Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

laptop running slow [Solved]

slow win7 internet slow toshiba satelite

  • This topic is locked This topic is locked

#1
shaz

shaz

    Member

  • Member
  • PipPipPip
  • 145 posts

I have a toshiba satelite, running win 7,,,,,last few days it has been running very slow especially when i am using the internet. I have run for virus scans and malware and not found anything. I thought that maybe it was my modem as I had just bought a new wireless modem, but I went through all the setting with the manufacturer making sure the modem is set up right...I did the same with my isp, making sure everything configured correctly...both manufacturer and isp assures me the modem and isp settings are all correct...so then that leaves me with my laptop causing my internet connection to run slow. Im not sure what else to do or how to make my laptop run fast again...I would appreciate it if you guys could give me some guidance here, below is my otl logfile

 

Kind regards

 

Sharon

 

 

OTL logfile created on: 5/5/2014 7:46:05 PM - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\sharon\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
 
1.87 Gb Total Physical Memory | 0.54 Gb Available Physical Memory | 28.93% Memory free
3.73 Gb Paging File | 1.57 Gb Available in Paging File | 42.03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.55 Gb Total Space | 161.35 Gb Free Space | 56.31% Space Free | Partition Type: NTFS
 
Computer Name: LASTXP22 | User Name: sharon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/05/05 19:45:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\sharon\Downloads\OTL.exe
PRC - [2014/04/25 11:21:30 | 000,133,184 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2014/04/24 12:36:28 | 000,742,432 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\saUI.exe
PRC - [2014/04/24 12:11:52 | 000,386,064 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McChHost.exe
PRC - [2014/04/24 10:33:15 | 000,841,032 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014/03/03 09:53:02 | 001,363,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2014/03/03 09:52:32 | 001,748,608 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2013/08/30 17:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/08/30 17:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/08/15 19:31:43 | 001,643,184 | ---- | M] (AVG Secure Search) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
PRC - [2013/08/02 10:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012/11/23 12:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/07/28 06:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/06/13 03:48:50 | 002,321,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgfws.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/05/27 15:57:30 | 000,562,592 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
PRC - [2011/05/27 15:57:28 | 002,015,136 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
PRC - [2011/05/27 15:57:26 | 007,025,568 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
PRC - [2011/02/25 15:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/02/11 13:45:54 | 001,295,736 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
PRC - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
PRC - [2010/11/20 22:17:00 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
PRC - [2010/03/04 07:14:52 | 000,742,712 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2010/03/04 05:17:48 | 000,030,040 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
PRC - [2010/02/23 06:23:50 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2010/01/29 09:44:24 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
PRC - [2010/01/21 01:34:10 | 000,944,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\GROOVEMN.EXE
PRC - [2010/01/16 09:54:08 | 000,717,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
PRC - [2009/12/10 09:21:56 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/12/10 09:21:52 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/11/06 15:04:20 | 000,468,320 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2009/07/29 13:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009/07/29 08:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2009/07/29 07:00:10 | 000,460,088 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2009/03/11 11:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2009/02/21 02:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/04/24 10:33:13 | 000,390,472 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppgooglenaclpluginchrome.dll
MOD - [2014/04/24 10:33:12 | 013,692,232 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll
MOD - [2014/04/24 10:33:10 | 004,081,480 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll
MOD - [2014/04/24 10:33:05 | 000,674,632 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
MOD - [2014/04/24 10:33:04 | 000,093,000 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.131\libegl.dll
MOD - [2014/04/24 10:33:03 | 001,647,432 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
MOD - [2014/04/24 10:33:01 | 000,065,352 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
MOD - [2013/10/11 08:13:33 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/10/11 08:13:02 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/08/15 03:28:20 | 000,212,992 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c664f44617c6a89edcc171fa8596c89d\System.ServiceProcess.ni.dll
MOD - [2013/08/15 03:27:30 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/15 03:27:11 | 005,464,064 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/15 03:26:59 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/07/12 03:29:07 | 011,499,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2011/05/27 15:57:32 | 000,022,944 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinServicePS.dll
MOD - [2011/05/27 15:08:56 | 000,660,480 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
MOD - [2010/10/03 19:40:26 | 008,007,680 | ---- | M] () -- C:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2010/08/22 21:01:36 | 007,187,456 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtGui4.dll
MOD - [2010/08/22 21:01:08 | 000,325,632 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtXml4.dll
MOD - [2010/08/22 21:01:06 | 001,954,304 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtCore4.dll
MOD - [2010/08/22 21:01:06 | 000,847,360 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtNetwork4.dll
MOD - [2010/08/22 20:32:34 | 000,119,808 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
MOD - [2010/03/04 07:14:58 | 000,016,184 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
MOD - [2010/03/04 07:14:56 | 000,016,184 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
MOD - [2010/03/04 07:14:32 | 008,783,160 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
MOD - [2010/01/21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/11/04 06:26:26 | 000,058,680 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
MOD - [2009/07/26 04:07:12 | 000,058,704 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
MOD - [2009/06/23 08:38:40 | 000,015,160 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
MOD - [2009/03/13 12:08:04 | 000,049,152 | ---- | M] () -- C:\Program Files\TOSHIBA\PCDiag\NotifyPCD.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2014/04/29 06:59:58 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/04/25 11:21:30 | 000,133,184 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2014/03/03 09:53:02 | 001,363,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2014/03/03 09:52:32 | 001,748,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2013/12/19 01:50:15 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/08/30 17:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/08/15 19:31:43 | 001,643,184 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe -- (vToolbarUpdater15.5.0)
SRV - [2013/05/27 14:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/02/06 01:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/11/02 03:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/09/22 02:09:05 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/28 06:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/06/13 03:48:50 | 002,321,560 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgfws.exe -- (avgfws)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/05/27 15:57:30 | 000,562,592 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
SRV - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2011/01/30 21:19:11 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/10/13 03:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/08/26 17:48:00 | 000,285,152 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe -- (WSWNA3100)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/02/06 10:41:00 | 000,111,960 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2010/01/29 09:44:24 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe -- (cfWiMAXService)
SRV - [2010/01/21 17:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009/12/10 09:21:56 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/12/10 09:21:52 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/11/06 15:04:20 | 000,468,320 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2009/07/29 08:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2009/07/14 11:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/03/11 11:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2009/02/21 02:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\massfilter.sys -- (massfilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbnet.sys -- (ewusbnet)
DRV - [2013/08/30 17:48:13 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/08/30 17:48:13 | 000,177,864 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/08/30 17:48:13 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/08/30 17:48:12 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/08/30 17:48:12 | 000,061,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013/08/30 17:48:12 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/08/30 17:48:11 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/08/30 17:48:11 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013/08/15 19:31:44 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/05/09 18:59:09 | 000,021,576 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2013/04/11 03:18:40 | 000,302,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/12/10 03:28:36 | 000,142,176 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/11/08 03:49:26 | 000,250,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/08/02 17:38:44 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2011/05/25 09:40:10 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2011/05/23 01:03:28 | 000,047,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgfwd6x.sys -- (Avgfwfd)
DRV - [2011/05/13 03:21:06 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/05/13 03:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011/05/13 03:21:06 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2011/05/13 03:21:06 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2011/05/13 03:21:04 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011/02/03 16:31:42 | 000,104,376 | ---- | M] (e2eSoft) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VCam_WDM.sys -- (VCam_WDM)
DRV - [2010/11/20 20:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 19:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/07/29 00:25:02 | 000,025,112 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ivusb.sys -- (ivusb)
DRV - [2010/07/28 03:37:24 | 000,103,552 | ---- | M] (TCT International Mobile Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\qcusbser.sys -- (qcusbser)
DRV - [2010/06/22 10:07:20 | 000,078,720 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swiwdmbus.sys -- (swiwdmbus)
DRV - [2010/06/22 09:47:14 | 000,156,544 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swumxa3.sys -- (SWUMXA3)
DRV - [2010/06/22 09:46:50 | 000,201,088 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swnc8ua3.sys -- (SWNC8UA3)
DRV - [2010/04/01 07:49:52 | 000,517,688 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2010/03/05 10:53:06 | 000,067,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2010/02/11 08:01:10 | 000,132,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV - [2010/02/03 11:21:56 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2010/02/02 03:29:46 | 000,182,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/12/02 09:49:54 | 000,034,384 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER)
DRV - [2009/11/07 05:53:58 | 001,227,776 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/09/18 05:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2009/07/31 10:45:56 | 000,022,912 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2009/07/15 08:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2009/07/14 09:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/08 01:53:06 | 000,007,680 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2009/06/23 10:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)
DRV - [2008/12/27 05:56:04 | 000,017,792 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vcsvad.sys -- (VCSVADHWSer)
DRV - [2008/08/18 15:58:52 | 000,002,688 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\AV WebCam Morpher\WebCamHelper.sys -- (WebCamHelper)
DRV - [2008/01/14 20:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2008/01/11 18:23:44 | 000,013,696 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\avwebcam.sys -- (AVWEBCAM)
DRV - [2007/01/19 22:07:03 | 000,013,184 | ---- | M] (Xponaut) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xpntwbd.sys -- (Xponaut_WBD)
DRV - [2007/01/19 18:20:54 | 000,021,728 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SCMNdisP.sys -- (SCMNdisP)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7102}: "URL" = http://search.jzip.c...q={searchTerms}
IE - HKLM\..\SearchScopes\{F4ED0519-C584-4DDA-BE93-FA0B93D040F6}: "URL" = http://www.bing.com/...rc=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{3D41F773-C2A2-4541-8F58-DF94FA1311D3}: "URL" = http://search.yahoo....q={searchTerms}
IE - HKCU\..\SearchScopes\{5073337A-352D-4B5C-BC8C-EB3E7ED19844}: "URL" = http://websearch.ask...5-1A41A76FDD29
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7ADFA_en
IE - HKCU\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7102}: "URL" = http://search.jzip.c...q={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={9057C24D-8C7E-4EA2-97B9-B4BAB0FE689F}&mid=dce63be85cf947d6839cd16f2a62b880-cc143bd920cbdcaa01e95ff604013b181dc24679&lang=en&ds=AVG&pr=fr&d=2013-01-21 10:17:56&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{E5AF4E5C-7449-41BC-AF0A-298BA0217703}: "URL" = http://au.search.yah...p={SearchTerms}
IE - HKCU\..\SearchScopes\{F4ED0519-C584-4DDA-BE93-FA0B93D040F6}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.order.1: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/firefox"
FF - prefs.js..extensions.enabledAddons: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145
FF - prefs.js..extensions.enabledAddons: [email protected]:8.0.1497
FF - prefs.js..extensions.enabledAddons: [email protected]:1.3
FF - prefs.js..extensions.enabledAddons: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.6.6
FF - prefs.js..extensions.enabledItems: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.5.0
FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:5.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.2191
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.2.0.10687
FF - prefs.js..extensions.enabledItems: {F53C93F1-07D5-430c-86D4-C9531B27DFAF}:12.0.0.2189
FF - prefs.js..keyword.URL: "http://au.search.yah...ype=A110AU0&p="
FF - prefs.js..network.proxy.autoconfig_url: "http://safeharborgames.net/"
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\sharon\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2014/05/04 16:56:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/03/10 19:24:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/09/09 15:46:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\AVG Secure Search\FireFoxExt\15.5.0.2
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/22 02:09:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/24 10:24:11 | 000,000,000 | ---D | M]
 
[2011/08/16 21:50:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sharon\AppData\Roaming\Mozilla\Extensions
[2013/10/14 12:41:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sharon\AppData\Roaming\Mozilla\Firefox\Profiles\uk8tw8m8.default\extensions
[2012/10/15 15:06:52 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\sharon\AppData\Roaming\Mozilla\Firefox\Profiles\uk8tw8m8.default\extensions\[email protected]
[2013/04/01 18:43:29 | 000,221,336 | ---- | M] () (No name found) -- C:\Users\sharon\AppData\Roaming\Mozilla\Firefox\Profiles\uk8tw8m8.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2011/11/17 19:25:44 | 000,002,333 | ---- | M] () -- C:\Users\sharon\AppData\Roaming\Mozilla\Firefox\Profiles\uk8tw8m8.default\searchplugins\askcom.xml
[2011/03/15 18:08:57 | 000,005,536 | ---- | M] () -- C:\Users\sharon\AppData\Roaming\Mozilla\Firefox\Profiles\uk8tw8m8.default\searchplugins\jZipWebSearch.xml
[2012/09/22 02:09:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014/03/18 11:30:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/09/09 15:46:17 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/03/10 19:24:50 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2014/05/04 16:56:34 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
File not found (No name found) -- C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\[email protected]
[2012/09/22 02:09:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013/08/15 19:32:02 | 000,003,715 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/09/22 02:09:03 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/03/15 18:08:57 | 000,005,536 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jZipWebSearch.xml
[2013/05/05 09:57:49 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/09/22 02:09:03 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\34.0.1847.131\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: WildTangent Games App V2 Presence Detector (Enabled) = C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
CHR - plugin: Windows Live® Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\sharon\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: SiteAdvisor = C:\Users\sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.65.135.1_0\
CHR - Extension: Easy Youtube Video Downloader = C:\Users\sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmknocfkgffdgekmfonabppnhdgmghem\4.1_0\
CHR - Extension: Skype Click to Call = C:\Users\sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.2.15747.10003_0\
CHR - Extension: Google Wallet = C:\Users\sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo> = C:\Users\sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2011/08/17 00:09:21 | 000,000,811 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (avast! EasyPass Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! EasyPass Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No CLSID value found.
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [InstaLAN] C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4 - HKCU..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office14\GROOVEMN.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Show avast! EasyPass Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
O9 - Extra 'Tools' menuitem : Show avast! EasyPass Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicr...osoft/wrc32.ocx (WRC Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D3E7034-3953-465F-96FC-419D500D1F3E}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4898F6A2-6BA8-47CA-8232-59779CB23BD5}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{58335CA9-FA95-475C-B183-FC69CD05157B}: DhcpNameServer = 211.29.132.12 198.142.0.51
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F4159DB1-8BE2-4178-9248-53AC662157B9}: DhcpNameServer = 192.168.42.129
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 07:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{69b90171-35cf-11e1-9717-0016dd132787}\Shell - "" = AutoRun
O33 - MountPoints2\{69b90171-35cf-11e1-9717-0016dd132787}\Shell\AutoRun\command - "" = autorun.exe
O33 - MountPoints2\{957305a1-a51e-11e0-8667-00266c865173}\Shell - "" = AutoRun
O33 - MountPoints2\{957305a1-a51e-11e0-8667-00266c865173}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{c41f80a1-665d-11e1-a0e0-0016dd132787}\Shell - "" = AutoRun
O33 - MountPoints2\{c41f80a1-665d-11e1-a0e0-0016dd132787}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{c41f80ae-665d-11e1-a0e0-0016dd132787}\Shell - "" = AutoRun
O33 - MountPoints2\{c41f80ae-665d-11e1-a0e0-0016dd132787}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{e76e1bc8-2eeb-11e0-82e1-00266c865173}\Shell - "" = AutoRun
O33 - MountPoints2\{e76e1bc8-2eeb-11e0-82e1-00266c865173}\Shell\AutoRun\command - "" = E:\WIN\setup.exe
O33 - MountPoints2\{f2f7b9d2-e5d4-11e2-9850-0016dd132787}\Shell - "" = AutoRun
O33 - MountPoints2\{f2f7b9d2-e5d4-11e2-9850-0016dd132787}\Shell\AutoRun\command - "" = E:\LGAutoRun.exe
O33 - MountPoints2\{fc4a0471-2bf2-11e0-86d6-00266c865173}\Shell - "" = AutoRun
O33 - MountPoints2\{fc4a0471-2bf2-11e0-86d6-00266c865173}\Shell\AutoRun\command - "" = E:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/05/03 18:57:09 | 000,000,000 | ---D | C] -- C:\Users\sharon\AppData\Local\offsync
[2014/05/03 03:11:44 | 000,000,000 | ---D | C] -- C:\output
[2014/05/01 08:52:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Affinegy
[2014/04/30 19:59:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belkin
[2014/04/30 19:59:10 | 000,000,000 | ---D | C] -- C:\Program Files\Belkin
[2014/04/21 20:56:01 | 000,000,000 | ---D | C] -- C:\Users\sharon\Documents\Safe Harbor Games
[2014/04/17 17:30:59 | 000,000,000 | ---D | C] -- C:\Users\sharon\AppData\Local\{09B3D5AA-A262-4645-8AC1-CC017AE318F8}
[2014/04/13 08:17:53 | 000,000,000 | ---D | C] -- C:\Users\sharon\Desktop\shaz resume
 
========== Files - Modified Within 30 Days ==========
 
[2014/05/05 19:49:03 | 000,000,886 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/05 18:55:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/05/05 18:44:24 | 000,016,304 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/05 18:44:24 | 000,016,304 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/05 18:37:22 | 000,000,492 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts.ics
[2014/05/05 18:36:34 | 000,000,882 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/05 18:36:33 | 000,000,350 | ---- | M] () -- C:\windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2014/05/05 18:36:23 | 000,065,536 | ---- | M] () -- C:\windows\System32\Ikeext.etl
[2014/05/05 18:36:07 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/05/05 18:36:03 | 1501,974,528 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/04 20:51:13 | 000,000,932 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3894173187-2114546848-3451514324-1004UA.job
[2014/05/04 08:51:00 | 000,000,910 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3894173187-2114546848-3451514324-1004Core.job
[2014/05/03 00:15:52 | 000,118,328 | ---- | M] () -- C:\windows\Photo Pos Pro Collage Templates Pack Uninstaller.exe
[2014/05/01 08:53:11 | 000,000,051 | ---- | M] () -- C:\windows\System32\drivers\etc\lmhosts
[2014/04/30 21:49:04 | 000,725,334 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2014/04/30 21:49:04 | 000,147,174 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2014/04/16 17:39:12 | 000,722,881 | ---- | M] () -- C:\Users\sharon\Desktop\hungry-jacks-vouchers.pdf
[2014/04/13 13:01:30 | 000,013,100 | ---- | M] () -- C:\Users\sharon\Desktop\download.jpg
[2014/04/13 08:21:40 | 000,002,296 | ---- | M] () -- C:\Users\sharon\Desktop\Downloads - Shortcut.lnk
[2014/04/07 13:59:25 | 048,117,735 | ---- | M] () -- C:\Users\sharon\Desktop\Noah Fonoti xfactor lesson.mp3
 
========== Files Created - No Company Name ==========
 
[2014/05/03 00:15:52 | 000,118,328 | ---- | C] () -- C:\windows\Photo Pos Pro Collage Templates Pack Uninstaller.exe
[2014/04/16 17:39:11 | 000,722,881 | ---- | C] () -- C:\Users\sharon\Desktop\hungry-jacks-vouchers.pdf
[2014/04/13 13:01:38 | 000,013,100 | ---- | C] () -- C:\Users\sharon\Desktop\download.jpg
[2014/04/07 13:58:04 | 048,117,735 | ---- | C] () -- C:\Users\sharon\Desktop\Noah Fonoti xfactor lesson.mp3
[2014/01/15 23:30:03 | 000,203,380 | -H-- | C] () -- C:\windows\System32\mlfcache.dat
[2013/12/23 18:12:46 | 000,119,486 | ---- | C] () -- C:\windows\Christmas and New Year Frames Pack Uninstaller.exe
[2013/08/20 10:08:12 | 000,000,175 | ---- | C] () -- C:\windows\System32\drivers\aswVmm.sys.sum
[2013/08/20 10:08:12 | 000,000,175 | ---- | C] () -- C:\windows\System32\drivers\aswSP.sys.sum
[2013/08/20 10:08:12 | 000,000,175 | ---- | C] () -- C:\windows\System32\drivers\aswSnx.sys.sum
[2013/08/20 10:07:41 | 000,177,864 | ---- | C] () -- C:\windows\System32\drivers\aswVmm.sys
[2013/08/20 10:07:41 | 000,049,376 | ---- | C] () -- C:\windows\System32\drivers\aswRvrt.sys
[2013/05/02 20:17:13 | 000,116,224 | ---- | C] () -- C:\windows\System32\pdfcmnnt.dll
[2012/12/01 08:57:40 | 000,027,520 | ---- | C] () -- C:\Users\sharon\AppData\Local\dt.dat
[2012/10/28 22:48:56 | 000,175,616 | ---- | C] () -- C:\windows\System32\unrar.dll
[2012/01/05 10:47:01 | 000,060,304 | ---- | C] () -- C:\Users\sharon\g2mdlhlpx.exe
[2011/07/10 03:36:07 | 000,003,584 | ---- | C] () -- C:\Users\sharon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/28 14:55:44 | 000,005,082 | ---- | C] () -- C:\ProgramData\ojobkspa.ako
[2011/01/30 08:29:30 | 000,000,000 | ---- | C] () -- C:\Users\sharon\AppData\Roaming\WGC_Client Preferences
 
========== ZeroAccess Check ==========
 
[2009/07/14 14:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 11:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 11:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2011/01/31 12:51:10 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\Amazon
[2011/04/25 15:27:24 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\AnvSoft
[2011/11/26 12:55:52 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\AVG2012
[2011/07/12 11:22:34 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\Avnex
[2014/05/04 22:02:29 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\BitTorrent
[2011/07/18 12:55:37 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\Blender Foundation
[2012/01/03 15:01:39 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\CCleanup
[2014/02/17 09:53:48 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/08/07 05:03:21 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011/06/01 20:13:34 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\DriverCure
[2013/07/11 11:13:16 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\EPSON
[2013/04/20 02:51:32 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\FireArc Arcade
[2012/08/07 04:57:10 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\FrmMain
[2011/02/25 05:39:40 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\GetRightToGo
[2012/10/28 22:51:32 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\Leawo
[2011/07/10 03:15:10 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\ManyCam
[2013/09/09 11:29:24 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\MediaMonkey
[2011/04/28 14:55:48 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\MOVAVI
[2011/10/30 11:49:50 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\OpenOffice.org
[2011/06/01 20:13:34 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\ParetoLogic
[2013/08/09 12:59:08 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\Philipp Winterberg
[2014/05/03 00:49:29 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\PhotoScape
[2012/10/14 09:25:31 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\RoboForm
[2012/05/22 00:13:12 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\SafariFriends
[2013/10/19 18:55:44 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\SanDisk SecureAccess
[2013/12/19 00:11:38 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\Screaming Bee
[2011/02/03 08:14:33 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\Sierra Wireless
[2012/05/23 03:27:53 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\Silver Creek Entertainment
[2013/12/31 13:07:27 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\Smilebox
[2013/11/11 13:49:28 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/02/05 16:22:56 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\Tific
[2012/10/28 22:53:02 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\tiger-k
[2011/02/10 22:14:04 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\Toshiba
[2013/06/26 21:20:49 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\TuneUp Software
[2012/05/17 16:43:57 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\WildTangent
[2012/03/13 17:34:47 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\WinBatch
[2012/07/13 11:36:49 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:373E1720
 
< End of report >
 

  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Hi, you have 3 antivirus programmes :

 

McAfee
AVAST
AVG

 

Which one do you wish to keep ?


  • 0

#3
shaz

shaz

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 145 posts

i use the avast


  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Ok download the following programmes to your desktop :

http://download.mcaf...atches/MCPR.exe
http://download.avg....6_2014_4116.exe
From Control Panel > Programs and Features uninstall both AVG and McAfee programmes
Once done (reboots may be required) Run each programme you downloaded in turn, again rebooting as necessary

Having done that could you let me know how the computer is behaving
  • 0

#5
shaz

shaz

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 145 posts

hi.... I did the uninstall and run those 2 programs, it seems to have improved slightly...lapto runs a tad faster for a little while but then slows down on speed again, taking longer than normal for pages to open


  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
You are a bit tight on RAM, lets check for hidden adware and then take a fresh look

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
THEN

Run a further OTL scan ensuring that all users is selected
  • 0

#7
shaz

shaz

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 145 posts

hi again...i ran that program, did as instructed, my latop seems to be running so much better now...im praying it shud stay this way.....i havent done the OTL yet...went to look for it on my laptop but its disappeared, somehow the program got deleted but will go install it again now...just one more thing about the otl scan...u said i need to make sure that all users are selected, is there somewhere in that scan that will give me the option to have users selected??? sorry if the question sounds so dense sighsss...youve been awesomelly great and i truly appreciate the help you have given me....so I thank you : )...oh sorry I do have another question in regards to the ram....to buy more ram for my laptop...is it as easy as just buying it and replacing on my lap...something i can do??? here is the log for that awcleaner thingy

 

 # AdwCleaner v3.207 - Report created 09/05/2014 at 00:33:23

# Updated 05/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : sharon - LASTXP22
# Running from : C:\Users\sharon\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\hotspot shield
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\SoftSafe
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Program Files\1ClickDownload
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\ConduitEngine
Folder Deleted : C:\Program Files\ParetoLogic
Folder Deleted : C:\Program Files\BitTorrentBar
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Public\Documents\iWin
Folder Deleted : C:\Users\sharon\AppData\Local\apn
Folder Deleted : C:\Users\sharon\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\sharon\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\sharon\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\sharon\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\sharon\AppData\LocalLow\BitTorrentBar
Folder Deleted : C:\Users\sharon\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\sharon\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\sharon\AppData\Roaming\Mozilla\Firefox\Profiles\uk8tw8m8.default\Extensions\[email protected]
File Deleted : C:\Users\sharon\AppData\Roaming\Mozilla\Firefox\Profiles\uk8tw8m8.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
File Deleted : C:\Users\sharon\AppData\Roaming\Mozilla\Firefox\Profiles\uk8tw8m8.default\searchplugins\Askcom.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\sharon\AppData\Roaming\Mozilla\Firefox\Profiles\uk8tw8m8.default\searchplugins\jZipWebSearch.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\jZipWebSearch.xml
File Deleted : C:\Users\sharon\AppData\Roaming\Mozilla\Firefox\Profiles\uk8tw8m8.default\user.js
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Key Deleted : HKCU\Software\Google\Chrome\Extensions\ahilkiibpgjnonbhdfkkgjddddmapala
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ahilkiibpgjnonbhdfkkgjddddmapala
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\pricegong_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\pricegong_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_funny-voice_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_funny-voice_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27952D76-9860-4025-BC5E-B4A417CD5F66}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1E48C56F-08CD-43AA-A6EF-C1EC891551AB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{27952D76-9860-4025-BC5E-B4A417CD5F66}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73361710-28D5-4E68-9695-306E73B8BE3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\BitTorrentBar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\conduitEngine
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\Software\BitTorrentBar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrentBar Toolbar
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Mozilla Firefox v12.0 (en-US)
 
[ File : C:\Users\sharon\AppData\Roaming\Mozilla\Firefox\Profiles\uk8tw8m8.default\prefs.js ]
 
Line Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\15.5.0.2");
Line Deleted : user_pref("avg.userPreferences.URLBarFocus.whiteList", "bing\\.com|google\\.\\w+|yahoo\\.\\w+|gmail\\.\\w+|hotmail\\.\\w+|live\\.\\w+|isearch\\.avg\\.com|mysearch\\.avg\\.com");
 
-\\ Google Chrome v34.0.1847.131
 
[ File : C:\Users\sharon\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Deleted [Search Provider] : hxxp://www.dodo.com/none-nav-linked-pages/dodo-search/?q={searchTerms}
Deleted [Search Provider] : hxxp://gumtree.com.au/s-search-results.html?keyword={searchTerms}
Deleted [Extension] : ahilkiibpgjnonbhdfkkgjddddmapala
Deleted [Extension] : jmfkcklnlgedgbglfkkgedjfmejoahla
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
 
*************************
 
AdwCleaner[R0].txt - [11149 octets] - [09/05/2014 00:29:51]
AdwCleaner[S0].txt - [10791 octets] - [09/05/2014 00:33:23]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10852 octets] ##########

  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

There you go, all user is highlighted :)

OTL_Main_Tutorial.gif

Reference RAM.. It is fairly straightforward

First to determine which type of RAM you need and how much the system can take go to Crucial.com and click system scanner

Then scan my computer when the page changes

[attachment=70440:Capture.JPG]

You will be asked to run a small programme, allow that

Once done it will take you to a page showing how many slots are free and what type of RAM you can fit. There is no requirement to buy from them but it will give you the details and also show a guide price.  Click show all compatible memory to open that part up  

[attachment=70441:Capture1.JPG]

 

On this page is a small video showing how easy it is to change RAM on a laptop

 

For Windows 7 4Gb of RAM would be ample, you currently have 2Gb 


  • 0

#9
shaz

shaz

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 145 posts

cool thanks for that, willl get me some ram....ii did that otl scan, fell asleep while it was scanning, when i woke it had finished with 2 logs, not sure if that is how it shud be...anyways here it is

 

OTL logfile created on: 5/10/2014 3:38:02 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\sharon\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
 
1.87 Gb Total Physical Memory | 1.28 Gb Available Physical Memory | 68.47% Memory free
3.73 Gb Paging File | 2.56 Gb Available in Paging File | 68.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.55 Gb Total Space | 160.23 Gb Free Space | 55.92% Space Free | Partition Type: NTFS
 
Computer Name: LASTXP22 | User Name: sharon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/05/10 03:12:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\sharon\Downloads\OTL.exe
PRC - [2014/04/20 14:57:30 | 001,052,672 | ---- | M] (SafeHarborGames.NET) -- C:\Program Files\SafeHarborGames.net\SHG Installation\HarborFriends.exe
PRC - [2014/04/11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2014/04/11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2013/08/30 17:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/08/30 17:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/07/02 09:16:32 | 000,507,264 | ---- | M] (Oracle Corporation) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2012/11/23 12:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/07/28 06:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/27 15:57:30 | 000,562,592 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
PRC - [2011/05/27 15:57:28 | 002,015,136 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
PRC - [2011/05/27 15:57:26 | 007,025,568 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
PRC - [2011/02/25 15:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/02/11 13:45:54 | 001,295,736 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
PRC - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
PRC - [2010/03/04 07:14:52 | 000,742,712 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2010/03/04 05:17:48 | 000,030,040 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
PRC - [2010/02/23 06:23:50 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2010/01/29 09:44:24 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
PRC - [2010/01/21 01:34:10 | 000,944,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\GROOVEMN.EXE
PRC - [2010/01/16 09:54:08 | 000,717,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
PRC - [2009/12/10 09:21:56 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/12/10 09:21:52 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/11/06 15:04:20 | 000,468,320 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2009/07/29 13:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009/07/29 08:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2009/07/29 07:00:10 | 000,460,088 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2009/03/11 11:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2009/02/21 02:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/10/11 08:13:33 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/10/11 08:13:02 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/08/15 03:28:20 | 000,212,992 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c664f44617c6a89edcc171fa8596c89d\System.ServiceProcess.ni.dll
MOD - [2013/08/15 03:27:30 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/15 03:27:11 | 005,464,064 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/15 03:26:59 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/07/12 03:29:07 | 011,499,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2011/05/27 15:57:32 | 000,022,944 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinServicePS.dll
MOD - [2011/05/27 15:08:56 | 000,660,480 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
MOD - [2010/10/03 19:40:26 | 008,007,680 | ---- | M] () -- C:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2010/08/22 21:01:36 | 007,187,456 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtGui4.dll
MOD - [2010/08/22 21:01:08 | 000,325,632 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtXml4.dll
MOD - [2010/08/22 21:01:06 | 001,954,304 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtCore4.dll
MOD - [2010/08/22 21:01:06 | 000,847,360 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtNetwork4.dll
MOD - [2010/08/22 20:32:34 | 000,119,808 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
MOD - [2010/03/04 07:14:58 | 000,016,184 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
MOD - [2010/03/04 07:14:56 | 000,016,184 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
MOD - [2010/03/04 07:14:32 | 008,783,160 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
MOD - [2010/01/21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/11/04 06:26:26 | 000,058,680 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
MOD - [2009/07/26 04:07:12 | 000,058,704 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
MOD - [2009/06/23 08:38:40 | 000,015,160 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
MOD - [2009/03/13 12:08:04 | 000,049,152 | ---- | M] () -- C:\Program Files\TOSHIBA\PCDiag\NotifyPCD.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe -- (vToolbarUpdater15.5.0)
SRV - [2014/04/29 06:59:58 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/04/11 19:45:50 | 001,764,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/04/11 19:45:42 | 001,390,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2013/12/19 01:50:15 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/08/30 17:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/05/27 14:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/09/22 02:09:05 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/28 06:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/05/27 15:57:30 | 000,562,592 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
SRV - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2011/01/30 21:19:11 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/10/13 03:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/08/26 17:48:00 | 000,285,152 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe -- (WSWNA3100)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/02/06 10:41:00 | 000,111,960 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2010/01/29 09:44:24 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe -- (cfWiMAXService)
SRV - [2010/01/21 17:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009/12/10 09:21:56 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/12/10 09:21:52 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/11/06 15:04:20 | 000,468,320 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2009/07/29 08:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2009/07/14 11:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/03/11 11:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2009/02/21 02:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\massfilter.sys -- (massfilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbnet.sys -- (ewusbnet)
DRV - [2013/08/30 17:48:13 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/08/30 17:48:13 | 000,177,864 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/08/30 17:48:13 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/08/30 17:48:12 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/08/30 17:48:12 | 000,061,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013/08/30 17:48:12 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/08/30 17:48:11 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/08/30 17:48:11 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013/08/15 19:31:44 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/05/09 18:59:09 | 000,021,576 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2011/08/02 17:38:44 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netaapl.sys -- (Netaapl)
DRV - [2011/05/25 09:40:10 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2011/05/13 03:21:06 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/05/13 03:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011/05/13 03:21:06 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2011/05/13 03:21:06 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2011/05/13 03:21:04 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011/02/03 16:31:42 | 000,104,376 | ---- | M] (e2eSoft) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VCam_WDM.sys -- (VCam_WDM)
DRV - [2010/11/20 20:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 19:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/07/29 00:25:02 | 000,025,112 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ivusb.sys -- (ivusb)
DRV - [2010/07/28 03:37:24 | 000,103,552 | ---- | M] (TCT International Mobile Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\qcusbser.sys -- (qcusbser)
DRV - [2010/06/22 10:07:20 | 000,078,720 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swiwdmbus.sys -- (swiwdmbus)
DRV - [2010/06/22 09:47:14 | 000,156,544 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swumxa3.sys -- (SWUMXA3)
DRV - [2010/06/22 09:46:50 | 000,201,088 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swnc8ua3.sys -- (SWNC8UA3)
DRV - [2010/04/01 07:49:52 | 000,517,688 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2010/03/05 10:53:06 | 000,067,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2010/02/11 08:01:10 | 000,132,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV - [2010/02/03 11:21:56 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2010/02/02 03:29:46 | 000,182,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/12/02 09:49:54 | 000,034,384 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER)
DRV - [2009/11/07 05:53:58 | 001,227,776 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/09/18 05:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2009/07/31 10:45:56 | 000,022,912 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2009/07/15 08:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2009/07/14 09:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/08 01:53:06 | 000,007,680 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2009/06/23 10:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)
DRV - [2008/12/27 05:56:04 | 000,017,792 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vcsvad.sys -- (VCSVADHWSer)
DRV - [2008/08/18 15:58:52 | 000,002,688 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\AV WebCam Morpher\WebCamHelper.sys -- (WebCamHelper)
DRV - [2008/01/14 20:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2008/01/11 18:23:44 | 000,013,696 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\avwebcam.sys -- (AVWEBCAM)
DRV - [2007/01/19 22:07:03 | 000,013,184 | ---- | M] (Xponaut) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xpntwbd.sys -- (Xponaut_WBD)
DRV - [2007/01/19 18:20:54 | 000,021,728 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SCMNdisP.sys -- (SCMNdisP)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7102}: "URL" = http://search.jzip.c...q={searchTerms}
IE - HKLM\..\SearchScopes\{F4ED0519-C584-4DDA-BE93-FA0B93D040F6}: "URL" = http://www.bing.com/...rc=IE-SearchBox
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-3894173187-2114546848-3451514324-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
IE - HKU\S-1-5-21-3894173187-2114546848-3451514324-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKU\S-1-5-21-3894173187-2114546848-3451514324-1004\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-3894173187-2114546848-3451514324-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKU\S-1-5-21-3894173187-2114546848-3451514324-1004\..\SearchScopes\{3D41F773-C2A2-4541-8F58-DF94FA1311D3}: "URL" = http://search.yahoo....q={searchTerms}
IE - HKU\S-1-5-21-3894173187-2114546848-3451514324-1004\..\SearchScopes\{5073337A-352D-4B5C-BC8C-EB3E7ED19844}: "URL" = http://websearch.ask...5-1A41A76FDD29
IE - HKU\S-1-5-21-3894173187-2114546848-3451514324-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7ADFA_en
IE - HKU\S-1-5-21-3894173187-2114546848-3451514324-1004\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7102}: "URL" = http://search.jzip.c...q={searchTerms}
IE - HKU\S-1-5-21-3894173187-2114546848-3451514324-1004\..\SearchScopes\{E5AF4E5C-7449-41BC-AF0A-298BA0217703}: "URL" = http://au.search.yah...p={SearchTerms}
IE - HKU\S-1-5-21-3894173187-2114546848-3451514324-1004\..\SearchScopes\{F4ED0519-C584-4DDA-BE93-FA0B93D040F6}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-3894173187-2114546848-3451514324-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.order.1: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/firefox"
FF - prefs.js..extensions.enabledAddons: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145
FF - prefs.js..extensions.enabledAddons: [email protected]:8.0.1497
FF - prefs.js..extensions.enabledAddons: [email protected]:1.3
FF - prefs.js..extensions.enabledAddons: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.6.6
FF - prefs.js..extensions.enabledItems: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.5.0
FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:5.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.2191
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.2.0.10687
FF - prefs.js..extensions.enabledItems: {F53C93F1-07D5-430c-86D4-C9531B27DFAF}:12.0.0.2189
FF - prefs.js..keyword.URL: "http://au.search.yah...ype=A110AU0&p="
FF - prefs.js..network.proxy.autoconfig_url: "http://safeharborgames.net/"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\sharon\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/03/10 19:24:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/09/09 15:46:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/22 02:09:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/24 10:24:11 | 000,000,000 | ---D | M]
 
[2011/08/16 21:50:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sharon\AppData\Roaming\Mozilla\Extensions
[2014/05/09 00:33:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sharon\AppData\Roaming\Mozilla\Firefox\Profiles\uk8tw8m8.default\extensions
[2012/09/22 02:09:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014/05/07 11:56:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/09/09 15:46:17 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/03/10 19:24:50 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
File not found (No name found) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
File not found (No name found) -- C:\USERS\SHARON\APPDATA\ROAMING\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\[email protected]
[2012/09/22 02:09:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/09/22 02:09:03 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/05/05 09:57:49 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/09/22 02:09:03 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\34.0.1847.131\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: WildTangent Games App V2 Presence Detector (Enabled) = C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
CHR - plugin: Windows Live® Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\sharon\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Easy Youtube Video Downloader = C:\Users\sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmknocfkgffdgekmfonabppnhdgmghem\4.1_0\
CHR - Extension: Skype Click to Call = C:\Users\sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.2.15747.10003_0\
CHR - Extension: Google Wallet = C:\Users\sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo> = C:\Users\sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2011/08/17 00:09:21 | 000,000,811 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (avast! EasyPass Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3 - HKLM\..\Toolbar: (avast! EasyPass Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No CLSID value found.
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [InstaLAN] C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4 - HKU\S-1-5-21-3894173187-2114546848-3451514324-1004..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office14\GROOVEMN.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-3894173187-2114546848-3451514324-1004..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3894173187-2114546848-3451514324-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Show avast! EasyPass Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
O9 - Extra 'Tools' menuitem : Show avast! EasyPass Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (AVAST Software)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicr...osoft/wrc32.ocx (WRC Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4898F6A2-6BA8-47CA-8232-59779CB23BD5}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{58335CA9-FA95-475C-B183-FC69CD05157B}: DhcpNameServer = 211.29.132.12 198.142.0.51
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F4159DB1-8BE2-4178-9248-53AC662157B9}: DhcpNameServer = 192.168.42.129
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/11 07:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{69b90171-35cf-11e1-9717-0016dd132787}\Shell - "" = AutoRun
O33 - MountPoints2\{69b90171-35cf-11e1-9717-0016dd132787}\Shell\AutoRun\command - "" = autorun.exe
O33 - MountPoints2\{957305a1-a51e-11e0-8667-00266c865173}\Shell - "" = AutoRun
O33 - MountPoints2\{957305a1-a51e-11e0-8667-00266c865173}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{c41f80a1-665d-11e1-a0e0-0016dd132787}\Shell - "" = AutoRun
O33 - MountPoints2\{c41f80a1-665d-11e1-a0e0-0016dd132787}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{c41f80ae-665d-11e1-a0e0-0016dd132787}\Shell - "" = AutoRun
O33 - MountPoints2\{c41f80ae-665d-11e1-a0e0-0016dd132787}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{e76e1bc8-2eeb-11e0-82e1-00266c865173}\Shell - "" = AutoRun
O33 - MountPoints2\{e76e1bc8-2eeb-11e0-82e1-00266c865173}\Shell\AutoRun\command - "" = E:\WIN\setup.exe
O33 - MountPoints2\{f2f7b9d2-e5d4-11e2-9850-0016dd132787}\Shell - "" = AutoRun
O33 - MountPoints2\{f2f7b9d2-e5d4-11e2-9850-0016dd132787}\Shell\AutoRun\command - "" = E:\LGAutoRun.exe
O33 - MountPoints2\{fc4a0471-2bf2-11e0-86d6-00266c865173}\Shell - "" = AutoRun
O33 - MountPoints2\{fc4a0471-2bf2-11e0-86d6-00266c865173}\Shell\AutoRun\command - "" = E:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/05/09 00:30:29 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\windows\System32\sqlite3.dll
[2014/05/09 00:29:45 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/05/03 18:57:09 | 000,000,000 | ---D | C] -- C:\Users\sharon\AppData\Local\offsync
[2014/05/03 03:11:44 | 000,000,000 | ---D | C] -- C:\output
[2014/05/01 08:52:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Affinegy
[2014/04/30 19:59:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belkin
[2014/04/30 19:59:10 | 000,000,000 | ---D | C] -- C:\Program Files\Belkin
[2014/04/21 20:56:01 | 000,000,000 | ---D | C] -- C:\Users\sharon\Documents\Safe Harbor Games
[2014/04/17 17:30:59 | 000,000,000 | ---D | C] -- C:\Users\sharon\AppData\Local\{09B3D5AA-A262-4645-8AC1-CC017AE318F8}
[2014/04/13 08:17:53 | 000,000,000 | ---D | C] -- C:\Users\sharon\Desktop\shaz resume
 
========== Files - Modified Within 30 Days ==========
 
[2014/05/10 02:55:01 | 000,000,886 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/10 02:55:01 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/05/10 02:51:04 | 000,000,932 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3894173187-2114546848-3451514324-1004UA.job
[2014/05/09 23:56:10 | 000,016,304 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/09 23:56:10 | 000,016,304 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/09 23:49:43 | 000,000,882 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/09 23:49:43 | 000,000,350 | ---- | M] () -- C:\windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2014/05/09 23:49:14 | 000,000,492 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts.ics
[2014/05/09 23:48:57 | 000,065,536 | ---- | M] () -- C:\windows\System32\Ikeext.etl
[2014/05/09 23:48:41 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/05/09 23:48:38 | 1501,974,528 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/09 08:51:01 | 000,000,910 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3894173187-2114546848-3451514324-1004Core.job
[2014/05/08 00:33:18 | 000,725,334 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2014/05/08 00:33:18 | 000,147,174 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2014/05/03 00:15:52 | 000,118,328 | ---- | M] () -- C:\windows\Photo Pos Pro Collage Templates Pack Uninstaller.exe
[2014/05/01 08:53:11 | 000,000,051 | ---- | M] () -- C:\windows\System32\drivers\etc\lmhosts
[2014/04/29 06:59:56 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2014/04/29 06:59:56 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2014/04/16 17:39:12 | 000,722,881 | ---- | M] () -- C:\Users\sharon\Desktop\hungry-jacks-vouchers.pdf
[2014/04/13 13:01:30 | 000,013,100 | ---- | M] () -- C:\Users\sharon\Desktop\download.jpg
[2014/04/13 08:21:40 | 000,002,296 | ---- | M] () -- C:\Users\sharon\Desktop\Downloads - Shortcut.lnk
 
========== Files Created - No Company Name ==========
 
[2014/05/03 00:15:52 | 000,118,328 | ---- | C] () -- C:\windows\Photo Pos Pro Collage Templates Pack Uninstaller.exe
[2014/04/16 17:39:11 | 000,722,881 | ---- | C] () -- C:\Users\sharon\Desktop\hungry-jacks-vouchers.pdf
[2014/04/13 13:01:38 | 000,013,100 | ---- | C] () -- C:\Users\sharon\Desktop\download.jpg
[2014/01/15 23:30:03 | 000,203,380 | -H-- | C] () -- C:\windows\System32\mlfcache.dat
[2013/12/23 18:12:46 | 000,119,486 | ---- | C] () -- C:\windows\Christmas and New Year Frames Pack Uninstaller.exe
[2013/08/20 10:08:12 | 000,000,175 | ---- | C] () -- C:\windows\System32\drivers\aswVmm.sys.sum
[2013/08/20 10:08:12 | 000,000,175 | ---- | C] () -- C:\windows\System32\drivers\aswSP.sys.sum
[2013/08/20 10:08:12 | 000,000,175 | ---- | C] () -- C:\windows\System32\drivers\aswSnx.sys.sum
[2013/08/20 10:07:41 | 000,177,864 | ---- | C] () -- C:\windows\System32\drivers\aswVmm.sys
[2013/08/20 10:07:41 | 000,049,376 | ---- | C] () -- C:\windows\System32\drivers\aswRvrt.sys
[2013/05/02 20:17:13 | 000,116,224 | ---- | C] () -- C:\windows\System32\pdfcmnnt.dll
[2012/12/01 08:57:40 | 000,027,520 | ---- | C] () -- C:\Users\sharon\AppData\Local\dt.dat
[2012/10/28 22:48:56 | 000,175,616 | ---- | C] () -- C:\windows\System32\unrar.dll
[2012/01/05 10:47:01 | 000,060,304 | ---- | C] () -- C:\Users\sharon\g2mdlhlpx.exe
[2011/07/10 03:36:07 | 000,003,584 | ---- | C] () -- C:\Users\sharon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/28 14:55:44 | 000,005,082 | ---- | C] () -- C:\ProgramData\ojobkspa.ako
[2011/01/30 08:29:30 | 000,000,000 | ---- | C] () -- C:\Users\sharon\AppData\Roaming\WGC_Client Preferences
 
========== ZeroAccess Check ==========
 
[2009/07/14 14:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 11:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 11:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2011/03/04 05:52:49 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Screaming Bee
[2013/01/31 08:10:27 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2011/03/04 05:52:49 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Screaming Bee
[2013/01/31 08:10:27 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2011/01/31 12:51:10 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\Amazon
[2011/04/25 15:27:24 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\AnvSoft
[2011/07/12 11:22:34 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\Avnex
[2014/05/08 01:18:47 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\BitTorrent
[2011/07/18 12:55:37 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\Blender Foundation
[2012/01/03 15:01:39 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\CCleanup
[2014/02/17 09:53:48 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/08/07 05:03:21 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/07/11 11:13:16 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\EPSON
[2013/04/20 02:51:32 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\FireArc Arcade
[2012/08/07 04:57:10 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\FrmMain
[2011/02/25 05:39:40 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\GetRightToGo
[2012/10/28 22:51:32 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\Leawo
[2011/07/10 03:15:10 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\ManyCam
[2013/09/09 11:29:24 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\MediaMonkey
[2011/04/28 14:55:48 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\MOVAVI
[2011/10/30 11:49:50 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\OpenOffice.org
[2013/08/09 12:59:08 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\Philipp Winterberg
[2014/05/03 00:49:29 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\PhotoScape
[2012/10/14 09:25:31 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\RoboForm
[2012/05/22 00:13:12 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\SafariFriends
[2013/10/19 18:55:44 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\SanDisk SecureAccess
[2013/12/19 00:11:38 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\Screaming Bee
[2011/02/03 08:14:33 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\Sierra Wireless
[2012/05/23 03:27:53 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\Silver Creek Entertainment
[2013/12/31 13:07:27 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\Smilebox
[2013/11/11 13:49:28 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/02/05 16:22:56 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\Tific
[2012/10/28 22:53:02 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\tiger-k
[2011/02/10 22:14:04 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\Toshiba
[2013/06/26 21:20:49 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\TuneUp Software
[2012/05/17 16:43:57 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\WildTangent
[2012/03/13 17:34:47 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\WinBatch
[2012/07/13 11:36:49 | 000,000,000 | ---D | M] -- C:\Users\sharon\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:373E1720
 
< End of report >
 
 
and the 2nd report
 

OTL Extras logfile created on: 5/10/2014 3:38:02 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\sharon\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
 
1.87 Gb Total Physical Memory | 1.28 Gb Available Physical Memory | 68.47% Memory free
3.73 Gb Paging File | 2.56 Gb Available in Paging File | 68.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.55 Gb Total Space | 160.23 Gb Free Space | 55.92% Space Free | Partition Type: NTFS
 
Computer Name: LASTXP22 | User Name: sharon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = Mega Zipper.CHM] -- Reg Error: Key error. File not found
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3894173187-2114546848-3451514324-1004\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\PROGRA~1\MEDIAM~1\MEDIAM~2.EXE" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\PROGRA~1\MEDIAM~1\MEDIAM~2.EXE" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\PROGRA~1\MEDIAM~1\MEDIAM~2.EXE" /ADD "%1" (Ventis Media Inc.)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Telstra\Mobile Broadband Manager\SwiApiMuxX.exe" = C:\Program Files\Telstra\Mobile Broadband Manager\SwiApiMuxX.exe:*:Enabled:SwiApiMuxX
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0234522E-7B71-4237-A860-8C4CCBA41589}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{025FF4F1-6255-49CB-A127-FC1F9CBA9D21}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{09650DC6-9D00-4A8B-9D03-1A96978A7C80}" = lport=138 | protocol=17 | dir=in | app=system | 
"{0A932886-ECF5-4208-B942-36032DDB7CDE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{0BB22E07-2707-42A5-B840-DF294D6343E1}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{0E58E435-37DB-4F2B-93AE-52513518FF0D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{0EC0FEA2-9FE6-4487-8240-DFAE34FEDB5E}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{10D88016-080A-468C-8532-AB3F892103A2}" = rport=2869 | protocol=6 | dir=out | app=system | 
"{167A3107-9C0C-4DDC-A478-277F426CF58D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{269BBD64-4091-45D4-AEAD-FC30431251EC}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{2832E25C-EF2F-427B-B9BE-6AB4A4AAA819}" = lport=137 | protocol=17 | dir=in | app=system | 
"{300A0058-1871-457F-AC3D-8F04C8CEE842}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{3113AC7F-9448-4D3D-BB7A-562FB3B348AE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{38957599-824F-4C7F-B049-59B68F52A129}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{45F35B4B-3142-42D9-A6EE-471718550DD8}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{47DD0565-F6FA-4085-A8AC-DA226BAFBD48}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{4DDDBDAD-9B88-4E04-A755-0950EA960DE7}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{67529B75-C6C3-45C0-A51B-ED3F460D096A}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{68BAB654-E7D8-4617-8BEB-B2BCA84369C2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{68CE06FE-5C85-431B-8E51-F06A9CC92954}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{6D6B062D-4EB5-4C87-9931-8DECC465FDE9}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{784A8ED4-401C-4B96-80F1-33D5691A2C4E}" = rport=139 | protocol=6 | dir=out | app=system | 
"{795015B4-CFA5-48CC-ABE4-677956B8E01B}" = rport=138 | protocol=17 | dir=out | app=system | 
"{7B20C56A-D8B3-456B-88D1-D825936272D7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{8028A9C7-E8CF-4026-B7FD-85D00FCF2FB3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | 
"{83775111-7906-42DC-A36F-567C87A557F2}" = lport=445 | protocol=6 | dir=in | app=system | 
"{8F95E95B-AD15-409C-9B75-5E4C91463D13}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{9B974A18-F088-421A-9D70-D1ED8E6A29DE}" = lport=139 | protocol=6 | dir=in | app=system | 
"{9BA8C0B8-B62A-42BA-A7BA-6064A2E1E6AD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{9D260A4B-D2BD-47D0-9701-733CC779196F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A247FD26-772C-4E5E-A54D-BA938FBFB1CA}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{A59123AA-2778-4167-8083-8A90C096F2C7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{B3208499-3498-48D0-A10C-7201BE6FC392}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{B7E47816-5991-4651-8566-8DBD2194D4D7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{BA92BBE9-9916-4071-939D-EA6225191C58}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | 
"{C10FD10E-AD96-4C9C-80D0-10A13094342D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{C91B069E-9780-4AC5-8288-F13A9A91F8C2}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{CBA9E4F3-CD68-452A-AA82-E16B3609BF03}" = rport=137 | protocol=17 | dir=out | app=system | 
"{CBDDC605-B76B-4321-B2A8-D0B7F059F204}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{CE87F161-0F5E-420C-82CD-326B4F1D3D47}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{D94BB338-F2FD-4411-8CB1-9586231B07BE}" = rport=445 | protocol=6 | dir=out | app=system | 
"{E4EF416B-4E2F-4CC8-AA87-9A40BE63932F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{F394B7F7-31B9-4C01-9396-EF4D267956F0}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{F41D93E8-D513-4B24-8604-A922AAC85A62}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{FB951829-3F3E-41A7-8C5D-CCB629060EDB}" = lport=10255 | protocol=6 | dir=in | name=tmc_plugin_port | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03ACDBE0-EBAA-4F4C-A8C1-C6F3A552D682}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{053859D0-01A3-4D6C-9874-E5134DA7CC78}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{112FEF4E-A36C-4072-99EC-95F5D67FCE17}" = protocol=58 | dir=in | [email protected],-28545 | 
"{163DC487-1486-475E-9255-6FB25F65DA76}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{21DE51F7-8780-44BD-B998-2674841EFDC2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{24F592D1-4F0D-462A-B87D-7D371849B3D9}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | 
"{2D3550F4-78D8-44F0-95A2-81443FE54484}" = protocol=6 | dir=in | app=c:\program files\smartftp client\smartftp.exe | 
"{2D831084-9C3B-4798-87D5-12256731896A}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 
"{2DAB4BA9-2585-4B21-95FD-12C446420457}" = protocol=1 | dir=out | [email protected],-28544 | 
"{2F6A0FB4-9E21-439D-868D-AA10D3C33FB5}" = protocol=6 | dir=in | app=c:\program files\safeharborgames.net\shg installation\harborgames.exe | 
"{3EFC6C15-8CCD-4FDD-91E8-6B86B722908F}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe | 
"{4AD49F65-5118-4946-B3B5-F839564F555F}" = protocol=6 | dir=in | app=c:\program files\belkin\router setup and monitor\belkinsetup.exe | 
"{504C9A06-3106-4284-9467-BB968DD9EF3A}" = protocol=17 | dir=in | app=c:\program files\7-zip\7zfm.exe | 
"{5329DED8-5DC4-497E-BA41-7CCCBE9CD4A8}" = protocol=1 | dir=in | [email protected],-28543 | 
"{5B893041-F06D-44C0-993F-078402D3BD22}" = protocol=17 | dir=in | app=c:\program files\belkin\router setup and monitor\belkinsetup.exe | 
"{5DD31BC0-B729-4084-844B-92BB01FDAFF5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{5E375AEE-D4E3-4DE8-B0E7-2711671A25DD}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{6AF4C7AB-E72E-4E17-A6CF-7D94D33D7C52}" = protocol=17 | dir=in | app=c:\program files\smartftp client\smartftp.exe | 
"{6DA1A55F-45E7-425E-A584-D411670043E9}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{70296E49-16E7-41BD-AC4E-EED2E0213D34}" = dir=in | app=c:\users\sharon\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"{74515605-8C38-415E-BED8-0DFB97B0716A}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{78120BCD-2F79-473A-9356-39FAA8DF9B4E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{7ABC7CAD-2C22-4CD8-BB49-ADB013E14729}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{7B5DFB50-3BFE-4534-AB17-449BBBFD029E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{89D4AE6C-07EF-48D8-9C1C-5F180685C19E}" = protocol=6 | dir=in | app=c:\program files\belkin\router setup and monitor\belkinsetup.exe | 
"{9ADBBD71-6AE8-4947-B670-CD4FAC3EC773}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{9C7E4309-3454-407F-A9BF-2316B864D7B5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{9D599D96-216B-4BF5-8B7D-129A33048C96}" = protocol=58 | dir=in | [email protected],-148 | 
"{9EF5F36D-FCA9-4AF5-AC80-B8424515D5C6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A5463394-0B7A-439E-A064-3ED16714E5A4}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{ABF1D411-A0B9-4AE7-8567-A97FB35211CA}" = protocol=6 | dir=in | app=c:\program files\7-zip\7zfm.exe | 
"{AD7F2A4C-C148-4586-A327-3C2B5E772389}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{B2D01B01-ED52-4F23-9E02-A0F17E3BEF2C}" = protocol=17 | dir=in | app=c:\program files\safeharborgames.net\shg installation\harborgames.exe | 
"{B623B200-1304-4501-A778-7F383B12628F}" = dir=in | app=c:\program files\belkin\router setup and monitor\belkinsetup.exe | 
"{B66CF831-DBCD-42A4-9259-B79DA2063D08}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{BADC3C59-CFE9-4BFA-A44A-9C2A03C815A8}" = protocol=6 | dir=out | app=system | 
"{BD751079-4F13-4E3E-9FDD-84E211DB56AB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{C018A043-DD62-4FCA-A134-24476EA4E0C4}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe | 
"{C43D9A13-D092-49E5-8049-3540DF6473D1}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe | 
"{C8D0FC5C-060B-4EB8-A542-103D49241073}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{CD326C20-C82E-4C54-A36F-B48101D2135E}" = protocol=17 | dir=in | app=c:\program files\belkin\router setup and monitor\belkinsetup.exe | 
"{CDBBED09-49B3-4E04-8D5D-447DF2A9FE4C}" = protocol=58 | dir=out | [email protected],-28546 | 
"{D05AEC68-D24A-4A6E-9C5B-B787351A9BAF}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D9D55D19-E15E-4332-9BBD-B209ADAFD45B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E791AF60-8E42-42DA-B051-6B7B23A082C0}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{EBBF03FC-984D-43C9-92A1-584E54479F6C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"TCP Query User{79ECF8F5-8156-467D-A414-708F9F740263}C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"UDP Query User{BF5A4549-C6E8-4C33-B3FD-2507CD0E2EF1}C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{073B89C3-BA88-41B5-965F-B35A88EAE838}" = TOSHIBA Supervisor Password
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{23170F69-40C1-2701-0921-000001000000}" = 7-Zip 9.21
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java™ 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{2A36014E-DF1D-4840-A209-3185B17BFC71}" = BigPond Broadband ADSL
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{2D7CF073-6583-464A-84D4-F86DE59DCA42}" = MorphVOX Pro
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5D906048-02D2-4309-BAFA-FC94B6CE88C2}" = SHG Installation
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{607BE7BF-7C28-4ADB-A4A0-385962B901C3}" = TOSHIBA ConfigFree
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6DEF11C0-35FF-4160-A543-FDD336C4DAE5}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba" = WildTangent Games App (Toshiba Games)
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.14
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}" = Facebook Video Calling 2.0.0.447
"{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}" = TOSHIBA Hardware Setup
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2FB7DBA-CEEC-41F1-BC23-3323D96290F6}" = TOSHIBA Bulletin Board
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B894522E-C079-4DC8-A305-30BA6E2F4459}" = TOSHIBA ReelTime
"{BB285C9F-C821-4770-8970-56C4AB52C87E}" = Skype Click to Call
"{C2425F91-1F7B-4037-9A05-9F290184798D}" = NETGEAR WNA3100 wireless USB 2.0 adapter
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C5F1D23A-5282-467D-B0DA-B0D6F661D587}" = SAGEM [email protected] 1201
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{C7A4F26F-F9B0-41B2-8659-99181108CDE3}" = TOSHIBA Media Controller
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C3}" = WinZip 15.5
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D422F022-98BB-4ED9-B40A-37C74F1BBADB}" = SmartFTP Client
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{EA5F34F3-3911-B4DB-63CA-1E44B2AB13A1}" = Adobe Download Assistant
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F1191B7E-84BF-4325-9FFD-80BD8996ED4B}" = MorphVOX Junior
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3B7076EB3C51070DE9D6902E9696507D9B471345" = Windows Driver Package - NETGEAR Inc. (RTLWUSB) Net  (03/27/2006 5.1213.06.0327)
"7-Zip" = 7-Zip 9.22beta
"94703D1C50646DF5FB8D0FB50EB2216330EB89C9" = Windows Driver Package - Atheros Communications Inc. (arusb_lh) Net  (09/25/2008 3.1.0.101)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"AI RoboForm" = avast! EasyPass
"Amazon Kindle For PC" = Amazon Kindle For PC v1.1
"Any Video Converter_is1" = Any Video Converter 3.2.2
"AV WebCam Morpher 2.0" = AV WebCam Morpher 2.0
"avast" = avast! Free Antivirus
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8
"Belkin Setup and Router Monitor_is1" = Belkin Setup and Router Monitor
"BitTorrent" = BitTorrent
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Christmas and New Year Frames Pack" = Christmas and New Year Frames Pack
"CleanUp!" = CleanUp!
"CNXT_AUDIO_HDA" = Conexant HD Audio
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.23
"DivX Setup.divx.com" = DivX Setup
"Empty Temp Folders 2.8.3" = Empty Temp Folders 2.8.3
"EPSON Scanner" = EPSON Scan
"EPSON TX110 Series" = EPSON TX110 Series Printer Uninstall
"Free RAR Extract Frog" = Free RAR Extract Frog
"Google Chrome" = Google Chrome
"InstallShield_{B2FB7DBA-CEEC-41F1-BC23-3323D96290F6}" = TOSHIBA Bulletin Board
"InstallShield_{B894522E-C079-4DC8-A305-30BA6E2F4459}" = TOSHIBA ReelTime
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"KLiteCodecPack_is1" = K-Lite Codec Pack 8.7.0 (Basic)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"ManyCam" = ManyCam 2.6.60 (remove only)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Photo Pos Pro" = Photo Pos Pro
"Photo Pos Pro Collage Templates Pack" = Photo Pos Pro Collage Templates Pack
"PhotoScape" = PhotoScape
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 2.1.0
"WildTangent toshiba Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WT088682" = Bejeweled 2 Deluxe
"WT088696" = Chuzzle Deluxe
"WT088702" = Plants vs. Zombies
"WT088703" = Build-a-lot 2
"WT088710" = Zuma's Revenge
"WT088739" = FATE
"WT088750" = Jewel Quest - Heritage
"WT088759" = Polar Bowler
"WT088760" = Virtual Villagers 4 - The Tree of Life
"WT088761" = Wheel of Fortune 2
"WTA-6f695138-56b8-49f3-890a-c062f26d5c86" = Ancient Tripeaks
"WTA-7d35efbb-593a-4305-bde6-b64189ec3607" = Word Symphony
"YTdetect" = Yahoo! Detect
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3894173187-2114546848-3451514324-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Smilebox" = Smilebox
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 5/4/2014 4:45:02 AM | Computer Name = LastXP22 | Source = .NET Runtime | ID = 1022
Description = 
 
Error - 5/5/2014 6:27:35 AM | Computer Name = LastXP22 | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.69.0 stopped interacting with Windows
 and was closed. To see if more information about the problem is available, check
 the problem history in the Action Center control panel.    Process ID: 14f0    Start Time:
 01cf6846cda5917b    Termination Time: 27    Application Path: C:\Users\sharon\Downloads\OTL.exe
 
Report
 Id: d2646f3d-d43f-11e3-b502-0016dd132787  
 
Error - 5/5/2014 10:49:04 AM | Computer Name = LastXP22 | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\TOSHIBA\flashcards\Hotkey\TCrdKBB.exe".
Dependent
 Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 5/6/2014 8:21:18 PM | Computer Name = LastXP22 | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\TOSHIBA\flashcards\Hotkey\TCrdKBB.exe".
Dependent
 Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 5/7/2014 6:51:06 AM | Computer Name = LastXP22 | Source = Google Update | ID = 20
Description = 
 
Error - 5/7/2014 9:49:47 AM | Computer Name = LastXP22 | Source = MsiInstaller | ID = 10005
Description = 
 
Error - 5/7/2014 9:49:47 AM | Computer Name = LastXP22 | Source = MsiInstaller | ID = 10005
Description = 
 
Error - 5/7/2014 9:33:19 PM | Computer Name = LastXP22 | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\TOSHIBA\flashcards\Hotkey\TCrdKBB.exe".
Dependent
 Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 5/8/2014 1:14:06 PM | Computer Name = LastXP22 | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\TOSHIBA\flashcards\Hotkey\TCrdKBB.exe".
Dependent
 Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 5/9/2014 11:08:57 AM | Computer Name = LastXP22 | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\TOSHIBA\flashcards\Hotkey\TCrdKBB.exe".
Dependent
 Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
[ System Events ]
Error - 5/7/2014 10:10:56 AM | Computer Name = LastXP22 | Source = Service Control Manager | ID = 7003
Description = The AVGIDSAgent service depends the following service: AVGIDSDriver.
 This service might not be installed.
 
Error - 5/7/2014 8:08:25 PM | Computer Name = LastXP22 | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:06:12 AM on ?8/?05/?2014 was unexpected.
 
Error - 5/7/2014 8:09:23 PM | Computer Name = LastXP22 | Source = ipnathlp | ID = 31004
Description = 
 
Error - 5/8/2014 7:33:12 AM | Computer Name = LastXP22 | Source = ipnathlp | ID = 31004
Description = 
 
Error - 5/8/2014 10:36:02 AM | Computer Name = LastXP22 | Source = Service Control Manager | ID = 7000
Description = The vToolbarUpdater15.5.0 service failed to start due to the following
 error:   %%2
 
Error - 5/8/2014 10:17:08 PM | Computer Name = LastXP22 | Source = EventLog | ID = 6008
Description = The previous system shutdown at 12:13:29 PM on ?9/?05/?2014 was unexpected.
 
Error - 5/8/2014 10:17:26 PM | Computer Name = LastXP22 | Source = Service Control Manager | ID = 7000
Description = The vToolbarUpdater15.5.0 service failed to start due to the following
 error:   %%2
 
Error - 5/9/2014 9:48:42 AM | Computer Name = LastXP22 | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:46:03 PM on ?9/?05/?2014 was unexpected.
 
Error - 5/9/2014 9:48:59 AM | Computer Name = LastXP22 | Source = Service Control Manager | ID = 7000
Description = The vToolbarUpdater15.5.0 service failed to start due to the following
 error:   %%2
 
Error - 5/9/2014 10:39:04 AM | Computer Name = LastXP22 | Source = ipnathlp | ID = 31004
Description = 
 
 
< End of report >
 

  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK a few orphans to remove now, how is the computer behaving ?

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    OTL_Fix.GIF
:Commands
[CREATERESTOREPOINT]

:OTL
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe -- (vToolbarUpdater15.5.0)
IE - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7102}: "URL" = http://search.jzip.c...q={searchTerms}
IE - HKU\S-1-5-21-3894173187-2114546848-3451514324-1004\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7102}: "URL" = http://search.jzip.c...q={searchTerms}
FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.order.1: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..extensions.enabledAddons: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.6.6
FF - prefs.js..extensions.enabledItems: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.5.0
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.2191
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {F53C93F1-07D5-430c-86D4-C9531B27DFAF}:12.0.0.2189
[2013/05/05 09:57:49 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No CLSID value found.
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22) 
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.) 

:Files
C:\Users\sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
C:\Users\sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
C:\Program Files\McAfee

:Commands
[resethosts]
[emptytemp]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#11
shaz

shaz

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 145 posts

hi, i did the scan........and log is below///my computer seems to be running better than how it was however it still tends to slow down here and there, esp while im trying to play a game and thats just games from facebook, doesnt happen all the time, probably not even anything to worry about...youve been so awesome with ur help, i really appreciate it

 

regards

 

sharon

 

 

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Service vToolbarUpdater15.5.0 stopped successfully!
Service vToolbarUpdater15.5.0 deleted successfully!
File C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7102}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A96AF9E-4074-43b7-BEA3-87217BDA7102}\ not found.
Registry key HKEY_USERS\S-1-5-21-3894173187-2114546848-3451514324-1004\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7102}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A96AF9E-4074-43b7-BEA3-87217BDA7102}\ not found.
Prefs.js: "Secure Search" removed from browser.search.defaultenginename
Prefs.js: "Secure Search" removed from browser.search.order.1
Prefs.js: "Secure Search" removed from browser.search.selectedEngine
Prefs.js: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.6.6 removed from extensions.enabledAddons
Prefs.js: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.5.0 removed from extensions.enabledItems
Prefs.js: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.2191 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 removed from extensions.enabledItems
Prefs.js: {F53C93F1-07D5-430c-86D4-C9531B27DFAF}:12.0.0.2189 removed from extensions.enabledItems
C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
========== FILES ==========
File\Folder C:\Users\sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho not found.
File\Folder C:\Users\sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla not found.
File\Folder C:\Program Files\McAfee not found.
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
[EMPTYTEMP]
 
User: Administrator
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 469 bytes
->Flash cache emptied: 57206 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: sharon
->Temp folder emptied: 611322231 bytes
->Temporary Internet Files folder emptied: 1605630 bytes
->Java cache emptied: 177779 bytes
->FireFox cache emptied: 80439759 bytes
->Google Chrome cache emptied: 199271786 bytes
->Flash cache emptied: 57195 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 12374452 bytes
RecycleBin emptied: 4396236425 bytes
 
Total Files Cleaned = 5,056.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 05132014_134738
 
Files\Folders moved on Reboot...
File move failed. C:\Users\sharon\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
File move failed. C:\windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\windows\temp\Low\SkypeClickToCall\Logs\AutoUpdateSvc.log scheduled to be moved on reboot.
File\Folder C:\windows\temp\TMP000000016CC9276A623E6B47 not found!
 
PendingFileRenameOperations files...
 
Registry entries deleted on Reboot...

  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

That is probably a consequence of download speed and the amount of RAM available

 

 

Subject to no further problems   :)

 

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems 

 

Now the best part of the day ----- Your log now appears clean  :thumbsup:

 

A good workman always cleans up after himself so..

The following will implement some cleanup procedures as well as reset  System Restore points:

 

Download and run Delfix

delfix.JPG

 

: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article and this article.
I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

 

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

 

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

CryptoPrevent.JPG

 

Malwarebytes.

 

Update and run weekly to keep your system clean

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

 

To learn more about how to protect yourself while on the internet read this little guide  Best security practices Keep safe  :wave:


  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics


Also tagged with one or more of these keywords: slow, win7, internet slow, toshiba satelite

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP