Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Cant stop pop ups in Firefox


  • This topic is locked This topic is locked

#1
sg555

sg555

    Member

  • Member
  • PipPip
  • 52 posts

I was having trouble with my hp wireless printer not scanning. I uninstalled the software and tried to reinstall it but it wouldnt get past the wireless connection.

I noticed that my windows updates had been turned off and cannot turn it on or download updates to anything.

I have Malwarebytes and ran it but not sure if its updating properly and it finds no problems on a scan.

I tried to install Microsoft security essentials and also Trend Micro Housecall but neither program will install.

Today I started getting all kinds of pop ups on my browser and have not been able to stop them.

I just ran OTL and here is a copy. Any help is much appreciated!!

 

OTL logfile created on: 7/13/2014 2:41:58 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Steve\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.99 Gb Total Physical Memory | 5.80 Gb Available Physical Memory | 72.54% Memory free
15.98 Gb Paging File | 13.61 Gb Available in Paging File | 85.18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 686.23 Gb Total Space | 549.75 Gb Free Space | 80.11% Space Free | Partition Type: NTFS
Drive D: | 12.31 Gb Total Space | 1.38 Gb Free Space | 11.24% Space Free | Partition Type: NTFS
Drive G: | 100.00 Mb Total Space | 61.81 Mb Free Space | 61.81% Space Free | Partition Type: NTFS
Drive H: | 915.00 Gb Total Space | 782.64 Gb Free Space | 85.53% Space Free | Partition Type: NTFS
Drive I: | 16.41 Gb Total Space | 5.49 Gb Free Space | 33.45% Space Free | Partition Type: NTFS
 
Computer Name: REGINA-PC | User Name: Steve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/07/13 14:41:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Steve\Downloads\OTL.exe
PRC - [2014/07/02 21:04:37 | 001,869,488 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
PRC - [2014/06/27 15:20:18 | 003,241,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2014/06/22 13:52:19 | 002,571,288 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2014/06/17 16:18:02 | 005,179,408 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
PRC - [2014/06/17 16:11:46 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2014/06/05 21:38:12 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/08/19 18:28:33 | 000,389,016 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/07/02 21:04:37 | 017,024,688 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll
MOD - [2014/06/22 13:52:19 | 002,571,288 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2014/06/22 13:52:19 | 000,693,272 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\NativeBrowserApi\18.1.7\NativeBrowserApi.dll
MOD - [2014/06/22 13:52:19 | 000,519,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\log4cplusU.dll
MOD - [2014/06/05 21:38:46 | 003,852,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/03/20 11:10:50 | 001,603,608 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\TBAPI.dll
MOD - [2013/08/19 18:28:33 | 002,244,504 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
MOD - [2013/08/19 18:28:33 | 000,158,104 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2013/08/19 18:28:33 | 000,022,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldappr32v60.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/05/30 02:21:05 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/09/08 01:51:16 | 000,203,264 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2014/07/02 21:04:37 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/06/27 15:20:18 | 003,241,488 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014/06/22 13:52:19 | 001,813,528 | ---- | M] (AVG Secure Search) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe -- (vToolbarUpdater18.1.7)
SRV - [2014/06/17 16:11:46 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2014/06/05 21:38:37 | 000,119,408 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/05/21 11:34:38 | 000,049,464 | ---- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\Program Files (x86)\hp\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2014/03/23 20:32:02 | 000,225,792 | ---- | M] (NETGEAR) [Disabled | Stopped] -- C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe -- (NETGEARGenieDaemon)
SRV - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/04 18:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/10/30 17:35:44 | 001,128,544 | ---- | M] (Seagate) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/01/18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/04/22 13:56:50 | 000,984,392 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/02/20 17:09:07 | 000,867,080 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/02/18 15:01:06 | 000,462,632 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2009/09/06 07:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/22 11:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/09/30 19:59:26 | 000,192,512 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe -- (HPBtnSrv)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/07/08 14:10:52 | 000,020,160 | ---- | M] (Glarysoft Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GUBootStartup.sys -- (GUBootStartup)
DRV:64bit: - [2014/07/08 13:22:01 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2014/07/01 00:52:50 | 000,017,600 | ---- | M] (Glarysoft Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BootDefragDriver.sys -- (BootDefragDriver)
DRV:64bit: - [2014/06/22 13:52:19 | 000,050,464 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2014/06/17 16:21:34 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2014/06/17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2014/06/17 16:06:58 | 000,269,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2014/06/17 16:06:24 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2014/06/17 16:06:22 | 000,242,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2014/06/17 16:06:22 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2014/06/17 16:06:20 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2014/06/17 16:06:06 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2014/03/09 16:24:03 | 001,120,032 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tib.sys -- (tib)
DRV:64bit: - [2014/03/09 16:24:03 | 000,183,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tib_mounter.sys -- (tib_mounter)
DRV:64bit: - [2014/03/09 16:24:02 | 001,462,560 | ---- | M] (Acronis International GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdrpman.sys -- (tdrpman)
DRV:64bit: - [2014/03/09 16:24:01 | 000,161,568 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vididr.sys -- (vididr)
DRV:64bit: - [2014/03/09 16:24:01 | 000,117,024 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vidsflt.sys -- (vidsflt)
DRV:64bit: - [2014/03/09 16:23:59 | 000,233,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2014/03/09 16:23:59 | 000,108,832 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv)
DRV:64bit: - [2013/10/01 19:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/06/20 10:42:44 | 003,678,720 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/18 07:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/01/18 07:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/09/08 02:26:04 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/09/08 02:26:04 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/09/08 01:15:06 | 000,279,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010/03/03 19:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/01/28 10:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/12/30 10:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/08/20 17:05:06 | 000,239,616 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 17:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/06/16 04:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV - [2009/10/20 14:50:12 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/06/11 13:11:29] [Kernel | Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis....q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis....q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{2783B66A-55CC-4056-86A9-3BA729C889EC}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE:64bit: - HKLM\..\SearchScopes\{C1E63727-935B-4A47-98BC-9B86FDF6A0BC}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis....q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis....q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{2783B66A-55CC-4056-86A9-3BA729C889EC}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{56DE73FF-73CF-4E0A-B10B-07B806D438EA}: "URL" = ${SEARCH_URL}{searchTerms}
IE - HKLM\..\SearchScopes\{C1E63727-935B-4A47-98BC-9B86FDF6A0BC}: "URL" = http://www.bing.com/...rc=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{7FB11826-47CE-4849-AFBF-0B6CD1636106}: "URL" = http://search.condui...4525793511&UM=2
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={6C95A33C-8C1B-4299-BE85-A5BEC83E918F}&mid=b3eac9d998398c3151ef564ae112aa16-1ff8c315a8f217f457fe384e8cab6e80f6b5bda9&lang=en&ds=AVG&pr=fr&d=2012-10-06 08:51:44&v=15.4.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{C1E63727-935B-4A47-98BC-9B86FDF6A0BC}: "URL" = http://www.bing.com/...E11SR&pc=HPDTDF
IE - HKCU\..\SearchScopes\{EEDAA5C8-F527-4D4E-BD3A-54021F31DA58}: "URL" = http://mp3tubetoolba...e4856f971c4347a
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Dogpile"
FF - prefs.js..browser.search.defaultthis.engineName: "InternetHelper3.1 Customized Web Search"
FF - prefs.js..browser.search.order.1: "Dogpile"
FF - prefs.js..browser.search.selectedEngineURL: "http://mp3tubetoolba...={searchTerms}"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "yahoo.com"
FF - prefs.js..extensions.enabledAddons: %7B27c60876-b5c9-4335-b4f3-52b26782220c%7D:0.9.4
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: avg%40toolbar:18.1.7.644
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.67
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..keyword.URL: "http://mp3tubetoolba...removelink2&q="
 
FF - user.js..keyword.URL: "http://mp3tubetoolba...removelink2&q="
FF - user.js..keyword.enabled: 1
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Steve\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Steve\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.7.644 [2014/07/09 17:58:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 15:27:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/03/15 11:16:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/05/30 16:35:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2014/03/15 11:16:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014/05/30 16:35:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files (x86)\AVG\AVG2012\Thunderbird\
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2014/03/15 11:16:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014/05/30 16:35:49 | 000,000,000 | ---D | M]
 
[2010/03/04 22:32:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Extensions
[2010/03/04 22:32:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/02/21 17:39:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Extensions\[email protected]
[2014/07/13 14:39:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\horwqrdo.default\extensions
[2011/03/29 19:19:34 | 000,000,000 | ---D | M] ("Malware Search") -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\horwqrdo.default\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}
[2013/11/14 14:54:22 | 000,000,000 | ---D | M] (ScorpionSaver) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\horwqrdo.default\extensions\ScorpionSaver@jetpack
[2014/07/13 14:28:29 | 000,010,912 | ---- | M] () (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\horwqrdo.default\extensions\[email protected]
[2012/01/21 10:14:55 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\horwqrdo.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2011/05/22 16:28:29 | 000,001,211 | ---- | M] () -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\horwqrdo.default\searchplugins\Mp3Tube.xml
[2010/02/21 18:32:01 | 000,009,985 | ---- | M] () -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\horwqrdo.default\searchplugins\mywebsearch.xml
[2013/10/15 10:20:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/10/15 10:23:35 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/10/15 10:23:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/10/15 10:23:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013/10/15 10:23:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/10/01 09:41:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/07/13 12:35:50 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions
[2013/11/16 15:51:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/07/09 17:58:36 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\18.1.7.644
[2013/02/18 22:25:44 | 000,003,714 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
CHR - plugin: Microsoft® Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\\npsitesafety.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
CHR - plugin: Java Deployment Toolkit 7.0.210.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Cast = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\14.605.0.10_0\
CHR - Extension: Do Not Track = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckdcpbflcbeillmamogkpmdhnbeggfja\0.1.1_0\
CHR - Extension: Google Search = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.5_0\
CHR - Extension: Ghostery = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.3.0_0\
CHR - Extension: Google Wallet = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\
 
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.7.644\AVG Secure Search_toolbar.dll (AVG Secure Search)
O2 - BHO: (hpBHO Class) - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.7.644\AVG Secure Search_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - CC:\Windows\system32\AdpeakProxy64.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - CC:\Windows\system32\AdpeakProxy64.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - CC:\Windows\system32\AdpeakProxy64.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - CC:\Windows\system32\AdpeakProxy64.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - CC:\Windows\system32\AdpeakProxy64.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onec...s/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88786135-6BA9-4FD6-B945-887056AE4746}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B632F6BD-3E77-4DA9-BB2D-A244E962DA21}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\vsharechrome - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (AVG Secure Search)
O18 - Protocol\Handler\vsharechrome - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (RegBootDefrag)
O34 - HKLM BootExecute: (cute settings...)
O34 - HKLM BootExecute: (ountPoints2\M\Sh)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/07/13 13:07:00 | 000,028,960 | ---- | C] (Glarysoft Ltd) -- C:\Windows\SysNative\RegBootDefrag.exe
[2014/07/10 20:15:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
[2014/07/10 20:12:20 | 000,000,000 | ---D | C] -- C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
[2014/07/10 09:17:06 | 000,000,000 | ---D | C] -- C:\swsetup
[2014/07/09 13:15:00 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2014/07/08 14:10:54 | 000,000,000 | ---D | C] -- C:\ProgramData\GlarySoft
[2014/07/08 14:10:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
[2014/07/08 14:10:52 | 000,118,048 | ---- | C] (Glarysoft Ltd) -- C:\Windows\SysNative\BootDefrag.exe
[2014/07/08 14:10:52 | 000,020,160 | ---- | C] (Glarysoft Ltd) -- C:\Windows\SysNative\drivers\GUBootStartup.sys
[2014/07/08 14:10:52 | 000,017,600 | ---- | C] (Glarysoft Ltd) -- C:\Windows\SysNative\drivers\BootDefragDriver.sys
[2014/07/08 14:10:48 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\DiskDefrag
[2014/07/08 14:10:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities 5
[2014/07/08 12:30:24 | 000,000,000 | R--D | C] -- C:\Users\Steve\Documents\HP Photo Creations
[2014/07/07 22:10:35 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Hewlett-Packard_Company
[2014/07/07 22:10:26 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\HP TCS
[2014/07/07 22:08:38 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\VS Revo Group
[2014/07/07 22:08:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2014/07/07 22:08:35 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
[2014/07/07 22:08:35 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group
[2014/07/07 22:08:34 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2014/07/07 18:52:15 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
[2014/07/07 18:51:39 | 000,000,000 | ---D | C] -- C:\HP_ePrint
[2014/07/03 09:08:37 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Adobe
[2014/07/02 10:51:02 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/02 10:50:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/07/02 10:50:48 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/07/02 10:50:48 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/07/02 10:50:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/06/21 11:20:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2014/06/17 16:21:34 | 000,235,800 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2014/06/17 16:07:12 | 000,328,984 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys
[2014/06/17 16:06:58 | 000,269,080 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2014/06/17 16:06:24 | 000,190,744 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsha.sys
[2014/06/17 16:06:22 | 000,242,968 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2014/06/17 16:06:22 | 000,153,368 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys
[2014/06/17 16:06:20 | 000,123,672 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2014/06/17 16:06:06 | 000,031,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys
 
========== Files - Modified Within 30 Days ==========
 
[2014/07/13 14:12:51 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/13 13:38:43 | 000,002,250 | ---- | M] () -- C:\Users\Steve\Desktop\HP Photosmart 7510 series.lnk
[2014/07/13 13:16:33 | 000,015,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/13 13:16:33 | 000,015,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/13 13:15:20 | 000,786,514 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/07/13 13:15:20 | 000,665,304 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/07/13 13:15:20 | 000,123,112 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/07/13 13:08:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/13 13:08:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2014/07/13 13:08:00 | 2140,467,199 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/13 12:35:53 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/07/10 20:53:51 | 000,258,666 | ---- | M] () -- C:\Users\Steve\Documents\NIN seats.xps
[2014/07/10 20:15:10 | 000,002,219 | ---- | M] () -- C:\Users\Steve\Desktop\HP Support Assistant.lnk
[2014/07/10 19:37:29 | 000,000,861 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2014/07/10 12:39:57 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/07/09 22:16:29 | 000,122,154 | ---- | M] () -- C:\Users\Steve\Documents\registry backup.reg
[2014/07/09 13:15:09 | 000,002,250 | ---- | M] () -- C:\Users\Public\Desktop\HP Photosmart 7510 series.lnk
[2014/07/09 13:15:09 | 000,001,182 | ---- | M] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Photosmart 7510 series.lnk
[2014/07/08 19:51:00 | 000,002,006 | ---- | M] () -- C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
[2014/07/08 19:45:11 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\HP Photosmart 7510 series.exe_{7BE77095-FC9B-408B-B26A-AEDF1505E35D}.job
[2014/07/08 19:45:00 | 000,000,290 | ---- | M] () -- C:\Windows\tasks\Toolbox.exe_{0A4766BF-E7A7-470E-A1BE-0C3F30EADA5A}.job
[2014/07/08 19:44:59 | 000,000,300 | ---- | M] () -- C:\Windows\tasks\WOWPrint.exe_{D4C9F674-D47B-4FA1-ADA2-68955A37CB03}.job
[2014/07/08 14:17:46 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{15CD4AFF-B521-404B-A696-CFE62BAE15AB}.job
[2014/07/08 14:10:54 | 000,001,106 | ---- | M] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 5.lnk
[2014/07/08 14:10:54 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize 5.job
[2014/07/08 14:10:54 | 000,000,250 | ---- | M] () -- C:\Windows\tasks\GU5SkipUAC.job
[2014/07/08 14:10:52 | 000,020,160 | ---- | M] (Glarysoft Ltd) -- C:\Windows\SysNative\drivers\GUBootStartup.sys
[2014/07/08 13:22:01 | 000,369,168 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysNative\wpcap.dll
[2014/07/08 13:22:01 | 000,281,104 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysWow64\wpcap.dll
[2014/07/08 13:22:01 | 000,106,000 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysNative\packet.dll
[2014/07/08 13:22:01 | 000,096,784 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysWow64\packet.dll
[2014/07/08 13:22:01 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysNative\drivers\npf.sys
[2014/07/08 13:22:01 | 000,002,052 | ---- | M] () -- C:\Users\Public\Desktop\NETGEAR Genie.lnk
[2014/07/08 12:35:16 | 000,099,580 | ---- | M] () -- C:\Users\Steve\Desktop\House.jpg
[2014/07/08 12:34:17 | 000,099,580 | ---- | M] () -- C:\Users\Steve\Desktop\House 2.jpg
[2014/07/08 12:30:20 | 000,001,993 | ---- | M] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2014/07/07 22:45:16 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{F8075218-9817-41FE-82CC-136A8EB3A619}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{3CD08C26-55B7-4173-A781-208C074089A4}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{39ED2E90-6501-4756-B268-4F4F534F1BF5}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{38C1CE45-6C53-4C14-A879-71C83D07D6EF}.job
[2014/07/07 22:45:14 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{B7D68225-1BF5-455A-BCD6-DD6E285EE27C}.job
[2014/07/07 22:41:01 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{D4446781-1E21-467E-8042-14139BABA3D0}.job
[2014/07/07 22:08:36 | 000,001,103 | ---- | M] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2014/07/07 22:08:36 | 000,001,079 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2014/07/07 20:20:01 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{8F3C5E38-CA8C-4676-A01B-C344FE20AB43}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{D5892677-ABED-4C2F-BAEF-61368A77CD6E}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{1304F0DD-E9DC-4627-9B95-E1B3E7123A7E}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{02A579CE-D884-4A2B-8779-8556BE5A68CE}.job
[2014/07/07 20:19:59 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{E44E59ED-0D10-45CB-A137-B55D13308B5D}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{C6D5B7B0-B7CD-4C90-A7FF-B9CD913A5C8E}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{5694A2C1-E424-444A-8D57-6812908D16A3}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{4D6F2D12-7A7D-47ED-9E6A-7D625B62492C}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{73B949FC-80F0-454B-9C23-5109A385FB7D}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{5E950ACA-662A-49E7-B169-C6A1B26FBB1A}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{4CAB99AD-E91E-46F0-91F8-31BB30279723}.job
[2014/07/07 19:52:08 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{B79F4FF0-63EE-43FD-ACEA-F21F95EDED16}.job
[2014/07/07 19:52:08 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{58BF558E-BD7D-4B1D-9009-758325DA607E}.job
[2014/07/07 19:52:07 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{69C9B166-5E84-48FF-B59A-DDF92AB40F8C}.job
[2014/07/07 19:49:17 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{9145778C-28CD-4F27-8011-86ABD7974233}.job
[2014/07/07 19:49:17 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{231D6AEC-91F7-4269-8ED0-9951CE64D4D9}.job
[2014/07/07 19:49:15 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{0F3661DF-7BC2-45AA-B807-FB599C54CFB7}.job
[2014/07/07 19:49:12 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{E40D99B9-6E10-4868-BFAA-F8253B5E9718}.job
[2014/07/05 09:03:17 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/07/03 09:49:07 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014/07/03 00:03:14 | 000,028,960 | ---- | M] (Glarysoft Ltd) -- C:\Windows\SysNative\RegBootDefrag.exe
[2014/07/03 00:03:02 | 000,118,048 | ---- | M] (Glarysoft Ltd) -- C:\Windows\SysNative\BootDefrag.exe
[2014/07/02 11:55:01 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForSteve.job
[2014/07/02 11:42:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/02 11:10:10 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
[2014/07/02 10:58:02 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4104090456-942970366-3307904469-1003UA.job
[2014/07/02 09:38:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRegina.job
[2014/07/02 07:42:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/07/02 07:24:54 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4104090456-942970366-3307904469-1003Core.job
[2014/07/01 00:52:50 | 000,017,600 | ---- | M] (Glarysoft Ltd) -- C:\Windows\SysNative\drivers\BootDefragDriver.sys
[2014/06/22 13:52:51 | 000,003,728 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
[2014/06/22 13:52:19 | 000,050,464 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2014/06/21 11:57:17 | 000,258,286 | ---- | M] () -- C:\Users\Steve\Documents\NIN.xps
[2014/06/17 16:21:34 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2014/06/17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys
[2014/06/17 16:06:58 | 000,269,080 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2014/06/17 16:06:24 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsha.sys
[2014/06/17 16:06:22 | 000,242,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2014/06/17 16:06:22 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys
[2014/06/17 16:06:20 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2014/06/17 16:06:06 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys
[2014/06/17 12:26:41 | 001,134,536 | ---- | M] () -- C:\Users\Steve\Documents\Marriage Certificate.pdf
[2014/06/17 12:25:21 | 000,236,594 | ---- | M] () -- C:\Users\Steve\Desktop\Pebp letter.pdf
[2014/06/14 12:50:25 | 000,166,668 | ---- | M] () -- C:\Users\Steve\Desktop\Me n Reg.JPG
[2014/06/13 22:16:21 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
 
========== Files Created - No Company Name ==========
 
[2014/07/13 13:38:43 | 000,002,250 | ---- | C] () -- C:\Users\Steve\Desktop\HP Photosmart 7510 series.lnk
[2014/07/10 20:53:50 | 000,258,666 | ---- | C] () -- C:\Users\Steve\Documents\NIN seats.xps
[2014/07/10 20:15:10 | 000,002,219 | ---- | C] () -- C:\Users\Steve\Desktop\HP Support Assistant.lnk
[2014/07/10 19:37:29 | 000,000,861 | ---- | C] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2014/07/09 22:16:26 | 000,122,154 | ---- | C] () -- C:\Users\Steve\Documents\registry backup.reg
[2014/07/09 19:06:33 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2014/07/09 13:15:09 | 000,002,250 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart 7510 series.lnk
[2014/07/09 13:15:09 | 000,001,182 | ---- | C] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Photosmart 7510 series.lnk
[2014/07/08 19:45:11 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\HP Photosmart 7510 series.exe_{7BE77095-FC9B-408B-B26A-AEDF1505E35D}.job
[2014/07/08 19:45:00 | 000,000,290 | ---- | C] () -- C:\Windows\tasks\Toolbox.exe_{0A4766BF-E7A7-470E-A1BE-0C3F30EADA5A}.job
[2014/07/08 19:44:59 | 000,000,300 | ---- | C] () -- C:\Windows\tasks\WOWPrint.exe_{D4C9F674-D47B-4FA1-ADA2-68955A37CB03}.job
[2014/07/08 14:17:46 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{15CD4AFF-B521-404B-A696-CFE62BAE15AB}.job
[2014/07/08 14:10:54 | 000,001,106 | ---- | C] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 5.lnk
[2014/07/08 14:10:54 | 000,001,094 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
[2014/07/08 14:10:53 | 000,000,332 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize 5.job
[2014/07/08 14:10:53 | 000,000,250 | ---- | C] () -- C:\Windows\tasks\GU5SkipUAC.job
[2014/07/08 12:34:16 | 000,099,580 | ---- | C] () -- C:\Users\Steve\Desktop\House 2.jpg
[2014/07/07 22:45:16 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{F8075218-9817-41FE-82CC-136A8EB3A619}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{3CD08C26-55B7-4173-A781-208C074089A4}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{39ED2E90-6501-4756-B268-4F4F534F1BF5}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{38C1CE45-6C53-4C14-A879-71C83D07D6EF}.job
[2014/07/07 22:45:14 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{B7D68225-1BF5-455A-BCD6-DD6E285EE27C}.job
[2014/07/07 22:41:01 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{D4446781-1E21-467E-8042-14139BABA3D0}.job
[2014/07/07 22:08:36 | 000,001,103 | ---- | C] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2014/07/07 22:08:36 | 000,001,079 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2014/07/07 20:20:01 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{8F3C5E38-CA8C-4676-A01B-C344FE20AB43}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{D5892677-ABED-4C2F-BAEF-61368A77CD6E}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{1304F0DD-E9DC-4627-9B95-E1B3E7123A7E}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{02A579CE-D884-4A2B-8779-8556BE5A68CE}.job
[2014/07/07 20:19:59 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{E44E59ED-0D10-45CB-A137-B55D13308B5D}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{C6D5B7B0-B7CD-4C90-A7FF-B9CD913A5C8E}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{5694A2C1-E424-444A-8D57-6812908D16A3}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{4D6F2D12-7A7D-47ED-9E6A-7D625B62492C}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{73B949FC-80F0-454B-9C23-5109A385FB7D}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{5E950ACA-662A-49E7-B169-C6A1B26FBB1A}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{4CAB99AD-E91E-46F0-91F8-31BB30279723}.job
[2014/07/07 19:52:08 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{B79F4FF0-63EE-43FD-ACEA-F21F95EDED16}.job
[2014/07/07 19:52:08 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{58BF558E-BD7D-4B1D-9009-758325DA607E}.job
[2014/07/07 19:52:07 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{69C9B166-5E84-48FF-B59A-DDF92AB40F8C}.job
[2014/07/07 19:49:17 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{9145778C-28CD-4F27-8011-86ABD7974233}.job
[2014/07/07 19:49:17 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{231D6AEC-91F7-4269-8ED0-9951CE64D4D9}.job
[2014/07/07 19:49:15 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{0F3661DF-7BC2-45AA-B807-FB599C54CFB7}.job
[2014/07/07 19:49:12 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{E40D99B9-6E10-4868-BFAA-F8253B5E9718}.job
[2014/07/07 19:40:50 | 000,099,580 | ---- | C] () -- C:\Users\Steve\Desktop\House.jpg
[2014/06/21 11:57:16 | 000,258,286 | ---- | C] () -- C:\Users\Steve\Documents\NIN.xps
[2014/06/17 12:26:40 | 001,134,536 | ---- | C] () -- C:\Users\Steve\Documents\Marriage Certificate.pdf
[2014/06/17 12:25:21 | 000,236,594 | ---- | C] () -- C:\Users\Steve\Desktop\Pebp letter.pdf
[2014/06/14 12:50:25 | 000,166,668 | ---- | C] () -- C:\Users\Steve\Desktop\Me n Reg.JPG
[2013/11/14 14:23:10 | 000,305,059 | ---- | C] () -- C:\Users\Steve\AppData\Local\census.cache
[2013/11/14 14:23:05 | 000,136,531 | ---- | C] () -- C:\Users\Steve\AppData\Local\ars.cache
[2013/05/20 17:51:55 | 000,003,728 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
[2011/12/31 17:45:04 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2011/06/05 12:03:24 | 000,000,122 | ---- | C] () -- C:\Users\Steve\AppData\Roaming\wklnhst.dat
[2010/11/23 09:30:58 | 000,000,036 | ---- | C] () -- C:\Users\Steve\AppData\Local\housecall.guid.cache
[2009/12/28 20:20:38 | 000,000,363 | ---- | C] () -- C:\Users\Steve\RecentPlaces.lnk
[2009/12/28 20:20:34 | 000,000,904 | RHS- | C] () -- C:\Users\Steve\ntuser.pol
[2009/12/28 19:03:01 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Grapher
[2009/12/28 19:03:01 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2009/12/28 19:03:01 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Halftone
 
========== ZeroAccess Check ==========
 
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 19:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 19:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013/10/19 09:23:43 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\AVG2014
[2013/11/14 14:54:23 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\BitLord
[2010/07/21 10:53:17 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/10/29 11:56:14 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\DefaultTab
[2014/07/09 09:54:35 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\DiskDefrag
[2013/10/15 09:51:30 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\DriverCure
[2012/01/08 22:03:08 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\FrostWire
[2014/07/08 14:10:55 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\GlarySoft
[2014/03/21 15:46:46 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\iFunBox.NXGen
[2014/03/21 14:52:32 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\iFunbox_UserCache
[2014/07/06 22:47:22 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Media Finder
[2010/12/25 09:57:23 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Nikon
[2013/10/15 09:51:30 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\ParetoLogic
[2009/12/28 20:20:47 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\PictureMover
[2013/11/14 13:20:14 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Python-Eggs
[2014/03/09 16:24:39 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Seagate
[2013/09/14 17:12:48 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\SearchProtect
[2011/06/05 12:03:25 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Template
[2010/03/04 22:32:04 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Thunderbird
[2012/10/06 08:51:48 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\TuneUp Software
[2012/03/30 10:56:00 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Visan
[2010/03/18 22:14:01 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\WinBatch
[2012/09/29 11:59:58 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:5C321E34

< End of report >
 


  • 0

Advertisements


#2
sg555

sg555

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts

I was having trouble with my hp wireless printer not scanning. I uninstalled the software and tried to reinstall it but it wouldnt get past the wireless connection.

I noticed that my windows updates had been turned off and cannot turn it on or download updates to anything.

I have Malwarebytes and ran it but not sure if its updating properly and it finds no problems on a scan.

I tried to install Microsoft security essentials and also Trend Micro Housecall but neither program will install.

Today I started getting all kinds of pop ups on my Firefox browser and have not been able to stop them.

I just ran OTL and here is a copy. Any help is much appreciated!!

 

OTL logfile created on: 7/13/2014 2:41:58 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Steve\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.99 Gb Total Physical Memory | 5.80 Gb Available Physical Memory | 72.54% Memory free
15.98 Gb Paging File | 13.61 Gb Available in Paging File | 85.18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 686.23 Gb Total Space | 549.75 Gb Free Space | 80.11% Space Free | Partition Type: NTFS
Drive D: | 12.31 Gb Total Space | 1.38 Gb Free Space | 11.24% Space Free | Partition Type: NTFS
Drive G: | 100.00 Mb Total Space | 61.81 Mb Free Space | 61.81% Space Free | Partition Type: NTFS
Drive H: | 915.00 Gb Total Space | 782.64 Gb Free Space | 85.53% Space Free | Partition Type: NTFS
Drive I: | 16.41 Gb Total Space | 5.49 Gb Free Space | 33.45% Space Free | Partition Type: NTFS
 
Computer Name: REGINA-PC | User Name: Steve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/07/13 14:41:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Steve\Downloads\OTL.exe
PRC - [2014/07/02 21:04:37 | 001,869,488 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
PRC - [2014/06/27 15:20:18 | 003,241,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2014/06/22 13:52:19 | 002,571,288 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2014/06/17 16:18:02 | 005,179,408 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
PRC - [2014/06/17 16:11:46 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2014/06/05 21:38:12 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/08/19 18:28:33 | 000,389,016 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/07/02 21:04:37 | 017,024,688 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll
MOD - [2014/06/22 13:52:19 | 002,571,288 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2014/06/22 13:52:19 | 000,693,272 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\NativeBrowserApi\18.1.7\NativeBrowserApi.dll
MOD - [2014/06/22 13:52:19 | 000,519,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\log4cplusU.dll
MOD - [2014/06/05 21:38:46 | 003,852,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/03/20 11:10:50 | 001,603,608 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\TBAPI.dll
MOD - [2013/08/19 18:28:33 | 002,244,504 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
MOD - [2013/08/19 18:28:33 | 000,158,104 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2013/08/19 18:28:33 | 000,022,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldappr32v60.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/05/30 02:21:05 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/09/08 01:51:16 | 000,203,264 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2014/07/02 21:04:37 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/06/27 15:20:18 | 003,241,488 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014/06/22 13:52:19 | 001,813,528 | ---- | M] (AVG Secure Search) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe -- (vToolbarUpdater18.1.7)
SRV - [2014/06/17 16:11:46 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2014/06/05 21:38:37 | 000,119,408 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/05/21 11:34:38 | 000,049,464 | ---- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\Program Files (x86)\hp\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2014/03/23 20:32:02 | 000,225,792 | ---- | M] (NETGEAR) [Disabled | Stopped] -- C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe -- (NETGEARGenieDaemon)
SRV - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/04 18:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/10/30 17:35:44 | 001,128,544 | ---- | M] (Seagate) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/01/18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/04/22 13:56:50 | 000,984,392 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/02/20 17:09:07 | 000,867,080 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/02/18 15:01:06 | 000,462,632 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2009/09/06 07:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/22 11:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/09/30 19:59:26 | 000,192,512 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe -- (HPBtnSrv)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/07/08 14:10:52 | 000,020,160 | ---- | M] (Glarysoft Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GUBootStartup.sys -- (GUBootStartup)
DRV:64bit: - [2014/07/08 13:22:01 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2014/07/01 00:52:50 | 000,017,600 | ---- | M] (Glarysoft Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BootDefragDriver.sys -- (BootDefragDriver)
DRV:64bit: - [2014/06/22 13:52:19 | 000,050,464 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2014/06/17 16:21:34 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2014/06/17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2014/06/17 16:06:58 | 000,269,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2014/06/17 16:06:24 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2014/06/17 16:06:22 | 000,242,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2014/06/17 16:06:22 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2014/06/17 16:06:20 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2014/06/17 16:06:06 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2014/03/09 16:24:03 | 001,120,032 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tib.sys -- (tib)
DRV:64bit: - [2014/03/09 16:24:03 | 000,183,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tib_mounter.sys -- (tib_mounter)
DRV:64bit: - [2014/03/09 16:24:02 | 001,462,560 | ---- | M] (Acronis International GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdrpman.sys -- (tdrpman)
DRV:64bit: - [2014/03/09 16:24:01 | 000,161,568 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vididr.sys -- (vididr)
DRV:64bit: - [2014/03/09 16:24:01 | 000,117,024 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vidsflt.sys -- (vidsflt)
DRV:64bit: - [2014/03/09 16:23:59 | 000,233,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2014/03/09 16:23:59 | 000,108,832 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv)
DRV:64bit: - [2013/10/01 19:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/06/20 10:42:44 | 003,678,720 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/18 07:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/01/18 07:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/09/08 02:26:04 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/09/08 02:26:04 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/09/08 01:15:06 | 000,279,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010/03/03 19:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/01/28 10:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/12/30 10:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/08/20 17:05:06 | 000,239,616 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 17:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/06/16 04:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV - [2009/10/20 14:50:12 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/06/11 13:11:29] [Kernel | Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis....q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis....q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{2783B66A-55CC-4056-86A9-3BA729C889EC}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE:64bit: - HKLM\..\SearchScopes\{C1E63727-935B-4A47-98BC-9B86FDF6A0BC}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis....q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis....q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{2783B66A-55CC-4056-86A9-3BA729C889EC}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{56DE73FF-73CF-4E0A-B10B-07B806D438EA}: "URL" = ${SEARCH_URL}{searchTerms}
IE - HKLM\..\SearchScopes\{C1E63727-935B-4A47-98BC-9B86FDF6A0BC}: "URL" = http://www.bing.com/...rc=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{7FB11826-47CE-4849-AFBF-0B6CD1636106}: "URL" = http://search.condui...4525793511&UM=2
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={6C95A33C-8C1B-4299-BE85-A5BEC83E918F}&mid=b3eac9d998398c3151ef564ae112aa16-1ff8c315a8f217f457fe384e8cab6e80f6b5bda9&lang=en&ds=AVG&pr=fr&d=2012-10-06 08:51:44&v=15.4.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{C1E63727-935B-4A47-98BC-9B86FDF6A0BC}: "URL" = http://www.bing.com/...E11SR&pc=HPDTDF
IE - HKCU\..\SearchScopes\{EEDAA5C8-F527-4D4E-BD3A-54021F31DA58}: "URL" = http://mp3tubetoolba...e4856f971c4347a
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Dogpile"
FF - prefs.js..browser.search.defaultthis.engineName: "InternetHelper3.1 Customized Web Search"
FF - prefs.js..browser.search.order.1: "Dogpile"
FF - prefs.js..browser.search.selectedEngineURL: "http://mp3tubetoolba...={searchTerms}"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "yahoo.com"
FF - prefs.js..extensions.enabledAddons: %7B27c60876-b5c9-4335-b4f3-52b26782220c%7D:0.9.4
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: avg%40toolbar:18.1.7.644
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.67
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..keyword.URL: "http://mp3tubetoolba...removelink2&q="
 
FF - user.js..keyword.URL: "http://mp3tubetoolba...removelink2&q="
FF - user.js..keyword.enabled: 1
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Steve\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Steve\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.7.644 [2014/07/09 17:58:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 15:27:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/03/15 11:16:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/05/30 16:35:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2014/03/15 11:16:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014/05/30 16:35:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files (x86)\AVG\AVG2012\Thunderbird\
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2014/03/15 11:16:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014/05/30 16:35:49 | 000,000,000 | ---D | M]
 
[2010/03/04 22:32:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Extensions
[2010/03/04 22:32:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/02/21 17:39:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Extensions\[email protected]
[2014/07/13 14:39:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\horwqrdo.default\extensions
[2011/03/29 19:19:34 | 000,000,000 | ---D | M] ("Malware Search") -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\horwqrdo.default\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}
[2013/11/14 14:54:22 | 000,000,000 | ---D | M] (ScorpionSaver) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\horwqrdo.default\extensions\ScorpionSaver@jetpack
[2014/07/13 14:28:29 | 000,010,912 | ---- | M] () (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\horwqrdo.default\extensions\[email protected]
[2012/01/21 10:14:55 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\horwqrdo.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2011/05/22 16:28:29 | 000,001,211 | ---- | M] () -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\horwqrdo.default\searchplugins\Mp3Tube.xml
[2010/02/21 18:32:01 | 000,009,985 | ---- | M] () -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\horwqrdo.default\searchplugins\mywebsearch.xml
[2013/10/15 10:20:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/10/15 10:23:35 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/10/15 10:23:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/10/15 10:23:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013/10/15 10:23:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/10/01 09:41:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/07/13 12:35:50 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions
[2013/11/16 15:51:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/07/09 17:58:36 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\18.1.7.644
[2013/02/18 22:25:44 | 000,003,714 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
CHR - plugin: Microsoft® Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\\npsitesafety.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
CHR - plugin: Java Deployment Toolkit 7.0.210.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Cast = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\14.605.0.10_0\
CHR - Extension: Do Not Track = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckdcpbflcbeillmamogkpmdhnbeggfja\0.1.1_0\
CHR - Extension: Google Search = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.5_0\
CHR - Extension: Ghostery = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.3.0_0\
CHR - Extension: Google Wallet = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\
 
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.7.644\AVG Secure Search_toolbar.dll (AVG Secure Search)
O2 - BHO: (hpBHO Class) - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.7.644\AVG Secure Search_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - CC:\Windows\system32\AdpeakProxy64.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - CC:\Windows\system32\AdpeakProxy64.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - CC:\Windows\system32\AdpeakProxy64.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - CC:\Windows\system32\AdpeakProxy64.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - CC:\Windows\system32\AdpeakProxy64.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onec...s/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88786135-6BA9-4FD6-B945-887056AE4746}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B632F6BD-3E77-4DA9-BB2D-A244E962DA21}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\vsharechrome - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (AVG Secure Search)
O18 - Protocol\Handler\vsharechrome - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (RegBootDefrag)
O34 - HKLM BootExecute: (cute settings...)
O34 - HKLM BootExecute: (ountPoints2\M\Sh)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/07/13 13:07:00 | 000,028,960 | ---- | C] (Glarysoft Ltd) -- C:\Windows\SysNative\RegBootDefrag.exe
[2014/07/10 20:15:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
[2014/07/10 20:12:20 | 000,000,000 | ---D | C] -- C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
[2014/07/10 09:17:06 | 000,000,000 | ---D | C] -- C:\swsetup
[2014/07/09 13:15:00 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2014/07/08 14:10:54 | 000,000,000 | ---D | C] -- C:\ProgramData\GlarySoft
[2014/07/08 14:10:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
[2014/07/08 14:10:52 | 000,118,048 | ---- | C] (Glarysoft Ltd) -- C:\Windows\SysNative\BootDefrag.exe
[2014/07/08 14:10:52 | 000,020,160 | ---- | C] (Glarysoft Ltd) -- C:\Windows\SysNative\drivers\GUBootStartup.sys
[2014/07/08 14:10:52 | 000,017,600 | ---- | C] (Glarysoft Ltd) -- C:\Windows\SysNative\drivers\BootDefragDriver.sys
[2014/07/08 14:10:48 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\DiskDefrag
[2014/07/08 14:10:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities 5
[2014/07/08 12:30:24 | 000,000,000 | R--D | C] -- C:\Users\Steve\Documents\HP Photo Creations
[2014/07/07 22:10:35 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Hewlett-Packard_Company
[2014/07/07 22:10:26 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\HP TCS
[2014/07/07 22:08:38 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\VS Revo Group
[2014/07/07 22:08:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2014/07/07 22:08:35 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
[2014/07/07 22:08:35 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group
[2014/07/07 22:08:34 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2014/07/07 18:52:15 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
[2014/07/07 18:51:39 | 000,000,000 | ---D | C] -- C:\HP_ePrint
[2014/07/03 09:08:37 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Adobe
[2014/07/02 10:51:02 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/02 10:50:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/07/02 10:50:48 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/07/02 10:50:48 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/07/02 10:50:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/06/21 11:20:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2014/06/17 16:21:34 | 000,235,800 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2014/06/17 16:07:12 | 000,328,984 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys
[2014/06/17 16:06:58 | 000,269,080 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2014/06/17 16:06:24 | 000,190,744 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsha.sys
[2014/06/17 16:06:22 | 000,242,968 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2014/06/17 16:06:22 | 000,153,368 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys
[2014/06/17 16:06:20 | 000,123,672 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2014/06/17 16:06:06 | 000,031,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys
 
========== Files - Modified Within 30 Days ==========
 
[2014/07/13 14:12:51 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/13 13:38:43 | 000,002,250 | ---- | M] () -- C:\Users\Steve\Desktop\HP Photosmart 7510 series.lnk
[2014/07/13 13:16:33 | 000,015,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/13 13:16:33 | 000,015,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/13 13:15:20 | 000,786,514 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/07/13 13:15:20 | 000,665,304 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/07/13 13:15:20 | 000,123,112 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/07/13 13:08:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/13 13:08:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2014/07/13 13:08:00 | 2140,467,199 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/13 12:35:53 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/07/10 20:53:51 | 000,258,666 | ---- | M] () -- C:\Users\Steve\Documents\NIN seats.xps
[2014/07/10 20:15:10 | 000,002,219 | ---- | M] () -- C:\Users\Steve\Desktop\HP Support Assistant.lnk
[2014/07/10 19:37:29 | 000,000,861 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2014/07/10 12:39:57 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/07/09 22:16:29 | 000,122,154 | ---- | M] () -- C:\Users\Steve\Documents\registry backup.reg
[2014/07/09 13:15:09 | 000,002,250 | ---- | M] () -- C:\Users\Public\Desktop\HP Photosmart 7510 series.lnk
[2014/07/09 13:15:09 | 000,001,182 | ---- | M] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Photosmart 7510 series.lnk
[2014/07/08 19:51:00 | 000,002,006 | ---- | M] () -- C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
[2014/07/08 19:45:11 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\HP Photosmart 7510 series.exe_{7BE77095-FC9B-408B-B26A-AEDF1505E35D}.job
[2014/07/08 19:45:00 | 000,000,290 | ---- | M] () -- C:\Windows\tasks\Toolbox.exe_{0A4766BF-E7A7-470E-A1BE-0C3F30EADA5A}.job
[2014/07/08 19:44:59 | 000,000,300 | ---- | M] () -- C:\Windows\tasks\WOWPrint.exe_{D4C9F674-D47B-4FA1-ADA2-68955A37CB03}.job
[2014/07/08 14:17:46 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{15CD4AFF-B521-404B-A696-CFE62BAE15AB}.job
[2014/07/08 14:10:54 | 000,001,106 | ---- | M] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 5.lnk
[2014/07/08 14:10:54 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize 5.job
[2014/07/08 14:10:54 | 000,000,250 | ---- | M] () -- C:\Windows\tasks\GU5SkipUAC.job
[2014/07/08 14:10:52 | 000,020,160 | ---- | M] (Glarysoft Ltd) -- C:\Windows\SysNative\drivers\GUBootStartup.sys
[2014/07/08 13:22:01 | 000,369,168 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysNative\wpcap.dll
[2014/07/08 13:22:01 | 000,281,104 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysWow64\wpcap.dll
[2014/07/08 13:22:01 | 000,106,000 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysNative\packet.dll
[2014/07/08 13:22:01 | 000,096,784 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysWow64\packet.dll
[2014/07/08 13:22:01 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysNative\drivers\npf.sys
[2014/07/08 13:22:01 | 000,002,052 | ---- | M] () -- C:\Users\Public\Desktop\NETGEAR Genie.lnk
[2014/07/08 12:35:16 | 000,099,580 | ---- | M] () -- C:\Users\Steve\Desktop\House.jpg
[2014/07/08 12:34:17 | 000,099,580 | ---- | M] () -- C:\Users\Steve\Desktop\House 2.jpg
[2014/07/08 12:30:20 | 000,001,993 | ---- | M] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2014/07/07 22:45:16 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{F8075218-9817-41FE-82CC-136A8EB3A619}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{3CD08C26-55B7-4173-A781-208C074089A4}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{39ED2E90-6501-4756-B268-4F4F534F1BF5}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{38C1CE45-6C53-4C14-A879-71C83D07D6EF}.job
[2014/07/07 22:45:14 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{B7D68225-1BF5-455A-BCD6-DD6E285EE27C}.job
[2014/07/07 22:41:01 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{D4446781-1E21-467E-8042-14139BABA3D0}.job
[2014/07/07 22:08:36 | 000,001,103 | ---- | M] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2014/07/07 22:08:36 | 000,001,079 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2014/07/07 20:20:01 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{8F3C5E38-CA8C-4676-A01B-C344FE20AB43}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{D5892677-ABED-4C2F-BAEF-61368A77CD6E}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{1304F0DD-E9DC-4627-9B95-E1B3E7123A7E}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{02A579CE-D884-4A2B-8779-8556BE5A68CE}.job
[2014/07/07 20:19:59 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{E44E59ED-0D10-45CB-A137-B55D13308B5D}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{C6D5B7B0-B7CD-4C90-A7FF-B9CD913A5C8E}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{5694A2C1-E424-444A-8D57-6812908D16A3}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{4D6F2D12-7A7D-47ED-9E6A-7D625B62492C}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{73B949FC-80F0-454B-9C23-5109A385FB7D}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{5E950ACA-662A-49E7-B169-C6A1B26FBB1A}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{4CAB99AD-E91E-46F0-91F8-31BB30279723}.job
[2014/07/07 19:52:08 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{B79F4FF0-63EE-43FD-ACEA-F21F95EDED16}.job
[2014/07/07 19:52:08 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{58BF558E-BD7D-4B1D-9009-758325DA607E}.job
[2014/07/07 19:52:07 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{69C9B166-5E84-48FF-B59A-DDF92AB40F8C}.job
[2014/07/07 19:49:17 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{9145778C-28CD-4F27-8011-86ABD7974233}.job
[2014/07/07 19:49:17 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{231D6AEC-91F7-4269-8ED0-9951CE64D4D9}.job
[2014/07/07 19:49:15 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{0F3661DF-7BC2-45AA-B807-FB599C54CFB7}.job
[2014/07/07 19:49:12 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{E40D99B9-6E10-4868-BFAA-F8253B5E9718}.job
[2014/07/05 09:03:17 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/07/03 09:49:07 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014/07/03 00:03:14 | 000,028,960 | ---- | M] (Glarysoft Ltd) -- C:\Windows\SysNative\RegBootDefrag.exe
[2014/07/03 00:03:02 | 000,118,048 | ---- | M] (Glarysoft Ltd) -- C:\Windows\SysNative\BootDefrag.exe
[2014/07/02 11:55:01 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForSteve.job
[2014/07/02 11:42:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/02 11:10:10 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
[2014/07/02 10:58:02 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4104090456-942970366-3307904469-1003UA.job
[2014/07/02 09:38:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRegina.job
[2014/07/02 07:42:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/07/02 07:24:54 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4104090456-942970366-3307904469-1003Core.job
[2014/07/01 00:52:50 | 000,017,600 | ---- | M] (Glarysoft Ltd) -- C:\Windows\SysNative\drivers\BootDefragDriver.sys
[2014/06/22 13:52:51 | 000,003,728 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
[2014/06/22 13:52:19 | 000,050,464 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2014/06/21 11:57:17 | 000,258,286 | ---- | M] () -- C:\Users\Steve\Documents\NIN.xps
[2014/06/17 16:21:34 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2014/06/17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys
[2014/06/17 16:06:58 | 000,269,080 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2014/06/17 16:06:24 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsha.sys
[2014/06/17 16:06:22 | 000,242,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2014/06/17 16:06:22 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys
[2014/06/17 16:06:20 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2014/06/17 16:06:06 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys
[2014/06/17 12:26:41 | 001,134,536 | ---- | M] () -- C:\Users\Steve\Documents\Marriage Certificate.pdf
[2014/06/17 12:25:21 | 000,236,594 | ---- | M] () -- C:\Users\Steve\Desktop\Pebp letter.pdf
[2014/06/14 12:50:25 | 000,166,668 | ---- | M] () -- C:\Users\Steve\Desktop\Me n Reg.JPG
[2014/06/13 22:16:21 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
 
========== Files Created - No Company Name ==========
 
[2014/07/13 13:38:43 | 000,002,250 | ---- | C] () -- C:\Users\Steve\Desktop\HP Photosmart 7510 series.lnk
[2014/07/10 20:53:50 | 000,258,666 | ---- | C] () -- C:\Users\Steve\Documents\NIN seats.xps
[2014/07/10 20:15:10 | 000,002,219 | ---- | C] () -- C:\Users\Steve\Desktop\HP Support Assistant.lnk
[2014/07/10 19:37:29 | 000,000,861 | ---- | C] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2014/07/09 22:16:26 | 000,122,154 | ---- | C] () -- C:\Users\Steve\Documents\registry backup.reg
[2014/07/09 19:06:33 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2014/07/09 13:15:09 | 000,002,250 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart 7510 series.lnk
[2014/07/09 13:15:09 | 000,001,182 | ---- | C] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Photosmart 7510 series.lnk
[2014/07/08 19:45:11 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\HP Photosmart 7510 series.exe_{7BE77095-FC9B-408B-B26A-AEDF1505E35D}.job
[2014/07/08 19:45:00 | 000,000,290 | ---- | C] () -- C:\Windows\tasks\Toolbox.exe_{0A4766BF-E7A7-470E-A1BE-0C3F30EADA5A}.job
[2014/07/08 19:44:59 | 000,000,300 | ---- | C] () -- C:\Windows\tasks\WOWPrint.exe_{D4C9F674-D47B-4FA1-ADA2-68955A37CB03}.job
[2014/07/08 14:17:46 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{15CD4AFF-B521-404B-A696-CFE62BAE15AB}.job
[2014/07/08 14:10:54 | 000,001,106 | ---- | C] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 5.lnk
[2014/07/08 14:10:54 | 000,001,094 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
[2014/07/08 14:10:53 | 000,000,332 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize 5.job
[2014/07/08 14:10:53 | 000,000,250 | ---- | C] () -- C:\Windows\tasks\GU5SkipUAC.job
[2014/07/08 12:34:16 | 000,099,580 | ---- | C] () -- C:\Users\Steve\Desktop\House 2.jpg
[2014/07/07 22:45:16 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{F8075218-9817-41FE-82CC-136A8EB3A619}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{3CD08C26-55B7-4173-A781-208C074089A4}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{39ED2E90-6501-4756-B268-4F4F534F1BF5}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{38C1CE45-6C53-4C14-A879-71C83D07D6EF}.job
[2014/07/07 22:45:14 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{B7D68225-1BF5-455A-BCD6-DD6E285EE27C}.job
[2014/07/07 22:41:01 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{D4446781-1E21-467E-8042-14139BABA3D0}.job
[2014/07/07 22:08:36 | 000,001,103 | ---- | C] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2014/07/07 22:08:36 | 000,001,079 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2014/07/07 20:20:01 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{8F3C5E38-CA8C-4676-A01B-C344FE20AB43}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{D5892677-ABED-4C2F-BAEF-61368A77CD6E}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{1304F0DD-E9DC-4627-9B95-E1B3E7123A7E}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{02A579CE-D884-4A2B-8779-8556BE5A68CE}.job
[2014/07/07 20:19:59 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{E44E59ED-0D10-45CB-A137-B55D13308B5D}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{C6D5B7B0-B7CD-4C90-A7FF-B9CD913A5C8E}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{5694A2C1-E424-444A-8D57-6812908D16A3}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{4D6F2D12-7A7D-47ED-9E6A-7D625B62492C}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{73B949FC-80F0-454B-9C23-5109A385FB7D}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{5E950ACA-662A-49E7-B169-C6A1B26FBB1A}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{4CAB99AD-E91E-46F0-91F8-31BB30279723}.job
[2014/07/07 19:52:08 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{B79F4FF0-63EE-43FD-ACEA-F21F95EDED16}.job
[2014/07/07 19:52:08 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{58BF558E-BD7D-4B1D-9009-758325DA607E}.job
[2014/07/07 19:52:07 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{69C9B166-5E84-48FF-B59A-DDF92AB40F8C}.job
[2014/07/07 19:49:17 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{9145778C-28CD-4F27-8011-86ABD7974233}.job
[2014/07/07 19:49:17 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{231D6AEC-91F7-4269-8ED0-9951CE64D4D9}.job
[2014/07/07 19:49:15 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{0F3661DF-7BC2-45AA-B807-FB599C54CFB7}.job
[2014/07/07 19:49:12 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{E40D99B9-6E10-4868-BFAA-F8253B5E9718}.job
[2014/07/07 19:40:50 | 000,099,580 | ---- | C] () -- C:\Users\Steve\Desktop\House.jpg
[2014/06/21 11:57:16 | 000,258,286 | ---- | C] () -- C:\Users\Steve\Documents\NIN.xps
[2014/06/17 12:26:40 | 001,134,536 | ---- | C] () -- C:\Users\Steve\Documents\Marriage Certificate.pdf
[2014/06/17 12:25:21 | 000,236,594 | ---- | C] () -- C:\Users\Steve\Desktop\Pebp letter.pdf
[2014/06/14 12:50:25 | 000,166,668 | ---- | C] () -- C:\Users\Steve\Desktop\Me n Reg.JPG
[2013/11/14 14:23:10 | 000,305,059 | ---- | C] () -- C:\Users\Steve\AppData\Local\census.cache
[2013/11/14 14:23:05 | 000,136,531 | ---- | C] () -- C:\Users\Steve\AppData\Local\ars.cache
[2013/05/20 17:51:55 | 000,003,728 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
[2011/12/31 17:45:04 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2011/06/05 12:03:24 | 000,000,122 | ---- | C] () -- C:\Users\Steve\AppData\Roaming\wklnhst.dat
[2010/11/23 09:30:58 | 000,000,036 | ---- | C] () -- C:\Users\Steve\AppData\Local\housecall.guid.cache
[2009/12/28 20:20:38 | 000,000,363 | ---- | C] () -- C:\Users\Steve\RecentPlaces.lnk
[2009/12/28 20:20:34 | 000,000,904 | RHS- | C] () -- C:\Users\Steve\ntuser.pol
[2009/12/28 19:03:01 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Grapher
[2009/12/28 19:03:01 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2009/12/28 19:03:01 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Halftone
 
========== ZeroAccess Check ==========
 
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 19:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 19:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013/10/19 09:23:43 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\AVG2014
[2013/11/14 14:54:23 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\BitLord
[2010/07/21 10:53:17 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/10/29 11:56:14 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\DefaultTab
[2014/07/09 09:54:35 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\DiskDefrag
[2013/10/15 09:51:30 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\DriverCure
[2012/01/08 22:03:08 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\FrostWire
[2014/07/08 14:10:55 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\GlarySoft
[2014/03/21 15:46:46 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\iFunBox.NXGen
[2014/03/21 14:52:32 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\iFunbox_UserCache
[2014/07/06 22:47:22 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Media Finder
[2010/12/25 09:57:23 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Nikon
[2013/10/15 09:51:30 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\ParetoLogic
[2009/12/28 20:20:47 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\PictureMover
[2013/11/14 13:20:14 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Python-Eggs
[2014/03/09 16:24:39 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Seagate
[2013/09/14 17:12:48 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\SearchProtect
[2011/06/05 12:03:25 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Template
[2010/03/04 22:32:04 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Thunderbird
[2012/10/06 08:51:48 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\TuneUp Software
[2012/03/30 10:56:00 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Visan
[2010/03/18 22:14:01 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\WinBatch
[2012/09/29 11:59:58 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:5C321E34


  • 0

#3
sg555

sg555

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts

I found something called scorpion saver in my add ons in firefox. I removed it and reset the browswer a couple of times and it appears to be fixed but I downloaded Revo uninstaller and it wont uninstall it. it says the feature you are trying to use is on a network resource that is unavailable.  There are some registry items that come up when Revo scans it but Im afraid of deleting the wrong things. Either way my browser is working but I still cant enable windows updates at all.


  • 0

#4
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 8,087 posts
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)


First

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
  • NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished and the PC has rebooted.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner
  • Next

    thisisujrt.gif Please download Junkware Removal Tool to your Desktop.

    Please close your security software to avoid potential conflicts.
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    Please post the contents of JRT.txt into your reply.

    Next
    Please download MiniToolBox http://download.blee...MiniToolBox.exe and run it.

    Checkmark following boxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size
    • List Restore Points
    Click Go and post the result.

    In your next reply post:
    1-AdwCleaner Log
    2-Jrt.txt log
    3-Minitoolbox Log report.

    Thanks
    Joe

  • 0

#5
sg555

sg555

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts

Hi Joe, thanks for your help. I ran everything you suggested and below are the log posts. Once I ran Adwcleaner and cleaned my pc window updates started downloading.

Here are the logs. I will await your reply. Thanks again for your help.

 

Steve

 

# AdwCleaner v3.215 - Report created 14/07/2014 at 08:01:29
# Updated 09/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Steve - REGINA-PC
# Running from : C:\Users\Steve\Downloads\adwcleaner_3.215.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : vToolbarUpdater18.1.7

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\ParetoLogic
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Program Files (x86)\vShare
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Common Files\ParetoLogic
Folder Deleted : C:\Users\Regina\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Regina\AppData\Local\AVG Security Toolbar
Folder Deleted : C:\Users\Regina\AppData\Local\Conduit
Folder Deleted : C:\Users\Regina\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Regina\AppData\LocalLow\AVG Security Toolbar
Folder Deleted : C:\Users\Regina\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Regina\AppData\LocalLow\MyWebSearch
Folder Deleted : C:\Users\Regina\AppData\LocalLow\vShare
Folder Deleted : C:\Users\Regina\AppData\Roaming\SearchProtect
Folder Deleted : C:\Users\Steve\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Steve\AppData\Local\AVG Security Toolbar
Folder Deleted : C:\Users\Steve\AppData\Local\Conduit
Folder Deleted : C:\Users\Steve\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Steve\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Steve\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Steve\AppData\LocalLow\Mp3Tube Toolbar
Folder Deleted : C:\Users\Steve\AppData\LocalLow\MyWebSearch
Folder Deleted : C:\Users\Steve\AppData\LocalLow\vShare
Folder Deleted : C:\Users\Steve\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\Steve\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\Steve\AppData\Roaming\Media Finder
Folder Deleted : C:\Users\Steve\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\Steve\AppData\Roaming\SearchProtect
Folder Deleted : C:\Users\Regina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\END
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js
File Deleted : C:\Users\Regina\AppData\Roaming\Mozilla\Firefox\Profiles\kzzkza78.default\searchplugins\Askcom.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\Regina\AppData\Roaming\Mozilla\Firefox\Profiles\kzzkza78.default\searchplugins\Mp3Tube.xml
File Deleted : C:\Users\Regina\AppData\Roaming\Mozilla\Firefox\Profiles\kzzkza78.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aacbndibbcpajfgnkdkaakeiojmmgmnk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\MF
Key Deleted : HKLM\SOFTWARE\Classes\PCProxy.DataContainer
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\vsharechrome
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Classes\vShare.IMedixProtocol
Key Deleted : HKLM\SOFTWARE\Classes\vShare.IMedixProtocol.1
Key Deleted : HKLM\SOFTWARE\Classes\vShare.ScriptHelpers
Key Deleted : HKLM\SOFTWARE\Classes\vShare.ScriptHelpers.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ClickPotatoLiteSA_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ClickPotatoLiteSA_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\vShare
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Mp3Tube
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\eSafeSecControl
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\vShare
Key Deleted : HKLM\Software\Classes\Installer\Features\6BA018E6E43F3A949AF3E90563067F81
Key Deleted : HKLM\Software\Classes\Installer\Products\6BA018E6E43F3A949AF3E90563067F81

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v30.0 (en-US)

[ File : C:\Users\Regina\AppData\Roaming\Mozilla\Firefox\Profiles\kzzkza78.default\prefs.js ]

Line Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\18.1.7.644");
Line Deleted : user_pref("avg.userPreferences.URLBarFocus.whiteList", "bing\\.com|google\\.\\w+|yahoo\\.\\w+|gmail\\.\\w+|hotmail\\.\\w+|live\\.\\w+|isearch\\.avg\\.com|mysearch\\.avg\\.com");
Line Deleted : user_pref("browser.search..selectedEngineURL", "hxxp://mp3tubetoolbar.com/?&prt=pinballtbfour01ff&clid=bb6934cccdcb4f7b8e4856f971c4347a&subid=&keywords={searchTerms}");
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("keyword.URL", "hxxp://mp3tubetoolbar.com/?tmp=nemo_results_removelink2&q=");

[ File : C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\7dzk6ldf.default-1405304800160\prefs.js ]


-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\Regina\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof

[ File : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Extension] : jpihmmhdcobmllpcnpfbhnipmhamldje
Deleted [Extension] : kdidombaedgpfiiedeimiebkmbilgmlc
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof

*************************

AdwCleaner[R0].txt - [16415 octets] - [14/07/2014 07:51:48]
AdwCleaner[S0].txt - [15666 octets] - [14/07/2014 08:01:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15727 octets] ##########
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Steve on Mon 07/14/2014 at  8:21:35.81
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{7FB11826-47CE-4849-AFBF-0B6CD1636106}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEDAA5C8-F527-4D4E-BD3A-54021F31DA58}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{56DE73FF-73CF-4E0A-B10B-07B806D438EA}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABD3B5E1-B268-407B-A150-2641DAB8D898}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\homepage protection"
Successfully deleted: [Empty Folder] C:\Users\Steve\appdata\local\{0FFF338A-E3D2-42DF-8FFA-64271158926E}
Successfully deleted: [Empty Folder] C:\Users\Steve\appdata\local\{A8E9F62D-ABC1-4742-B19F-6B95934935A5}
Successfully deleted: [Empty Folder] C:\Users\Steve\appdata\local\{B1971C61-777A-4A15-B3BE-BF155F71E565}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 07/14/2014 at  8:27:15.28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

MiniToolBox by Farbar  Version: 06-07-2014
Ran by Steve (administrator) on 14-07-2014 at 08:29:51
Running from "C:\Users\Steve\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Qualcomm Atheros 802.11 a/b/g/n Dualband Wireless Network Module = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Regina-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 22-26-82-4A-3C-CD
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 40-61-86-37-C4-84
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::41ba:9149:758b:792c%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, July 14, 2014 8:03:29 AM
   Lease Expires . . . . . . . . . . : Tuesday, July 15, 2014 8:03:50 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 289431942
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-C3-76-C2-40-61-86-37-C4-84
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Qualcomm Atheros 802.11 a/b/g/n Dualband Wireless Network Module
   Physical Address. . . . . . . . . : 00-26-82-4A-3C-CD
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::e1c2:a5d:91c9:25c0%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.6(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, July 14, 2014 8:03:51 AM
   Lease Expires . . . . . . . . . . : Tuesday, July 15, 2014 8:04:14 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 167782018
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-C3-76-C2-40-61-86-37-C4-84
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{B632F6BD-3E77-4DA9-BB2D-A244E962DA21}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:44a:1a8f:bb97:d73f(Preferred)
   Link-local IPv6 Address . . . . . : fe80::44a:1a8f:bb97:d73f%13(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{88786135-6BA9-4FD6-B945-887056AE4746}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4007:800::1002
      74.125.130.113
      74.125.130.102
      74.125.130.100
      74.125.130.101
      74.125.130.138
      74.125.130.139


Pinging google.com [74.125.130.113] with 32 bytes of data:
Reply from 74.125.130.113: bytes=32 time=183ms TTL=44
Reply from 74.125.130.113: bytes=32 time=183ms TTL=44

Ping statistics for 74.125.130.113:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 183ms, Maximum = 183ms, Average = 183ms
Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.138.253.109
      206.190.36.45
      98.139.183.24


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=60ms TTL=51
Reply from 206.190.36.45: bytes=32 time=60ms TTL=51

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 60ms, Maximum = 60ms, Average = 60ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...22 26 82 4a 3c cd ......Microsoft Virtual WiFi Miniport Adapter
 11...40 61 86 37 c4 84 ......Realtek PCIe GBE Family Controller
 10...00 26 82 4a 3c cd ......Qualcomm Atheros 802.11 a/b/g/n Dualband Wireless Network Module
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.2     10
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.6     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.2    266
      192.168.1.0    255.255.255.0         On-link       192.168.1.6    276
      192.168.1.2  255.255.255.255         On-link       192.168.1.2    266
      192.168.1.6  255.255.255.255         On-link       192.168.1.6    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.2    266
    192.168.1.255  255.255.255.255         On-link       192.168.1.6    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.2    266
        224.0.0.0        240.0.0.0         On-link       192.168.1.6    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.2    266
  255.255.255.255  255.255.255.255         On-link       192.168.1.6    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:9d38:6ab8:44a:1a8f:bb97:d73f/128
                                    On-link
 11    266 fe80::/64                On-link
 10    276 fe80::/64                On-link
 13    306 fe80::/64                On-link
 13    306 fe80::44a:1a8f:bb97:d73f/128
                                    On-link
 11    266 fe80::41ba:9149:758b:792c/128
                                    On-link
 10    276 fe80::e1c2:a5d:91c9:25c0/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 11    266 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================
Error: (01/16/2012 09:22:38 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 5 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (08/18/2010 03:12:11 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 312 seconds with 240 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2012-03-09 19:33:07.864
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-03-09 19:33:07.824
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-03-09 19:32:55.792
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-03-09 19:32:55.752
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-03-09 19:32:41.891
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-03-09 19:32:41.861
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-03-09 19:32:41.351
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-03-09 19:32:41.311
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-03-09 19:32:24.768
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-03-09 19:32:24.728
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.



 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
=========================== Installed Programs ============================
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.3.0.0 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 2.3.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.2.12610 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.0.2.12610 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.02 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (x32 Version: 3.02 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.2.152 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Panorama Maker 4 (HKLM-x32\...\{D45E8C45-B601-4A80-AFD8-E16338744DE1}) (Version:  - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{F9F4430E-80DE-EC0F-BF8E-476352C8F954}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4716 - AVG Technologies)
AVG 2014 (Version: 14.0.3986 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4716 - AVG Technologies) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CameraHelperMsi (x32 Version: 13.30.1395.0 - Logitech) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0310.1824.32984 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0310.1824.32984 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0310.1824.32984 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0310.1824.32984 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0310.1824.32984 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0310.1824.32984 - ATI) Hidden
Catalyst Control Center HydraVision Full (x32 Version: 2010.0310.1824.32984 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0520.1631.27815 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0310.1824.32984 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0310.1824.32984 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help English (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help French (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help German (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0310.1823.32984 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0310.1824.32984 - ATI) Hidden
ccc-utility64 (Version: 2010.0310.1824.32984 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
ChromecastApp (HKCU\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.316.0 - Google Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.)
CyberLink DVD Suite Deluxe (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version:  - )
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FrostWire 4.21.1 (HKLM-x32\...\FrostWire) (Version: 4.21.1.0 - FrostWire Team)
Glary Utilities 5.3 (HKLM-x32\...\Glary Utilities 5) (Version: 5.3.0.8 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5434.08 - PC-Doctor, Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
High-Definition Video Playback 10 (x32 Version: 7.0.11000.25.1 - Nero AG) Hidden
Homepage Protection (HKLM-x32\...\Homepage Protection) (Version:  - AOL Products)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.12286.3436 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Easy Backup (HKLM-x32\...\{67431FA8-4B89-42DD-A68E-30D77F6C8D99}_is1) (Version: 1.0.8.0 - Hewlett-Packard)
HP ePrint (HKLM-x32\...\{2794875B-6CCF-48B8-84A5-5B10DB98BEE6}) (Version: 14.0.14176.1823 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP MediaSmart Demo (HKLM-x32\...\{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.0.3420 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 3.0.3420 - Hewlett-Packard) Hidden
HP MediaSmart Movie Themes (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.0.3102 - Hewlett-Packard)
HP MediaSmart Movie Themes (x32 Version: 3.0.3102 - Hewlett-Packard) Hidden
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3601 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (x32 Version: 3.1.3601 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{26280024-DFB7-4967-90DB-7F9C6660D01E}) (Version: 3.0.28.2 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.12992 - HP Photo Creations)
HP Photosmart 7510 series Basic Device Software (HKLM\...\{24C7AD6B-F418-4D3B-B7F2-F3603FD720BF}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 7510 series Help (HKLM-x32\...\{6357D25F-A9C9-4CC7-A1FB-0DCF344E7C40}) (Version: 140.0.2.2 - Hewlett Packard)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.9.0 - TopSeed)
HP Remote Solution (x32 Version: 1.1.9.0 - TopSeed) Hidden
HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{D2F04839-0AD0-4F06-A6B5-6DFF05E27B67}) (Version: 11.50.0019 - Hewlett-Packard Company)
HP Unified IO (Version: 2.0.0.434 - HP) Hidden
HP Unified IO (x32 Version: 2.0.0.434 - HP) Hidden
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.162.0 - ATI Technologies Inc.) Hidden
iCloud (HKLM\...\{D0CB24F4-084F-40DE-B6B9-A03626E682F0}) (Version: 2.1.1.3 - Apple Inc.)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intellex Player (HKLM-x32\...\{68E9A0DF-ED47-11D5-A3F2-00A0CC5DF8D2}) (Version: 3.2 - Sensormatic-VPD)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1901 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.1901 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7230) - Logitech Inc..)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
LWS Facebook (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.30.1379.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.30.1396.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.30.1379.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.30.1395.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.30.1395.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Video Mask Maker (x32 Version: 13.30.1379.0 - Logitech) Hidden
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.30.1379.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.30.1346.0 - Logitech) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.560.0 - Microsoft Live Search Toolbar)
Microsoft Live Search Toolbar (x32 Version: 3.0.560.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version:  - )
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mozilla Thunderbird 17.0.8 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 17.0.8 (x86 en-US)) (Version: 17.0.8 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 10 ClipartPack (HKLM-x32\...\{96ED4B78-300E-4033-AE6C-C115CEB4DF07}) (Version: 10.0.10300.0.0 - Nero AG)
Nero 10 Menu TemplatePack 1 (HKLM-x32\...\{42C8B7DF-FEB0-4D51-B169-506B6BEC5797}) (Version: 10.0.10300.0.0 - Nero AG)
Nero 10 Menu TemplatePack 2 (HKLM-x32\...\{E712C273-7564-4C8E-AA59-0FA19BC35117}) (Version: 10.0.10300.0.0 - Nero AG)
Nero 10 Menu TemplatePack 3 (HKLM-x32\...\{92146419-AE44-4C8B-A48B-0ABB1B5EC026}) (Version: 10.0.10300.0.0 - Nero AG)
Nero 10 Menu TemplatePack Basic (x32 Version: 10.0.10300.0.0 - Nero AG) Hidden
Nero 10 Movie ThemePack 1 (HKLM-x32\...\{43FBAB46-5969-4200-9958-1FF81FEE506F}) (Version: 10.0.10300.1.0 - Nero AG)
Nero 10 Movie ThemePack 2 (HKLM-x32\...\{70F19404-B96C-4EBB-AD2B-3574F8736197}) (Version: 10.0.10300.1.0 - Nero AG)
Nero 10 Movie ThemePack Basic (x32 Version: 10.0.10300.1.0 - Nero AG) Hidden
Nero 10 Sample ImagePack (HKLM-x32\...\{ACD15FDF-FC42-4175-B477-576F92FF2256}) (Version: 10.0.10300.0.0 - Nero AG)
Nero 10 Sample Videos (HKLM-x32\...\{92A10E9D-EA00-4A46-8F22-EEA660992D61}) (Version: 10.0.10300.2.0 - Nero AG)
Nero 8 Essentials (HKLM-x32\...\{523DF39E-DF7D-488F-8022-783946571033}) (Version: 8.10.135 - Nero AG)
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.11100.14.101 - Nero AG)
Nero BackItUp 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.10700.7.100 - Nero AG)
Nero BurningROM 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.10600.9.100 - Nero AG)
Nero BurnRights 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.0.11500.1.0 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.13100.0.1 - Nero AG) Hidden
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10500.7.100 - Nero AG)
Nero CoverDesigner 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10400.4.100 - Nero AG)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
Nero Dolby Files 10 (x32 Version: 2.0.11000.0.10 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.10500.7.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10400.5.100 - Nero AG)
Nero InfoTool 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.11000.6.100 - Nero AG)
Nero MediaHub 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.11200 - Nero AG)
Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10600.1.100 - Nero AG)
Nero Recode 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10500.5.100 - Nero AG)
Nero RescueAgent 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10500.1.100 - Nero AG)
Nero SoundTrax 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.10500.4.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0012 - Nero AG)
Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.10700.4.100 - Nero AG)
Nero Vision 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10500.1.100 - Nero AG)
Nero WaveEditor 10 Help (CHM) (x32 Version: 1.0.10500 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.3.1.25 - NETGEAR Inc.)
Nikon Message Center (HKLM-x32\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon)
Nikon Transfer (HKLM-x32\...\{E9757890-7EC5-46C8-99AB-B00F07B6525C}) (Version: 1.1.0 - Nikon)
PictureMover (HKLM-x32\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.19 - Hewlett-Packard Company)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3101 - CyberLink Corp.) Hidden
PowerRecover (x32 Version: 5.5.1931 - CyberLink Corp.) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
ScorpionSaver (HKLM-x32\...\{273E1F1A-7B1A-436C-A783-A4A8C97AD036}) (Version: 1.0.0.0 - Adpeak, Inc.)
Seagate DiscWizard (HKLM-x32\...\{AC5BFE42-B72A-467C-B9B2-8BF77C6D4D70}) (Version: 16.0.5840 - Seagate)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.8.8855 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )

========================= Memory info: ===================================

Percentage of memory in use: 24%
Total physical RAM: 8183.08 MB
Available physical RAM: 6168.21 MB
Total Pagefile: 16364.34 MB
Available Pagefile: 14398.78 MB
Total Virtual: 4095.88 MB
Available Virtual: 3978.16 MB

========================= Partitions: =====================================

1 Drive c: (HP) (Fixed) (Total:686.23 GB) (Free:545.58 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:12.31 GB) (Free:1.38 GB) NTFS
5 Drive g: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
6 Drive h: (HP) (Fixed) (Total:915 GB) (Free:782.64 GB) NTFS
7 Drive i: (FACTORY_IMAGE) (Fixed) (Total:16.41 GB) (Free:5.49 GB) NTFS

========================= Users: ========================================

User accounts for \\REGINA-PC

Administrator            Guest                    Regina                   
Steve                    

========================= Restore Points ==================================

10-07-2014 18:11:17 Windows Modules Installer
10-07-2014 18:12:03 Windows Modules Installer
11-07-2014 02:38:18 Revo Uninstaller Pro's restore point - HP Support Assistant
11-07-2014 03:12:25 Installed HP Support Assistant
11-07-2014 03:14:09 Windows Modules Installer
11-07-2014 03:14:44 Windows Modules Installer
14-07-2014 01:41:46 Revo Uninstaller Pro's restore point - ScorpionSaver
14-07-2014 01:44:23 Revo Uninstaller Pro's restore point - ScorpionSaver
14-07-2014 01:46:27 Revo Uninstaller Pro's restore point - ScorpionSaver
14-07-2014 01:50:19 Installed SpyHunter
14-07-2014 02:44:37 Removed SpyHunter
14-07-2014 03:18:53 Revo Uninstaller Pro's restore point - ScorpionSaver
14-07-2014 03:24:37 Revo Uninstaller Pro's restore point - ScorpionSaver
14-07-2014 03:28:11 Revo Uninstaller Pro's restore point - scorpion saver
14-07-2014 03:29:06 Revo Uninstaller Pro's restore point - adpeak
14-07-2014 03:40:40 Revo Uninstaller Pro's restore point - ScorpionSaver

**** End of log ****
 


  • 0

#6
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 8,087 posts
Hello,

Lets clean up the OTL Log,

Next

We need to do a fix to delete some files using OTL
  • Double click on the OTLicon.jpg to open the program. On Vista/Win7/Win8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following


    :COMMANDS
    [CREATERESTOREPOINT]
    
    :OTL
    SRV - [2014/06/22 13:52:19 | 001,813,528 | ---- | M] (AVG Secure Search) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe -- (vToolbarUpdater18.1.7)
    IE - HKCU\..\SearchScopes\{7FB11826-47CE-4849-AFBF-0B6CD1636106}: "URL" = http://search.condui...4525793511&UM=2
    IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={6C95A33C-8C1B-4299-BE85-A5BEC83E918F}&mid=b3eac9d998398c3151ef564ae112aa16-1ff8c315a8f217f457fe384e8cab6e80f6b5bda9&lang=en&ds=AVG&pr=fr&d=2012-10-06 08:51:44&v=15.4.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms} 
    FF - prefs.js..extensions.enabledAddons: avg%40toolbar:18.1.7.644
    FF - prefs.js..keyword.URL: "http://mp3tubetoolba...removelink2&q="
    FF - user.js..keyword.URL: "http://mp3tubetoolba...removelink2&q="
    FF - prefs.js..browser.search.selectedEngineURL: "http://mp3tubetoolba...={searchTerms}"
    FF - prefs.js..browser.search.defaultthis.engineName: "InternetHelper3.1 Customized Web Search"
    FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll File not found
    [2013/11/14 14:54:22 | 000,000,000 | ---D | M] (ScorpionSaver) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\horwqrdo.default\extensions\ScorpionSaver@jetpack
    [2014/07/09 17:58:36 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\18.1.7.644
    [2013/02/18 22:25:44 | 000,003,714 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.7.644\AVG Secure Search_toolbar.dll (AVG Secure Search)
    O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.7.644\AVG Secure Search_toolbar.dll (AVG Secure Search)
    O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
    O4 - HKLM..\Run: []  File not found
    O8:64bit: - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
    O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - CC:\Windows\system32\AdpeakProxy64.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - CC:\Windows\system32\AdpeakProxy64.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - CC:\Windows\system32\AdpeakProxy64.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - CC:\Windows\system32\AdpeakProxy64.dll File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - CC:\Windows\system32\AdpeakProxy64.dll File not found
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onec...s/wlscctrl2.cab (Windows Live OneCare safety scanner control) 
    O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
    O18:64bit: - Protocol\Handler\linkscanner - No CLSID value found
    O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
    O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
    O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
    O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
    O18:64bit: - Protocol\Handler\vsharechrome - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18 - Protocol\Handler\linkscanner - No CLSID value found
    018 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (AVG Secure Search)
    O18 - Protocol\Handler\vsharechrome - No CLSID value found
    [2014/06/22 13:52:51 | 000,003,728 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
    [2014/06/13 22:16:21 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
    2013/05/20 17:51:55 | 000,003,728 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
    @Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:5C321E34
    
    
    :Files
    netsh int ip reset c:\resetlog.txt /c
    ipconfig /flushdns /c
    ipconfig /release /c
    ipconfig /renew /c 
    C:\Program Files (x86)\AVG Secure Search\vprot.exe
    C:\Program Files (x86)\Common Files\AVG Secure Search\NativeBrowserApi\18.1.7\NativeBrowserApi.dll
    C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\log4cplusU.dll
    C:\Program Files (x86)\AVG Secure Search\TBAPI.dll
    C:\Users\Steve\AppData\Roaming\iFunBox.NXGen
    C:\Users\Steve\AppData\Roaming\iFunbox_UserCache
    C:\Users\Steve\AppData\Roaming\ParetoLogic
    C:\Users\Steve\AppData\Roaming\SearchProtect
    
    :Commands
    
    [emptytemp]
    [resethosts]
    
  • Make sure all other windows are closed.
  • Click the Run Fix button at the top
  • Let the program run uninterrupted. The computer should reboot when the scan is done. If not, please reboot the computer.
  • Post the log that is found in C:\_OTL\Moved Files in your next reply.
  • Open OTL again and click the Quick Scan button.
In your next reply post:
1-The OTL Fix log, after you run the fix the fix log will pop up in front of you. If it doesn't it's located here->C:\_OTL\Moved Files
2-New OTL after a Quick Scan is run.
  • 0

#7
sg555

sg555

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts

Hi, I ran the OTL  run fix and quick scan. Below are both logs as requested. Everything is running better already. Thanks again for your help.

 

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Error: No service named vToolbarUpdater18.1.7 was found to stop!
Service\Driver key vToolbarUpdater18.1.7 not found.
File C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7FB11826-47CE-4849-AFBF-0B6CD1636106}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FB11826-47CE-4849-AFBF-0B6CD1636106}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Prefs.js: avg%40toolbar:18.1.7.644 removed from extensions.enabledAddons
Prefs.js: "http://mp3tubetoolba....removelink2&q=" removed from keyword.URL
Prefs.js: "http://mp3tubetoolba...={searchTerms}" removed from browser.search.selectedEngineURL
Prefs.js: "InternetHelper3.1 Customized Web Search" removed from browser.search.defaultthis.engineName
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin\ not found.
Folder C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\horwqrdo.default\extensions\ScorpionSaver@jetpack\ not found.
Folder C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\18.1.7.644\ not found.
File C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
File C:\Program Files (x86)\AVG Secure Search\18.1.7.644\AVG Secure Search_toolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
File C:\Program Files (x86)\AVG Secure Search\18.1.7.644\AVG Secure Search_toolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000002\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000003\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000004\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000015\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {3860DD98-0549-4D50-AA72-5D17D200EE10}
C:\Windows\Downloaded Program Files\wlscCtrl2.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{3860DD98-0549-4D50-AA72-5D17D200EE10}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3860DD98-0549-4D50-AA72-5D17D200EE10}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{3860DD98-0549-4D50-AA72-5D17D200EE10}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3860DD98-0549-4D50-AA72-5D17D200EE10}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner\ deleted successfully.
File Protocol\Handler\linkscanner - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\0x00000001\ not found.
File Protocol\Handler\msdaipp\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\oledb\ not found.
File Protocol\Handler\msdaipp\oledb - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-itss\ deleted successfully.
File Protocol\Handler\ms-itss - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol\ not found.
File Protocol\Handler\viprotocol - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\vsharechrome\ not found.
File Protocol\Handler\vsharechrome - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner\ not found.
File Protocol\Handler\linkscanner - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\vsharechrome\ not found.
File Protocol\Handler\vsharechrome - No CLSID value found not found.
C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml moved successfully.
C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job moved successfully.
ADS C:\ProgramData\Temp:5C321E34 deleted successfully.
========== FILES ==========
< netsh int ip reset c:\resetlog.txt /c >
Reseting Global, OK!
Reseting Interface, OK!
Restart the computer to complete this action.
C:\Users\Steve\Downloads\cmd.bat deleted successfully.
C:\Users\Steve\Downloads\cmd.txt deleted successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Steve\Downloads\cmd.bat deleted successfully.
C:\Users\Steve\Downloads\cmd.txt deleted successfully.
< ipconfig /release /c >
Windows IP Configuration
No operation can be performed on Wireless Network Connection 2 while it has its media disconnected.
Wireless LAN adapter Wireless Network Connection 2:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
Ethernet adapter Local Area Connection:
   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::41ba:9149:758b:792c%11
   Default Gateway . . . . . . . . . :
Wireless LAN adapter Wireless Network Connection:
   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::e1c2:a5d:91c9:25c0%10
   Default Gateway . . . . . . . . . :
Tunnel adapter isatap.{14853511-EA87-464F-A592-746F8228FA0D}:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
Tunnel adapter isatap.{B632F6BD-3E77-4DA9-BB2D-A244E962DA21}:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
Tunnel adapter 6TO4 Adapter:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
Tunnel adapter Teredo Tunneling Pseudo-Interface:
   Connection-specific DNS Suffix  . :
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:2cec:3c7f:bb97:d73f
   Link-local IPv6 Address . . . . . : fe80::2cec:3c7f:bb97:d73f%13
   Default Gateway . . . . . . . . . : ::
Tunnel adapter isatap.{88786135-6BA9-4FD6-B945-887056AE4746}:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
C:\Users\Steve\Downloads\cmd.bat deleted successfully.
C:\Users\Steve\Downloads\cmd.txt deleted successfully.
< ipconfig /renew /c  >
Windows IP Configuration
No operation can be performed on Wireless Network Connection 2 while it has its media disconnected.
Wireless LAN adapter Wireless Network Connection 2:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
Ethernet adapter Local Area Connection:
   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::41ba:9149:758b:792c%11
   IPv4 Address. . . . . . . . . . . : 192.168.1.2
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
Wireless LAN adapter Wireless Network Connection:
   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::e1c2:a5d:91c9:25c0%10
   IPv4 Address. . . . . . . . . . . : 192.168.1.6
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1
Tunnel adapter isatap.{14853511-EA87-464F-A592-746F8228FA0D}:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
Tunnel adapter isatap.{B632F6BD-3E77-4DA9-BB2D-A244E962DA21}:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
Tunnel adapter 6TO4 Adapter:
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
Tunnel adapter Teredo Tunneling Pseudo-Interface:
   Connection-specific DNS Suffix  . :
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:2cec:3c7f:bb97:d73f
   Link-local IPv6 Address . . . . . : fe80::2cec:3c7f:bb97:d73f%13
   Default Gateway . . . . . . . . . : ::
C:\Users\Steve\Downloads\cmd.bat deleted successfully.
C:\Users\Steve\Downloads\cmd.txt deleted successfully.
File\Folder C:\Program Files (x86)\AVG Secure Search\vprot.exe not found.
File\Folder C:\Program Files (x86)\Common Files\AVG Secure Search\NativeBrowserApi\18.1.7\NativeBrowserApi.dll not found.
File\Folder C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\log4cplusU.dll not found.
File\Folder C:\Program Files (x86)\AVG Secure Search\TBAPI.dll not found.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_temp folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\ZP folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\ZJ folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\ZC folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\Z7 folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\YD folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\Y2 folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\Y1 folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\XW folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\XG folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\XF folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\XB folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\WX folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\WE folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\WA folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\W0 folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\VS folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\VC folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\TG folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\ST folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\SH folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\S8 folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\RE folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\RA folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\QQ folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\QB folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\PQ folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\P9 folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\NT folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\MP folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\MB folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\HZ folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\HD folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\GK folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\G5 folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\FQ folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\EZ folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\EV folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\EA folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\DZ folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\CQ folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\C6 folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\AX folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\A7 folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\A0 folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\9J folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\90 folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\85 folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\7H folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\7C folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\79 folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\6D folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\65 folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\53 folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\4R folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\4K folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\46 folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\3Z folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\3Q folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\39 folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\11 folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\0Q folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\0P folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\0M folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached\0K folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_meta_cached folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_dl_HKYGPG65CW902D1F5KCJABMBYT\_assets folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\_dl_HKYGPG65CW902D1F5KCJABMBYT folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen\iFunbox Downloaded Apps folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunBox.NXGen folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunbox_UserCache\web_caches folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunbox_UserCache\temp_files folder moved successfully.
C:\Users\Steve\AppData\Roaming\iFunbox_UserCache folder moved successfully.
File\Folder C:\Users\Steve\AppData\Roaming\ParetoLogic not found.
File\Folder C:\Users\Steve\AppData\Roaming\SearchProtect not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56504 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: Regina
->Temp folder emptied: 4004727 bytes
->Temporary Internet Files folder emptied: 3195751 bytes
->Java cache emptied: 8197 bytes
->FireFox cache emptied: 79462764 bytes
->Google Chrome cache emptied: 35545381 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 42732 bytes
 
User: Steve
->Temp folder emptied: 474706493 bytes
->Temporary Internet Files folder emptied: 128 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 19185006 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 57128 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1715637 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 122398 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42321176 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 630.00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\: LSP stack updated.
 
OTL by OldTimer - Version 3.2.69.0 log created on 07142014_123510

Files\Folders moved on Reboot...
C:\Users\Steve\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Steve\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

 

 

 

 

 

 

OTL logfile created on: 7/14/2014 12:39:26 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Steve\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.99 Gb Total Physical Memory | 6.47 Gb Available Physical Memory | 81.02% Memory free
15.98 Gb Paging File | 14.41 Gb Available in Paging File | 90.16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 686.23 Gb Total Space | 545.37 Gb Free Space | 79.47% Space Free | Partition Type: NTFS
Drive D: | 12.31 Gb Total Space | 1.38 Gb Free Space | 11.24% Space Free | Partition Type: NTFS
Drive G: | 100.00 Mb Total Space | 61.81 Mb Free Space | 61.81% Space Free | Partition Type: NTFS
Drive H: | 915.00 Gb Total Space | 782.64 Gb Free Space | 85.53% Space Free | Partition Type: NTFS
Drive I: | 16.41 Gb Total Space | 5.49 Gb Free Space | 33.45% Space Free | Partition Type: NTFS
 
Computer Name: REGINA-PC | User Name: Steve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/07/13 14:41:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Steve\Downloads\OTL.exe
PRC - [2014/06/27 15:20:18 | 003,241,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2014/06/17 16:11:46 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2009/12/01 20:49:52 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/10/20 14:50:34 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2009/12/01 20:49:50 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/05/30 02:21:05 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/09/08 01:51:16 | 000,203,264 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2014/07/02 21:04:37 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/06/27 15:20:18 | 003,241,488 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014/06/17 16:11:46 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2014/06/05 21:38:37 | 000,119,408 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/05/21 11:34:38 | 000,049,464 | ---- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\Program Files (x86)\hp\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2014/03/23 20:32:02 | 000,225,792 | ---- | M] (NETGEAR) [Disabled | Stopped] -- C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe -- (NETGEARGenieDaemon)
SRV - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/04 18:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/10/30 17:35:44 | 001,128,544 | ---- | M] (Seagate) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/01/18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/04/22 13:56:50 | 000,984,392 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/02/20 17:09:07 | 000,867,080 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/02/18 15:01:06 | 000,462,632 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2009/09/06 07:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/22 11:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/09/30 19:59:26 | 000,192,512 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe -- (HPBtnSrv)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2014/07/08 14:10:52 | 000,020,160 | ---- | M] (Glarysoft Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GUBootStartup.sys -- (GUBootStartup)
DRV:64bit: - [2014/07/08 13:22:01 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2014/07/01 00:52:50 | 000,017,600 | ---- | M] (Glarysoft Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BootDefragDriver.sys -- (BootDefragDriver)
DRV:64bit: - [2014/06/22 13:52:19 | 000,050,464 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2014/06/17 16:21:34 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2014/06/17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2014/06/17 16:06:58 | 000,269,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2014/06/17 16:06:24 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2014/06/17 16:06:22 | 000,242,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2014/06/17 16:06:22 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2014/06/17 16:06:20 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2014/06/17 16:06:06 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2014/03/09 16:24:03 | 001,120,032 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tib.sys -- (tib)
DRV:64bit: - [2014/03/09 16:24:03 | 000,183,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tib_mounter.sys -- (tib_mounter)
DRV:64bit: - [2014/03/09 16:24:02 | 001,462,560 | ---- | M] (Acronis International GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdrpman.sys -- (tdrpman)
DRV:64bit: - [2014/03/09 16:24:01 | 000,161,568 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vididr.sys -- (vididr)
DRV:64bit: - [2014/03/09 16:24:01 | 000,117,024 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vidsflt.sys -- (vidsflt)
DRV:64bit: - [2014/03/09 16:23:59 | 000,233,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2014/03/09 16:23:59 | 000,108,832 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv)
DRV:64bit: - [2013/10/01 19:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/06/20 10:42:44 | 003,678,720 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/18 07:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/01/18 07:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/09/08 02:26:04 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/09/08 02:26:04 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/09/08 01:15:06 | 000,279,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010/03/03 19:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/01/28 10:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/12/30 10:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/08/20 17:05:06 | 000,239,616 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 17:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/06/16 04:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV - [2009/10/20 14:50:12 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/06/11 13:11:29] [Kernel | Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{2783B66A-55CC-4056-86A9-3BA729C889EC}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE:64bit: - HKLM\..\SearchScopes\{C1E63727-935B-4A47-98BC-9B86FDF6A0BC}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2783B66A-55CC-4056-86A9-3BA729C889EC}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{C1E63727-935B-4A47-98BC-9B86FDF6A0BC}: "URL" = http://www.bing.com/...rc=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{C1E63727-935B-4A47-98BC-9B86FDF6A0BC}: "URL" = http://www.bing.com/...E11SR&pc=HPDTDF
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "https://www.yahoo.com/"
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.9.2
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Steve\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Steve\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 15:27:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/03/15 11:16:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/05/30 16:35:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2014/03/15 11:16:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014/05/30 16:35:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files (x86)\AVG\AVG2012\Thunderbird\
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2014/03/15 11:16:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014/05/30 16:35:49 | 000,000,000 | ---D | M]
 
[2010/03/04 22:32:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Extensions
[2010/03/04 22:32:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/02/21 17:39:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Extensions\[email protected]
[2014/07/13 19:46:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\7dzk6ldf.default-1405304800160\extensions
[2014/07/13 19:40:12 | 000,133,000 | ---- | M] () (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\7dzk6ldf.default-1405304800160\extensions\[email protected]
[2014/07/13 19:40:59 | 001,225,715 | ---- | M] () (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\7dzk6ldf.default-1405304800160\extensions\[email protected]
[2014/07/13 19:46:01 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\7dzk6ldf.default-1405304800160\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2013/10/15 10:20:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/10/15 10:23:35 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/10/15 10:23:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/10/15 10:23:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013/10/15 10:23:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/10/01 09:41:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/07/13 12:35:50 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions
[2013/11/16 15:51:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
CHR - plugin: Microsoft® Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\\npsitesafety.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
CHR - plugin: Java Deployment Toolkit 7.0.210.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
CHR - homepage:
CHR - Extension: Google Docs = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Cast = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\14.605.0.10_0\
CHR - Extension: Do Not Track = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckdcpbflcbeillmamogkpmdhnbeggfja\0.1.1_0\
CHR - Extension: Google Search = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.5_0\
CHR - Extension: Ghostery = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.3.0_0\
CHR - Extension: Google Wallet = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\
 
O1 HOSTS File: ([2014/07/14 12:36:08 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O4 - HKCU..\Run: [HP Photosmart 7510 series (NET)] C:\Program Files\HP\HP Photosmart 7510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88786135-6BA9-4FD6-B945-887056AE4746}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B632F6BD-3E77-4DA9-BB2D-A244E962DA21}: DhcpNameServer = 192.168.1.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/07/13 18:51:03 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (RegBootDefrag)
O34 - HKLM BootExecute: (cute settings...)
O34 - HKLM BootExecute: (ountPoints2\M\Sh)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/07/14 12:23:37 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/07/14 10:45:51 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2014/07/14 08:21:30 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/07/14 07:52:21 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/07/14 07:50:55 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/07/13 18:50:38 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2014/07/13 18:50:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2014/07/13 13:07:00 | 000,028,960 | ---- | C] (Glarysoft Ltd) -- C:\Windows\SysNative\RegBootDefrag.exe
[2014/07/10 20:15:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
[2014/07/10 20:12:20 | 000,000,000 | ---D | C] -- C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
[2014/07/10 09:17:06 | 000,000,000 | ---D | C] -- C:\swsetup
[2014/07/08 14:10:54 | 000,000,000 | ---D | C] -- C:\ProgramData\GlarySoft
[2014/07/08 14:10:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
[2014/07/08 14:10:52 | 000,118,048 | ---- | C] (Glarysoft Ltd) -- C:\Windows\SysNative\BootDefrag.exe
[2014/07/08 14:10:52 | 000,020,160 | ---- | C] (Glarysoft Ltd) -- C:\Windows\SysNative\drivers\GUBootStartup.sys
[2014/07/08 14:10:52 | 000,017,600 | ---- | C] (Glarysoft Ltd) -- C:\Windows\SysNative\drivers\BootDefragDriver.sys
[2014/07/08 14:10:48 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\DiskDefrag
[2014/07/08 14:10:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities 5
[2014/07/08 12:30:24 | 000,000,000 | R--D | C] -- C:\Users\Steve\Documents\HP Photo Creations
[2014/07/07 22:10:35 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Hewlett-Packard_Company
[2014/07/07 22:10:26 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\HP TCS
[2014/07/07 22:08:38 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\VS Revo Group
[2014/07/07 22:08:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2014/07/07 22:08:35 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
[2014/07/07 22:08:35 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group
[2014/07/07 22:08:34 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2014/07/07 18:52:15 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
[2014/07/07 18:51:39 | 000,000,000 | ---D | C] -- C:\HP_ePrint
[2014/07/03 09:08:37 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Adobe
[2014/07/02 10:51:02 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/02 10:50:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/07/02 10:50:48 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/07/02 10:50:48 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/07/02 10:50:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/06/21 11:20:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2014/06/17 16:21:34 | 000,235,800 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2014/06/17 16:07:12 | 000,328,984 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys
[2014/06/17 16:06:58 | 000,269,080 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2014/06/17 16:06:24 | 000,190,744 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsha.sys
[2014/06/17 16:06:22 | 000,242,968 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2014/06/17 16:06:22 | 000,153,368 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys
[2014/06/17 16:06:20 | 000,123,672 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2014/06/17 16:06:06 | 000,031,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys
 
========== Files - Modified Within 30 Days ==========
 
[2014/07/14 12:42:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/14 12:38:15 | 000,001,942 | ---- | M] () -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 7510 series (Network).lnk
[2014/07/14 12:37:37 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/07/14 12:37:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/14 12:37:09 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2014/07/14 12:37:05 | 2140,467,199 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/14 12:36:08 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2014/07/14 12:10:10 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
[2014/07/14 11:58:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4104090456-942970366-3307904469-1003UA.job
[2014/07/14 11:53:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/07/14 10:46:03 | 000,001,182 | ---- | M] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Photosmart 7510 series.lnk
[2014/07/14 10:46:02 | 000,002,250 | ---- | M] () -- C:\Users\Public\Desktop\HP Photosmart 7510 series.lnk
[2014/07/14 09:38:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRegina.job
[2014/07/14 08:12:21 | 000,015,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/14 08:12:21 | 000,015,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/14 08:08:34 | 000,786,514 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/07/14 08:08:34 | 000,665,304 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/07/14 08:08:34 | 000,123,112 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/07/13 20:03:21 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/13 18:51:03 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2014/07/13 12:35:53 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/07/10 20:53:51 | 000,258,666 | ---- | M] () -- C:\Users\Steve\Documents\NIN seats.xps
[2014/07/10 20:15:10 | 000,002,219 | ---- | M] () -- C:\Users\Steve\Desktop\HP Support Assistant.lnk
[2014/07/10 19:37:29 | 000,000,861 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2014/07/10 12:39:57 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/07/09 22:16:29 | 000,122,154 | ---- | M] () -- C:\Users\Steve\Documents\registry backup.reg
[2014/07/08 19:51:00 | 000,002,006 | ---- | M] () -- C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
[2014/07/08 19:45:11 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\HP Photosmart 7510 series.exe_{7BE77095-FC9B-408B-B26A-AEDF1505E35D}.job
[2014/07/08 19:45:00 | 000,000,290 | ---- | M] () -- C:\Windows\tasks\Toolbox.exe_{0A4766BF-E7A7-470E-A1BE-0C3F30EADA5A}.job
[2014/07/08 19:44:59 | 000,000,300 | ---- | M] () -- C:\Windows\tasks\WOWPrint.exe_{D4C9F674-D47B-4FA1-ADA2-68955A37CB03}.job
[2014/07/08 14:17:46 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{15CD4AFF-B521-404B-A696-CFE62BAE15AB}.job
[2014/07/08 14:10:54 | 000,001,106 | ---- | M] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 5.lnk
[2014/07/08 14:10:54 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize 5.job
[2014/07/08 14:10:54 | 000,000,250 | ---- | M] () -- C:\Windows\tasks\GU5SkipUAC.job
[2014/07/08 14:10:52 | 000,020,160 | ---- | M] (Glarysoft Ltd) -- C:\Windows\SysNative\drivers\GUBootStartup.sys
[2014/07/08 13:22:01 | 000,369,168 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysNative\wpcap.dll
[2014/07/08 13:22:01 | 000,281,104 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysWow64\wpcap.dll
[2014/07/08 13:22:01 | 000,106,000 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysNative\packet.dll
[2014/07/08 13:22:01 | 000,096,784 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysWow64\packet.dll
[2014/07/08 13:22:01 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysNative\drivers\npf.sys
[2014/07/08 13:22:01 | 000,002,052 | ---- | M] () -- C:\Users\Public\Desktop\NETGEAR Genie.lnk
[2014/07/08 12:35:16 | 000,099,580 | ---- | M] () -- C:\Users\Steve\Desktop\House.jpg
[2014/07/08 12:34:17 | 000,099,580 | ---- | M] () -- C:\Users\Steve\Desktop\House 2.jpg
[2014/07/08 12:30:20 | 000,001,993 | ---- | M] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2014/07/07 22:45:16 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{F8075218-9817-41FE-82CC-136A8EB3A619}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{3CD08C26-55B7-4173-A781-208C074089A4}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{39ED2E90-6501-4756-B268-4F4F534F1BF5}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{38C1CE45-6C53-4C14-A879-71C83D07D6EF}.job
[2014/07/07 22:45:14 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{B7D68225-1BF5-455A-BCD6-DD6E285EE27C}.job
[2014/07/07 22:41:01 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{D4446781-1E21-467E-8042-14139BABA3D0}.job
[2014/07/07 22:08:36 | 000,001,103 | ---- | M] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2014/07/07 22:08:36 | 000,001,079 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2014/07/07 20:20:01 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{8F3C5E38-CA8C-4676-A01B-C344FE20AB43}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{D5892677-ABED-4C2F-BAEF-61368A77CD6E}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{1304F0DD-E9DC-4627-9B95-E1B3E7123A7E}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{02A579CE-D884-4A2B-8779-8556BE5A68CE}.job
[2014/07/07 20:19:59 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{E44E59ED-0D10-45CB-A137-B55D13308B5D}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{C6D5B7B0-B7CD-4C90-A7FF-B9CD913A5C8E}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{5694A2C1-E424-444A-8D57-6812908D16A3}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{4D6F2D12-7A7D-47ED-9E6A-7D625B62492C}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{73B949FC-80F0-454B-9C23-5109A385FB7D}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{5E950ACA-662A-49E7-B169-C6A1B26FBB1A}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{4CAB99AD-E91E-46F0-91F8-31BB30279723}.job
[2014/07/07 19:52:08 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{B79F4FF0-63EE-43FD-ACEA-F21F95EDED16}.job
[2014/07/07 19:52:08 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{58BF558E-BD7D-4B1D-9009-758325DA607E}.job
[2014/07/07 19:52:07 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{69C9B166-5E84-48FF-B59A-DDF92AB40F8C}.job
[2014/07/07 19:49:17 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{9145778C-28CD-4F27-8011-86ABD7974233}.job
[2014/07/07 19:49:17 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{231D6AEC-91F7-4269-8ED0-9951CE64D4D9}.job
[2014/07/07 19:49:15 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{0F3661DF-7BC2-45AA-B807-FB599C54CFB7}.job
[2014/07/07 19:49:12 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{E40D99B9-6E10-4868-BFAA-F8253B5E9718}.job
[2014/07/03 09:49:07 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014/07/03 00:03:14 | 000,028,960 | ---- | M] (Glarysoft Ltd) -- C:\Windows\SysNative\RegBootDefrag.exe
[2014/07/03 00:03:02 | 000,118,048 | ---- | M] (Glarysoft Ltd) -- C:\Windows\SysNative\BootDefrag.exe
[2014/07/02 11:55:01 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForSteve.job
[2014/07/02 07:24:54 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4104090456-942970366-3307904469-1003Core.job
[2014/07/01 00:52:50 | 000,017,600 | ---- | M] (Glarysoft Ltd) -- C:\Windows\SysNative\drivers\BootDefragDriver.sys
[2014/06/22 13:52:19 | 000,050,464 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2014/06/21 11:57:17 | 000,258,286 | ---- | M] () -- C:\Users\Steve\Documents\NIN.xps
[2014/06/17 16:21:34 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2014/06/17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys
[2014/06/17 16:06:58 | 000,269,080 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2014/06/17 16:06:24 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsha.sys
[2014/06/17 16:06:22 | 000,242,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2014/06/17 16:06:22 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys
[2014/06/17 16:06:20 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2014/06/17 16:06:06 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys
[2014/06/17 12:26:41 | 001,134,536 | ---- | M] () -- C:\Users\Steve\Documents\Marriage Certificate.pdf
[2014/06/17 12:25:21 | 000,236,594 | ---- | M] () -- C:\Users\Steve\Desktop\Pebp letter.pdf
[2014/06/14 12:50:25 | 000,166,668 | ---- | M] () -- C:\Users\Steve\Desktop\Me n Reg.JPG
 
========== Files Created - No Company Name ==========
 
[2014/07/14 10:50:19 | 000,001,942 | ---- | C] () -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 7510 series (Network).lnk
[2014/07/14 10:46:03 | 000,001,182 | ---- | C] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Photosmart 7510 series.lnk
[2014/07/14 10:46:02 | 000,002,250 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart 7510 series.lnk
[2014/07/13 18:51:03 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2014/07/10 20:53:50 | 000,258,666 | ---- | C] () -- C:\Users\Steve\Documents\NIN seats.xps
[2014/07/10 20:15:10 | 000,002,219 | ---- | C] () -- C:\Users\Steve\Desktop\HP Support Assistant.lnk
[2014/07/10 19:37:29 | 000,000,861 | ---- | C] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2014/07/09 22:16:26 | 000,122,154 | ---- | C] () -- C:\Users\Steve\Documents\registry backup.reg
[2014/07/09 19:06:33 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2014/07/08 19:45:11 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\HP Photosmart 7510 series.exe_{7BE77095-FC9B-408B-B26A-AEDF1505E35D}.job
[2014/07/08 19:45:00 | 000,000,290 | ---- | C] () -- C:\Windows\tasks\Toolbox.exe_{0A4766BF-E7A7-470E-A1BE-0C3F30EADA5A}.job
[2014/07/08 19:44:59 | 000,000,300 | ---- | C] () -- C:\Windows\tasks\WOWPrint.exe_{D4C9F674-D47B-4FA1-ADA2-68955A37CB03}.job
[2014/07/08 14:17:46 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{15CD4AFF-B521-404B-A696-CFE62BAE15AB}.job
[2014/07/08 14:10:54 | 000,001,106 | ---- | C] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 5.lnk
[2014/07/08 14:10:54 | 000,001,094 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
[2014/07/08 14:10:53 | 000,000,332 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize 5.job
[2014/07/08 14:10:53 | 000,000,250 | ---- | C] () -- C:\Windows\tasks\GU5SkipUAC.job
[2014/07/08 12:34:16 | 000,099,580 | ---- | C] () -- C:\Users\Steve\Desktop\House 2.jpg
[2014/07/07 22:45:16 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{F8075218-9817-41FE-82CC-136A8EB3A619}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{3CD08C26-55B7-4173-A781-208C074089A4}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{39ED2E90-6501-4756-B268-4F4F534F1BF5}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{38C1CE45-6C53-4C14-A879-71C83D07D6EF}.job
[2014/07/07 22:45:14 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{B7D68225-1BF5-455A-BCD6-DD6E285EE27C}.job
[2014/07/07 22:41:01 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{D4446781-1E21-467E-8042-14139BABA3D0}.job
[2014/07/07 22:08:36 | 000,001,103 | ---- | C] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2014/07/07 22:08:36 | 000,001,079 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2014/07/07 20:20:01 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{8F3C5E38-CA8C-4676-A01B-C344FE20AB43}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{D5892677-ABED-4C2F-BAEF-61368A77CD6E}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{1304F0DD-E9DC-4627-9B95-E1B3E7123A7E}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{02A579CE-D884-4A2B-8779-8556BE5A68CE}.job
[2014/07/07 20:19:59 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{E44E59ED-0D10-45CB-A137-B55D13308B5D}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{C6D5B7B0-B7CD-4C90-A7FF-B9CD913A5C8E}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{5694A2C1-E424-444A-8D57-6812908D16A3}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{4D6F2D12-7A7D-47ED-9E6A-7D625B62492C}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{73B949FC-80F0-454B-9C23-5109A385FB7D}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{5E950ACA-662A-49E7-B169-C6A1B26FBB1A}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{4CAB99AD-E91E-46F0-91F8-31BB30279723}.job
[2014/07/07 19:52:08 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{B79F4FF0-63EE-43FD-ACEA-F21F95EDED16}.job
[2014/07/07 19:52:08 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{58BF558E-BD7D-4B1D-9009-758325DA607E}.job
[2014/07/07 19:52:07 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{69C9B166-5E84-48FF-B59A-DDF92AB40F8C}.job
[2014/07/07 19:49:17 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{9145778C-28CD-4F27-8011-86ABD7974233}.job
[2014/07/07 19:49:17 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{231D6AEC-91F7-4269-8ED0-9951CE64D4D9}.job
[2014/07/07 19:49:15 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{0F3661DF-7BC2-45AA-B807-FB599C54CFB7}.job
[2014/07/07 19:49:12 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{E40D99B9-6E10-4868-BFAA-F8253B5E9718}.job
[2014/07/07 19:40:50 | 000,099,580 | ---- | C] () -- C:\Users\Steve\Desktop\House.jpg
[2014/06/21 11:57:16 | 000,258,286 | ---- | C] () -- C:\Users\Steve\Documents\NIN.xps
[2014/06/17 12:26:40 | 001,134,536 | ---- | C] () -- C:\Users\Steve\Documents\Marriage Certificate.pdf
[2014/06/17 12:25:21 | 000,236,594 | ---- | C] () -- C:\Users\Steve\Desktop\Pebp letter.pdf
[2014/06/14 12:50:25 | 000,166,668 | ---- | C] () -- C:\Users\Steve\Desktop\Me n Reg.JPG
[2013/11/14 14:23:10 | 000,305,059 | ---- | C] () -- C:\Users\Steve\AppData\Local\census.cache
[2013/11/14 14:23:05 | 000,136,531 | ---- | C] () -- C:\Users\Steve\AppData\Local\ars.cache
[2011/12/31 17:45:04 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2011/06/05 12:03:24 | 000,000,122 | ---- | C] () -- C:\Users\Steve\AppData\Roaming\wklnhst.dat
[2010/11/23 09:30:58 | 000,000,036 | ---- | C] () -- C:\Users\Steve\AppData\Local\housecall.guid.cache
[2009/12/28 20:20:38 | 000,000,363 | ---- | C] () -- C:\Users\Steve\RecentPlaces.lnk
[2009/12/28 20:20:34 | 000,000,904 | RHS- | C] () -- C:\Users\Steve\ntuser.pol
[2009/12/28 19:03:01 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Grapher
[2009/12/28 19:03:01 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2009/12/28 19:03:01 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Halftone
 
========== ZeroAccess Check ==========
 
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 19:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 19:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013/10/19 09:23:43 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\AVG2014
[2013/11/14 14:54:23 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\BitLord
[2010/07/21 10:53:17 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2014/07/09 09:54:35 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\DiskDefrag
[2012/01/08 22:03:08 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\FrostWire
[2014/07/08 14:10:55 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\GlarySoft
[2010/12/25 09:57:23 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Nikon
[2009/12/28 20:20:47 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\PictureMover
[2013/11/14 13:20:14 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Python-Eggs
[2014/03/09 16:24:39 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Seagate
[2011/06/05 12:03:25 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Template
[2010/03/04 22:32:04 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Thunderbird
[2012/10/06 08:51:48 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\TuneUp Software
[2012/03/30 10:56:00 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Visan
[2010/03/18 22:14:01 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\WinBatch
[2012/09/29 11:59:58 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 

< End of report >
 

 

 

 


  • 0

#8
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 8,087 posts
Hello,

What issues remain ?

Joe
  • 0

#9
sg555

sg555

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts

Hi Joe,

None that I can tell. I even loaded my printer software just a few minutes ago. Everything seems to be working fine. Thanks again for all your help. I stream a lot of movies off the internet and those sites just hit you with a ton of

pop ups. I have adblocker but it still doesnt stop them. Guess I have to be more careful. If you can suggest any other pop up blockers or antivirus software please let me know.

I have to say this site is the best when it comes to solving issues!!!


  • 0

#10
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 8,087 posts
Ok.

A bit more to do, we need an online scan that will take a while to run you can do it later if you like. The scan will start to find threats so don't worry it finds stuff that we already have taken care of. After that we need to remove our tools and I'll give you a few tips, so we don't meet like this again :)

ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go >>HERE<< then click on: ESET1st.jpg

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on the ESETexe.jpg icon to install.

    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: ESETsave.jpg
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: EOLS3.gif
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the logfile located at C:\Program Files (x86)\ESET\Esetonlinescanner\log.txt).
  • Copy and paste that log as a reply to this topic.
  • Now click on: EOLS4.gif
    (Selecting Uninstall application on close if you so wish)
Post the ESET Log report in your next reply.

Thanks
Joe :)
  • 0

Advertisements


#11
sg555

sg555

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts

Hi Joe,

I left and came home several hours later. My pc went to sleep after two hours. When I clicked a button on the keyboard the program had stopped running. Said run time was 5:50:59 and that the scan was stopped by user. I dont know if it had completed running or it shut off as soon as I touched the keyboard.

Either way here is the log for your review. Let me know if I need to start the process again.

Thanks,

Steve

 

 ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=9f719c55fa72b5449019a24a8e72d05f
# engine=19172
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-07-15 02:45:03
# local_time=2014-07-14 07:45:03 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='AVG AntiVirus Free Edition 2014'
# compatibility_mode=1051 16777213 100 100 29360 91572287 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 31018380 156935753 0 0
# scanned=326579
# found=9
# cleaned=0
# scan_time=21059
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=93510E07EBD463BE51052EC8114EC16C5423103E ft=0 fh=0000000000000000 vn="Win32/Conduit.SearchProtect.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js.vir"
sh=93510E07EBD463BE51052EC8114EC16C5423103E ft=0 fh=0000000000000000 vn="Win32/Conduit.SearchProtect.A potentially unwanted application" ac=I fn="C:\Program Files (x86)\Mozilla Firefox\updated\browser\nsprotector.js"
sh=3D8FC61842860FAC95EE76FA7AE3DC9BDEF63209 ft=1 fh=c71c001191a19ce5 vn="a variant of Win32/InstallCore.BY potentially unwanted application" ac=I fn="C:\Users\Steve\Downloads\BitlordSetup.exe"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y potentially unwanted application" ac=I fn="H:\Program Files (x86)\Conduit\Community Alerts\Alert.dll"
sh=FB51F7E178CDF4713C8DE0A9ED001E9B622EB71C ft=1 fh=6b77c6e345f31426 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="H:\Program Files (x86)\Glary Utilities\ApnIC.dll"
sh=AE2B34E628BAAFD8E18605016589758A24A34F01 ft=1 fh=fe38569a2d3171fc vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="H:\Program Files (x86)\Glary Utilities\ApnToolbarInstaller.exe"
sh=93510E07EBD463BE51052EC8114EC16C5423103E ft=0 fh=0000000000000000 vn="Win32/Conduit.SearchProtect.A potentially unwanted application" ac=I fn="H:\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js"
sh=93510E07EBD463BE51052EC8114EC16C5423103E ft=0 fh=0000000000000000 vn="Win32/Conduit.SearchProtect.A potentially unwanted application" ac=I fn="H:\Program Files (x86)\Mozilla Firefox\updated\browser\nsprotector.js"
 


  • 0

#12
sg555

sg555

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts

Hi Joe,

After I ran the Eset scanner the past two mornings when I went to use my pc and tried to wake it up from sleep mode it would start running and I would get no monitor. I had to hard boot and it would come with with

Resuming Windows. It would take about 3 to 4 minutes to load.


  • 0

#13
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 8,087 posts
ESET is a scanner it does not modify or remove files or make any changes. See how sleep mode works over time let me know if it still continues to act funny.

Lets clean up what ESET found using OTL. READY..

Next

We need to do a fix to delete some files using OTL
  • Double click on the OTLicon.jpg to open the program. On Vista/Win7/Win8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following


    :COMMANDS
    [CREATERESTOREPOINT]
    
    :OTL
    
    
    :Files
    C:\Program Files (x86)\Mozilla Firefox\updated\browser\nsprotector.js
    C:\Users\Steve\Downloads\BitlordSetup.exe
    H:\Program Files (x86)\Conduit\Community Alerts\Alert.dll
    H:\Program Files (x86)\Glary Utilities\ApnIC.dll
    H:\Program Files (x86)\Glary Utilities\ApnToolbarInstaller.exe
    H:\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js
    H:\Program Files (x86)\Mozilla Firefox\updated\browser\nsprotector.js
    
    :Commands
    
    [emptytemp]
    
    
  • Make sure all other windows are closed.
  • Click the Run Fix button at the top
  • Let the program run uninterrupted. The computer should reboot when the scan is done. If not, please reboot the computer.
  • Post the log that is found in C:\_OTL\Moved Files in your next reply.
  • Open OTL again and click the Quick Scan button.

  • 0

#14
sg555

sg555

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts

Hi, I ran it and here is the log. Will keep you posted if I have the same problem when the pc goes to sleep.

Let me know what else you need me to do.

 

Thanks!!!

 

 

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
========== FILES ==========
C:\Program Files (x86)\Mozilla Firefox\updated\browser\nsprotector.js moved successfully.
C:\Users\Steve\Downloads\BitlordSetup.exe moved successfully.
H:\Program Files (x86)\Conduit\Community Alerts\Alert.dll moved successfully.
H:\Program Files (x86)\Glary Utilities\ApnIC.dll moved successfully.
H:\Program Files (x86)\Glary Utilities\ApnToolbarInstaller.exe moved successfully.
H:\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js moved successfully.
H:\Program Files (x86)\Mozilla Firefox\updated\browser\nsprotector.js moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: Regina
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 128 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Steve
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 128 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 18896663 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 492 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 534532 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 19.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 07162014_211916

Files\Folders moved on Reboot...
C:\Users\Steve\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 


  • 0

#15
sg555

sg555

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts

I just ran the quick scan and here is the log from that. Youve made this pc run much better

 

Thanks :spoton:

 

OTL logfile created on: 7/16/2014 9:28:39 PM - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Steve\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.99 Gb Total Physical Memory | 6.45 Gb Available Physical Memory | 80.69% Memory free
15.98 Gb Paging File | 14.36 Gb Available in Paging File | 89.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 686.23 Gb Total Space | 541.46 Gb Free Space | 78.90% Space Free | Partition Type: NTFS
Drive D: | 12.31 Gb Total Space | 1.38 Gb Free Space | 11.24% Space Free | Partition Type: NTFS
Drive G: | 100.00 Mb Total Space | 61.81 Mb Free Space | 61.81% Space Free | Partition Type: NTFS
Drive H: | 915.00 Gb Total Space | 782.64 Gb Free Space | 85.53% Space Free | Partition Type: NTFS
Drive I: | 16.41 Gb Total Space | 5.49 Gb Free Space | 33.45% Space Free | Partition Type: NTFS
 
Computer Name: REGINA-PC | User Name: Steve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/07/13 14:41:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Steve\Downloads\OTL.exe
PRC - [2014/06/27 15:20:18 | 003,241,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2014/06/17 16:11:46 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2009/12/01 20:49:52 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/10/20 14:50:34 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2009/12/01 20:49:50 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/06/18 17:24:12 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/09/08 01:51:16 | 000,203,264 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2014/07/02 21:04:37 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/06/27 15:20:18 | 003,241,488 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014/06/17 16:11:46 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2014/06/05 21:38:37 | 000,119,408 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/05/21 11:34:38 | 000,049,464 | ---- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\Program Files (x86)\hp\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2014/03/23 20:32:02 | 000,225,792 | ---- | M] (NETGEAR) [Disabled | Stopped] -- C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe -- (NETGEARGenieDaemon)
SRV - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/04 18:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/10/30 17:35:44 | 001,128,544 | ---- | M] (Seagate) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/01/18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/04/22 13:56:50 | 000,984,392 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/02/20 17:09:07 | 000,867,080 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/02/18 15:01:06 | 000,462,632 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2009/09/06 07:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/22 11:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/09/30 19:59:26 | 000,192,512 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe -- (HPBtnSrv)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2014/07/08 14:10:52 | 000,020,160 | ---- | M] (Glarysoft Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GUBootStartup.sys -- (GUBootStartup)
DRV:64bit: - [2014/07/08 13:22:01 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2014/07/01 00:52:50 | 000,017,600 | ---- | M] (Glarysoft Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BootDefragDriver.sys -- (BootDefragDriver)
DRV:64bit: - [2014/06/22 13:52:19 | 000,050,464 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2014/06/17 16:21:34 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2014/06/17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2014/06/17 16:06:58 | 000,269,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2014/06/17 16:06:24 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2014/06/17 16:06:22 | 000,242,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2014/06/17 16:06:22 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2014/06/17 16:06:20 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2014/06/17 16:06:06 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2014/03/09 16:24:03 | 001,120,032 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tib.sys -- (tib)
DRV:64bit: - [2014/03/09 16:24:03 | 000,183,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tib_mounter.sys -- (tib_mounter)
DRV:64bit: - [2014/03/09 16:24:02 | 001,462,560 | ---- | M] (Acronis International GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdrpman.sys -- (tdrpman)
DRV:64bit: - [2014/03/09 16:24:01 | 000,161,568 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vididr.sys -- (vididr)
DRV:64bit: - [2014/03/09 16:24:01 | 000,117,024 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vidsflt.sys -- (vidsflt)
DRV:64bit: - [2014/03/09 16:23:59 | 000,233,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2014/03/09 16:23:59 | 000,108,832 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv)
DRV:64bit: - [2013/10/01 19:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/06/20 10:42:44 | 003,678,720 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/18 07:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/01/18 07:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/09/08 02:26:04 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/09/08 02:26:04 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/09/08 01:15:06 | 000,279,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010/03/03 19:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/01/28 10:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/12/30 10:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/08/20 17:05:06 | 000,239,616 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 17:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/06/16 04:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV - [2009/10/20 14:50:12 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/06/11 13:11:29] [Kernel | Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{2783B66A-55CC-4056-86A9-3BA729C889EC}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE:64bit: - HKLM\..\SearchScopes\{C1E63727-935B-4A47-98BC-9B86FDF6A0BC}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2783B66A-55CC-4056-86A9-3BA729C889EC}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{C1E63727-935B-4A47-98BC-9B86FDF6A0BC}: "URL" = http://www.bing.com/...rc=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{C1E63727-935B-4A47-98BC-9B86FDF6A0BC}: "URL" = http://www.bing.com/...E11SR&pc=HPDTDF
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "https://www.yahoo.com/"
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.9.2
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Steve\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Steve\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 15:27:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/03/15 11:16:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/05/30 16:35:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2014/03/15 11:16:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014/05/30 16:35:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files (x86)\AVG\AVG2012\Thunderbird\
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2014/03/15 11:16:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014/05/30 16:35:49 | 000,000,000 | ---D | M]
 
[2010/03/04 22:32:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Extensions
[2010/03/04 22:32:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/02/21 17:39:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Extensions\[email protected]
[2014/07/13 19:46:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\7dzk6ldf.default-1405304800160\extensions
[2014/07/13 19:40:12 | 000,133,000 | ---- | M] () (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\7dzk6ldf.default-1405304800160\extensions\[email protected]
[2014/07/13 19:40:59 | 001,225,715 | ---- | M] () (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\7dzk6ldf.default-1405304800160\extensions\[email protected]
[2014/07/13 19:46:01 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\7dzk6ldf.default-1405304800160\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2013/10/15 10:20:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/10/15 10:23:35 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/10/15 10:23:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/10/15 10:23:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013/10/15 10:23:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/10/01 09:41:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/07/13 12:35:50 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions
[2013/11/16 15:51:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
CHR - plugin: Microsoft® Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\\npsitesafety.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
CHR - plugin: Java Deployment Toolkit 7.0.210.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
CHR - homepage:
CHR - Extension: Google Docs = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Cast = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\14.605.0.10_0\
CHR - Extension: Do Not Track = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckdcpbflcbeillmamogkpmdhnbeggfja\0.1.1_0\
CHR - Extension: Google Search = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.5_0\
CHR - Extension: Ghostery = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.3.0_0\
CHR - Extension: Google Wallet = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\
 
O1 HOSTS File: ([2014/07/14 12:36:08 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O4 - HKCU..\Run: [HP Photosmart 7510 series (NET)] C:\Program Files\HP\HP Photosmart 7510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88786135-6BA9-4FD6-B945-887056AE4746}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B632F6BD-3E77-4DA9-BB2D-A244E962DA21}: DhcpNameServer = 192.168.1.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/07/13 18:51:03 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (RegBootDefrag)
O34 - HKLM BootExecute: (cute settings...)
O34 - HKLM BootExecute: (ountPoints2\M\Sh)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/07/14 13:46:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2014/07/14 12:23:37 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/07/14 10:45:51 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2014/07/14 08:21:30 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/07/14 07:52:21 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/07/14 07:50:55 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/07/13 18:50:38 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2014/07/13 18:50:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2014/07/13 13:07:00 | 000,028,960 | ---- | C] (Glarysoft Ltd) -- C:\Windows\SysNative\RegBootDefrag.exe
[2014/07/10 20:15:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
[2014/07/10 20:12:20 | 000,000,000 | ---D | C] -- C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
[2014/07/10 09:17:06 | 000,000,000 | ---D | C] -- C:\swsetup
[2014/07/08 14:10:54 | 000,000,000 | ---D | C] -- C:\ProgramData\GlarySoft
[2014/07/08 14:10:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
[2014/07/08 14:10:52 | 000,118,048 | ---- | C] (Glarysoft Ltd) -- C:\Windows\SysNative\BootDefrag.exe
[2014/07/08 14:10:52 | 000,020,160 | ---- | C] (Glarysoft Ltd) -- C:\Windows\SysNative\drivers\GUBootStartup.sys
[2014/07/08 14:10:52 | 000,017,600 | ---- | C] (Glarysoft Ltd) -- C:\Windows\SysNative\drivers\BootDefragDriver.sys
[2014/07/08 14:10:48 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\DiskDefrag
[2014/07/08 14:10:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities 5
[2014/07/08 12:30:24 | 000,000,000 | R--D | C] -- C:\Users\Steve\Documents\HP Photo Creations
[2014/07/07 22:10:35 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Hewlett-Packard_Company
[2014/07/07 22:10:26 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\HP TCS
[2014/07/07 22:08:38 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\VS Revo Group
[2014/07/07 22:08:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2014/07/07 22:08:35 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
[2014/07/07 22:08:35 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group
[2014/07/07 22:08:34 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2014/07/07 18:52:15 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
[2014/07/07 18:51:39 | 000,000,000 | ---D | C] -- C:\HP_ePrint
[2014/07/03 09:08:37 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Adobe
[2014/07/02 10:51:02 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/02 10:50:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/07/02 10:50:48 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/07/02 10:50:48 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/07/02 10:50:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/06/21 11:20:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2014/06/17 16:21:34 | 000,235,800 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2014/06/17 16:07:12 | 000,328,984 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys
[2014/06/17 16:06:58 | 000,269,080 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2014/06/17 16:06:24 | 000,190,744 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsha.sys
[2014/06/17 16:06:22 | 000,242,968 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2014/06/17 16:06:22 | 000,153,368 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys
[2014/06/17 16:06:20 | 000,123,672 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2014/06/17 16:06:06 | 000,031,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys
 
========== Files - Modified Within 30 Days ==========
 
[2014/07/16 21:29:15 | 000,015,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/16 21:29:15 | 000,015,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/16 21:22:41 | 000,001,942 | ---- | M] () -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 7510 series (Network).lnk
[2014/07/16 21:22:20 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/07/16 21:21:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/16 21:21:31 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2014/07/16 21:21:27 | 2140,467,199 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/16 21:19:17 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
[2014/07/16 21:10:57 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4104090456-942970366-3307904469-1003Core.job
[2014/07/16 21:10:57 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/07/16 21:10:50 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/16 21:10:47 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4104090456-942970366-3307904469-1003UA.job
[2014/07/16 08:35:28 | 000,786,514 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/07/16 08:35:28 | 000,665,304 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/07/16 08:35:28 | 000,123,112 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/07/15 12:42:51 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRegina.job
[2014/07/15 03:22:11 | 000,435,472 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/07/14 13:54:02 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForSteve.job
[2014/07/14 12:36:08 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2014/07/14 10:46:03 | 000,001,182 | ---- | M] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Photosmart 7510 series.lnk
[2014/07/14 10:46:02 | 000,002,250 | ---- | M] () -- C:\Users\Public\Desktop\HP Photosmart 7510 series.lnk
[2014/07/13 20:03:21 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/13 18:51:03 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2014/07/13 12:35:53 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/07/10 20:53:51 | 000,258,666 | ---- | M] () -- C:\Users\Steve\Documents\NIN seats.xps
[2014/07/10 20:15:10 | 000,002,219 | ---- | M] () -- C:\Users\Steve\Desktop\HP Support Assistant.lnk
[2014/07/10 19:37:29 | 000,000,861 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2014/07/10 12:39:57 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/07/09 22:16:29 | 000,122,154 | ---- | M] () -- C:\Users\Steve\Documents\registry backup.reg
[2014/07/08 19:51:00 | 000,002,006 | ---- | M] () -- C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
[2014/07/08 19:45:11 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\HP Photosmart 7510 series.exe_{7BE77095-FC9B-408B-B26A-AEDF1505E35D}.job
[2014/07/08 19:45:00 | 000,000,290 | ---- | M] () -- C:\Windows\tasks\Toolbox.exe_{0A4766BF-E7A7-470E-A1BE-0C3F30EADA5A}.job
[2014/07/08 19:44:59 | 000,000,300 | ---- | M] () -- C:\Windows\tasks\WOWPrint.exe_{D4C9F674-D47B-4FA1-ADA2-68955A37CB03}.job
[2014/07/08 14:17:46 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{15CD4AFF-B521-404B-A696-CFE62BAE15AB}.job
[2014/07/08 14:10:54 | 000,001,106 | ---- | M] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 5.lnk
[2014/07/08 14:10:54 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize 5.job
[2014/07/08 14:10:54 | 000,000,250 | ---- | M] () -- C:\Windows\tasks\GU5SkipUAC.job
[2014/07/08 14:10:52 | 000,020,160 | ---- | M] (Glarysoft Ltd) -- C:\Windows\SysNative\drivers\GUBootStartup.sys
[2014/07/08 13:22:01 | 000,369,168 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysNative\wpcap.dll
[2014/07/08 13:22:01 | 000,281,104 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysWow64\wpcap.dll
[2014/07/08 13:22:01 | 000,106,000 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysNative\packet.dll
[2014/07/08 13:22:01 | 000,096,784 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysWow64\packet.dll
[2014/07/08 13:22:01 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysNative\drivers\npf.sys
[2014/07/08 13:22:01 | 000,002,052 | ---- | M] () -- C:\Users\Public\Desktop\NETGEAR Genie.lnk
[2014/07/08 12:35:16 | 000,099,580 | ---- | M] () -- C:\Users\Steve\Desktop\House.jpg
[2014/07/08 12:34:17 | 000,099,580 | ---- | M] () -- C:\Users\Steve\Desktop\House 2.jpg
[2014/07/08 12:30:20 | 000,001,993 | ---- | M] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2014/07/07 22:45:16 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{F8075218-9817-41FE-82CC-136A8EB3A619}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{3CD08C26-55B7-4173-A781-208C074089A4}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{39ED2E90-6501-4756-B268-4F4F534F1BF5}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{38C1CE45-6C53-4C14-A879-71C83D07D6EF}.job
[2014/07/07 22:45:14 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{B7D68225-1BF5-455A-BCD6-DD6E285EE27C}.job
[2014/07/07 22:41:01 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{D4446781-1E21-467E-8042-14139BABA3D0}.job
[2014/07/07 22:08:36 | 000,001,103 | ---- | M] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2014/07/07 22:08:36 | 000,001,079 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2014/07/07 20:20:01 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{8F3C5E38-CA8C-4676-A01B-C344FE20AB43}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{D5892677-ABED-4C2F-BAEF-61368A77CD6E}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{1304F0DD-E9DC-4627-9B95-E1B3E7123A7E}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{02A579CE-D884-4A2B-8779-8556BE5A68CE}.job
[2014/07/07 20:19:59 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{E44E59ED-0D10-45CB-A137-B55D13308B5D}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{C6D5B7B0-B7CD-4C90-A7FF-B9CD913A5C8E}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{5694A2C1-E424-444A-8D57-6812908D16A3}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{4D6F2D12-7A7D-47ED-9E6A-7D625B62492C}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{73B949FC-80F0-454B-9C23-5109A385FB7D}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{5E950ACA-662A-49E7-B169-C6A1B26FBB1A}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{4CAB99AD-E91E-46F0-91F8-31BB30279723}.job
[2014/07/07 19:52:08 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{B79F4FF0-63EE-43FD-ACEA-F21F95EDED16}.job
[2014/07/07 19:52:08 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{58BF558E-BD7D-4B1D-9009-758325DA607E}.job
[2014/07/07 19:52:07 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{69C9B166-5E84-48FF-B59A-DDF92AB40F8C}.job
[2014/07/07 19:49:17 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{9145778C-28CD-4F27-8011-86ABD7974233}.job
[2014/07/07 19:49:17 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{231D6AEC-91F7-4269-8ED0-9951CE64D4D9}.job
[2014/07/07 19:49:15 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{0F3661DF-7BC2-45AA-B807-FB599C54CFB7}.job
[2014/07/07 19:49:12 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{E40D99B9-6E10-4868-BFAA-F8253B5E9718}.job
[2014/07/03 09:49:07 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014/07/03 00:03:14 | 000,028,960 | ---- | M] (Glarysoft Ltd) -- C:\Windows\SysNative\RegBootDefrag.exe
[2014/07/03 00:03:02 | 000,118,048 | ---- | M] (Glarysoft Ltd) -- C:\Windows\SysNative\BootDefrag.exe
[2014/07/01 00:52:50 | 000,017,600 | ---- | M] (Glarysoft Ltd) -- C:\Windows\SysNative\drivers\BootDefragDriver.sys
[2014/06/22 13:52:19 | 000,050,464 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2014/06/21 11:57:17 | 000,258,286 | ---- | M] () -- C:\Users\Steve\Documents\NIN.xps
[2014/06/17 16:21:34 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2014/06/17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys
[2014/06/17 16:06:58 | 000,269,080 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2014/06/17 16:06:24 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsha.sys
[2014/06/17 16:06:22 | 000,242,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2014/06/17 16:06:22 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys
[2014/06/17 16:06:20 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2014/06/17 16:06:06 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys
[2014/06/17 12:26:41 | 001,134,536 | ---- | M] () -- C:\Users\Steve\Documents\Marriage Certificate.pdf
[2014/06/17 12:25:21 | 000,236,594 | ---- | M] () -- C:\Users\Steve\Desktop\Pebp letter.pdf
 
========== Files Created - No Company Name ==========
 
[2014/07/14 10:50:19 | 000,001,942 | ---- | C] () -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 7510 series (Network).lnk
[2014/07/14 10:46:03 | 000,001,182 | ---- | C] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Photosmart 7510 series.lnk
[2014/07/14 10:46:02 | 000,002,250 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart 7510 series.lnk
[2014/07/13 18:51:03 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2014/07/10 20:53:50 | 000,258,666 | ---- | C] () -- C:\Users\Steve\Documents\NIN seats.xps
[2014/07/10 20:15:10 | 000,002,219 | ---- | C] () -- C:\Users\Steve\Desktop\HP Support Assistant.lnk
[2014/07/10 19:37:29 | 000,000,861 | ---- | C] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2014/07/09 22:16:26 | 000,122,154 | ---- | C] () -- C:\Users\Steve\Documents\registry backup.reg
[2014/07/09 19:06:33 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2014/07/08 19:45:11 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\HP Photosmart 7510 series.exe_{7BE77095-FC9B-408B-B26A-AEDF1505E35D}.job
[2014/07/08 19:45:00 | 000,000,290 | ---- | C] () -- C:\Windows\tasks\Toolbox.exe_{0A4766BF-E7A7-470E-A1BE-0C3F30EADA5A}.job
[2014/07/08 19:44:59 | 000,000,300 | ---- | C] () -- C:\Windows\tasks\WOWPrint.exe_{D4C9F674-D47B-4FA1-ADA2-68955A37CB03}.job
[2014/07/08 14:17:46 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{15CD4AFF-B521-404B-A696-CFE62BAE15AB}.job
[2014/07/08 14:10:54 | 000,001,106 | ---- | C] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 5.lnk
[2014/07/08 14:10:54 | 000,001,094 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
[2014/07/08 14:10:53 | 000,000,332 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize 5.job
[2014/07/08 14:10:53 | 000,000,250 | ---- | C] () -- C:\Windows\tasks\GU5SkipUAC.job
[2014/07/08 12:34:16 | 000,099,580 | ---- | C] () -- C:\Users\Steve\Desktop\House 2.jpg
[2014/07/07 22:45:16 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{F8075218-9817-41FE-82CC-136A8EB3A619}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{3CD08C26-55B7-4173-A781-208C074089A4}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{39ED2E90-6501-4756-B268-4F4F534F1BF5}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{38C1CE45-6C53-4C14-A879-71C83D07D6EF}.job
[2014/07/07 22:45:14 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{B7D68225-1BF5-455A-BCD6-DD6E285EE27C}.job
[2014/07/07 22:41:01 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{D4446781-1E21-467E-8042-14139BABA3D0}.job
[2014/07/07 22:08:36 | 000,001,103 | ---- | C] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2014/07/07 22:08:36 | 000,001,079 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2014/07/07 20:20:01 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{8F3C5E38-CA8C-4676-A01B-C344FE20AB43}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{D5892677-ABED-4C2F-BAEF-61368A77CD6E}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{1304F0DD-E9DC-4627-9B95-E1B3E7123A7E}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{02A579CE-D884-4A2B-8779-8556BE5A68CE}.job
[2014/07/07 20:19:59 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{E44E59ED-0D10-45CB-A137-B55D13308B5D}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{C6D5B7B0-B7CD-4C90-A7FF-B9CD913A5C8E}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{5694A2C1-E424-444A-8D57-6812908D16A3}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{4D6F2D12-7A7D-47ED-9E6A-7D625B62492C}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{73B949FC-80F0-454B-9C23-5109A385FB7D}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{5E950ACA-662A-49E7-B169-C6A1B26FBB1A}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{4CAB99AD-E91E-46F0-91F8-31BB30279723}.job
[2014/07/07 19:52:08 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{B79F4FF0-63EE-43FD-ACEA-F21F95EDED16}.job
[2014/07/07 19:52:08 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{58BF558E-BD7D-4B1D-9009-758325DA607E}.job
[2014/07/07 19:52:07 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{69C9B166-5E84-48FF-B59A-DDF92AB40F8C}.job
[2014/07/07 19:49:17 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{9145778C-28CD-4F27-8011-86ABD7974233}.job
[2014/07/07 19:49:17 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{231D6AEC-91F7-4269-8ED0-9951CE64D4D9}.job
[2014/07/07 19:49:15 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{0F3661DF-7BC2-45AA-B807-FB599C54CFB7}.job
[2014/07/07 19:49:12 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{E40D99B9-6E10-4868-BFAA-F8253B5E9718}.job
[2014/07/07 19:40:50 | 000,099,580 | ---- | C] () -- C:\Users\Steve\Desktop\House.jpg
[2014/06/21 11:57:16 | 000,258,286 | ---- | C] () -- C:\Users\Steve\Documents\NIN.xps
[2014/06/17 12:26:40 | 001,134,536 | ---- | C] () -- C:\Users\Steve\Documents\Marriage Certificate.pdf
[2014/06/17 12:25:21 | 000,236,594 | ---- | C] () -- C:\Users\Steve\Desktop\Pebp letter.pdf
[2013/11/14 14:23:10 | 000,305,059 | ---- | C] () -- C:\Users\Steve\AppData\Local\census.cache
[2013/11/14 14:23:05 | 000,136,531 | ---- | C] () -- C:\Users\Steve\AppData\Local\ars.cache
[2011/12/31 17:45:04 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2011/06/05 12:03:24 | 000,000,122 | ---- | C] () -- C:\Users\Steve\AppData\Roaming\wklnhst.dat
[2010/11/23 09:30:58 | 000,000,036 | ---- | C] () -- C:\Users\Steve\AppData\Local\housecall.guid.cache
[2009/12/28 20:20:38 | 000,000,363 | ---- | C] () -- C:\Users\Steve\RecentPlaces.lnk
[2009/12/28 20:20:34 | 000,000,904 | RHS- | C] () -- C:\Users\Steve\ntuser.pol
[2009/12/28 19:03:01 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Grapher
[2009/12/28 19:03:01 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2009/12/28 19:03:01 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Halftone
 
========== ZeroAccess Check ==========
 
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 19:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 19:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013/10/19 09:23:43 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\AVG2014
[2013/11/14 14:54:23 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\BitLord
[2010/07/21 10:53:17 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2014/07/09 09:54:35 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\DiskDefrag
[2012/01/08 22:03:08 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\FrostWire
[2014/07/08 14:10:55 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\GlarySoft
[2010/12/25 09:57:23 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Nikon
[2009/12/28 20:20:47 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\PictureMover
[2013/11/14 13:20:14 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Python-Eggs
[2014/03/09 16:24:39 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Seagate
[2011/06/05 12:03:25 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Template
[2010/03/04 22:32:04 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Thunderbird
[2012/10/06 08:51:48 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\TuneUp Software
[2012/03/30 10:56:00 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Visan
[2010/03/18 22:14:01 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\WinBatch
[2012/09/29 11:59:58 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 

< End of report >
 


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP