Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer slow, major lag loading programs [Solved]

Started by pparazorback , May 28 2014 02:10 PM

  • This topic is locked This topic is locked

#1
pparazorback
Posted 28 May 2014 - 02:10 PM

pparazorback

    Member

  • Member
  • PipPip
  • 48 posts

This desktop has started slowing to a complete snail pace most of the time.  Been a while since it has been cleaned off.  Now is the time to fix the issues.  

 

OTL log posted here.... 

 

OTL logfile created on: 5/28/2014 3:09:41 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Razor\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.99 Gb Total Physical Memory | 0.75 Gb Available Physical Memory | 37.54% Memory free
4.21 Gb Paging File | 2.18 Gb Available in Paging File | 51.74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140.68 Gb Total Space | 0.87 Gb Free Space | 0.62% Space Free | Partition Type: NTFS
Drive D: | 8.37 Gb Total Space | 3.54 Gb Free Space | 42.32% Space Free | Partition Type: NTFS
 
Computer Name: RAZOR-DESKTOP | User Name: Razor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/05/28 15:01:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Razor\Desktop\OTL.exe
PRC - [2014/05/21 17:10:29 | 001,176,632 | ---- | M] (Spotify Ltd) -- C:\Users\Razor\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014/05/08 20:40:44 | 033,312,680 | ---- | M] (Dropbox, Inc.) -- C:\Users\Razor\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014/04/28 13:18:52 | 001,261,576 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcupdate.exe
PRC - [2014/04/25 18:31:30 | 001,346,512 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\MSC\mcupdmgr.exe
PRC - [2014/04/25 18:29:38 | 000,145,568 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\McAPExe.exe
PRC - [2014/04/23 18:00:08 | 000,118,264 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2014/04/23 17:57:32 | 000,733,680 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\saUI.exe
PRC - [2014/04/22 02:12:00 | 000,596,480 | ---- | M] (NETGEAR Inc.) -- C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe
PRC - [2014/04/22 02:11:44 | 000,098,816 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe
PRC - [2014/04/07 18:50:49 | 001,238,616 | ---- | M] (BitTorrent Inc.) -- C:\Users\Razor\AppData\Roaming\BitTorrent\BitTorrent.exe
PRC - [2014/04/03 17:59:08 | 000,179,600 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2014/04/03 17:50:04 | 000,169,800 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2014/03/23 23:31:00 | 000,189,440 | ---- | M] (NETGEAR) -- C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe
PRC - [2014/03/18 08:41:42 | 000,655,936 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
PRC - [2014/02/09 20:00:28 | 000,055,320 | ---- | M] (theSideline.com, Inc.) -- C:\Program Files\theSideline.com\Turbo Tourney Pro 2014\tts2014.exe
PRC - [2014/01/17 14:56:50 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\realplayer\Update\realsched.exe
PRC - [2013/12/18 14:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/17 21:14:10 | 000,033,824 | ---- | M] () -- C:\Program Files\pcreg\pcreg.exe
PRC - [2013/10/05 14:43:33 | 000,310,352 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2013/09/11 11:55:58 | 000,499,384 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
PRC - [2013/08/14 16:19:58 | 000,233,048 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
PRC - [2013/08/14 16:19:24 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/07/30 11:44:36 | 000,281,560 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
PRC - [2013/07/03 15:54:36 | 005,271,040 | ---- | M] (Joyent, Inc) -- C:\Program Files\ATT\8.3.1.7\ma\bin\node.exe
PRC - [2013/07/03 15:54:36 | 000,321,024 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\ATT\8.3.1.7\ma\bin\MAHostService.exe
PRC - [2013/03/02 20:23:26 | 000,369,152 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Common Files\Motive\pcCMService.exe
PRC - [2013/02/12 22:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2013/02/09 09:44:32 | 000,055,320 | ---- | M] (theSideline.com, Inc.) -- C:\Program Files\theSideline.com\Turbo Tourney Pro 2013\tts2013.exe
PRC - [2012/10/08 18:04:18 | 000,166,912 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2010/08/23 10:11:28 | 000,206,240 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
PRC - [2009/11/13 07:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2009/11/13 07:31:12 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2009/11/01 21:30:00 | 002,508,104 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009/09/08 17:12:51 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/05/30 08:31:10 | 000,312,880 | ---- | M] (GRISOFT s.r.o.) -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
PRC - [2007/03/01 14:40:59 | 000,065,536 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
PRC - [2006/12/01 17:37:00 | 004,186,112 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/05/22 18:34:16 | 000,043,008 | ---- | M] () -- c:\Users\Razor\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpd83c2l.dll
MOD - [2014/04/28 21:44:04 | 001,360,384 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
MOD - [2014/04/25 04:25:36 | 005,992,960 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Map.dll
MOD - [2014/04/23 23:13:20 | 009,825,792 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Resource.dll
MOD - [2014/04/22 05:09:52 | 000,518,656 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\Genie.dll
MOD - [2014/04/22 02:11:44 | 000,098,816 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe
MOD - [2014/04/22 02:09:52 | 000,458,752 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
MOD - [2014/04/22 02:09:14 | 000,427,520 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
MOD - [2014/04/22 02:07:52 | 000,642,048 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\InnerPlugin_Update.dll
MOD - [2014/04/22 02:07:18 | 000,885,248 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Ui.dll
MOD - [2014/04/22 02:05:58 | 000,200,192 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
MOD - [2014/04/22 02:00:30 | 000,427,520 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
MOD - [2014/04/22 01:59:04 | 001,175,552 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
MOD - [2014/04/22 01:42:02 | 000,632,832 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Internet.dll
MOD - [2014/04/22 01:41:04 | 000,192,512 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Airprint.dll
MOD - [2014/04/16 01:12:34 | 001,554,944 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\SvtNetworkTool.dll
MOD - [2014/04/08 04:07:10 | 000,081,408 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\DiagnosePlugin.dll
MOD - [2014/04/08 04:06:48 | 000,143,360 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\DiagnoseDll.dll
MOD - [2014/03/24 00:08:18 | 000,046,080 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\WSetupApiPlugin.dll
MOD - [2014/03/23 23:33:36 | 000,068,608 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\QRCode.dll
MOD - [2014/03/23 23:33:24 | 000,144,896 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\DragonNetTool.dll
MOD - [2014/03/23 23:31:30 | 000,136,704 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\airprintdll.dll
MOD - [2014/03/23 23:31:22 | 000,066,560 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\WSetupDll.dll
MOD - [2014/03/23 23:31:14 | 000,074,240 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\NetcardApi.dll
MOD - [2014/03/23 23:31:06 | 000,072,192 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\SVTUtils.dll
MOD - [2014/01/20 14:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/01/20 14:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/01/02 21:09:26 | 003,610,624 | ---- | M] () -- C:\Users\Razor\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013/09/28 21:14:20 | 001,233,408 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\platforms\qwindows.dll
MOD - [2013/09/28 21:14:06 | 003,369,922 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\icuin51.dll
MOD - [2013/09/28 21:14:06 | 001,978,690 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\icuuc51.dll
MOD - [2013/09/28 21:14:04 | 022,378,434 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\icudt51.dll
MOD - [2013/09/28 21:13:48 | 000,989,805 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\libstdc++-6.dll
MOD - [2013/09/28 21:13:48 | 000,544,817 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
MOD - [2013/09/28 21:13:48 | 000,261,120 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\imageformats\qjpeg.dll
MOD - [2013/09/28 21:13:48 | 000,052,224 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\imageformats\qico.dll
MOD - [2013/09/28 21:13:48 | 000,051,200 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\imageformats\qgif.dll
MOD - [2013/09/28 21:13:48 | 000,046,080 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\imageformats\qsvg.dll
MOD - [2013/09/28 21:13:48 | 000,040,960 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\printsupport\windowsprintersupport.dll
MOD - [2013/08/23 15:01:44 | 025,100,288 | ---- | M] () -- C:\Users\Razor\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/02/12 22:38:06 | 000,100,688 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2013/02/12 22:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2012/11/29 05:56:00 | 003,332,720 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\drivers\libntgr_api.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2014/05/14 03:11:24 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/04/25 18:29:38 | 000,145,568 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\McAPExe.exe -- (McAPExe)
SRV - [2014/04/23 18:00:08 | 000,118,264 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2014/04/03 17:59:08 | 000,179,600 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2014/04/03 17:50:04 | 000,169,800 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2014/03/23 23:31:00 | 000,189,440 | ---- | M] (NETGEAR) [Auto | Running] -- C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe -- (NETGEARGenieDaemon)
SRV - [2014/03/18 08:41:42 | 000,655,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe -- (mfecore)
SRV - [2014/03/13 11:42:00 | 000,836,168 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Windows\temp\0047981400828322mcinst.exe -- (0047981400828322mcinstcleanup)
SRV - [2013/12/18 14:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/17 21:14:10 | 000,033,824 | ---- | M] () [Auto | Running] -- C:\Program Files\pcreg\pcreg.exe -- (pcregservice)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/08/14 16:19:24 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/08/02 17:50:58 | 000,471,592 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2013/07/30 11:44:36 | 000,281,560 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2013/07/30 11:44:36 | 000,281,560 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV - [2013/07/30 11:44:36 | 000,281,560 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2013/07/30 11:44:36 | 000,281,560 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2013/07/30 11:44:36 | 000,281,560 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV - [2013/07/03 15:54:36 | 000,321,024 | ---- | M] (Alcatel-Lucent) [Auto | Running] -- C:\Program Files\ATT\8.3.1.7\ma\bin\MAHostService.exe -- (ATT MAHostService)
SRV - [2013/03/02 20:23:26 | 000,369,152 | ---- | M] (Alcatel-Lucent) [Auto | Running] -- C:\Program Files\Common Files\Motive\pcCMService.exe -- (pcCMService)
SRV - [2012/10/08 18:04:18 | 000,166,912 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2009/11/13 07:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009/10/23 17:58:06 | 000,582,424 | ---- | M] (ParetoLogic Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\XoftSpySE\6\xoftspyservice.exe -- (XoftSpyService)
SRV - [2009/09/08 17:12:51 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/05/30 08:31:10 | 000,312,880 | ---- | M] (GRISOFT s.r.o.) [Auto | Running] -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe -- (AVG Anti-Spyware Guard)
SRV - [2007/03/01 14:40:59 | 000,065,536 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (mfencbdc02)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (mfencbdc01)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (mfehidk01)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (mfeavfk01)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\iSafe\iSafeNetFilter.sys -- (iSafeNetFilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (HipShieldK01)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2014/05/22 18:55:41 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2014/04/03 18:07:42 | 000,061,400 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2014/04/03 17:59:36 | 000,215,624 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2014/04/03 17:52:52 | 000,574,576 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2014/04/03 17:50:30 | 000,367,776 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2014/04/03 17:49:34 | 000,066,408 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2014/04/03 17:48:42 | 000,236,672 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2014/04/03 17:47:20 | 000,134,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2014/03/18 07:07:32 | 000,081,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfencrk.sys -- (mfencrk)
DRV - [2014/03/18 07:07:06 | 000,345,584 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfencbdc.sys -- (mfencbdc)
DRV - [2014/02/17 18:48:33 | 000,376,920 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2013/09/23 13:48:38 | 000,147,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HipShieldK.sys -- (HipShieldK)
DRV - [2013/03/24 10:01:19 | 000,033,112 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012/10/08 18:04:18 | 000,023,040 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010/02/02 16:09:42 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/02/02 16:09:42 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/06/10 03:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009/04/11 01:06:26 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan)
DRV - [2008/01/19 02:14:59 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007/06/29 10:11:02 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/20 04:28:38 | 000,267,264 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2007/05/30 08:10:42 | 000,011,000 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys -- (AVG Anti-Spyware Driver)
DRV - [2007/05/30 08:10:42 | 000,010,872 | ---- | M] (GRISOFT, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\AvgAsCln.sys -- (AvgAsCln)
DRV - [2007/02/27 12:39:26 | 000,032,256 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2007/02/12 17:55:56 | 000,075,776 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2006/11/02 03:30:56 | 002,589,184 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw2v32.sys -- (NETw2v32)
DRV - [2006/10/10 13:53:48 | 000,005,632 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2006/05/18 09:49:02 | 000,061,067 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2006/05/18 09:48:50 | 000,047,249 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2006/02/16 17:51:08 | 000,004,096 | R--- | M] (SuperAdBlocker, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2003/10/02 14:47:14 | 000,666,624 | ---- | M] (GlobespanVirata, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PRISMUSB.sys -- (PRISM_USB)
DRV - [2000/07/24 02:01:00 | 000,019,537 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\BRPAR.SYS -- (BrPar)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{F5102CF6-67BD-4317-8772-738C0D3B6CDC}: "URL" = http://www.google.co...Page={startPage}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.live.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {883E8446-C5A6-4031-BF7C-446B704DEFFA}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.condui...archTerms}=
IE - HKCU\..\SearchScopes\{347E9CD7-21C9-4B3A-892F-24686313828A}: "URL" = http://www.google.co...&rlz=1I7WQIB_en
IE - HKCU\..\SearchScopes\{883E8446-C5A6-4031-BF7C-446B704DEFFA}: "URL" = http://search.yahoo....&p={SearchTerms}
IE - HKCU\..\SearchScopes\{F5102CF6-67BD-4317-8772-738C0D3B6CDC}: "URL" = http://www.google.co...Page={startPage}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49308;https=127.0.0.1:49308
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1206147.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@GamingWonderland.com/Plugin: C:\Program Files\GamingWonderland\bar\1.bin\NPgtStub.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=2.5: C:\Program Files\Virtual Earth 3D\ [2008/10/23 09:15:48 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=3.0: C:\Program Files\Virtual Earth 3D\ [2008/10/23 09:15:48 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\ATT\8.3.1.7\ma\bin\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@Motive.com/npMotiveRequest,version=1.0: C:\Program Files\Common Files\Motive\npMotiveRequest.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1:  File not found
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\Razor\AppData\Local\Roblox\Versions\version-890fab9e68e74869\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine:  File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2014/05/22 18:28:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\GamingWonderland\bar\1.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/08/21 16:16:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2014/01/17 14:58:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014/01/17 14:58:25 | 000,000,000 | ---D | M]
 
[2008/12/24 22:12:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Razor\AppData\Roaming\Mozilla\Extensions
[2008/12/24 22:12:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Razor\AppData\Roaming\Mozilla\Extensions\[email protected]
[2013/12/03 16:00:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Razor\AppData\Roaming\Mozilla\Firefox\extensions
[2012/01/23 12:57:13 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Razor\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2013/10/14 16:51:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/09/01 12:45:11 | 000,000,000 | ---D | M] (Define Ext) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
 
========== Chrome  ==========
 
CHR - default_search_provider: McAfee (Enabled)
CHR - default_search_provider: search_url = http://search.yahoo....&p={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://www.facebook.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.57\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files\GamingWonderland\bar\1.bin\NPgtStub.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U21 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
CHR - plugin: Unity Player (Enabled) = C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Roblox Launcher Plugin (Enabled) = C:\Users\Razor\AppData\Local\Roblox\Versions\version-1ff4978f36a64477\\NPRobloxProxy.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Java Deployment Toolkit 7.0.210.11 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Docs = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Docs = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\
CHR - Extension: No name found = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbjjbdgnlnmehndlhdamcghmfijhpbaf\5.0.0.0_0\
CHR - Extension: Battlefield Heroes = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.203.0_0\
CHR - Extension: Motive Extension = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\edmgmpmklgfbohogafcfobonnkogchec\1.1_0\
CHR - Extension: SiteAdvisor = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\1.65.118.5_0\
CHR - Extension: SiteAdvisor = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_0\
CHR - Extension: SiteAdvisor = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_1\
CHR - Extension: SiteAdvisor = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.3.1241_0\
CHR - Extension: SiteAdvisor = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.3.1271_0\
CHR - Extension: SiteAdvisor = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.4.1311_0\
CHR - Extension: SiteAdvisor = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.4.1311_1\
CHR - Extension: SiteAdvisor = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.65.135.1_0\
CHR - Extension: SiteAdvisor = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.65.135.1_1\
CHR - Extension: SiteAdvisor = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.65.135.1_2\
CHR - Extension: SiteAdvisor = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.65.135.1_3\
CHR - Extension: SiteAdvisor = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.65.135.1_4\
CHR - Extension: SiteAdvisor = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.65.135.1_5\
CHR - Extension: SiteAdvisor = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.65.135.1_6\
CHR - Extension: RealDownloader = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0\
CHR - Extension: SlingPlayer for DISH Anywhere = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcnpmlegoehfgohpkmjhpohjchokamnn\2.0.0.26_0\
CHR - Extension: SlingPlayer for DISH Anywhere = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcnpmlegoehfgohpkmjhpohjchokamnn\2.4.0.72_0\
CHR - Extension: SlingPlayer for DISH Anywhere = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcnpmlegoehfgohpkmjhpohjchokamnn\2.4.0.77_0\
CHR - Extension: SlingPlayer for DISH Anywhere = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcnpmlegoehfgohpkmjhpohjchokamnn\2.4.0.89_0\
CHR - Extension: Value apps = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.6.1.1_0\
CHR - Extension: Value apps = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.6.1.1_1\
CHR - Extension: Value apps = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\
CHR - Extension: FastestFox for Chrome = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\5.7.1_0\
CHR - Extension: FastestFox for Chrome = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\8.0.4_0\
CHR - Extension: FastestFox for Chrome = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\8.0.5_0\
CHR - Extension: FastestFox for Chrome = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\8.0.6_0\
CHR - Extension: FastestFox for Chrome = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\8.0.7_0\
CHR - Extension: FastestFox for Chrome = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\8.0.8_0\
CHR - Extension: FastestFox for Chrome = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\8.0.9_0\
CHR - Extension: Google Wallet = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Google Wallet = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Google Wallet = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\
CHR - Extension: Google Wallet = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Google Wallet = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Google Wallet = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
 
O1 HOSTS File: ([2014/01/17 02:21:04 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Value Apps plugin) - {F63AAEDC-3602-49EF-AA45-262380A98980} - C:\Users\Razor\AppData\Roaming\ValueApps\IE\MonPrx.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [pcreg] C:\Program Files\pcreg\service.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [BitTorrent] C:\Users\Razor\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc.)
O4 - HKCU..\Run: [NETGEARGenie] C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe (NETGEAR Inc.)
O4 - HKCU..\Run: [pcreg] C:\Program Files\pcreg\service.exe ()
O4 - HKCU..\Run: [Spotify] C:\Users\Razor\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Razor\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKCU..\Run: [Xvid] C:\Program Files\XviD\CheckUpdate.exe ()
O4 - HKCU..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Users\Razor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Razor\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B91B512A-5EE2-4EAC-AF4C-D552AAD3D150}: DhcpNameServer = 10.0.0.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Razor\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Razor\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {57B86673-276A-48B2-BAE7-C6DBB3020EB8} - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll (GRISOFT s.r.o.)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {88485281-8b4b-4f8d-9ede-82e29a064277} - C:\Program Files\MarkAny\ContentSafer\MACSMANAGER.dll (MarkAny Cooperation.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/05/28 15:01:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Razor\Desktop\OTL.exe
[2014/05/27 17:36:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2014/05/21 17:10:35 | 000,000,000 | ---D | C] -- C:\Users\Razor\AppData\Local\Spotify
[2014/05/21 17:09:24 | 000,000,000 | ---D | C] -- C:\Users\Razor\AppData\Roaming\Spotify
[2014/05/14 03:14:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2007/06/18 20:44:01 | 000,488,144 | ---- | C] (Soeperman Enterprises Ltd                                   ) -- C:\Users\Razor\HJTsetup.exe
 
========== Files - Modified Within 30 Days ==========
 
[2014/05/28 15:16:06 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf6a5a79a681f0.job
[2014/05/28 15:10:03 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/28 15:01:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Razor\Desktop\OTL.exe
[2014/05/28 14:31:23 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/28 14:31:23 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/28 00:31:54 | 000,052,599 | ---- | M] () -- C:\Users\Razor\Desktop\00S0S_2tuwGI374nu_600x450.jpg
[2014/05/27 22:18:13 | 000,000,270 | ---- | M] () -- C:\Windows\tasks\pcreg.job
[2014/05/27 21:31:38 | 000,000,406 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Razor.job
[2014/05/27 21:18:13 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At1.job
[2014/05/27 21:16:01 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/26 12:45:14 | 000,001,003 | ---- | M] () -- C:\Users\Razor\Desktop\ROBLOX Studio 2013.lnk
[2014/05/22 18:55:47 | 000,001,831 | ---- | M] () -- C:\Users\Public\Desktop\NETGEAR Genie.lnk
[2014/05/22 18:55:41 | 000,281,104 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\System32\wpcap.dll
[2014/05/22 18:55:41 | 000,096,784 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\System32\packet.dll
[2014/05/22 18:55:41 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\System32\drivers\npf.sys
[2014/05/22 18:29:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/22 18:28:57 | 2136,227,840 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/21 17:10:33 | 000,001,754 | ---- | M] () -- C:\Users\Razor\Desktop\Spotify.lnk
[2014/05/11 21:13:52 | 000,000,994 | ---- | M] () -- C:\Users\Razor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/05/11 21:13:27 | 000,000,962 | ---- | M] () -- C:\Users\Razor\Desktop\Dropbox.lnk
[2014/05/10 15:13:38 | 000,002,305 | ---- | M] () -- C:\Users\Razor\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
 
========== Files Created - No Company Name ==========
 
[2014/05/28 00:32:08 | 000,052,599 | ---- | C] () -- C:\Users\Razor\Desktop\00S0S_2tuwGI374nu_600x450.jpg
[2014/05/21 17:10:34 | 000,001,740 | ---- | C] () -- C:\Users\Razor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2014/05/21 17:10:33 | 000,001,754 | ---- | C] () -- C:\Users\Razor\Desktop\Spotify.lnk
[2014/05/07 21:11:43 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf6a5a79a681f0.job
[2014/03/23 13:47:14 | 000,138,056 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2014/03/23 13:47:12 | 000,138,056 | ---- | C] () -- C:\Users\Razor\AppData\Roaming\PnkBstrK.sys
[2014/03/23 13:46:42 | 000,234,768 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2014/03/23 13:46:26 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2013/09/01 12:48:26 | 000,000,258 | RHS- | C] () -- C:\Users\Razor\ntuser.pol
[2013/08/21 16:07:33 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2013/08/21 16:07:33 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2012/10/20 15:37:37 | 000,000,680 | ---- | C] () -- C:\Users\Razor\AppData\Local\d3d9caps.dat
[2011/04/27 08:53:27 | 000,009,806 | -HS- | C] () -- C:\Users\Razor\AppData\Local\18o18nm6b8nty5e
[2011/04/27 08:53:27 | 000,009,806 | -HS- | C] () -- C:\ProgramData\18o18nm6b8nty5e
[2010/09/03 21:33:01 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/11/18 13:04:41 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/11/05 14:02:53 | 000,000,000 | ---- | C] () -- C:\Users\Razor\AppData\Roaming\wklnhst.dat
[2009/04/19 15:00:09 | 000,037,189 | ---- | C] () -- C:\Users\Razor\ (2)
[2007/04/02 01:04:00 | 000,084,992 | ---- | C] () -- C:\Users\Razor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006/11/02 08:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 09:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 02:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013/08/31 12:48:35 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\.minecraft
[2014/05/28 16:01:14 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\BitTorrent
[2013/01/28 15:04:04 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Canon
[2011/05/12 07:02:02 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Catalina Marketing Corp
[2013/12/25 19:17:03 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\com.hwp.HWPLauncher
[2014/01/17 03:47:34 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\ConverterLite
[2008/11/08 16:48:58 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\DataCast
[2014/05/22 18:39:09 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Dropbox
[2014/05/22 18:39:03 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\DropboxMaster
[2014/01/17 21:02:12 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\eCyber
[2007/06/18 22:33:04 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Grisoft
[2014/01/17 23:53:01 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\iSafe
[2013/04/20 05:49:41 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\LimeWire
[2008/07/13 14:47:28 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\MusicNet
[2007/04/02 19:49:50 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\SampleView
[2013/11/27 18:55:24 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Sling Media
[2011/03/05 14:36:02 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Smilebox
[2008/01/22 11:00:34 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\SpinTop
[2014/05/28 02:53:23 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Spotify
[2009/11/05 14:02:52 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Template
[2011/03/18 18:18:14 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\theSideline.com
[2008/12/24 22:03:58 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\TomTom
[2008/07/14 19:08:45 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\TuxPaint
[2007/06/13 21:15:52 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Uniblue
[2013/08/10 16:09:04 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Unity
[2014/03/21 22:19:59 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\ValueApps
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:373E1720

< End of report >


  • 0

Advertisements

#2
pparazorback
Posted 28 May 2014 - 02:14 PM

pparazorback

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts

OTL Extras logfile created on: 5/28/2014 3:09:41 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Razor\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.99 Gb Total Physical Memory | 0.75 Gb Available Physical Memory | 37.54% Memory free
4.21 Gb Paging File | 2.18 Gb Available in Paging File | 51.74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140.68 Gb Total Space | 0.87 Gb Free Space | 0.62% Space Free | Partition Type: NTFS
Drive D: | 8.37 Gb Total Space | 3.54 Gb Free Space | 42.32% Space Free | Partition Type: NTFS
 
Computer Name: RAZOR-DESKTOP | User Name: Razor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.com [@ = comfile] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-4088311119-3222570682-2067231866-1000]
"EnableNotificationsRef" = 2
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-4088311119-3222570682-2067231866-500]
"EnableNotificationsRef" = 2
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe" = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe:*:Enabled:Yahoo! Music Jukebox -- (Yahoo! Inc.)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4C270504-F695-403A-9C7A-FA4BA7AEC8D1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4DF0CF28-24F7-4B1A-8D84-D5FA5D21336A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{57D5A1E3-EF2F-476A-AA37-1DF7C2F4F3D2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9960FCAA-9536-46BE-9972-0E75DBE368A9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{99B44589-21C6-4049-954A-62D0CAA9ED8C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C5232B0C-33BD-4E58-BF97-1CB018EABFAE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D4AB9282-2060-4034-915B-BCF94BC1CB86}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E73AF05D-E31F-4F6F-9A01-4D299DEA06AC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FB1B916D-41B2-4340-AD2B-1EFB00ED0B9D}" = lport=10243 | protocol=6 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09C11065-0662-40C8-94DE-C2DEAEEEBA3C}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{15CEED24-6512-44E7-A8D2-676E99DACEC7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{15FEF974-572E-4249-8054-9167AF70DA56}" = protocol=6 | dir=in | app=c:\program files\yahoo!\yahoo! music jukebox\yahoomusicengine.exe |
"{19043577-9931-4353-93FB-23EBB72092D3}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{195E6CC5-390C-4CD7-A402-D6660D1F9C57}" = protocol=6 | dir=in | app=c:\users\jeanne\appdata\roaming\dropbox\bin\dropbox.exe |
"{1DB28A72-FE83-40C2-993B-7C0EFC820F17}" = protocol=6 | dir=in | app=c:\users\razor\appdata\roaming\dropbox\bin\dropbox.exe |
"{22F3E449-BBCF-4790-B766-F07341D793C6}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{28EF2EF2-6CED-48C5-8F61-A03D0FA30BAB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2AEF19CB-0383-4C85-B968-B906D95422F7}" = protocol=6 | dir=out | app=system |
"{2B75A8B2-A704-4729-B01C-B7B85AAA7796}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{33E80883-7DF2-48DD-8A6C-A2A8E421A9A1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{38D07F99-189C-4C61-9B7E-80D9A3C75258}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3C949BB3-F604-40B4-A13C-CBD8E1FF2917}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{4026DAA1-797D-4CC3-80F2-E685AFFE4A82}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{439B8EE5-B563-4C4F-95BF-E64DAA4AE2BB}" = protocol=17 | dir=in | app=c:\users\razor\appdata\roaming\bittorrent\bittorrent.exe |
"{4482A106-217B-4E58-AB1D-D5E657F56F9A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{50E83300-044D-4F6A-B681-413E8C1E0534}" = dir=out | app=c:\program files\pcreg\pcreg.exe |
"{582B6D52-F5DB-46A4-B216-F87C63582F15}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{60CD9C8E-9097-47EE-A8F1-B045948C1BB1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6F51B2CD-15B5-4497-80F1-52BFC9FAAD5D}" = dir=out | app=c:\program files\pcreg\service.exe |
"{6F89DC0A-6187-4618-AEB4-BDECDECED1D1}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{7077CF78-32F5-488A-831D-210CB27D131B}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{79A6B89A-76C7-4139-89B7-3A0919953114}" = protocol=17 | dir=in | app=c:\program files\yahoo!\yahoo! music jukebox\yahoomusicengine.exe |
"{7D022B07-4369-45C1-AC5C-C64AEFD0DB15}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{81F366B4-97A1-4691-9E66-8327A99E5B6F}" = dir=in | app=c:\program files\pcreg\service.exe |
"{8DCC54F9-38F4-4E92-8AB4-8C111E4E15D3}" = protocol=6 | dir=in | app=c:\users\razor\appdata\roaming\bittorrent\bittorrent.exe |
"{9283449E-945E-4A76-91FF-33F94C1F8B2C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{93A540CD-A6F8-487E-9EF7-A17FE7731C05}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{97C23EC9-A563-41F9-A741-520B89B96E93}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{98ADC1BB-3C86-4C1A-A774-62B4F8D7AB79}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{9F194642-9856-422D-A60C-7D85788F0E84}" = protocol=17 | dir=in | app=c:\users\jeanne\appdata\roaming\dropbox\bin\dropbox.exe |
"{A5008ED9-E5AE-4473-A0A3-7580EBD22BC0}" = protocol=6 | dir=in | app=c:\users\razor\appdata\local\temp\~os45a8.tmp\rlvknlg.exe |
"{A9B1126F-04A9-45C2-ADA4-6B8D44657642}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AA1A0E37-7D56-44F4-BE14-D9B601C10818}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{AA89D3F4-9945-483A-9488-012ED8B11CD6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B5F0FBB4-45D9-42BC-A5EF-0FA25DBDD163}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{B661FE8C-355C-41AB-901F-B8520C195B76}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{B898AE2D-1F22-49B4-B0CF-F07D74F732D2}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{BD683A56-FCBE-4F74-B29F-5DFA858944FC}" = protocol=17 | dir=in | app=c:\users\razor\appdata\roaming\dropbox\bin\dropbox.exe |
"{C1CDD461-4817-49FC-B3FE-22134EAC394B}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{C26D4A32-EEBC-41C7-AA4D-8E1EE8C2D8FD}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{C5D0226F-4317-40D8-A6BC-7BAF20595BEE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CEE7B7FD-97AF-4DF7-9E10-A21EDB62AC4C}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{D372F738-61F1-44B7-A5E9-AFC8F10A0D63}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{D7739684-CD51-4412-AD9F-9A72142EAEC1}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{D7A98769-F013-47A1-AB2B-E8A8B08584E5}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{D7BCB8A6-639B-45B7-BAAE-357A95B2AF0E}" = protocol=6 | dir=in | app=c:\users\razor\appdata\roaming\dropbox\bin\dropbox.exe |
"{DB09EFF2-873A-434A-BDE4-67F103CB397C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E0A25A95-E212-400F-B0DA-E9EF93FBA968}" = protocol=17 | dir=in | app=c:\users\razor\appdata\roaming\dropbox\bin\dropbox.exe |
"{E0D8B187-94FE-4AD8-8DBB-7C32AF95F543}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E34B4A22-27E3-4937-A05C-2650DF259A53}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E3F50A2B-9836-47A5-88EB-21F3A0B13AF2}" = dir=in | app=c:\program files\pcreg\pcreg.exe |
"{E4581231-0BFD-41BA-B87D-A3E0BB95C9E7}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{F0200352-D9EA-4D2E-9CBC-5A148EBE9C0F}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{FA833DC1-4768-4A59-B9D8-C702C7EFECDC}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series" = Canon MX340 series MP Drivers
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D47FA1-0440-48D3-A7E0-DA09537FF471}" = Apple Mobile Device Support
"{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}" = Shared C Run-time for x86
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}" = ROBLOX Studio 2013
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}" = iTunes
"{369C797D-ABE4-42A7-8904-D914C679AB20}" = Brother HL-3070CW
"{373B1718-8CC5-4567-8EE2-9033AD08A680}" = ROBLOX Player
"{3CCB26F5-E2A7-4C91-8340-9149D7B7C2BE}" = Virtual Earth 3D (Beta)
"{3E4097DA-F6B7-4B3A-86B8-8F64D87650A7}_is1" = MountMusket Battalion
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{44C05309-60F4-410B-BC32-31733CFF1A41}" = Microsoft Digital Image Starter Edition 2006 Editor
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BB05099-1963-4268-A3BB-9153964750ED}" = XoftSpySE
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{4FE542EB-FF0B-4739-94DD-25C8AE0AB251}" = Microsoft Digital Image Starter Edition 2006 Library
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{56AB063D-1450-4BDE-9F0D-E9C693429C51}" = netbrdg
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65D85050-5610-4A91-A3B1-D5C744291AD4}" = PCDADDIN
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{6965F2F4-1CD2-4F42-A8EF-9EF433F9AA72}" = IPTInstaller
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79BD66B2-4DAE-4C3B-B08E-DC72E507C163}" = iCloud
"{7F3BCF8A-8E02-4659-AF25-F9AB66BD6718}" = eMachines Recovery Center Installer
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A6EE18D-6E84-43C3-8301-55ED2CF2651A}" = Turbo Tourney Pro 2011
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D210D79-AEC5-453B-960C-4DD2C73931E1}" = Bonjour Print Services
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}" = Apple Application Support
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.10)
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B0EFB345-0789-4A94-8178-DF247F4A20AB}" = Turbo Tourney Pro 2013
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}" = Digital Media Reader
"{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = Samsung Media Studio
"{C7CFF475-B3B9-4F22-9FF8-E0D03BF362C0}" = Turbo Tourney Pro 2014
"{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}" = RealDownloader
"{C99DCDA4-7407-4F72-A77E-C81C551D0C4E}" = PCDHELP
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}" = Updater
"{D7CA2DF8-95CE-4C80-9296-98E21219A1E5}}_is1" = BovadaPoker
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{E08EC542-BC5F-4F26-BBB9-E426BA007A31}" = OneTouch USB Driver
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{EC3B8CA2-49B8-4D38-BE9C-ABD0F6029168}" = Yahoo! Music Jukebox
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}" = PL-2303 Vista Driver Installer
"{EEF896B2-00F8-4AA2-864B-770B7BBEA7CA}" = Turbo Tourney Pro 2012
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FA4C2D53-205F-4245-9717-F3761154824D}" = Safari
"{FDF9943A-3D5C-46B3-9679-586BD237DDEE}" = SKIN0001
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF262740-C85A-11D5-BBEC-00D0B740900A}" = PS2 Multimedia Keyboard Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AC3Filter_is1" = AC3Filter 2.6.0b
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"ATT-ATT Management Agent" = ATT Management Agent
"AVG SafeGuard toolbar" = AVG SafeGuard toolbar
"AVGAntiSpyware75" = AVG Anti-Spyware 7.5
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"Browsersafeguard" = BrowserSafeguard
"Canon MX340 series User Registration" = Canon MX340 series User Registration
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"Christmasville" = Christmasville
"CNXT_MODEM_PCI_HSF" = Soft Data Fax Modem with SmartCP
"ConverterLite" = ConverterLite 1.6.0
"CutePDF Writer Installation" = CutePDF Writer 2.7
"Disney Pirates of the Caribbean Online" = Disney Pirates of the Caribbean Online
"DivX Setup" = DivX Setup
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ERUNT_is1" = ERUNT 1.1j
"ezManagerMax 2.0.14" = ezManagerMax 2.0.14
"FTDICOMM" = FTDI USB Serial Converter Drivers
"GamingWonderlandbar Uninstall" = GamingWonderland Toolbar
"Google Chrome" = Google Chrome
"HDMI" = Intel® Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"Hog Wild Poker 4.4" = Hog Wild Poker
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}" = Digital Media Reader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MP Navigator EX 3.1" = Canon MP Navigator EX 3.1
"MSC" = McAfee AntiVirus Plus
"NETGEAR Genie" = NETGEAR Genie
"NSS" = Norton Security Scan
"OfotoEZUpload" = KODAK EASYSHARE Gallery Upload ActiveX Control
"PictureItSuiteTrial_v12" = Microsoft Digital Image Starter Edition 2006
"PokerStars" = PokerStars
"PROSet" = Intel® PRO Network Connections Drivers
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 16.0" = RealPlayer
"Revo Uninstaller" = Revo Uninstaller 1.94
"Speed Dial Utility" = Canon Speed Dial Utility
"SpongeBob SquarePants" = SpongeBob SquarePants® Operation Krabby Patty
"SpywareBlaster_is1" = SpywareBlaster v3.5.1
"TomTom HOME" = TomTom HOME 2.7.3.1894
"Tux Paint_is1" = Tux Paint 0.9.20
"UnityWebPlayer" = Unity Web Player
"ValueApps" = ValueApps
"WT017695" = Bejeweled 2 Deluxe
"WT017905" = Penguins!
"WT017925" = Polar Bowler
"WT017935" = Polar Golfer
"WT017975" = SCRABBLE
"WT018015" = Tradewinds
"Xvid Video Codec 1.3.2" = Xvid Video Codec
"Yahoo! Extras" = Yahoo! Browser Services
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"YTdetect" = Yahoo! Detect
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}" = ROBLOX Studio 2013 for Razor
"{373B1718-8CC5-4567-8EE2-9033AD08A680}" = ROBLOX Player for Razor
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free (Razor)
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"BitTorrent" = BitTorrent
"Dropbox" = Dropbox
"Smilebox" = Smilebox
"Spotify" = Spotify
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 5/22/2014 6:00:59 PM | Computer Name = Razor-Desktop | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Unexpected conflict discarding   21 2.0.0.10.in-addr.arpa.
 PTR Razor-Desktop.local.
 
Error - 5/22/2014 6:01:36 PM | Computer Name = Razor-Desktop | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Received from 10.0.0.2:5353   23 2.0.0.10.in-addr.arpa.
 PTR Razor-Desktop-2.local.
 
Error - 5/22/2014 6:01:36 PM | Computer Name = Razor-Desktop | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Unexpected conflict discarding   21 2.0.0.10.in-addr.arpa.
 PTR Razor-Desktop.local.
 
Error - 5/22/2014 6:08:53 PM | Computer Name = Razor-Desktop | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Received from 10.0.0.2:5353   23 2.0.0.10.in-addr.arpa.
 PTR Razor-Desktop-2.local.
 
Error - 5/22/2014 6:08:53 PM | Computer Name = Razor-Desktop | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Unexpected conflict discarding   21 2.0.0.10.in-addr.arpa.
 PTR Razor-Desktop.local.
 
Error - 5/22/2014 6:19:25 PM | Computer Name = Razor-Desktop | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Received from 10.0.0.2:5353   23 2.0.0.10.in-addr.arpa.
 PTR Razor-Desktop-2.local.
 
Error - 5/22/2014 6:19:25 PM | Computer Name = Razor-Desktop | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Unexpected conflict discarding   21 2.0.0.10.in-addr.arpa.
 PTR Razor-Desktop.local.
 
Error - 5/22/2014 6:35:41 PM | Computer Name = Razor-Desktop | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Received from 10.0.0.2:5353   23 2.0.0.10.in-addr.arpa.
 PTR Razor-Desktop-2.local.
 
Error - 5/22/2014 6:35:41 PM | Computer Name = Razor-Desktop | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Unexpected conflict discarding   21 2.0.0.10.in-addr.arpa.
 PTR Razor-Desktop.local.
 
Error - 5/22/2014 6:37:36 PM | Computer Name = Razor-Desktop | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe".
Dependent
 Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"
could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
[ System Events ]
Error - 5/25/2014 5:12:23 PM | Computer Name = Razor-Desktop | Source = DCOM | ID = 10010
Description =
 
Error - 5/25/2014 5:15:44 PM | Computer Name = Razor-Desktop | Source = DCOM | ID = 10010
Description =
 
Error - 5/25/2014 5:16:22 PM | Computer Name = Razor-Desktop | Source = DCOM | ID = 10010
Description =
 
Error - 5/26/2014 1:54:34 PM | Computer Name = Razor-Desktop | Source = Service Control Manager | ID = 7034
Description =
 
Error - 5/27/2014 5:21:19 PM | Computer Name = Razor-Desktop | Source = Service Control Manager | ID = 7031
Description =
 
Error - 5/27/2014 5:22:22 PM | Computer Name = Razor-Desktop | Source = Service Control Manager | ID = 7009
Description =
 
Error - 5/27/2014 5:22:22 PM | Computer Name = Razor-Desktop | Source = Service Control Manager | ID = 7000
Description =
 
Error - 5/27/2014 5:25:56 PM | Computer Name = Razor-Desktop | Source = DCOM | ID = 10010
Description =
 
Error - 5/27/2014 5:26:30 PM | Computer Name = Razor-Desktop | Source = DCOM | ID = 10010
Description =
 
Error - 5/27/2014 5:30:08 PM | Computer Name = Razor-Desktop | Source = DCOM | ID = 10010
Description =
 
 
< End of report >
 


  • 0

#3
pparazorback
Posted 28 May 2014 - 02:38 PM

pparazorback

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts

FYI - I noticed the log showed my HD was almost full.  I did a quick cleaning to remove a lot of old documents, pictures, etc... and now have over 15.6 GB free.  I did not remove any programs.


Edited by pparazorback, 28 May 2014 - 02:49 PM.

  • 0

#4
Essexboy
Posted 01 June 2014 - 04:59 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there, sorry for the delay

I notice that you have AVG, McAfee and Norton antivirus on your system. Which is your main one as the other two will need to be removed

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    OTL_Fix.GIF
:Commands
[CREATERESTOREPOINT]

:OTL
SRV - [2013/12/17 21:14:10 | 000,033,824 | ---- | M] () [Auto | Running] -- C:\Program Files\pcreg\pcreg.exe -- (pcregservice)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\iSafe\iSafeNetFilter.sys -- (iSafeNetFilter)
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.condui...archTerms}=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49308;https=127.0.0.1:49308
FF - HKLM\Software\MozillaPlugins\@GamingWonderland.com/Plugin: C:\Program Files\GamingWonderland\bar\1.bin\NPgtStub.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\GamingWonderland\bar\1.bin
[2013/09/01 12:45:11 | 000,000,000 | ---D | M] (Define Ext) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
O4 - HKLM..\Run: [pcreg] C:\Program Files\pcreg\service.exe ()
O4 - HKCU..\Run: [pcreg] C:\Program Files\pcreg\service.exe ()
[2014/05/27 22:18:13 | 000,000,270 | ---- | M] () -- C:\Windows\tasks\pcreg.job
[2011/04/27 08:53:27 | 000,009,806 | -HS- | C] () -- C:\Users\Razor\AppData\Local\18o18nm6b8nty5e
[2011/04/27 08:53:27 | 000,009,806 | -HS- | C] () -- C:\ProgramData\18o18nm6b8nty5e
[2011/05/12 07:02:02 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Catalina Marketing Corp
[2014/01/17 23:53:01 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\iSafe

:Files
C:\Program Files\GamingWonderland
C:\Program Files\pcreg

:Commands
[resethosts]
[emptytemp]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

  • 0

#5
pparazorback
Posted 01 June 2014 - 05:37 PM

pparazorback

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
OTL logfile created on: 6/1/2014 7:42:10 AM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Razor\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.99 Gb Total Physical Memory | 0.61 Gb Available Physical Memory | 30.76% Memory free
4.21 Gb Paging File | 2.70 Gb Available in Paging File | 64.21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140.68 Gb Total Space | 30.12 Gb Free Space | 21.41% Space Free | Partition Type: NTFS
Drive D: | 8.37 Gb Total Space | 3.54 Gb Free Space | 42.33% Space Free | Partition Type: NTFS
 
Computer Name: RAZOR-DESKTOP | User Name: Razor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/05/28 15:01:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Razor\Desktop\OTL.exe
PRC - [2014/05/21 17:10:29 | 001,176,632 | ---- | M] (Spotify Ltd) -- C:\Users\Razor\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014/05/19 20:45:22 | 033,322,312 | ---- | M] (Dropbox, Inc.) -- C:\Users\Razor\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014/04/25 18:29:38 | 000,145,568 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\McAPExe.exe
PRC - [2014/04/23 18:00:08 | 000,118,264 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2014/04/23 17:57:32 | 000,733,680 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\saUI.exe
PRC - [2014/04/23 17:49:52 | 000,383,504 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McChHost.exe
PRC - [2014/04/22 02:12:00 | 000,596,480 | ---- | M] (NETGEAR Inc.) -- C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe
PRC - [2014/04/22 02:11:44 | 000,098,816 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe
PRC - [2014/04/03 17:59:08 | 000,179,600 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2014/04/03 17:50:04 | 000,169,800 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2014/03/23 23:31:00 | 000,189,440 | ---- | M] (NETGEAR) -- C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe
PRC - [2014/03/18 08:41:42 | 000,655,936 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
PRC - [2014/02/09 20:00:28 | 000,055,320 | ---- | M] (theSideline.com, Inc.) -- C:\Program Files\theSideline.com\Turbo Tourney Pro 2014\tts2014.exe
PRC - [2014/01/17 14:56:50 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\realplayer\Update\realsched.exe
PRC - [2013/12/18 14:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/11/14 07:29:33 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/09/11 11:55:58 | 000,499,384 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
PRC - [2013/08/14 16:19:24 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/07/30 11:44:36 | 000,281,560 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
PRC - [2013/07/03 15:54:36 | 005,271,040 | ---- | M] (Joyent, Inc) -- C:\Program Files\ATT\8.3.1.7\ma\bin\node.exe
PRC - [2013/07/03 15:54:36 | 000,321,024 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\ATT\8.3.1.7\ma\bin\MAHostService.exe
PRC - [2013/03/02 20:23:26 | 000,369,152 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Common Files\Motive\pcCMService.exe
PRC - [2013/02/12 22:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2012/10/08 18:04:18 | 000,166,912 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2010/08/23 10:11:28 | 000,206,240 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
PRC - [2009/11/13 07:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2009/11/01 21:30:00 | 002,508,104 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009/09/08 17:12:51 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/03/01 14:40:59 | 000,065,536 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
PRC - [2006/12/01 17:37:00 | 004,186,112 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/06/01 07:32:11 | 000,043,008 | ---- | M] () -- c:\Users\Razor\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbts9qq.dll
MOD - [2014/04/28 21:44:04 | 001,360,384 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
MOD - [2014/04/25 04:25:36 | 005,992,960 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Map.dll
MOD - [2014/04/23 23:13:20 | 009,825,792 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Resource.dll
MOD - [2014/04/22 05:09:52 | 000,518,656 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\Genie.dll
MOD - [2014/04/22 02:11:44 | 000,098,816 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe
MOD - [2014/04/22 02:09:52 | 000,458,752 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
MOD - [2014/04/22 02:09:14 | 000,427,520 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
MOD - [2014/04/22 02:07:52 | 000,642,048 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\InnerPlugin_Update.dll
MOD - [2014/04/22 02:07:18 | 000,885,248 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Ui.dll
MOD - [2014/04/22 02:05:58 | 000,200,192 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
MOD - [2014/04/22 02:00:30 | 000,427,520 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
MOD - [2014/04/22 01:59:04 | 001,175,552 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
MOD - [2014/04/22 01:42:02 | 000,632,832 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Internet.dll
MOD - [2014/04/22 01:41:04 | 000,192,512 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Airprint.dll
MOD - [2014/04/16 01:12:34 | 001,554,944 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\SvtNetworkTool.dll
MOD - [2014/04/08 04:07:10 | 000,081,408 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\DiagnosePlugin.dll
MOD - [2014/04/08 04:06:48 | 000,143,360 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\DiagnoseDll.dll
MOD - [2014/03/24 00:08:18 | 000,046,080 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\WSetupApiPlugin.dll
MOD - [2014/03/23 23:33:36 | 000,068,608 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\QRCode.dll
MOD - [2014/03/23 23:33:24 | 000,144,896 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\DragonNetTool.dll
MOD - [2014/03/23 23:31:30 | 000,136,704 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\airprintdll.dll
MOD - [2014/03/23 23:31:22 | 000,066,560 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\WSetupDll.dll
MOD - [2014/03/23 23:31:14 | 000,074,240 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\NetcardApi.dll
MOD - [2014/03/23 23:31:06 | 000,072,192 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\SVTUtils.dll
MOD - [2014/01/20 14:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/01/20 14:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/01/02 21:09:26 | 003,610,624 | ---- | M] () -- C:\Users\Razor\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013/11/14 07:29:31 | 000,399,312 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.57\ppgooglenaclpluginchrome.dll
MOD - [2013/11/14 07:29:29 | 004,055,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.57\pdf.dll
MOD - [2013/11/14 07:28:34 | 001,619,408 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll
MOD - [2013/09/28 21:14:20 | 001,233,408 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\platforms\qwindows.dll
MOD - [2013/09/28 21:14:06 | 003,369,922 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\icuin51.dll
MOD - [2013/09/28 21:14:06 | 001,978,690 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\icuuc51.dll
MOD - [2013/09/28 21:14:04 | 022,378,434 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\icudt51.dll
MOD - [2013/09/28 21:13:48 | 000,989,805 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\libstdc++-6.dll
MOD - [2013/09/28 21:13:48 | 000,544,817 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
MOD - [2013/09/28 21:13:48 | 000,261,120 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\imageformats\qjpeg.dll
MOD - [2013/09/28 21:13:48 | 000,052,224 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\imageformats\qico.dll
MOD - [2013/09/28 21:13:48 | 000,051,200 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\imageformats\qgif.dll
MOD - [2013/09/28 21:13:48 | 000,046,080 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\imageformats\qsvg.dll
MOD - [2013/09/28 21:13:48 | 000,040,960 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\printsupport\windowsprintersupport.dll
MOD - [2013/08/23 15:01:44 | 025,100,288 | ---- | M] () -- C:\Users\Razor\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/04/04 01:09:40 | 004,300,456 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2013/02/12 22:38:06 | 000,100,688 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2013/02/12 22:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2012/11/29 05:56:00 | 003,332,720 | ---- | M] () -- C:\Program Files\NETGEAR Genie\bin\drivers\libntgr_api.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2014/05/14 03:11:24 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/04/25 18:29:38 | 000,145,568 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\McAPExe.exe -- (McAPExe)
SRV - [2014/04/23 18:00:08 | 000,118,264 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2014/04/03 17:59:08 | 000,179,600 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2014/04/03 17:50:04 | 000,169,800 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2014/03/23 23:31:00 | 000,189,440 | ---- | M] (NETGEAR) [Auto | Running] -- C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe -- (NETGEARGenieDaemon)
SRV - [2014/03/18 08:41:42 | 000,655,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe -- (mfecore)
SRV - [2013/12/18 14:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/08/14 16:19:24 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/08/02 17:50:58 | 000,471,592 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2013/07/30 11:44:36 | 000,281,560 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2013/07/30 11:44:36 | 000,281,560 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV - [2013/07/30 11:44:36 | 000,281,560 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2013/07/30 11:44:36 | 000,281,560 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2013/07/30 11:44:36 | 000,281,560 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV - [2013/07/03 15:54:36 | 000,321,024 | ---- | M] (Alcatel-Lucent) [Auto | Running] -- C:\Program Files\ATT\8.3.1.7\ma\bin\MAHostService.exe -- (ATT MAHostService)
SRV - [2013/03/02 20:23:26 | 000,369,152 | ---- | M] (Alcatel-Lucent) [Auto | Running] -- C:\Program Files\Common Files\Motive\pcCMService.exe -- (pcCMService)
SRV - [2012/10/08 18:04:18 | 000,166,912 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2009/11/13 07:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009/10/23 17:58:06 | 000,582,424 | ---- | M] (ParetoLogic Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\XoftSpySE\6\xoftspyservice.exe -- (XoftSpyService)
SRV - [2009/09/08 17:12:51 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/03/01 14:40:59 | 000,065,536 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | Disabled | Running] -- System32\DRIVERS\AvgAsCln.sys -- (AvgAsCln)
DRV - File not found [Kernel | Disabled | Running] -- C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys -- (AVG Anti-Spyware Driver)
DRV - [2014/05/22 18:55:41 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2014/04/03 18:07:42 | 000,061,400 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2014/04/03 17:59:36 | 000,215,624 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2014/04/03 17:52:52 | 000,574,576 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2014/04/03 17:50:30 | 000,367,776 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2014/04/03 17:49:34 | 000,066,408 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2014/04/03 17:48:42 | 000,236,672 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2014/04/03 17:47:20 | 000,134,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2014/03/18 07:07:32 | 000,081,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfencrk.sys -- (mfencrk)
DRV - [2014/03/18 07:07:06 | 000,345,584 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfencbdc.sys -- (mfencbdc)
DRV - [2013/09/23 13:48:38 | 000,147,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HipShieldK.sys -- (HipShieldK)
DRV - [2013/03/24 10:01:19 | 000,033,112 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012/10/08 18:04:18 | 000,023,040 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010/02/02 16:09:42 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/02/02 16:09:42 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/06/10 03:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009/04/11 01:06:26 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan)
DRV - [2008/01/19 02:14:59 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007/06/29 10:11:02 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/20 04:28:38 | 000,267,264 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2007/02/27 12:39:26 | 000,032,256 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2007/02/12 17:55:56 | 000,075,776 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2006/11/02 03:30:56 | 002,589,184 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw2v32.sys -- (NETw2v32)
DRV - [2006/10/10 13:53:48 | 000,005,632 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2006/05/18 09:49:02 | 000,061,067 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2006/05/18 09:48:50 | 000,047,249 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2006/02/16 17:51:08 | 000,004,096 | R--- | M] (SuperAdBlocker, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2003/10/02 14:47:14 | 000,666,624 | ---- | M] (GlobespanVirata, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PRISMUSB.sys -- (PRISM_USB)
DRV - [2000/07/24 02:01:00 | 000,019,537 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\BRPAR.SYS -- (BrPar)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{F5102CF6-67BD-4317-8772-738C0D3B6CDC}: "URL" = http://www.google.co...age={startPage}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.live.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {883E8446-C5A6-4031-BF7C-446B704DEFFA}
IE - HKCU\..\SearchScopes\{347E9CD7-21C9-4B3A-892F-24686313828A}: "URL" = http://www.google.co...&rlz=1I7WQIB_en
IE - HKCU\..\SearchScopes\{883E8446-C5A6-4031-BF7C-446B704DEFFA}: "URL" = http://search.yahoo....p={SearchTerms}
IE - HKCU\..\SearchScopes\{F5102CF6-67BD-4317-8772-738C0D3B6CDC}: "URL" = http://www.google.co...age={startPage}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1206147.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=2.5: C:\Program Files\Virtual Earth 3D\ [2008/10/23 09:15:48 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=3.0: C:\Program Files\Virtual Earth 3D\ [2008/10/23 09:15:48 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\ATT\8.3.1.7\ma\bin\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@Motive.com/npMotiveRequest,version=1.0: C:\Program Files\Common Files\Motive\npMotiveRequest.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1:  File not found
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\Razor\AppData\Local\Roblox\Versions\version-890fab9e68e74869\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine:  File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2014/05/22 18:28:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/08/21 16:16:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2014/01/17 14:58:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014/01/17 14:58:25 | 000,000,000 | ---D | M]
 
[2008/12/24 22:12:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Razor\AppData\Roaming\Mozilla\Extensions
[2008/12/24 22:12:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Razor\AppData\Roaming\Mozilla\Extensions\[email protected]
[2013/12/03 16:00:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Razor\AppData\Roaming\Mozilla\Firefox\extensions
[2012/01/23 12:57:13 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Razor\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2013/10/14 16:51:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
 
========== Chrome  ==========
 
CHR - default_search_provider: McAfee (Enabled)
CHR - default_search_provider: search_url = http://search.yahoo....p={searchTerms}
CHR - default_search_provider: suggest_url = ,
CHR - homepage: http://www.facebook.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.57\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files\GamingWonderland\bar\1.bin\NPgtStub.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U21 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
CHR - plugin: Unity Player (Enabled) = C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Roblox Launcher Plugin (Enabled) = C:\Users\Razor\AppData\Local\Roblox\Versions\version-1ff4978f36a64477\\NPRobloxProxy.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Java Deployment Toolkit 7.0.210.11 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Docs = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.6_0\
CHR - Extension: Battlefield Heroes = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.203.0_0\
CHR - Extension: Motive Extension = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\edmgmpmklgfbohogafcfobonnkogchec\1.1_0\
CHR - Extension: SiteAdvisor = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.65.135.1_6\
CHR - Extension: RealDownloader = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0\
CHR - Extension: SlingPlayer for DISH Anywhere = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcnpmlegoehfgohpkmjhpohjchokamnn\2.4.0.89_0\
CHR - Extension: Value apps = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.7.0.2_0\
CHR - Extension: FastestFox for Chrome = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\8.0.9_0\
CHR - Extension: Google Wallet = C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
 
O1 HOSTS File: ([2014/06/01 07:19:15 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Value Apps plugin) - {F63AAEDC-3602-49EF-AA45-262380A98980} - C:\Users\Razor\AppData\Roaming\ValueApps\IE\MonPrx.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [NETGEARGenie] C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe (NETGEAR Inc.)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Razor\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - Startup: C:\Users\Razor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Razor\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B91B512A-5EE2-4EAC-AF4C-D552AAD3D150}: DhcpNameServer = 10.0.0.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Razor\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Razor\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {88485281-8b4b-4f8d-9ede-82e29a064277} - C:\Program Files\MarkAny\ContentSafer\MACSMANAGER.dll (MarkAny Cooperation.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/06/01 07:42:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2014/06/01 07:16:09 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/05/30 19:44:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014/05/30 19:18:15 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2014/05/30 19:04:46 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/05/30 18:57:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2014/05/29 04:29:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fast Duplicate File Finder
[2014/05/29 04:29:13 | 000,000,000 | ---D | C] -- C:\Program Files\Fast Duplicate File Finder
[2014/05/29 04:18:07 | 000,000,000 | ---D | C] -- C:\Users\Razor\AppData\Roaming\Ashisoft
[2014/05/29 04:17:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate File Finder
[2014/05/29 04:17:30 | 000,000,000 | ---D | C] -- C:\Program Files\Duplicate File Finder
[2014/05/28 15:01:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Razor\Desktop\OTL.exe
[2014/05/21 17:10:35 | 000,000,000 | ---D | C] -- C:\Users\Razor\AppData\Local\Spotify
[2014/05/21 17:09:24 | 000,000,000 | ---D | C] -- C:\Users\Razor\AppData\Roaming\Spotify
[2007/06/18 20:44:01 | 000,488,144 | ---- | C] (Soeperman Enterprises Ltd                                   ) -- C:\Users\Razor\HJTsetup.exe
 
========== Files - Modified Within 30 Days ==========
 
[2014/06/01 07:29:34 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/06/01 07:29:30 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/01 07:29:30 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/01 07:29:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/01 07:29:16 | 2136,227,840 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/01 07:19:15 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2014/06/01 07:16:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf6a5a79a681f0.job
[2014/06/01 07:13:09 | 001,327,971 | ---- | M] () -- C:\Users\Razor\Desktop\AdwCleaner.exe
[2014/06/01 06:10:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/01 04:41:39 | 000,645,682 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/06/01 04:41:39 | 000,120,814 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/05/31 21:59:01 | 000,122,480 | ---- | M] () -- C:\Users\Razor\Desktop\pic.jpg
[2014/05/31 21:18:12 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\At1.job
[2014/05/30 20:31:48 | 000,390,496 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/05/30 20:31:04 | 140,431,336 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/05/29 04:29:22 | 000,000,955 | ---- | M] () -- C:\Users\Razor\Desktop\Fast Duplicate File Finder.lnk
[2014/05/29 04:17:33 | 000,000,876 | ---- | M] () -- C:\Users\Public\Desktop\Duplicate File Finder.lnk
[2014/05/29 02:17:47 | 000,000,994 | ---- | M] () -- C:\Users\Razor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/05/29 02:17:17 | 000,000,962 | ---- | M] () -- C:\Users\Razor\Desktop\Dropbox.lnk
[2014/05/28 15:01:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Razor\Desktop\OTL.exe
[2014/05/28 00:31:54 | 000,052,599 | ---- | M] () -- C:\Users\Razor\Desktop\00S0S_2tuwGI374nu_600x450.jpg
[2014/05/26 12:45:14 | 000,001,003 | ---- | M] () -- C:\Users\Razor\Desktop\ROBLOX Studio 2013.lnk
[2014/05/22 18:55:47 | 000,001,831 | ---- | M] () -- C:\Users\Public\Desktop\NETGEAR Genie.lnk
[2014/05/22 18:55:41 | 000,281,104 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\System32\wpcap.dll
[2014/05/22 18:55:41 | 000,096,784 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\System32\packet.dll
[2014/05/22 18:55:41 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\System32\drivers\npf.sys
[2014/05/21 17:10:33 | 000,001,754 | ---- | M] () -- C:\Users\Razor\Desktop\Spotify.lnk
[2014/05/10 15:13:38 | 000,002,305 | ---- | M] () -- C:\Users\Razor\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
 
========== Files Created - No Company Name ==========
 
[2014/06/01 07:13:03 | 001,327,971 | ---- | C] () -- C:\Users\Razor\Desktop\AdwCleaner.exe
[2014/05/31 21:10:36 | 000,122,480 | ---- | C] () -- C:\Users\Razor\Desktop\pic.jpg
[2014/05/29 04:29:22 | 000,000,955 | ---- | C] () -- C:\Users\Razor\Desktop\Fast Duplicate File Finder.lnk
[2014/05/29 04:17:33 | 000,000,876 | ---- | C] () -- C:\Users\Public\Desktop\Duplicate File Finder.lnk
[2014/05/28 00:32:08 | 000,052,599 | ---- | C] () -- C:\Users\Razor\Desktop\00S0S_2tuwGI374nu_600x450.jpg
[2014/05/21 17:10:34 | 000,001,740 | ---- | C] () -- C:\Users\Razor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2014/05/21 17:10:33 | 000,001,754 | ---- | C] () -- C:\Users\Razor\Desktop\Spotify.lnk
[2014/05/07 21:11:43 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf6a5a79a681f0.job
[2014/03/23 13:47:14 | 000,138,056 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2014/03/23 13:47:12 | 000,138,056 | ---- | C] () -- C:\Users\Razor\AppData\Roaming\PnkBstrK.sys
[2014/03/23 13:46:42 | 000,234,768 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2014/03/23 13:46:26 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2013/09/01 12:48:26 | 000,000,258 | RHS- | C] () -- C:\Users\Razor\ntuser.pol
[2013/08/21 16:07:33 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2013/08/21 16:07:33 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2012/10/20 15:37:37 | 000,000,680 | ---- | C] () -- C:\Users\Razor\AppData\Local\d3d9caps.dat
[2010/09/03 21:33:01 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/11/18 13:04:41 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/11/05 14:02:53 | 000,000,000 | ---- | C] () -- C:\Users\Razor\AppData\Roaming\wklnhst.dat
[2009/04/19 15:00:09 | 000,037,189 | ---- | C] () -- C:\Users\Razor\ (2)
[2007/04/02 01:04:00 | 000,084,992 | ---- | C] () -- C:\Users\Razor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006/11/02 08:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 09:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 02:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013/08/31 12:48:35 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\.minecraft
[2014/05/29 04:18:07 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Ashisoft
[2014/06/01 03:45:36 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\BitTorrent
[2013/01/28 15:04:04 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Canon
[2013/12/25 19:17:03 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\com.hwp.HWPLauncher
[2014/01/17 03:47:34 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\ConverterLite
[2008/11/08 16:48:58 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\DataCast
[2014/06/01 07:35:39 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Dropbox
[2014/06/01 07:35:28 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\DropboxMaster
[2014/01/17 21:02:12 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\eCyber
[2013/04/20 05:49:41 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\LimeWire
[2008/07/13 14:47:28 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\MusicNet
[2007/04/02 19:49:50 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\SampleView
[2013/11/27 18:55:24 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Sling Media
[2011/03/05 14:36:02 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Smilebox
[2008/01/22 11:00:34 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\SpinTop
[2014/06/01 03:41:40 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Spotify
[2009/11/05 14:02:52 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Template
[2011/03/18 18:18:14 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\theSideline.com
[2008/12/24 22:03:58 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\TomTom
[2008/07/14 19:08:45 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\TuxPaint
[2007/06/13 21:15:52 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Uniblue
[2013/08/10 16:09:04 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\Unity
[2014/03/21 22:19:59 | 000,000,000 | ---D | M] -- C:\Users\Razor\AppData\Roaming\ValueApps
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:373E1720
 
< End of report >

  • 0

#6
pparazorback
Posted 01 June 2014 - 05:37 PM

pparazorback

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
# AdwCleaner v3.211 - Report created 01/06/2014 at 19:09:05
# Updated 26/05/2014 by Xplode
# Operating System : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
# Username : Razor - RAZOR-DESKTOP
# Running from : C:\Users\Razor\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\ValueApps
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrowserSafeguard
Folder Deleted : C:\Program Files\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files\Bench
Folder Deleted : C:\Program Files\MyPC Backup
Folder Deleted : C:\Program Files\Optimizer Pro
Folder Deleted : C:\Users\Razor\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Razor\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Razor\AppData\Roaming\eCyber
Folder Deleted : C:\Users\Razor\AppData\Roaming\Uniblue
Folder Deleted : C:\Users\Razor\AppData\Roaming\ValueApps
Folder Deleted : C:\Users\Jeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon
Folder Deleted : C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon
File Deleted : C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
File Deleted : C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fastcontent.conduit.com_0.localstorage
File Deleted : C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fastcontent.conduit.com_0.localstorage-journal
File Deleted : C:\Windows\System32\Tasks\BrowserSafeguard Update Task
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ealchnonpofjocgofjpopjdoegbbkofj
Key Deleted : HKCU\Software\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Key Deleted : HKCU\Software\Google\Chrome\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{48E33FBA-5FF8-416C-9D59-3436EE4E7D33}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48E33FBA-5FF8-416C-9D59-3436EE4E7D33}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F63AAEDC-3602-49EF-AA45-262380A98980}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6A83313B-E6B5-4F18-B49D-15EBE176A8B1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F63AAEDC-3602-49EF-AA45-262380A98980}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F63AAEDC-3602-49EF-AA45-262380A98980}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F63AAEDC-3602-49EF-AA45-262380A98980}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F63AAEDC-3602-49EF-AA45-262380A98980}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F63AAEDC-3602-49EF-AA45-262380A98980}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F63AAEDC-3602-49EF-AA45-262380A98980}
Value Deleted : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\V9
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\Bench
Key Deleted : HKLM\Software\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ValueApps
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ValueApps
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16545
 
 
-\\ Google Chrome v31.0.1650.57
 
[ File : C:\Users\Jeanne\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Extension] : lcnnhcneegeeojhgpfijnlnocjdmlaon
 
[ File : C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://www.fathead.com/search-results/?term={searchTerms}
Deleted [Extension] : igjjkeeamkpihpncmmbgdkhdnjpcfmfb
Deleted [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
Deleted [Extension] : lcnnhcneegeeojhgpfijnlnocjdmlaon
Deleted [Extension] : pkmpcdbgnfjfeelcpebpkflcmbkclfho
 
*************************
 
AdwCleaner[R0].txt - [9224 octets] - [14/10/2013 16:49:22]
AdwCleaner[R1].txt - [6472 octets] - [01/06/2014 09:01:38]
AdwCleaner[S0].txt - [9571 octets] - [14/10/2013 16:50:51]
AdwCleaner[S1].txt - [6483 octets] - [01/06/2014 19:09:05]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [6543 octets] ##########

  • 0

#7
pparazorback
Posted 01 June 2014 - 05:41 PM

pparazorback

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts

please be advised that during the OTL fix step, I got a windows error while the fix window was at [emptytemp].  It was on that step for several minutes and finally windows said an error occurred and it was trying to find a solution.  I did not rerun, but had to reboot the machine as it never came back up nor did the desktop icons appear again.


  • 0

#8
Essexboy
Posted 02 June 2014 - 07:34 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Unfortunately that does happen sometimes if there is a lot of junk files, I think windows just gets impatient.

How is the computer behaving at the moment ?

Please download Malwarebytes Anti-Malware to your desktop
Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Attach/Post that log
  • 0

#9
pparazorback
Posted 02 June 2014 - 11:58 AM

pparazorback

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts

I did the instruction exactly as stated on the found threats screen, which you stated "If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.".  All of the options that were listed had "Ignore Once" as the default instead of either Quarantine or other options.  Thus it did not actually remove anything.  

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 6/2/2014
Scan Time: 1:24:09 PM
Logfile: mbam.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.06.02.06
Rootkit Database: v2014.05.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: Razor
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 304317
Time Elapsed: 26 min, 24 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 10
PUP.Optional.StartSavin.A, HKU\S-1-5-21-4088311119-3222570682-2067231866-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{181F2C09-56DD-4F98-86D7-59BA2BC59B5A}, No Action By User, [4cc3c98b38435dd97302260c7290728e], 
PUP.Optional.ConduitTB.A, HKU\S-1-5-21-4088311119-3222570682-2067231866-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{30F9B915-B755-4826-820B-08FBA6BD249D}, No Action By User, [bc533024bcbfab8b7055290836cc0df3], 
PUP.Optional.ConduitTB.A, HKU\S-1-5-21-4088311119-3222570682-2067231866-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{30F9B915-B755-4826-820B-08FBA6BD249D}, No Action By User, [bc533024bcbfab8b7055290836cc0df3], 
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\GamingWonderland.SkinLauncherSettings, No Action By User, [37d8bc98fa81aa8c7269d198ce34bd43], 
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\GamingWonderland.SkinLauncherSettings.1, No Action By User, [37d892c2403b3cfaf5e67beead5508f8], 
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\GamingWonderland, No Action By User, [3cd359fb3e3d3600aa1220c0ee15c040], 
PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-4088311119-3222570682-2067231866-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\TidyNetwork, No Action By User, [07086ee6b6c5c76f3cec534f867cf20e], 
PUP.Optional.FunWebProducts.A, HKU\S-1-5-21-4088311119-3222570682-2067231866-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Fun Web Products, No Action By User, [35dafb598dee5fd7e5d93b5704febe42], 
PUP.Optional.FunWebProducts.A, HKU\S-1-5-21-4088311119-3222570682-2067231866-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\FunWebProducts, No Action By User, [6ea15bf90e6d89ada41bf59d5ba7f907], 
PUP.Optional.MindSpark.A, HKU\S-1-5-21-4088311119-3222570682-2067231866-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\GamingWonderland, No Action By User, [49c6e37183f8ef47d6cefc96d9299967], 
 
Registry Values: 2
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}, No Action By User, [46c9074ddaa14de909e2f045a062d030], 
PUP.Optional.SweetPacks, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}, C:\Program Files\Updater By SweetPacks\Firefox, No Action By User, [46c9074ddaa14de909e2f045a062d030]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 12
PUP.Optional.ValueApps, C:\Users\Jeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon, No Action By User, [5ab5a3b1a0db4aec89375f1e996944bc], 
PUP.Optional.ValueApps, C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon, No Action By User, [11fe5cf83a41999dc000c6b7b44e11ef], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\engines_icons, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\js, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\plugins, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
 
Files: 64
PUP.Optional.Superfish.A, C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, No Action By User, [fb1485cf9edd1f17affcc4d1c93921df], 
PUP.Optional.Superfish.A, C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, No Action By User, [a669510397e4270f1992c6cf8082b44c], 
PUP.Optional.MultiExtension.A, C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igjjkeeamkpihpncmmbgdkhdnjpcfmfb_0.localstorage, No Action By User, [3bd44e06cfac3bfb6411b3e355adcb35], 
PUP.Optional.MultiExtension.A, C:\Users\Razor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igjjkeeamkpihpncmmbgdkhdnjpcfmfb_0.localstorage-journal, No Action By User, [1bf4b59f95e6f4425f16d2c4a85a04fc], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\18x18.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\background.html, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\blank.html, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\manifest.json, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\manifest_no_button.json, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\new_tab.html, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\search_box.html, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\injection.css, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\jquery-ui-1.8.16.custom.css, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images\ui-bg_flat_0_aaaaaa_40x100.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images\ui-bg_flat_75_ffffff_40x100.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images\ui-bg_glass_55_fbf9ee_1x400.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images\ui-bg_glass_65_ffffff_1x400.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images\ui-bg_glass_75_dadada_1x400.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images\ui-bg_glass_75_e6e6e6_1x400.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images\ui-bg_glass_95_fef1ec_1x400.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images\ui-bg_highlight-soft_75_cccccc_1x100.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images\ui-icons_222222_256x240.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images\ui-icons_2e83ff_256x240.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images\ui-icons_454545_256x240.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images\ui-icons_888888_256x240.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\css\jquery_ui\images\ui-icons_cd0a0a_256x240.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\help.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\engines_icons\Bing.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\engines_icons\Google.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\engines_icons\Search here.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\engines_icons\Yahoo.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_bottom_left_before_corner.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\bullet_arrow_down.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\bullet_arrow_down_old.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\icon.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search-inner-wrapper.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search-left.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_arrow_top_button.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_arrow_top_button_hovered.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_bottom_bg.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_bottom_border_bg.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_bottom_left_corner.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_bottom_right_before_corner.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_bottom_right_corner.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_left_border_bg.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_left_bottom_border_bg.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_middle_bg.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_right_border_bg.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_right_bottom_border_bg.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_top_bg.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_top_left_before_corner.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_top_left_corner.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_top_right_before_corner.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\images\injection\search_top_right_corner.png, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\js\bg.js, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\js\ConfigManager.js, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\js\content.js, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\js\InjectionManager.js, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\js\jquery-1.7.1.min.js, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\js\jquery-ui-1.8.16.custom.min.js, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\js\jquery.guid.js, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\js\newTab.js, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\js\SearchBox.js, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
PUP.Optional.DefaultTab.A, C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.25_0\plugins\npDefaultTabSearch.dll, No Action By User, [36d9f3612b50e2545dc0e29e03ff19e7], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

  • 0

#10
Essexboy
Posted 02 June 2014 - 12:35 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Run it again please and use the drop down to select Remove

 

This is the latest version so I am not 100% in its usage yet


  • 0

Advertisements

#11
pparazorback
Posted 02 June 2014 - 01:02 PM

pparazorback

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts

The new Option would probably be click on the button that says "Quarantine All".  

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 6/2/2014
Scan Time: 2:39:28 PM
Logfile: mbam.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.06.02.07
Rootkit Database: v2014.05.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: Razor
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 304580
Time Elapsed: 17 min, 59 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

  • 0

#12
Essexboy
Posted 02 June 2014 - 02:57 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

How is the computer behaving now ?


  • 0

#13
pparazorback
Posted 03 June 2014 - 02:17 AM

pparazorback

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts

It is definitely faster now than it was.


  • 0

#14
Essexboy
Posted 03 June 2014 - 07:56 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Any further problems before I tidy up ?


  • 0

#15
pparazorback
Posted 03 June 2014 - 08:32 AM

pparazorback

    Member

  • Topic Starter
  • Member
  • PipPip
  • 48 posts
Seems we are ready for tidy up. Thanks.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP