org.crt
[2014/04/22 13:13:09 | 000,001,532 | ---- | C] () -- C:\Users\turnerboy01\Desktop\trusted publishers.cer
[2014/04/21 16:06:44 | 000,000,448 | ---- | C] () -- C:\Users\turnerboy01\Documents\Documentikl.rtf
[2014/04/19 20:03:51 | 000,004,267 | ---- | C] () -- C:\Users\turnerboy01\Documents\bookmarks.rtf
[2014/04/19 20:02:22 | 000,275,673 | ---- | C] () -- C:\Users\turnerboy01\Documents\bookmarks_4_19_14.html
[2014/04/19 18:41:25 | 000,000,302 | ---- | C] () -- C:\Users\turnerboy01\Documents\kknklnkll.rtf
[2014/04/14 06:58:10 | 000,000,243 | ---- | C] () -- C:\Users\turnerboy01\Documents\hh.rtf
[2013/06/09 02:04:10 | 000,091,264 | ---- | C] () -- C:\windows\SysWow64\EasyHook32.dll
[2013/05/05 21:05:58 | 000,039,424 | ---- | C] () -- C:\windows\SysWow64\rpiAccessProcess.dll
[2013/02/24 11:29:29 | 000,000,697 | ---- | C] () -- C:\Users\turnerboy01\AppData\Roaming\com.zoosk.Desktop_state.xml
[2012/08/19 14:25:58 | 000,058,880 | ---- | C] () -- C:\Users\turnerboy01\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/05/04 23:50:58 | 000,000,000 | ---D | M] -- C:\Users\turnerboy01\AppData\Roaming\B1Toolbar
[2013/09/14 13:13:11 | 000,000,000 | ---D | M] -- C:\Users\turnerboy01\AppData\Roaming\BabSolution
[2013/09/14 13:12:47 | 000,000,000 | ---D | M] -- C:\Users\turnerboy01\AppData\Roaming\Babylon
[2012/07/10 10:50:45 | 000,000,000 | ---D | M] -- C:\Users\turnerboy01\AppData\Roaming\Blio
[2012/12/25 15:52:53 | 000,000,000 | ---D | M] -- C:\Users\turnerboy01\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
[2012/06/21 09:17:33 | 000,000,000 | ---D | M] -- C:\Users\turnerboy01\AppData\Roaming\Fingertapps
[2012/07/19 18:48:24 | 000,000,000 | ---D | M] -- C:\Users\turnerboy01\AppData\Roaming\GrabPro
[2012/12/24 18:00:26 | 000,000,000 | ---D | M] -- C:\Users\turnerboy01\AppData\Roaming\IDT
[2012/06/21 09:17:21 | 000,000,000 | ---D | M] -- C:\Users\turnerboy01\AppData\Roaming\Leadertech
[2013/09/14 13:13:25 | 000,000,000 | ---D | M] -- C:\Users\turnerboy01\AppData\Roaming\mixidj
[2014/04/26 10:32:37 | 000,000,000 | ---D | M] -- C:\Users\turnerboy01\AppData\Roaming\newnext.me
[2013/10/30 06:54:36 | 000,000,000 | ---D | M] -- C:\Users\turnerboy01\AppData\Roaming\OpenCandy
[2013/04/03 16:22:57 | 000,000,000 | ---D | M] -- C:\Users\turnerboy01\AppData\Roaming\OpenOffice.org
[2012/07/19 20:18:52 | 000,000,000 | ---D | M] -- C:\Users\turnerboy01\AppData\Roaming\Orbit
[2012/09/22 09:03:44 | 000,000,000 | ---D | M] -- C:\Users\turnerboy01\AppData\Roaming\PCDr
[2012/07/19 18:48:31 | 000,000,000 | ---D | M] -- C:\Users\turnerboy01\AppData\Roaming\ProgSense
[2013/12/23 12:47:40 | 000,000,000 | ---D | M] -- C:\Users\turnerboy01\AppData\Roaming\SmileysWeLove
[2014/04/20 17:57:13 | 000,000,000 | ---D | M] -- C:\Users\turnerboy01\AppData\Roaming\SpeedBit
[2014/04/24 18:38:51 | 000,000,000 | ---D | M] -- C:\Users\turnerboy01\AppData\Roaming\Systweak
[2013/05/23 14:55:29 | 000,000,000 | ---D | M] -- C:\Users\turnerboy01\AppData\Roaming\ZinioReader4
[2013/03/03 23:53:51 | 000,000,000 | ---D | M] -- C:\Users\turnerboy01\AppData\Roaming\{994F4882-DDEA-4BE4-81E8-EA6EEDAC6CE1}
[2013/03/03 23:53:28 | 000,000,000 | ---D | M] -- C:\Users\turnerboy01\AppData\Roaming\{C64C782F-F116-458F-971F-3CFEC4CD44CF}
[2013/03/23 20:45:51 | 000,000,000 | ---D | M] -- C:\Users\turnerboy01\AppData\Roaming\{E287A29A-E0C0-4805-9623-C43280552DDA}

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:56E2E879

< End of report >

Extras txt.

OTL Extras logfile created on: 4/26/2014 11:06:59 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\turnerboy01\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.91 Gb Total Physical Memory | 1.38 Gb Available Physical Memory | 47.47% Memory free
5.82 Gb Paging File | 3.44 Gb Available in Paging File | 59.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 278.46 Gb Total Space | 220.99 Gb Free Space | 79.36% Space Free | Partition Type: NTFS

Computer Name: TURNERBOY01-PC | User Name: turnerboy01 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{11C25968-921D-47E0-8913-66EF7DE8E021}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{14BDDBA5-F3C7-4F30-8145-1AA0EC52AAEB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{183AB822-5FA0-4229-AE6D-5E3D85864E8C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{21E01ADB-CCA3-487B-B558-E71DB7CA04AB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2D402670-1777-4390-B00C-B7681EB49771}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2FC01C30-8288-4CEF-BE3A-BD3A2E912F78}" = rport=10243 | protocol=6 | dir=out | app=system |
"{67544D92-9ED0-4B0C-BB3C-C9C83BE34C2F}" = lport=9701 | protocol=6 | dir=in | name=syncup_tcp_9701 |
"{6DC9CAB7-EF29-4394-8257-46C96051DA3C}" = lport=9700 | protocol=6 | dir=in | name=syncup_tcp_9700 |
"{78C90DE9-D969-4270-BFF7-1B75E25B866C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{876307D3-811B-4543-A7D0-293201E385E2}" = lport=9700 | protocol=17 | dir=in | name=syncup_udp_9700 |
"{8C0627BE-1A98-45B0-9D46-C28D9A9D05AA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8CFC01A2-7957-4C37-A958-AC3BAE892215}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AAA95497-A4C3-4494-A149-54F761D3C385}" = lport=9702 | protocol=6 | dir=in | name=syncup_tcp_9702 |
"{AEA3F0B7-025B-4218-81F0-E3F781DC876A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C2EB4420-2C4D-4C7D-AE0C-4A71A1E7B83F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F3D649CD-7F99-47D6-B119-F2399578BE7C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03B66D84-A37D-4855-98C6-59BC453558D9}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{070394B0-AC40-4AA2-AA1C-172AE16BEFA4}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe |
"{07B4F6A5-BFA4-4F99-B63B-03BF30A07226}" = dir=in | app=c:\program files\dell stage\musicstage\musicstageengine.exe |
"{07FD969A-9908-4EF6-957F-6C6E3CDF7CB7}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{0A77D17C-F05F-49CA-9882-F75DD5EDEC90}" = dir=in | name=youtubefast |
"{0FF63CC6-E296-4E02-8A1E-751B67A645F4}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe |
"{1243BDBB-6EFB-4B63-8CAB-F73863D29E83}" = dir=in | name=youtubefast |
"{1E76F4ED-1177-4C6C-8581-AD6BCD8C5FCD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1FFE8BE2-E17F-47C4-9073-550BDF48BD18}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{218E2261-4C9C-4683-A235-93F5041B3CAD}" = dir=in | app=c:\users\turnerboy01\appdata\local\microsoft\skydrive\skydrive.exe |
"{2578627B-B4B1-4254-8650-91C7C5FD9D13}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{2BC9A3E9-4BB5-4320-B241-BBC4CE3668E2}" = dir=in | name=youtubefast |
"{2DDAC6ED-B80E-465D-9F81-D9F1EB89D74D}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{30B1E555-A7CB-4AEA-9C5B-949CB47C24B1}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\nero\bdcore\nero blu-ray player\blu-rayplayer.exe |
"{3338BFB2-5565-4EC1-BD2F-13D13B70367D}" = dir=in | name=youtubefast |
"{3396F705-B3CF-4EB2-8355-4430A392A9AA}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{35D41F78-1D46-4769-B7FD-C1F6C29F0F1E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{39E7E41E-4F1B-410A-9E73-148E866C2759}" = dir=in | name=youtubefast |
"{44E14838-841C-4B2F-B96E-C80BC320008B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{4877E45C-1090-498D-BB61-078FD9BBB29D}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\nero\bdcore\nero blu-ray player\blu-rayplayer.exe |
"{49E3C385-6525-4CD6-A0CA-C73DD9AA0F8B}" = dir=in | app=c:\program files\dell stage\dell stage\stage_primary.exe |
"{4AC272EE-B993-4008-BD87-24D360AB25C9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4CF0C1F1-088D-4133-AD21-441C2F34526A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4CF8A34B-9416-4DB1-B95E-E4BC710C5D7E}" = dir=in | app=c:\program files\dell stage\dell stage\accuweather\accuweather.exe |
"{4E8573BC-BBC3-4A54-AE75-AAE1C69B36F4}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe |
"{4F2558FA-5B74-4493-82B7-D4AE7FDD821A}" = dir=in | name=youtubefast |
"{51AB7E90-4B79-49DC-921F-7284B4851274}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{53027099-45A0-4723-A64D-F90E89866D84}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe |
"{582CBA9E-B305-4EF1-BD59-1BD0CE177AC8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5A44B4BF-11C7-44B6-ADF1-FDE987323D5A}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe |
"{5AC11D3D-1CE9-4B3C-ACC7-3B0DC63BEA59}" = protocol=17 | dir=in | app=c:\users\turnerboy01\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{6239986C-E231-4AE4-80C3-58EF152E64F2}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{6428B30B-A8A4-4B25-8BC1-81EF3EB5C13D}" = protocol=6 | dir=out | app=system |
"{6845C143-5E44-4D5B-8DD4-DA28ED996378}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe |
"{6886D989-F859-4462-8765-77B82CF776FF}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{6ADEB7E3-B54B-4E18-992E-83997CAB5A00}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{6CC8C810-9ACE-4CBA-9C1F-55D36945511A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6E1ADF10-1F57-4069-9EEE-A4373F983487}" = dir=in | name=youtubefast |
"{6F95399A-1282-4E21-B47F-2F146D8A770C}" = protocol=6 | dir=in | app=c:\users\turnerboy01\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{7043E046-F1D8-45D5-80BC-0B737B4C4578}" = protocol=6 | dir=out | app=c:\users\turnerboy01\appdata\local\beamrise\application\29.3.0.7376\windows-x86-skypekit.exe |
"{7B30A64C-6CE4-48EA-A6DA-0ABCA142F030}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe |
"{7DA68D55-DA7C-4B99-9972-B9B603B2744C}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe |
"{7E32E871-A123-4B03-ADC5-78452486FD91}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7E90E431-8E86-416F-B685-3022A4A58304}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8373BB3A-02B6-4033-85FE-1C81A59908ED}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8B7BF357-A50E-486B-AE38-F10341F1DC0E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{8C899B4C-48D3-4EA6-B835-A7B8F956DC1D}" = protocol=6 | dir=in | app=c:\users\turnerboy01\appdata\local\beamrise\application\29.3.0.7376\windows-x86-skypekit.exe |
"{8F33780B-3E41-4A26-A96E-DC9062E664E0}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{91E9DD07-03E3-4F00-96AE-620DE071E8B7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{9387E018-7029-400D-9C70-22EC788F6FAD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{93B0D313-A7CC-4E93-BC53-6369D3CA5703}" = dir=in | name=youtubefast |
"{98041419-48BE-478C-87FA-88BB306BC17E}" = dir=in | app=c:\users\turnerboy01\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{9C9EA22F-A8F1-4C59-8861-8D99F0A2DE57}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9CDD9CEA-AF07-4D38-B649-05E0F6C22E04}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe |
"{9F2376F6-653C-4753-AC06-D0CF99E212B9}" = protocol=6 | dir=in | app=c:\users\turnerboy01\appdata\local\beamrise\application\29.3.0.7376\services\windows-x86-skypekit.exe |
"{A1947601-95DD-4146-90F3-8DBF789D6940}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A28346BD-E514-488D-B0CD-04EED7CC30F4}" = dir=in | name=youtubefast |
"{A7672BBF-77AC-49A4-AB7F-025FA0B1D829}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{A8C3268A-10DD-47FF-B4F0-38B96C37343D}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe |
"{AC431DF9-C4CA-44F7-B713-85066B26CAD6}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe |
"{B51D046F-1C3B-4E85-A6F9-6E1ABD927F6D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B6C118A7-C59C-457C-B9FA-85700A55BC5C}" = dir=in | name=youtubefast |
"{CC07EDEF-3A5C-49CA-8404-2FC792FA282D}" = protocol=6 | dir=out | app=c:\users\turnerboy01\appdata\local\beamrise\application\29.3.0.7376\services\windows-x86-skypekit.exe |
"{E624EF26-C375-4869-A02B-2A697D04C0E2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E8AB8820-04CA-4FFC-B802-1592082854F7}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{EA6F70A7-8C02-4A58-B07F-4BD6325EDAE6}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{F461D97A-5C05-4C22-A826-5A949E477087}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FB2C0991-BFBB-4949-ADE7-E3A38AAEB0D0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{C0DA129B-1E45-494D-A362-5CD0109C306B}" = WOT for Internet Explorer
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"{E102B843-786A-4F58-AF75-6504570E207B}" = Microsoft Security Client
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"DW WLAN Card" = DW WLAN Card
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"PC-Doctor for Windows" = My Dell
"SecretSauce" = SecretSauce

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{0ECFCB07-9BFE-4970-ACA1-D568D982760B}" = Complete Care Business Service Agreement
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0FD155A3-DF78-43ee-84B0-3CC86BA962F2}_is1" = Sothink Video Converter
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A0F2CC5-3065-492C-8380-B03AA7106B1A}" = Dell Product Registration
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3365E735-48A6-4194-9988-CE59AC5AE503}" = Bing Bar
"{3BD7DD08-991B-4A2F-A165-614ED14EAADD}" = Dell MusicStage
"{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}" = RealDownloader
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{400182B4-CA55-46A9-9D88-F8413DCFB36D}" = Blio
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{40F06490-8C14-43AA-99D3-EEEFDBAC3CFC}" = SyncUP
"{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}" = Banctec Service Agreement
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{689FD579-0642-4D3E-AB61-F63B79C5075A}" = BlueStacks Notification Center
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B0C5EF6-DE4C-4E20-8889-C17604FFE5CD}" = Windows Live Family Safety
"{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}" = Bing Desktop
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{7FB00B6B-6843-97EC-EED6-78BD6D35370A}" = Zinio Reader 4
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{903679E8-44C8-4C07-9600-05C92654FC50}" = QualxServ Service Agreement
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}" = OpenOffice.org 3.4.1
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}" = Dell Home Systems Service Agreement
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.7) MUI
"{AF4D3C63-009B-4A17-B02E-D395065DD3F0}" = Dell Stage Remote
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail
"{BB285C9F-C821-4770-8970-56C4AB52C87E}" = Skype Click to Call
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}" = Premium Service Agreement
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{D92C9CCE-E5F0-4125-977A-0590F3225B74}" = SyncUP
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E121A4FE-009B-385B-BB0D-B934E2A88288}" = Google Talk Plugin
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}" = Accidental Damage Services Agreement
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FE182796-F6BA-486A-8590-89B7E8D1D60F}" = Dell Stage
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"AviSynth" = AviSynth 2.5
"Creative Element Power Tools" = Creative Element Power Tools
"Dell Webcam Central" = Dell Webcam Central
"Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP)
"Freemake Video Converter_is1" = Freemake Video Converter version 4.1.0
"Google Chrome" = Google Chrome
"HaaliMkx" = Haali Media Splitter
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"mixidj" = MixiDJ Toolbar
"MixiDJ chrome Toolbar" = MixiDJ chrome Toolbar
"Mozilla Firefox 28.0 (x86 en-US)" = Mozilla Firefox 28.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee SecurityCenter
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"RealPlayer 16.0" = RealPlayer
"RegClean Pro_is1" = RegClean Pro
"SpeedBit Video Accelerator" = SpeedBit Video Accelerator
"SqueakyChocolate, LLC UpdateChecker" = UpdateChecker
"TeamViewer 8" = TeamViewer 8
"VLC media player" = VLC media player 1.0.1
"WinLiveSuite" = Windows Live Essentials
"ZinioReader4" = Zinio Reader 4

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Pokki" = Pokki
"Pokki_83453a3d886e527a470b5bb8291dd338de4b1e44" = Pixsta
"PokkiDownloadHelper" = Pokki Download Helper
"SkyDriveSetup.exe" = Microsoft SkyDrive

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/9/2013 10:19:08 PM | Computer Name = turnerboy01-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 10/10/2013 1:18:52 AM | Computer Name = turnerboy01-PC | Source = Application Error | ID = 1000
Description = Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16686,
time stamp: 0x52058cf0 Faulting module name: ntdll.dll, version: 6.1.7601.18229,
time stamp: 0x51fb1072 Exception code: 0xc0000374 Fault offset: 0x000ce753 Faulting
process id: 0x1e84 Faulting application start time: 0x01cec4e793caeada Faulting application
path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path:
C:\windows\SysWOW64\ntdll.dll Report Id: 73088129-316b-11e3-a7c4-24b6fd3d05aa

Error - 10/10/2013 2:26:18 AM | Computer Name = turnerboy01-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe".
Dependent
Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 10/10/2013 7:38:53 AM | Computer Name = turnerboy01-PC | Source = WinMgmt | ID = 10
Description =

Error - 10/10/2013 7:41:35 AM | Computer Name = turnerboy01-PC | Source = WinMgmt | ID = 10
Description =

Error - 10/10/2013 7:24:52 PM | Computer Name = turnerboy01-PC | Source = WinMgmt | ID = 10
Description =

Error - 10/11/2013 8:02:25 AM | Computer Name = turnerboy01-PC | Source = WinMgmt | ID = 10
Description =

Error - 10/11/2013 8:25:35 AM | Computer Name = turnerboy01-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 4/26/2014 11:06:49 AM | Computer Name = turnerboy01-PC | Source = BugCheck | ID = 1001
Description =

Error - 4/26/2014 11:07:04 AM | Computer Name = turnerboy01-PC | Source = Service Control Manager | ID = 7023
Description = The BlueStacks Android Service service terminated with the following
error:   %%1064

Error - 4/26/2014 11:19:03 AM | Computer Name = turnerboy01-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures.     New Signature
Version:      Previous Signature Version: 1.173.545.0     Update Source: %%859     Update Stage:
%%852     Source Path: Signature Type: %%800     Update Type: %%803

   User:
NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.10502.0

   Error
code: 0x80248007     Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.

Error - 4/26/2014 11:28:18 AM | Computer Name = turnerboy01-PC | Source = Service Control Manager | ID = 7034
Description = The Adobe Acrobat Update Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 4/26/2014 11:30:16 AM | Computer Name = turnerboy01-PC | Source = DCOM | ID = 10010
Description =

Error - 4/26/2014 11:33:09 AM | Computer Name = turnerboy01-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 4/26/2014 11:36:29 AM | Computer Name = turnerboy01-PC | Source = Service Control Manager | ID = 7023
Description = The BlueStacks Android Service service terminated with the following
error:   %%1064

Error - 4/26/2014 11:47:55 AM | Computer Name = turnerboy01-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures.     New Signature
Version:      Previous Signature Version: 1.173.545.0     Update Source: %%859     Update Stage:
%%852     Source Path: Signature Type: %%800     Update Type: %%803

   User:
NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.10502.0

   Error
code: 0x80248007     Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.

Error - 4/26/2014 12:00:06 PM | Computer Name = turnerboy01-PC | Source = Service Control Manager | ID = 7023
Description = The BlueStacks Android Service service terminated with the following
error:   %%1064

Error - 4/26/2014 12:17:32 PM | Computer Name = turnerboy01-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures.     New Signature
Version:      Previous Signature Version: 1.173.545.0     Update Source: %%859     Update Stage:
%%852     Source Path: Signature Type: %%800     Update Type: %%803

   User:
NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.10502.0

   Error
code: 0x8024402c     Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.

< End of report >

#20
JohnnyTurn

Posted 26 April 2014 - 10:25 PM

Member

Topic Starter
Member
35 posts

Hello,

This is the JRT.txt log.

Thank you,

JohnnyTurn

JRT.txt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by turnerboy01 on Sat 04/26/2014 at 23:12:37.15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escorteng.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\esrv.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\mixidj
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-125378133-1179762245-3844155704-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\mixidj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mixidj.mixidjappcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mixidj.mixidjappcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mixidj.mixidjdskbnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mixidj.mixidjdskbnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mixidj.mixidjhlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mixidj.mixidjhlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\mixidj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\regclean pro_is1

~~~ Files

Successfully deleted: [File] "C:\windows\Tasks\RegClean Pro_UPDATES.job"

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\Users\turnerboy01\AppData\Roaming\b1toolbar"
Successfully deleted: [Folder] "C:\Users\turnerboy01\AppData\Roaming\babsolution"
Successfully deleted: [Folder] "C:\Users\turnerboy01\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\turnerboy01\AppData\Roaming\mixidj"
Successfully deleted: [Folder] "C:\Users\turnerboy01\AppData\Roaming\newnext.me"
Successfully deleted: [Folder] "C:\Users\turnerboy01\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\turnerboy01\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Program Files (x86)\mixidj"
Successfully deleted: [Folder] "C:\Program Files (x86)\regclean pro"
Successfully deleted: [Folder] "C:\Program Files (x86)\secretsauce"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\regclean pro"
Successfully deleted: [Empty Folder] C:\Users\turnerboy01\appdata\local\{DC4D1C9B-391E-4A8F-B426-410AF68545BB}
Successfully deleted: [Empty Folder] C:\Users\turnerboy01\appdata\local\{EB67ED58-9DA9-4DDA-92B6-51C5736A8ADD}

~~~ FireFox

Successfully deleted: [File] C:\Users\turnerboy01\AppData\Roaming\mozilla\firefox\profiles\wzall3dw.default\user.js
Successfully deleted: [File] C:\Users\turnerboy01\AppData\Roaming\mozilla\firefox\profiles\wzall3dw.default\bprotector_prefs.js
Successfully deleted: [File] C:\Users\turnerboy01\AppData\Roaming\mozilla\firefox\profiles\wzall3dw.default\invalidprefs.js
Successfully deleted the following from C:\Users\turnerboy01\AppData\Roaming\mozilla\firefox\profiles\wzall3dw.default\prefs.js

user_pref("browser.newtab.url", "hxxp://mixidj.delta-search.com/?babsrc=NT_ss&mntrId=7C4E08EDB92E0169&affID=121124&tsp=5005");
user_pref("extensions.crossrider.bic", "1437f040052b63bcd3a5f50a5a19c96a");

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 04/26/2014 at 23:22:23.19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#21
JohnnyTurn

Posted 26 April 2014 - 10:32 PM

Member

Topic Starter
Member
35 posts

Hello,

I scanned my computer using the AdwCleaner. I then pressed the "Report" button like you said and I am going to post the report below.

Thank you,

JohnnyTurn

AdwCleaner [R0].txt

# AdwCleaner v3.204 - Report created 26/04/2014 at 23:27:40
# Updated 26/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : turnerboy01 - TURNERBOY01-PC
# Running from : C:\Users\turnerboy01\Downloads\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : wStLibG64

***** [ Files / Folders ] *****

File Found : C:\Users\Public\Desktop\RegClean Pro.lnk
File Found : C:\Users\turnerboy01\AppData\Roaming\Mozilla\Firefox\Profiles\wzall3dw.default\searchplugins\speedbit.xml
File Found : C:\Users\turnerboy01\daemonprocess.txt
File Found : C:\windows\System32\roboot64.exe
File Found : C:\windows\System32\Tasks\EPUpdater
File Found : C:\windows\System32\Tasks\RegClean Pro
File Found : C:\windows\System32\Tasks\RegClean Pro_DEFAULT
Folder Found : C:\Users\turnerboy01\.android
Folder Found : C:\Users\turnerboy01\AppData\Local\b1e
Folder Found : C:\Users\turnerboy01\AppData\Local\BeamriseUninstall
Folder Found : C:\Users\turnerboy01\AppData\Local\genienext
Folder Found : C:\Users\turnerboy01\AppData\Local\Google\Chrome\User Data\Default\Extensions\boipimhfjpakfgckhbljjengakjhkcbp
Folder Found : C:\Users\turnerboy01\AppData\Local\Mobogenie
Folder Found : C:\Users\turnerboy01\AppData\Local\Pokki
Folder Found : C:\Users\turnerboy01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Folder Found : C:\Users\turnerboy01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki
Folder Found : C:\Users\turnerboy01\Documents\Mobogenie

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\5c55da8cbc3ab845
Key Found : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Key Found : HKCU\Software\Classes\Directory\shell\pokki
Key Found : HKCU\Software\Classes\Drive\shell\pokki
Key Found : HKCU\Software\Classes\lnkfile\shell\pokki
Key Found : HKCU\Software\Classes\pokki
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FFD0EF2-DBE9-483A-80C4-D2C331DA1CE4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_83453a3d886e527a470b5bb8291dd338de4b1e44
Key Found : HKCU\Software\Pokki
Key Found : HKCU\Software\Popajar
Key Found : HKCU\Software\SmileysWeLove
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Key Found : [x64] HKCU\Software\Pokki
Key Found : [x64] HKCU\Software\Popajar
Key Found : [x64] HKCU\Software\SmileysWeLove
Key Found : HKLM\SOFTWARE\5c55da8cbc3ab845
Key Found : HKLM\SOFTWARE\Classes\AppID\{A2773ED4-83BD-488A-A186-73590706C916}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{065C1A21-97F8-45FB-A9F0-861B60FACEC8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3204358F-5904-46A6-841F-D6B5BE3EF4E3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3AE67737-0E3E-44AA-AA5E-46A68BF017FF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3EE5B726-044A-48D2-AA7B-049BD9A0F62A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{60FBBE03-57FF-49D8-B38E-053D3F489825}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6A5182F1-C0B8-42B8-96CC-7F329CD46913}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6C153418-8E4D-4FAF-AF27-5201E38463A7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A26A2F05-AC4D-4A1E-9531-9125F7309B78}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5D6240-7DF0-435D-9B9B-F8586A99DE86}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F343045E-E20A-46E1-82D8-9962C43EFC9E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FBB360DC-CB6C-4D6A-808A-2C773151BFFF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FFD7DDAC-EC28-42A5-8D39-917B9078604B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\boipimhfjpakfgckhbljjengakjhkcbp
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dbpebffoameokfhnaaedmefjncfboino
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kpepfkjapeclaafmhoelccknpfedainn
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C55BBCD6-41AD-48AD-9953-3609C48EACC7}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://go.speedbit.com/?s=E4Pb
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://go.speedbit.com/tab/?s=E4Pb

-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Users\turnerboy01\AppData\Roaming\Mozilla\Firefox\Profiles\wzall3dw.default\prefs.js ]

Line Found : user_pref("browser.search.defaultenginename", "Speedbit");
Line Found : user_pref("browser.search.defaulturl", "hxxp://go.speedbit.com/search.aspx?s=D7Qb&q=");
Line Found : user_pref("browser.search.order.1", "Speedbit Search");
Line Found : user_pref("browser.startup.homepage_override_url", "hxxp://go.speedbit.com/?s=D7Qb");
Line Found : user_pref("extensions.enabledAddons", "%7B345422e3-72fa-447a-9550-97803edfacf3%7D:1.0.1,daplinkchecker%40speedbit.com:1.0.1.8,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0");
Line Found : user_pref("keyword.URL", "hxxp://go.speedbit.com/search.aspx?site=shdefault&pid=s&shr=d&q={searchTerms}");

-\\ Google Chrome v34.0.1847.116

[ File : C:\Users\turnerboy01\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Found [Search Provider] : hxxp://go.speedbit.com/search.aspx?s=E4Pb&q={searchTerms}
Found [Homepage] : hxxp://go.speedbit.com/?s=E4Pb

*************************

AdwCleaner[R0].txt - [7314 octets] - [26/04/2014 23:27:40]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [7374 octets] ##########

#22
JohnnyTurn

Posted 26 April 2014 - 10:48 PM

Member

Topic Starter
Member
35 posts

Hello,

This is the log (AdwCleaner [S0].txt) by AdwCleaner created after I cleaned the detected files and the program rebooted my computer. It is written below.

Thank you,

JohnnyTurn

AdwCleaner [S0].txt

# AdwCleaner v3.204 - Report created 26/04/2014 at 23:33:34
# Updated 26/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : turnerboy01 - TURNERBOY01-PC
# Running from : C:\Users\turnerboy01\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : wStLibG64

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\turnerboy01\.android
Folder Deleted : C:\Users\turnerboy01\AppData\Local\b1e
Folder Deleted : C:\Users\turnerboy01\AppData\Local\BeamriseUninstall
Folder Deleted : C:\Users\turnerboy01\AppData\Local\genienext
Folder Deleted : C:\Users\turnerboy01\AppData\Local\Mobogenie
Folder Deleted : C:\Users\turnerboy01\AppData\Local\Pokki
Folder Deleted : C:\Users\turnerboy01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Folder Deleted : C:\Users\turnerboy01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki
Folder Deleted : C:\Users\turnerboy01\Documents\Mobogenie
Folder Deleted : C:\Users\turnerboy01\AppData\Local\Google\Chrome\User Data\Default\Extensions\boipimhfjpakfgckhbljjengakjhkcbp
File Deleted : C:\windows\System32\roboot64.exe
File Deleted : C:\Users\Public\Desktop\RegClean Pro.lnk
File Deleted : C:\Users\turnerboy01\daemonprocess.txt
File Deleted : C:\Users\turnerboy01\AppData\Roaming\Mozilla\Firefox\Profiles\wzall3dw.default\searchplugins\speedbit.xml
File Deleted : C:\windows\System32\Tasks\EPUpdater
File Deleted : C:\windows\System32\Tasks\RegClean Pro
File Deleted : C:\windows\System32\Tasks\RegClean Pro_DEFAULT

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\boipimhfjpakfgckhbljjengakjhkcbp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dbpebffoameokfhnaaedmefjncfboino
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kpepfkjapeclaafmhoelccknpfedainn
Key Deleted : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Key Deleted : HKCU\Software\Classes\Directory\shell\pokki
Key Deleted : HKCU\Software\Classes\Drive\shell\pokki
Key Deleted : HKCU\Software\Classes\lnkfile\shell\pokki
Key Deleted : HKCU\Software\Classes\pokki
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKCU\Software\5c55da8cbc3ab845
Key Deleted : HKLM\SOFTWARE\5c55da8cbc3ab845
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A2773ED4-83BD-488A-A186-73590706C916}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{065C1A21-97F8-45FB-A9F0-861B60FACEC8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3204358F-5904-46A6-841F-D6B5BE3EF4E3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AE67737-0E3E-44AA-AA5E-46A68BF017FF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3EE5B726-044A-48D2-AA7B-049BD9A0F62A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60FBBE03-57FF-49D8-B38E-053D3F489825}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6A5182F1-C0B8-42B8-96CC-7F329CD46913}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C153418-8E4D-4FAF-AF27-5201E38463A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A26A2F05-AC4D-4A1E-9531-9125F7309B78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5D6240-7DF0-435D-9B9B-F8586A99DE86}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F343045E-E20A-46E1-82D8-9962C43EFC9E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FBB360DC-CB6C-4D6A-808A-2C773151BFFF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFD7DDAC-EC28-42A5-8D39-917B9078604B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FFD0EF2-DBE9-483A-80C4-D2C331DA1CE4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C55BBCD6-41AD-48AD-9953-3609C48EACC7}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKCU\Software\Popajar
Key Deleted : HKCU\Software\SmileysWeLove
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_83453a3d886e527a470b5bb8291dd338de4b1e44

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Users\turnerboy01\AppData\Roaming\Mozilla\Firefox\Profiles\wzall3dw.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "Speedbit");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://go.speedbit.com/search.aspx?s=D7Qb&q=");
Line Deleted : user_pref("browser.search.order.1", "Speedbit Search");
Line Deleted : user_pref("browser.startup.homepage_override_url", "hxxp://go.speedbit.com/?s=D7Qb");
Line Deleted : user_pref("extensions.enabledAddons", "%7B345422e3-72fa-447a-9550-97803edfacf3%7D:1.0.1,daplinkchecker%40speedbit.com:1.0.1.8,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0");
Line Deleted : user_pref("keyword.URL", "hxxp://go.speedbit.com/search.aspx?site=shdefault&pid=s&shr=d&q={searchTerms}");

-\\ Google Chrome v34.0.1847.116

[ File : C:\Users\turnerboy01\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://go.speedbit.com/search.aspx?s=E4Pb&q={searchTerms}
Deleted [Homepage] : hxxp://go.speedbit.com/?s=E4Pb

*************************

AdwCleaner[R0].txt - [7482 octets] - [26/04/2014 23:27:40]
AdwCleaner[S0].txt - [7241 octets] - [26/04/2014 23:33:34]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7301 octets] ##########

#23
zep516

Posted 26 April 2014 - 11:55 PM

Trusted Helper

Malware Removal
8,093 posts

Hello johnnyTurn,

I still need the Malwarebytes log.

Please note: the otl Log that you posted is from yesterday, see the date below and it says run 1

OTL logfile created on: 4/26/2014 11:06:59 AM - Run 1

I only need the OTL.TXT Log, so just do a quick scan with OTL and post the log that pops up.

Thanks
Joe

#24
JohnnyTurn

Posted 27 April 2014 - 09:44 AM

Member

Topic Starter
Member
35 posts

Hello,

This the fresh OTL.txt log.

Thank you,

JohnnyTurn

OTL.txt

OTL logfile created on: 4/27/2014 1:02:20 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\turnerboy01\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.91 Gb Total Physical Memory | 1.35 Gb Available Physical Memory | 46.50% Memory free
5.82 Gb Paging File | 3.61 Gb Available in Paging File | 62.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 278.46 Gb Total Space | 220.40 Gb Free Space | 79.15% Space Free | Partition Type: NTFS

Computer Name: TURNERBOY01-PC | User Name: turnerboy01 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/04/26 00:33:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\turnerboy01\Downloads\OTL.exe
PRC - [2014/04/25 09:57:28 | 004,110,992 | ---- | M] (Speedbit Ltd.) -- C:\Program Files (x86)\DAP\DAP.exe
PRC - [2014/04/13 23:50:50 | 000,770,832 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
PRC - [2014/04/13 23:49:18 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
PRC - [2014/04/11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014/04/11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/03/14 18:01:24 | 000,277,616 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/03/11 23:36:06 | 000,193,696 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
PRC - [2014/02/20 23:25:06 | 002,357,984 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
PRC - [2014/02/20 23:25:06 | 000,208,600 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe
PRC - [2014/02/20 23:25:06 | 000,044,768 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BDSurrogateHost.exe
PRC - [2014/02/20 23:25:04 | 000,370,400 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BDRuntimeHost.exe
PRC - [2014/02/20 23:25:04 | 000,173,280 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
PRC - [2014/02/20 23:25:04 | 000,153,312 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe
PRC - [2013/10/23 18:48:06 | 000,101,888 | ---- | M] (Freemake) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
PRC - [2013/08/07 04:42:30 | 004,308,320 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013/07/25 19:58:40 | 001,517,224 | ---- | M] (SPEEDbit) -- C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe
PRC - [2013/07/25 19:58:40 | 000,298,152 | ---- | M] (SPEEDbit) -- C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe
PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/16 03:07:06 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012/12/10 12:01:20 | 007,751,096 | ---- | M] (Systweak Inc) -- C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe
PRC - [2012/07/13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2012/02/16 12:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2012/02/01 11:50:58 | 000,968,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
PRC - [2012/01/27 16:30:16 | 000,465,216 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2012/01/26 21:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2012/01/26 21:47:36 | 004,293,952 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/02/01 13:20:48 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 13:20:46 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2011/01/12 18:00:42 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

========== Modules (No Company Name) ==========

MOD - [2014/04/26 10:09:09 | 000,009,216 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\AddonsCondition.dll
MOD - [2014/03/28 15:18:40 | 000,121,560 | ---- | M] () -- C:\Users\turnerboy01\AppData\Local\Microsoft\BingDesktop\en-US\Apps\Wallpaper_5386c77076d04cf9a8b5d619b4cba48e\1.3.402\wallpaper.dll
MOD - [2014/03/14 18:01:06 | 003,641,968 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/03/04 03:36:58 | 000,525,944 | ---- | M] () -- C:\Program Files\Common Files\SpeedBit\SBUpdate\sbfi32.dll
MOD - [2013/10/11 00:25:35 | 001,707,008 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\a6cea04538cb0bcbd7e390c4f74a54ae\System.ServiceModel.Web.ni.dll
MOD - [2013/10/11 00:25:29 | 000,401,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\f649d62e3881b7aa46c41feca60dd136\System.Xml.Linq.ni.dll
MOD - [2013/10/10 23:08:58 | 001,084,928 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\84b77ca258c3d14bbe1e21963d9b7c0e\System.IdentityModel.ni.dll
MOD - [2013/10/10 23:08:56 | 017,477,632 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\d1ff2718e3a4a2c007933dbd5ee34102\System.ServiceModel.ni.dll
MOD - [2013/10/10 23:08:03 | 002,297,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\77fbfbe5ab052a6e9e14cad25270d2b2\System.Core.ni.dll
MOD - [2013/10/10 06:45:44 | 014,340,096 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\dba2af83dea2935fe58bcb3d5a806718\PresentationFramework.ni.dll
MOD - [2013/10/10 06:45:22 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e1d6482355cf83afab1904ee0cd72168\System.Windows.Forms.ni.dll
MOD - [2013/10/10 06:45:10 | 012,238,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\bedfa42c231e4f5dc4a02b9d1ff5d62a\PresentationCore.ni.dll
MOD - [2013/10/10 06:44:57 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\01e2b3170ba115d1c719f0eab8510323\WindowsBase.ni.dll
MOD - [2013/10/10 06:44:51 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\aafdc594aaeb62d1ebfbb827aa9f059b\System.Configuration.ni.dll
MOD - [2013/09/14 00:53:14 | 001,358,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\4bb16ba6ef1293f411f53ee7d9f2c138\System.WorkflowServices.ni.dll
MOD - [2013/09/14 00:47:43 | 011,914,752 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\ef36f3c4cd9ee00b718011b9c873720c\System.Web.ni.dll
MOD - [2013/09/13 20:51:44 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/09/13 20:51:20 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/09/05 01:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2013/08/15 13:27:45 | 002,347,008 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\33edad650db790234dd99a7f63c082a7\System.Runtime.Serialization.ni.dll
MOD - [2013/08/15 13:27:42 | 000,256,000 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\444524d4496e2182917654d468638841\SMDiagnostics.ni.dll
MOD - [2013/08/14 22:06:27 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f5cff49f1a827754ae2ba6d951b12a07\System.Drawing.ni.dll
MOD - [2013/08/14 22:04:50 | 005,464,064 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cea6226854fbf75dc05bd2fb98357e81\System.Xml.ni.dll
MOD - [2013/08/14 22:03:45 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\4802a2f7b7a69969a7cec274030aa373\System.ni.dll
MOD - [2013/07/11 14:58:53 | 000,368,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2013/07/11 14:56:07 | 011,499,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2012/02/01 11:50:58 | 000,968,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
MOD - [2012/02/01 11:44:34 | 008,151,040 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
MOD - [2012/02/01 11:44:34 | 002,278,400 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
MOD - [2012/01/26 21:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014/03/04 03:37:04 | 002,541,688 | ---- | M] (Speedbit Ltd.) [Auto | Running] -- C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe -- (SBUpd)
SRV:64bit: - [2013/12/16 04:04:40 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/10/23 18:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/10/23 18:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/05/25 17:13:54 | 000,162,224 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/05/25 16:59:02 | 000,210,616 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/05/25 16:58:32 | 000,199,304 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/05/27 14:06:16 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2009/03/03 05:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2014/04/13 23:50:50 | 000,770,832 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe -- (BstHdUpdaterSvc)
SRV - [2014/04/13 23:49:18 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2014/04/13 23:48:56 | 000,402,192 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2014/04/11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/04/11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/03/14 18:01:23 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/03/12 19:28:00 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/03/11 23:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE -- (BBUpdate)
SRV - [2014/03/11 23:36:06 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE -- (BBSvc)
SRV - [2014/02/20 23:25:04 | 000,173,280 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2013/10/23 18:48:06 | 000,101,888 | ---- | M] (Freemake) [Auto | Running] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2013/08/07 04:42:30 | 004,308,320 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/07/25 19:58:40 | 000,298,152 | ---- | M] (SPEEDbit) [Auto | Running] -- C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/16 03:07:06 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/07/13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/16 12:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011/02/01 13:20:48 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/01 13:20:46 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011/01/12 18:00:42 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/11/25 05:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 05:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/08/25 20:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/04/19 12:29:29 | 000,061,120 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wStLibG64.sys -- (wStLibG64)
DRV:64bit: - [2014/03/04 03:37:06 | 000,041,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\SpeedBit\SBUpdate\sbw.sys -- (SBUpdd)
DRV:64bit: - [2013/09/27 10:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/05/03 01:18:52 | 000,025,584 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\My Dell\pcdsrvc_x64.pkms -- (PCDSRVC{D3412D80-CF3B4A27-06020200}_0)
DRV:64bit: - [2012/09/12 15:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/04/17 21:55:54 | 004,719,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/22 13:29:46 | 000,647,208 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,487,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/02/22 13:29:46 | 000,289,664 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,160,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/06/16 14:40:20 | 000,176,000 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/27 14:06:16 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/03/31 22:35:12 | 000,355,960 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011/03/25 21:17:48 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/12 17:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/29 19:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/10/19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/15 04:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2006/11/01 04:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2014/04/13 23:49:10 | 000,121,616 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.speedbit.com/?s=E4Pb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = http://g.msn.com/USCON/1
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Speedbit"
FF - prefs.js..browser.search.defaulturl: "http://go.speedbit.c...aspx?s=D7Qb&q="
FF - prefs.js..browser.search.order.1: "Speedbit Search"
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledAddons: %7B345422e3-72fa-447a-9550-97803edfacf3%7D:1.0.1
FF - prefs.js..extensions.enabledAddons: daplinkchecker%40speedbit.com:1.0.1.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - prefs.js..keyword.URL: "http://go.speedbit.c...={searchTerms}"

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\turnerboy01\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\turnerboy01\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\turnerboy01\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\turnerboy01\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\turnerboy01\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/06/25 16:52:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\DAP\daplinkchecker [2014/04/27 03:31:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/06/25 16:52:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Program Files (x86)\DAP\DAPFireFox [2014/04/27 03:31:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/07/31 23:20:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\turnerboy01\AppData\Roaming\Mozilla\Extensions
[2014/04/27 00:22:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\turnerboy01\AppData\Roaming\Mozilla\Firefox\Profiles\9b6vg25t.default-1398104825782\extensions
[2014/04/27 00:07:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\turnerboy01\AppData\Roaming\Mozilla\Firefox\Profiles\wzall3dw.default\extensions
[2014/04/27 00:22:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\turnerboy01\AppData\Roaming\Mozilla\Firefox\Profiles\zzpfo3pm.default-1398028751237\extensions
[2014/04/21 15:41:52 | 000,667,234 | ---- | M] () (No name found) -- C:\Users\turnerboy01\AppData\Roaming\Mozilla\Firefox\Profiles\9b6vg25t.default-1398104825782\extensions\[email protected]
[2014/04/20 16:41:17 | 000,172,824 | ---- | M] () (No name found) -- C:\Users\turnerboy01\AppData\Roaming\Mozilla\Firefox\Profiles\zzpfo3pm.default-1398028751237\extensions\[email protected]
[2014/03/14 18:00:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/03/14 18:00:44 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/04/27 03:31:15 | 000,000,000 | ---D | M] (DAP Link Checker) -- C:\PROGRAM FILES (X86)\DAP\DAPLINKCHECKER

========== Chrome ==========

CHR - default_search_provider: Speedbit Search (Enabled)
CHR - default_search_provider: search_url = http://go.speedbit.c...q={searchTerms}
CHR - default_search_provider: suggest_url = http://api.searchpre...={searchTerms},
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\turnerboy01\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: No name found = C:\Users\turnerboy01\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\turnerboy01\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\turnerboy01\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\turnerboy01\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0\
CHR - Extension: No name found = C:\Users\turnerboy01\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.2.15747.10003_0\
CHR - Extension: No name found = C:\Users\turnerboy01\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\turnerboy01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/04/27 00:52:54 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2:64bit: - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2:64bit: - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SpeedBit Link Verification Helper) - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files (x86)\DAP\LinkVerifier.dll (Speedbit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKCU..\Run: [DownloadAccelerator] C:\Program Files (x86)\DAP\DAP.EXE (Speedbit Ltd.)
O4 - HKCU..\Run: [SpeedBitVideoAccelerator] C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe (SPEEDbit)
O4 - HKCU..\RunOnce: [Uninstall C:\Users\turnerboy01\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64] C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\turnerboy01\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm ()
O8:64bit: - Extra context menu item: &Verify with DAP - C:\Program Files (x86)\DAP\dapverify.htm ()
O8:64bit: - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm ()
O8 - Extra context menu item: &Verify with DAP - C:\Program Files (x86)\DAP\dapverify.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm ()
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll (SPEEDbit)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creat...102/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...30321/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.183.0.76 65.183.0.86
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{508C166C-565F-4E3D-8A9C-44B84AF9BCF3}: DhcpNameServer = 65.183.0.76 65.183.0.86
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe ()
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/04/27 00:40:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2014/04/27 00:24:01 | 000,000,000 | ---D | C] -- C:\Avenger
[2014/04/26 23:54:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/04/26 23:54:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/04/26 23:26:56 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/04/26 01:24:08 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/04/24 11:49:53 | 000,000,000 | -HSD | C] -- C:\found.000
[2014/04/21 13:04:41 | 000,000,000 | ---D | C] -- C:\windows\Minidump
[2014/04/21 11:16:18 | 000,000,000 | ---D | C] -- C:\Users\turnerboy01\AppData\Roaming\vlc
[2014/04/20 17:57:23 | 000,000,000 | ---D | C] -- C:\Users\turnerboy01\Documents\My DAP Downloads
[2014/04/20 17:57:13 | 000,000,000 | ---D | C] -- C:\Users\turnerboy01\AppData\Roaming\SpeedBit
[2014/04/20 17:57:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Download Accelerator Plus (DAP)
[2014/04/20 17:56:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAP
[2014/04/20 16:19:16 | 000,000,000 | ---D | C] -- C:\Users\turnerboy01\Desktop\Old Firefox Data
[2014/04/19 18:46:26 | 000,000,000 | ---D | C] -- C:\windows\SysNative\catroot
[2014/04/19 17:55:40 | 000,000,000 | ---D | C] -- C:\Users\turnerboy01\AppData\Local\Installer
[2014/04/19 17:33:43 | 000,000,000 | ---D | C] -- C:\Users\turnerboy01\AppData\Local\CrashRpt
[2014/04/19 12:29:28 | 000,061,120 | ---- | C] (StdLib) -- C:\windows\SysNative\drivers\wStLibG64.sys
[2014/04/19 00:44:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
[2014/04/19 00:44:59 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacks
[2014/04/19 00:44:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BlueStacks
[2014/04/19 00:43:07 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacksSetup

========== Files - Modified Within 30 Days ==========

[2014/04/27 01:02:50 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/27 01:00:14 | 000,020,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/27 01:00:14 | 000,020,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/27 00:55:23 | 000,000,266 | ---- | M] () -- C:\windows\tasks\AutoKMS.job
[2014/04/27 00:55:19 | 000,001,350 | ---- | M] () -- C:\Users\turnerboy01\Desktop\Clean Registry for Free!.lnk
[2014/04/27 00:55:02 | 000,000,904 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/04/27 00:54:26 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/04/27 00:54:19 | 2343,780,352 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/27 00:52:54 | 000,000,098 | ---- | M] () -- C:\windows\SysNative\drivers\etc\Hosts
[2014/04/27 00:42:02 | 000,000,952 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-125378133-1179762245-3844155704-1000UA.job
[2014/04/27 00:42:01 | 000,000,930 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-125378133-1179762245-3844155704-1000Core.job
[2014/04/27 00:36:23 | 000,000,932 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-125378133-1179762245-3844155704-1000UA.job
[2014/04/27 00:32:50 | 158,915,024 | ---- | M] () -- C:\windows\MEMORY.DMP
[2014/04/26 23:53:42 | 000,000,233 | ---- | M] () -- C:\Users\turnerboy01\Documents\Malwarebytes storage folder- path.rtf
[2014/04/26 10:27:03 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/04/26 01:21:37 | 000,001,193 | ---- | M] () -- C:\Users\turnerboy01\Documents\Trojan.rtf
[2014/04/25 22:36:01 | 000,000,880 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-125378133-1179762245-3844155704-1000Core.job
[2014/04/25 09:57:51 | 001,843,824 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/04/25 09:57:51 | 000,533,258 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/04/25 09:57:51 | 000,005,792 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/04/25 07:49:06 | 000,002,298 | ---- | M] () -- C:\Users\turnerboy01\Documents\Important Bookmarks.rtf
[2014/04/24 18:40:27 | 000,034,500 | ---- | M] () -- C:\Users\turnerboy01\Documents\Malware off my computer.rtf
[2014/04/24 15:57:02 | 000,109,696 | ---- | M] () -- C:\windows\SysWow64\EasyHook64.dll
[2014/04/23 10:49:32 | 000,003,073 | ---- | M] () -- C:\Users\turnerboy01\Documents\Malware Removal Instructions.rtf
[2014/04/22 13:28:40 | 000,002,010 | ---- | M] () -- C:\Users\turnerboy01\Documents\Bio lab.rtf
[2014/04/22 13:21:57 | 000,001,532 | ---- | M] () -- C:\Users\turnerboy01\Desktop\addons.mozilla.org.cer
[2014/04/22 13:18:53 | 000,002,164 | ---- | M] () -- C:\Users\turnerboy01\Documents\addons.mozilla.org.crt
[2014/04/22 13:13:16 | 000,001,532 | ---- | M] () -- C:\Users\turnerboy01\Desktop\trusted publishers.cer
[2014/04/21 16:06:45 | 000,000,448 | ---- | M] () -- C:\Users\turnerboy01\Documents\Documentikl.rtf
[2014/04/19 20:03:51 | 000,004,267 | ---- | M] () -- C:\Users\turnerboy01\Documents\bookmarks.rtf
[2014/04/19 20:02:22 | 000,275,673 | ---- | M] () -- C:\Users\turnerboy01\Documents\bookmarks_4_19_14.html
[2014/04/19 18:41:25 | 000,000,302 | ---- | M] () -- C:\Users\turnerboy01\Documents\kknklnkll.rtf
[2014/04/19 12:29:29 | 000,061,120 | ---- | M] (StdLib) -- C:\windows\SysNative\drivers\wStLibG64.sys
[2014/04/14 06:58:10 | 000,000,243 | ---- | M] () -- C:\Users\turnerboy01\Documents\hh.rtf
[2014/04/10 19:18:21 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/04/09 18:00:42 | 000,000,296 | ---- | M] () -- C:\windows\tasks\RegClean Pro_UPDATES.job

========== Files Created - No Company Name ==========

[2014/04/27 00:55:22 | 000,000,266 | ---- | C] () -- C:\windows\tasks\AutoKMS.job
[2014/04/27 00:55:19 | 000,001,350 | ---- | C] () -- C:\Users\turnerboy01\Desktop\Clean Registry for Free!.lnk
[2014/04/26 23:53:42 | 000,000,233 | ---- | C] () -- C:\Users\turnerboy01\Documents\Malwarebytes storage folder- path.rtf
[2014/04/25 08:25:53 | 000,001,193 | ---- | C] () -- C:\Users\turnerboy01\Documents\Trojan.rtf
[2014/04/25 07:49:05 | 000,002,298 | ---- | C] () -- C:\Users\turnerboy01\Documents\Important Bookmarks.rtf
[2014/04/24 15:58:02 | 000,109,696 | ---- | C] () -- C:\windows\SysWow64\EasyHook64.dll
[2014/04/24 15:40:11 | 158,915,024 | ---- | C] () -- C:\windows\MEMORY.DMP
[2014/04/23 10:49:31 | 000,003,073 | ---- | C] () -- C:\Users\turnerboy01\Documents\Malware Removal Instructions.rtf
[2014/04/22 20:16:13 | 000,034,500 | ---- | C] () -- C:\Users\turnerboy01\Documents\Malware off my computer.rtf
[2014/04/22 13:28:39 | 000,002,010 | ---- | C] () -- C:\Users\turnerboy01\Documents\Bio lab.rtf
[2014/04/22 13:21:49 | 000,001,532 | ---- | C] () -- C:\Users\turnerboy01\Desktop\addons.mozilla.org.cer
[2014/04/22 13:18:53 | 000,002,164 | ---- | C] () -- C:\Users\turnerboy01\Documents\addons.mozilla.org.crt
[2014/04/22 13:13:09 | 000,001,532 | ---- | C] () -- C:\Users\turnerboy01\Desktop\trusted publishers.cer
[2014/04/21 16:06:44 | 000,000,448 | ---- | C] () -- C:\Users\turnerboy01\Documents\Documentikl.rtf
[2014/04/19 20:03:51 | 000,004,267 | ---- | C] () -- C:\Users\turnerboy01\Documents\bookmarks.rtf
[2014/04/19 20:02:22 | 000,275,673 | ---- | C] () -- C:\Users\turnerboy01\Documents\bookmarks_4_19_14.html
[2014/04/19 18:41:25 | 000,000,302 | ---- | C] () -- C:\Users\turnerboy01\Documents\kknklnkll.rtf
[2014/04/14 06:58:10 | 000,000,243 | ---- | C] () -- C:\Users\turnerboy01\Documents\hh.rtf
[2013/06/09 02:04:10 | 000,091,264 | ---- | C] () -- C:\windows\SysWow64\EasyHook32.dll
[2013/05/05 21:05:58 | 000,039,424 | ---- | C] () -- C:\windows\SysWow64\rpiAccessProcess.dll
[2013/02/24 11:29:29 | 000,000,697 | ---- | C] () -- C:\Users\turnerboy01\AppData\Roaming\com.zoosk.Desktop_state.xml
[2012/08/19 14:25:58 | 000,058,880 | ---- | C] () -- C:\Users\turnerboy01\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:56E2E879

< End of report >

Extras.txt

OTL Extras logfile created on: 4/27/2014 1:02:20 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\turnerboy01\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.91 Gb Total Physical Memory | 1.35 Gb Available Physical Memory | 46.50% Memory free
5.82 Gb Paging File | 3.61 Gb Available in Paging File | 62.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 278.46 Gb Total Space | 220.40 Gb Free Space | 79.15% Space Free | Partition Type: NTFS

Computer Name: TURNERBOY01-PC | User Name: turnerboy01 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{11C25968-921D-47E0-8913-66EF7DE8E021}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{14BDDBA5-F3C7-4F30-8145-1AA0EC52AAEB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{183AB822-5FA0-4229-AE6D-5E3D85864E8C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{21E01ADB-CCA3-487B-B558-E71DB7CA04AB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2D402670-1777-4390-B00C-B7681EB49771}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2FC01C30-8288-4CEF-BE3A-BD3A2E912F78}" = rport=10243 | protocol=6 | dir=out | app=system |
"{67544D92-9ED0-4B0C-BB3C-C9C83BE34C2F}" = lport=9701 | protocol=6 | dir=in | name=syncup_tcp_9701 |
"{6DC9CAB7-EF29-4394-8257-46C96051DA3C}" = lport=9700 | protocol=6 | dir=in | name=syncup_tcp_9700 |
"{78C90DE9-D969-4270-BFF7-1B75E25B866C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{876307D3-811B-4543-A7D0-293201E385E2}" = lport=9700 | protocol=17 | dir=in | name=syncup_udp_9700 |
"{8C0627BE-1A98-45B0-9D46-C28D9A9D05AA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8CFC01A2-7957-4C37-A958-AC3BAE892215}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AAA95497-A4C3-4494-A149-54F761D3C385}" = lport=9702 | protocol=6 | dir=in | name=syncup_tcp_9702 |
"{AEA3F0B7-025B-4218-81F0-E3F781DC876A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C2EB4420-2C4D-4C7D-AE0C-4A71A1E7B83F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F3D649CD-7F99-47D6-B119-F2399578BE7C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03B66D84-A37D-4855-98C6-59BC453558D9}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{070394B0-AC40-4AA2-AA1C-172AE16BEFA4}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe |
"{07B4F6A5-BFA4-4F99-B63B-03BF30A07226}" = dir=in | app=c:\program files\dell stage\musicstage\musicstageengine.exe |
"{07FD969A-9908-4EF6-957F-6C6E3CDF7CB7}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{0A77D17C-F05F-49CA-9882-F75DD5EDEC90}" = dir=in | name=youtubefast |
"{0FF63CC6-E296-4E02-8A1E-751B67A645F4}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe |
"{1243BDBB-6EFB-4B63-8CAB-F73863D29E83}" = dir=in | name=youtubefast |
"{1E76F4ED-1177-4C6C-8581-AD6BCD8C5FCD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1FFE8BE2-E17F-47C4-9073-550BDF48BD18}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{218E2261-4C9C-4683-A235-93F5041B3CAD}" = dir=in | app=c:\users\turnerboy01\appdata\local\microsoft\skydrive\skydrive.exe |
"{2578627B-B4B1-4254-8650-91C7C5FD9D13}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{2BC9A3E9-4BB5-4320-B241-BBC4CE3668E2}" = dir=in | name=youtubefast |
"{2DDAC6ED-B80E-465D-9F81-D9F1EB89D74D}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{30B1E555-A7CB-4AEA-9C5B-949CB47C24B1}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\nero\bdcore\nero blu-ray player\blu-rayplayer.exe |
"{3338BFB2-5565-4EC1-BD2F-13D13B70367D}" = dir=in | name=youtubefast |
"{3396F705-B3CF-4EB2-8355-4430A392A9AA}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{35D41F78-1D46-4769-B7FD-C1F6C29F0F1E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{39E7E41E-4F1B-410A-9E73-148E866C2759}" = dir=in | name=youtubefast |
"{44E14838-841C-4B2F-B96E-C80BC320008B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{4877E45C-1090-498D-BB61-078FD9BBB29D}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\nero\bdcore\nero blu-ray player\blu-rayplayer.exe |
"{49E3C385-6525-4CD6-A0CA-C73DD9AA0F8B}" = dir=in | app=c:\program files\dell stage\dell stage\stage_primary.exe |
"{4AC272EE-B993-4008-BD87-24D360AB25C9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4CF0C1F1-088D-4133-AD21-441C2F34526A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4CF8A34B-9416-4DB1-B95E-E4BC710C5D7E}" = dir=in | app=c:\program files\dell stage\dell stage\accuweather\accuweather.exe |
"{4E8573BC-BBC3-4A54-AE75-AAE1C69B36F4}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe |
"{4F2558FA-5B74-4493-82B7-D4AE7FDD821A}" = dir=in | name=youtubefast |
"{51AB7E90-4B79-49DC-921F-7284B4851274}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{53027099-45A0-4723-A64D-F90E89866D84}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe |
"{582CBA9E-B305-4EF1-BD59-1BD0CE177AC8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5A44B4BF-11C7-44B6-ADF1-FDE987323D5A}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe |
"{5AC11D3D-1CE9-4B3C-ACC7-3B0DC63BEA59}" = protocol=17 | dir=in | app=c:\users\turnerboy01\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{6239986C-E231-4AE4-80C3-58EF152E64F2}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{6428B30B-A8A4-4B25-8BC1-81EF3EB5C13D}" = protocol=6 | dir=out | app=system |
"{6845C143-5E44-4D5B-8DD4-DA28ED996378}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe |
"{6886D989-F859-4462-8765-77B82CF776FF}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{6ADEB7E3-B54B-4E18-992E-83997CAB5A00}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{6CC8C810-9ACE-4CBA-9C1F-55D36945511A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6E1ADF10-1F57-4069-9EEE-A4373F983487}" = dir=in | name=youtubefast |
"{6F95399A-1282-4E21-B47F-2F146D8A770C}" = protocol=6 | dir=in | app=c:\users\turnerboy01\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{7043E046-F1D8-45D5-80BC-0B737B4C4578}" = protocol=6 | dir=out | app=c:\users\turnerboy01\appdata\local\beamrise\application\29.3.0.7376\windows-x86-skypekit.exe |
"{7B30A64C-6CE4-48EA-A6DA-0ABCA142F030}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe |
"{7DA68D55-DA7C-4B99-9972-B9B603B2744C}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe |
"{7E32E871-A123-4B03-ADC5-78452486FD91}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7E90E431-8E86-416F-B685-3022A4A58304}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8373BB3A-02B6-4033-85FE-1C81A59908ED}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8B7BF357-A50E-486B-AE38-F10341F1DC0E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{8C899B4C-48D3-4EA6-B835-A7B8F956DC1D}" = protocol=6 | dir=in | app=c:\users\turnerboy01\appdata\local\beamrise\application\29.3.0.7376\windows-x86-skypekit.exe |
"{8F33780B-3E41-4A26-A96E-DC9062E664E0}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{91E9DD07-03E3-4F00-96AE-620DE071E8B7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{9387E018-7029-400D-9C70-22EC788F6FAD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{93B0D313-A7CC-4E93-BC53-6369D3CA5703}" = dir=in | name=youtubefast |
"{98041419-48BE-478C-87FA-88BB306BC17E}" = dir=in | app=c:\users\turnerboy01\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{9C9EA22F-A8F1-4C59-8861-8D99F0A2DE57}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9CDD9CEA-AF07-4D38-B649-05E0F6C22E04}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe |
"{9F2376F6-653C-4753-AC06-D0CF99E212B9}" = protocol=6 | dir=in | app=c:\users\turnerboy01\appdata\local\beamrise\application\29.3.0.7376\services\windows-x86-skypekit.exe |
"{A1947601-95DD-4146-90F3-8DBF789D6940}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A28346BD-E514-488D-B0CD-04EED7CC30F4}" = dir=in | name=youtubefast |
"{A7672BBF-77AC-49A4-AB7F-025FA0B1D829}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{A8C3268A-10DD-47FF-B4F0-38B96C37343D}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe |
"{AC431DF9-C4CA-44F7-B713-85066B26CAD6}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe |
"{B51D046F-1C3B-4E85-A6F9-6E1ABD927F6D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B6C118A7-C59C-457C-B9FA-85700A55BC5C}" = dir=in | name=youtubefast |
"{CC07EDEF-3A5C-49CA-8404-2FC792FA282D}" = protocol=6 | dir=out | app=c:\users\turnerboy01\appdata\local\beamrise\application\29.3.0.7376\services\windows-x86-skypekit.exe |
"{E624EF26-C375-4869-A02B-2A697D04C0E2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E8AB8820-04CA-4FFC-B802-1592082854F7}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{EA6F70A7-8C02-4A58-B07F-4BD6325EDAE6}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{F461D97A-5C05-4C22-A826-5A949E477087}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FB2C0991-BFBB-4949-ADE7-E3A38AAEB0D0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{C0DA129B-1E45-494D-A362-5CD0109C306B}" = WOT for Internet Explorer
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"{E102B843-786A-4F58-AF75-6504570E207B}" = Microsoft Security Client
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"DW WLAN Card" = DW WLAN Card
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"PC-Doctor for Windows" = My Dell
"SecretSauce" = SecretSauce

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{0ECFCB07-9BFE-4970-ACA1-D568D982760B}" = Complete Care Business Service Agreement
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0FD155A3-DF78-43ee-84B0-3CC86BA962F2}_is1" = Sothink Video Converter
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A0F2CC5-3065-492C-8380-B03AA7106B1A}" = Dell Product Registration
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3365E735-48A6-4194-9988-CE59AC5AE503}" = Bing Bar
"{3BD7DD08-991B-4A2F-A165-614ED14EAADD}" = Dell MusicStage
"{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}" = RealDownloader
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{400182B4-CA55-46A9-9D88-F8413DCFB36D}" = Blio
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{40F06490-8C14-43AA-99D3-EEEFDBAC3CFC}" = SyncUP
"{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}" = Banctec Service Agreement
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{689FD579-0642-4D3E-AB61-F63B79C5075A}" = BlueStacks Notification Center
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B0C5EF6-DE4C-4E20-8889-C17604FFE5CD}" = Windows Live Family Safety
"{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}" = Bing Desktop
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{7FB00B6B-6843-97EC-EED6-78BD6D35370A}" = Zinio Reader 4
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{903679E8-44C8-4C07-9600-05C92654FC50}" = QualxServ Service Agreement
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}" = OpenOffice.org 3.4.1
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}" = Dell Home Systems Service Agreement
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.7) MUI
"{AF4D3C63-009B-4A17-B02E-D395065DD3F0}" = Dell Stage Remote
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail
"{BB285C9F-C821-4770-8970-56C4AB52C87E}" = Skype Click to Call
"{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
"{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}" = Premium Service Agreement
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
"{D92C9CCE-E5F0-4125-977A-0590F3225B74}" = SyncUP
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E121A4FE-009B-385B-BB0D-B934E2A88288}" = Google Talk Plugin
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}" = Accidental Damage Services Agreement
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
"{FE182796-F6BA-486A-8590-89B7E8D1D60F}" = Dell Stage
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"AviSynth" = AviSynth 2.5
"Creative Element Power Tools" = Creative Element Power Tools
"Dell Webcam Central" = Dell Webcam Central
"Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP)
"Freemake Video Converter_is1" = Freemake Video Converter version 4.1.0
"Google Chrome" = Google Chrome
"HaaliMkx" = Haali Media Splitter
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"mixidj" = MixiDJ Toolbar
"MixiDJ chrome Toolbar" = MixiDJ chrome Toolbar
"Mozilla Firefox 28.0 (x86 en-US)" = Mozilla Firefox 28.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee SecurityCenter
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"RealPlayer 16.0" = RealPlayer
"RegClean Pro_is1" = RegClean Pro
"SpeedBit Video Accelerator" = SpeedBit Video Accelerator
"SqueakyChocolate, LLC UpdateChecker" = UpdateChecker
"TeamViewer 8" = TeamViewer 8
"VLC media player" = VLC media player 1.0.1
"WinLiveSuite" = Windows Live Essentials
"ZinioReader4" = Zinio Reader 4

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Pokki" = Pokki
"Pokki_83453a3d886e527a470b5bb8291dd338de4b1e44" = Pixsta
"PokkiDownloadHelper" = Pokki Download Helper
"SkyDriveSetup.exe" = Microsoft SkyDrive

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 4/27/2014 12:41:55 AM | Computer Name = turnerboy01-PC | Source = BstHdAndroidSvc | ID = 0
Description = Service cannot be started. System.SystemException: Cannot create VM
---> System.ComponentModel.Win32Exception: The operation completed successfully

   --- End of inner exception stack trace ---     at BlueStacks.hyperDroid.Service.Service.OnStart(String[]
args)     at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error - 4/27/2014 12:42:24 AM | Computer Name = turnerboy01-PC | Source = WinMgmt | ID = 10
Description =

Error - 4/27/2014 1:33:33 AM | Computer Name = turnerboy01-PC | Source = BstHdAndroidSvc | ID = 0
Description = Service cannot be started. System.SystemException: Cannot create VM
---> System.ComponentModel.Win32Exception: The operation completed successfully

   --- End of inner exception stack trace ---     at BlueStacks.hyperDroid.Service.Service.OnStart(String[]
args)     at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error - 4/27/2014 1:34:23 AM | Computer Name = turnerboy01-PC | Source = Application Error | ID = 1000
Error - 4/27/2014 1:34:44 AM | Computer Name = turnerboy01-PC | Source = WinMgmt
| ID = 10

Description =
Error - 4/27/2014 1:38:46 AM | Computer Name = turnerboy01-PC | Source = Application
Hang | ID = 1002

Description = The program firefox.exe version 28.0.0.5178 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1e68

Start Time: 01cf61daae098f5b

Termination Time: 45

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 1ddfb5f6-cdce-11e3-91ca-24b6fd3d05aa

Error - 4/27/2014 1:49:41 AM | Computer Name = turnerboy01-PC | Source = Application
Error | ID = 1000

Description = Faulting application name: McSvHost.exe, version: 2.0.230.0, time stamp: 0x4d41ff46
Faulting module name: mcmscsub.dll, version: 11.0.669.0, time stamp: 0x4f6a7b49
Exception code: 0xc0000417
Fault offset: 0x000000000005d8c0
Faulting process id: 0x93c
Faulting application start time: 0x01cf61da3b2bb715
Faulting application path: C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
Faulting module path: c:\PROGRA~1\mcafee\msc\mcmscsub.dll
Report Id: b94cb232-cdcf-11e3-91ca-24b6fd3d05aa
Error - 4/27/2014 1:54:54 AM | Computer Name = turnerboy01-PC | Source = BstHdAndroidSvc
| ID = 0

Description = Service cannot be started. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: The operation completed successfully
   --- End of inner exception stack trace ---
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error - 4/27/2014 1:56:14 AM | Computer Name = turnerboy01-PC | Source = WinMgmt
| ID = 10

Description =

Error encountered while reading event logs.

< End of report >

#25
JohnnyTurn

Posted 27 April 2014 - 09:55 AM

Member

Topic Starter
Member
35 posts

Hello,

It is going to take a while to get the MBAM.log because when the malwarebytes program rebooted my computer, the operating system could not start or load. So i had to restore the system to an earlier point in time, when I had not downloaded the OTL.exe, Junkware Removal Tool and the others. I am downloading them and doing them over.

Thank you,

JohnnyTurn

#26
zep516

Posted 27 April 2014 - 10:02 AM

Trusted Helper

Malware Removal
8,093 posts

Take your time, that's the wrong OTL Log too it keeps showing run 1. Focus on what you're doing now and we will be ok. Any questions ask

Thanks
Joe

#27
JohnnyTurn

Posted 27 April 2014 - 10:15 AM

Member

Topic Starter
Member
35 posts

I have another question. When the Malwarebytes program shows me the list of detected items, there is no "Remove selected" button and the program doesn't remove them from my computer, it just quarantines them. Doesn't that still mean they are on my computer? And which OTL.log are you talking about?

Thank you

JohnnyTurn

#28
JohnnyTurn

Posted 27 April 2014 - 10:21 AM

Member

Topic Starter
Member
35 posts

What does the option "Add exclusion" mean in the Malwarebytes program. I am going to go ahead and select quarantine for all the detected items (51 of them). How do I get the MBAM log?

#29
JohnnyTurn

Posted 27 April 2014 - 10:32 AM

Member

Topic Starter
Member
35 posts

Hello,

This is the MBAM log.

Thank you,

JohnnyTurn

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4/27/2014
Scan Time: 11:22:46 AM
Logfile: Detected items by Malwarebytes.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.27.04
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: turnerboy01

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 271797
Time Elapsed: 19 min, 39 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 55
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{14B1B6D0-D25F-4418-94E3-EC2B5AEE9756}, , [113f55da512a61d5cc0ea7a926dcf10f],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{14B1B6D0-D25F-4418-94E3-EC2B5AEE9756}, , [113f55da512a61d5cc0ea7a926dcf10f],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{14B1B6D0-D25F-4418-94E3-EC2B5AEE9756}, , [113f55da512a61d5cc0ea7a926dcf10f],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{14B1B6D0-D25F-4418-94E3-EC2B5AEE9756}, , [113f55da512a61d5cc0ea7a926dcf10f],
PUP.Optional.MixiDJToolbar.A, HKLM\SOFTWARE\CLASSES\APPID\{A2773ED4-83BD-488A-A186-73590706C916}, , [321e012ef586e650a42fda765ba77f81],
PUP.Optional.MixiDJToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{A2773ED4-83BD-488A-A186-73590706C916}, , [321e012ef586e650a42fda765ba77f81],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [b19fdc53c8b342f4516861efbe44e818],
PUP.Optional.MixiDJToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{2C141B4C-B5BA-4E89-BE73-F71ED4A208CF}, , [bd93f33cc8b31a1cbe14420ee220f50b],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{7D0EE142-0642-4FDD-AF73-7399C04E1041}, , [e46c7db26318171f07cf163afe04837d],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\esrv.mixidjESrvc.1, , [e46c7db26318171f07cf163afe04837d],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\esrv.mixidjESrvc, , [e46c7db26318171f07cf163afe04837d],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.mixidjESrvc, , [e46c7db26318171f07cf163afe04837d],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.mixidjESrvc.1, , [e46c7db26318171f07cf163afe04837d],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C3F978C3-0594-4397-B8E6-3F9D9BE6A7B9}, , [9bb5c8677dfec571479064ec48ba4fb1],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F9221CC8-22DF-4CEF-B8ED-BA87F1F09878}, , [1c3483ac5e1d0d29f8e1de728c7606fa],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\m, , [1c3483ac5e1d0d29f8e1de728c7606fa],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\m, , [1c3483ac5e1d0d29f8e1de728c7606fa],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{8BA772A8-AC4F-4954-9B5E-433CA6DC506F}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{108F5878-71F9-4B5C-9EC0-58CEC29E8124}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{27588682-6FCC-4061-B2BB-7176E03359B8}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{2EEFF6A3-9828-48F2-A7BF-1A5365D7DA32}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{38F830AF-C844-48BD-86CF-75AB9A5C3FC2}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4CA33941-B476-46A4-94EB-3DBA21B2D76D}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{57C854B7-3DE0-406B-83F1-D218481BD1FA}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{6390CA4B-8D70-47EA-90F5-21E2FEADD997}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{794DC34A-1D5E-4205-80BE-FC9D8E19E7F8}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{7E23FCAB-83EE-4012-B6A0-1EC68554956F}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{888C8994-107B-4CFB-9E42-7AA96230C1E0}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{9FD6DE57-31C7-4EB4-87AF-495DEEA4ECBD}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{DBEFF714-9A11-45DC-80FC-B86EAE86641A}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{DEFC8918-B440-4CEB-8BFD-140AE24DCABB}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{108F5878-71F9-4B5C-9EC0-58CEC29E8124}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{27588682-6FCC-4061-B2BB-7176E03359B8}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{2EEFF6A3-9828-48F2-A7BF-1A5365D7DA32}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{38F830AF-C844-48BD-86CF-75AB9A5C3FC2}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4CA33941-B476-46A4-94EB-3DBA21B2D76D}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{57C854B7-3DE0-406B-83F1-D218481BD1FA}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6390CA4B-8D70-47EA-90F5-21E2FEADD997}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{794DC34A-1D5E-4205-80BE-FC9D8E19E7F8}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7E23FCAB-83EE-4012-B6A0-1EC68554956F}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{888C8994-107B-4CFB-9E42-7AA96230C1E0}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9FD6DE57-31C7-4EB4-87AF-495DEEA4ECBD}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{DBEFF714-9A11-45DC-80FC-B86EAE86641A}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{DEFC8918-B440-4CEB-8BFD-140AE24DCABB}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{8BA772A8-AC4F-4954-9B5E-433CA6DC506F}, , [3917121d6318a195f2e9e36d52b07f81],
PUP.Optional.MixiDJToolbar.A, HKU\S-1-5-21-125378133-1179762245-3844155704-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}, , [3c14d05f6a112f07d5ff232d4eb49070],
PUP.Optional.MixiDJToolbar.A, HKU\S-1-5-21-125378133-1179762245-3844155704-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}, , [3c14d05f6a112f07d5ff232d4eb49070],
PUP.Optional.MixiDJToolbar.A, HKU\S-1-5-21-125378133-1179762245-3844155704-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}, , [75db26090e6d14226570232de71b956b],
PUP.Optional.MixiDJToolbar.A, HKU\S-1-5-21-125378133-1179762245-3844155704-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}, , [75db26090e6d14226570232de71b956b],
PUP.Optional.SecretSauce.A, HKU\S-1-5-21-125378133-1179762245-3844155704-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{0FFD0EF2-DBE9-483A-80C4-D2C331DA1CE4}, , [3917af806b1077bf112d79a4d32f9a66],
PUP.Optional.MixiDJ.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A105B30B-D103-4781-B18C-E8DF93B6EBD0}, , [e36d86a93348cf6770a081d0bb47cc34],
PUP.Optional.Babylon.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\boipimhfjpakfgckhbljjengakjhkcbp, , [38180a256b100a2c4ce02f6e09fac33d],
PUP.Optional.MixiDJToolbar.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\kpepfkjapeclaafmhoelccknpfedainn, , [480882ad91ea77bf46ea643915eede22],
PUP.Optional.OnlineHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\OnlineHD V6.0, , [57f9cc6391ea12241b536a17c1411ce4],
PUP.Optional.SqueakyChocolate.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SqueakyChocolate, LLC UpdateChecker, , [20302d02e794fc3aa28b74f0ad5505fb],

Registry Values: 2
PUP.BProtector, HKU\S-1-5-21-125378133-1179762245-3844155704-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|bProtector Start Page, , [0d438ca30c6fbc7a6cba1389ab58649c],
PUP.BProtector, HKU\S-1-5-21-125378133-1179762245-3844155704-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|bProtectorDefaultScope, {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, , [e56bad8204774cea32f5801c8f74e917]

Registry Data: 0
(No malicious items detected)

Folders: 1
PUP.Optional.SqueakyChocolate.A, C:\Program Files (x86)\SqueakyChocolate\UpdateChecker, , [20302d02e794fc3aa28b74f0ad5505fb],

Files: 6
PUP.Optional.NextLive.A, C:\Users\turnerboy01\AppData\Local\genienext\nengine.dll, , [fe52b8777dfe96a0485838183fc2f50b],
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, , [3818c966d7a49c9acc10bbc4b74b32ce],
PUP.Optional.SqueakyChocolate.A, C:\Program Files (x86)\SqueakyChocolate\UpdateChecker\System.Net.Json.dll, , [20302d02e794fc3aa28b74f0ad5505fb],
PUP.Optional.SqueakyChocolate.A, C:\Program Files (x86)\SqueakyChocolate\UpdateChecker\uninstall.exe, , [20302d02e794fc3aa28b74f0ad5505fb],
PUP.Optional.SqueakyChocolate.A, C:\Program Files (x86)\SqueakyChocolate\UpdateChecker\UpdateNotifier.exe, , [20302d02e794fc3aa28b74f0ad5505fb],
PUP.Optional.SqueakyChocolate.A, C:\Program Files (x86)\SqueakyChocolate\UpdateChecker\UpdaterLibrary.dll, , [20302d02e794fc3aa28b74f0ad5505fb],

Physical Sectors: 0
(No malicious items detected)

(end)

#30
zep516

Posted 27 April 2014 - 10:35 AM

Trusted Helper

Malware Removal
8,093 posts

When the Malwarebytes program shows me the list of detected items, there is no "Remove selected" button and the program doesn't remove them from my computer, it just quarantines them

• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

And which OTL.log are you talking about

A New OTL Log. So you need to scan with OTL AGAIN, so to do that:

Right click on the OTL Icon on the desktop, in the box that opens choose "Run as administrator" when OTL opens click on run scan, OTL will scan your computer again and only 1 log will be produced and it will pop up in front of you.