I was having trouble with my hp wireless printer not scanning. I uninstalled the software and tried to reinstall it but it wouldnt get past the wireless connection.
I noticed that my windows updates had been turned off and cannot turn it on or download updates to anything.
I have Malwarebytes and ran it but not sure if its updating properly and it finds no problems on a scan.
I tried to install Microsoft security essentials and also Trend Micro Housecall but neither program will install.
Today I started getting all kinds of pop ups on my browser and have not been able to stop them.
I just ran OTL and here is a copy. Any help is much appreciated!!
OTL logfile created on: 7/13/2014 2:41:58 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Steve\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.99 Gb Total Physical Memory | 5.80 Gb Available Physical Memory | 72.54% Memory free
15.98 Gb Paging File | 13.61 Gb Available in Paging File | 85.18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 686.23 Gb Total Space | 549.75 Gb Free Space | 80.11% Space Free | Partition Type: NTFS
Drive D: | 12.31 Gb Total Space | 1.38 Gb Free Space | 11.24% Space Free | Partition Type: NTFS
Drive G: | 100.00 Mb Total Space | 61.81 Mb Free Space | 61.81% Space Free | Partition Type: NTFS
Drive H: | 915.00 Gb Total Space | 782.64 Gb Free Space | 85.53% Space Free | Partition Type: NTFS
Drive I: | 16.41 Gb Total Space | 5.49 Gb Free Space | 33.45% Space Free | Partition Type: NTFS
Computer Name: REGINA-PC | User Name: Steve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/07/13 14:41:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Steve\Downloads\OTL.exe
PRC - [2014/07/02 21:04:37 | 001,869,488 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
PRC - [2014/06/27 15:20:18 | 003,241,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2014/06/22 13:52:19 | 002,571,288 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2014/06/17 16:18:02 | 005,179,408 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
PRC - [2014/06/17 16:11:46 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2014/06/05 21:38:12 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/08/19 18:28:33 | 000,389,016 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
========== Modules (No Company Name) ==========
MOD - [2014/07/02 21:04:37 | 017,024,688 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll
MOD - [2014/06/22 13:52:19 | 002,571,288 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2014/06/22 13:52:19 | 000,693,272 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\NativeBrowserApi\18.1.7\NativeBrowserApi.dll
MOD - [2014/06/22 13:52:19 | 000,519,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\log4cplusU.dll
MOD - [2014/06/05 21:38:46 | 003,852,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/03/20 11:10:50 | 001,603,608 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\TBAPI.dll
MOD - [2013/08/19 18:28:33 | 002,244,504 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
MOD - [2013/08/19 18:28:33 | 000,158,104 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2013/08/19 18:28:33 | 000,022,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldappr32v60.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014/05/30 02:21:05 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/09/08 01:51:16 | 000,203,264 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2014/07/02 21:04:37 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/06/27 15:20:18 | 003,241,488 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014/06/22 13:52:19 | 001,813,528 | ---- | M] (AVG Secure Search) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe -- (vToolbarUpdater18.1.7)
SRV - [2014/06/17 16:11:46 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2014/06/05 21:38:37 | 000,119,408 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/05/21 11:34:38 | 000,049,464 | ---- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\Program Files (x86)\hp\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2014/03/23 20:32:02 | 000,225,792 | ---- | M] (NETGEAR) [Disabled | Stopped] -- C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe -- (NETGEARGenieDaemon)
SRV - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/04 18:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/10/30 17:35:44 | 001,128,544 | ---- | M] (Seagate) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/01/18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/04/22 13:56:50 | 000,984,392 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/02/20 17:09:07 | 000,867,080 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/02/18 15:01:06 | 000,462,632 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2009/09/06 07:06:20 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/22 11:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/09/30 19:59:26 | 000,192,512 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe -- (HPBtnSrv)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/07/08 14:10:52 | 000,020,160 | ---- | M] (Glarysoft Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GUBootStartup.sys -- (GUBootStartup)
DRV:64bit: - [2014/07/08 13:22:01 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2014/07/01 00:52:50 | 000,017,600 | ---- | M] (Glarysoft Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BootDefragDriver.sys -- (BootDefragDriver)
DRV:64bit: - [2014/06/22 13:52:19 | 000,050,464 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2014/06/17 16:21:34 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2014/06/17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2014/06/17 16:06:58 | 000,269,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2014/06/17 16:06:24 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2014/06/17 16:06:22 | 000,242,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2014/06/17 16:06:22 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2014/06/17 16:06:20 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2014/06/17 16:06:06 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2014/03/09 16:24:03 | 001,120,032 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tib.sys -- (tib)
DRV:64bit: - [2014/03/09 16:24:03 | 000,183,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tib_mounter.sys -- (tib_mounter)
DRV:64bit: - [2014/03/09 16:24:02 | 001,462,560 | ---- | M] (Acronis International GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdrpman.sys -- (tdrpman)
DRV:64bit: - [2014/03/09 16:24:01 | 000,161,568 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vididr.sys -- (vididr)
DRV:64bit: - [2014/03/09 16:24:01 | 000,117,024 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vidsflt.sys -- (vidsflt)
DRV:64bit: - [2014/03/09 16:23:59 | 000,233,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2014/03/09 16:23:59 | 000,108,832 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv)
DRV:64bit: - [2013/10/01 19:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/06/20 10:42:44 | 003,678,720 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/18 07:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/01/18 07:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/09/08 02:26:04 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/09/08 02:26:04 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/09/08 01:15:06 | 000,279,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010/03/03 19:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/01/28 10:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/12/30 10:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/08/20 17:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 17:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/06/16 04:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV - [2009/10/20 14:50:12 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/06/11 13:11:29] [Kernel | Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis....q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis....q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{2783B66A-55CC-4056-86A9-3BA729C889EC}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE:64bit: - HKLM\..\SearchScopes\{C1E63727-935B-4A47-98BC-9B86FDF6A0BC}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis....q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis....q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{2783B66A-55CC-4056-86A9-3BA729C889EC}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{56DE73FF-73CF-4E0A-B10B-07B806D438EA}: "URL" = ${SEARCH_URL}{searchTerms}
IE - HKLM\..\SearchScopes\{C1E63727-935B-4A47-98BC-9B86FDF6A0BC}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{7FB11826-47CE-4849-AFBF-0B6CD1636106}: "URL" = http://search.condui...4525793511&UM=2
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={6C95A33C-8C1B-4299-BE85-A5BEC83E918F}&mid=b3eac9d998398c3151ef564ae112aa16-1ff8c315a8f217f457fe384e8cab6e80f6b5bda9&lang=en&ds=AVG&pr=fr&d=2012-10-06 08:51:44&v=15.4.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{C1E63727-935B-4A47-98BC-9B86FDF6A0BC}: "URL" = http://www.bing.com/...E11SR&pc=HPDTDF
IE - HKCU\..\SearchScopes\{EEDAA5C8-F527-4D4E-BD3A-54021F31DA58}: "URL" = http://mp3tubetoolba...e4856f971c4347a
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Dogpile"
FF - prefs.js..browser.search.defaultthis.engineName: "InternetHelper3.1 Customized Web Search"
FF - prefs.js..browser.search.order.1: "Dogpile"
FF - prefs.js..browser.search.selectedEngineURL: "http://mp3tubetoolba...={searchTerms}"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "yahoo.com"
FF - prefs.js..extensions.enabledAddons: %7B27c60876-b5c9-4335-b4f3-52b26782220c%7D:0.9.4
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: avg%40toolbar:18.1.7.644
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.67
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..keyword.URL: "http://mp3tubetoolba...removelink2&q="
FF - user.js..keyword.URL: "http://mp3tubetoolba...removelink2&q="
FF - user.js..keyword.enabled: 1
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Steve\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Steve\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.7.644 [2014/07/09 17:58:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 15:27:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/03/15 11:16:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/05/30 16:35:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2014/03/15 11:16:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014/05/30 16:35:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files (x86)\AVG\AVG2012\Thunderbird\
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2014/03/15 11:16:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014/05/30 16:35:49 | 000,000,000 | ---D | M]
[2010/03/04 22:32:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Extensions
[2010/03/04 22:32:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/02/21 17:39:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Extensions\[email protected]
[2014/07/13 14:39:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\horwqrdo.default\extensions
[2011/03/29 19:19:34 | 000,000,000 | ---D | M] ("Malware Search") -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\horwqrdo.default\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}
[2013/11/14 14:54:22 | 000,000,000 | ---D | M] (ScorpionSaver) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\horwqrdo.default\extensions\ScorpionSaver@jetpack
[2014/07/13 14:28:29 | 000,010,912 | ---- | M] () (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\horwqrdo.default\extensions\[email protected]
[2012/01/21 10:14:55 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\horwqrdo.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2011/05/22 16:28:29 | 000,001,211 | ---- | M] () -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\horwqrdo.default\searchplugins\Mp3Tube.xml
[2010/02/21 18:32:01 | 000,009,985 | ---- | M] () -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\horwqrdo.default\searchplugins\mywebsearch.xml
[2013/10/15 10:20:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/10/15 10:23:35 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/10/15 10:23:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/10/15 10:23:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013/10/15 10:23:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/10/01 09:41:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/07/13 12:35:50 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/11/16 15:51:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions
[2013/11/16 15:51:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/07/09 17:58:36 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\18.1.7.644
[2013/02/18 22:25:44 | 000,003,714 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
CHR - plugin: Microsoft® Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\\npsitesafety.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
CHR - plugin: Java Deployment Toolkit 7.0.210.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: YouTube = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Cast = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd\14.605.0.10_0\
CHR - Extension: Do Not Track = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckdcpbflcbeillmamogkpmdhnbeggfja\0.1.1_0\
CHR - Extension: Google Search = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.5_0\
CHR - Extension: Ghostery = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.3.0_0\
CHR - Extension: Google Wallet = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.7.644\AVG Secure Search_toolbar.dll (AVG Secure Search)
O2 - BHO: (hpBHO Class) - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.7.644\AVG Secure Search_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - CC:\Windows\system32\AdpeakProxy64.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - CC:\Windows\system32\AdpeakProxy64.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - CC:\Windows\system32\AdpeakProxy64.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - CC:\Windows\system32\AdpeakProxy64.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - CC:\Windows\system32\AdpeakProxy64.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onec...s/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88786135-6BA9-4FD6-B945-887056AE4746}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B632F6BD-3E77-4DA9-BB2D-A244E962DA21}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\vsharechrome - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (AVG Secure Search)
O18 - Protocol\Handler\vsharechrome - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (RegBootDefrag)
O34 - HKLM BootExecute: (cute settings...)
O34 - HKLM BootExecute: (ountPoints2\M\Sh)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/07/13 13:07:00 | 000,028,960 | ---- | C] (Glarysoft Ltd) -- C:\Windows\SysNative\RegBootDefrag.exe
[2014/07/10 20:15:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
[2014/07/10 20:12:20 | 000,000,000 | ---D | C] -- C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
[2014/07/10 09:17:06 | 000,000,000 | ---D | C] -- C:\swsetup
[2014/07/09 13:15:00 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2014/07/08 14:10:54 | 000,000,000 | ---D | C] -- C:\ProgramData\GlarySoft
[2014/07/08 14:10:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
[2014/07/08 14:10:52 | 000,118,048 | ---- | C] (Glarysoft Ltd) -- C:\Windows\SysNative\BootDefrag.exe
[2014/07/08 14:10:52 | 000,020,160 | ---- | C] (Glarysoft Ltd) -- C:\Windows\SysNative\drivers\GUBootStartup.sys
[2014/07/08 14:10:52 | 000,017,600 | ---- | C] (Glarysoft Ltd) -- C:\Windows\SysNative\drivers\BootDefragDriver.sys
[2014/07/08 14:10:48 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\DiskDefrag
[2014/07/08 14:10:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities 5
[2014/07/08 12:30:24 | 000,000,000 | R--D | C] -- C:\Users\Steve\Documents\HP Photo Creations
[2014/07/07 22:10:35 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Hewlett-Packard_Company
[2014/07/07 22:10:26 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\HP TCS
[2014/07/07 22:08:38 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\VS Revo Group
[2014/07/07 22:08:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2014/07/07 22:08:35 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
[2014/07/07 22:08:35 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group
[2014/07/07 22:08:34 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2014/07/07 18:52:15 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
[2014/07/07 18:51:39 | 000,000,000 | ---D | C] -- C:\HP_ePrint
[2014/07/03 09:08:37 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Adobe
[2014/07/02 10:51:02 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/02 10:50:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/07/02 10:50:48 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/07/02 10:50:48 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/07/02 10:50:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/06/21 11:20:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2014/06/17 16:21:34 | 000,235,800 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2014/06/17 16:07:12 | 000,328,984 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys
[2014/06/17 16:06:58 | 000,269,080 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2014/06/17 16:06:24 | 000,190,744 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsha.sys
[2014/06/17 16:06:22 | 000,242,968 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2014/06/17 16:06:22 | 000,153,368 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys
[2014/06/17 16:06:20 | 000,123,672 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2014/06/17 16:06:06 | 000,031,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys
========== Files - Modified Within 30 Days ==========
[2014/07/13 14:12:51 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/13 13:38:43 | 000,002,250 | ---- | M] () -- C:\Users\Steve\Desktop\HP Photosmart 7510 series.lnk
[2014/07/13 13:16:33 | 000,015,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/13 13:16:33 | 000,015,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/13 13:15:20 | 000,786,514 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/07/13 13:15:20 | 000,665,304 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/07/13 13:15:20 | 000,123,112 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/07/13 13:08:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/13 13:08:04 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2014/07/13 13:08:00 | 2140,467,199 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/13 12:35:53 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/07/10 20:53:51 | 000,258,666 | ---- | M] () -- C:\Users\Steve\Documents\NIN seats.xps
[2014/07/10 20:15:10 | 000,002,219 | ---- | M] () -- C:\Users\Steve\Desktop\HP Support Assistant.lnk
[2014/07/10 19:37:29 | 000,000,861 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2014/07/10 12:39:57 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/07/09 22:16:29 | 000,122,154 | ---- | M] () -- C:\Users\Steve\Documents\registry backup.reg
[2014/07/09 13:15:09 | 000,002,250 | ---- | M] () -- C:\Users\Public\Desktop\HP Photosmart 7510 series.lnk
[2014/07/09 13:15:09 | 000,001,182 | ---- | M] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Photosmart 7510 series.lnk
[2014/07/08 19:51:00 | 000,002,006 | ---- | M] () -- C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
[2014/07/08 19:45:11 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\HP Photosmart 7510 series.exe_{7BE77095-FC9B-408B-B26A-AEDF1505E35D}.job
[2014/07/08 19:45:00 | 000,000,290 | ---- | M] () -- C:\Windows\tasks\Toolbox.exe_{0A4766BF-E7A7-470E-A1BE-0C3F30EADA5A}.job
[2014/07/08 19:44:59 | 000,000,300 | ---- | M] () -- C:\Windows\tasks\WOWPrint.exe_{D4C9F674-D47B-4FA1-ADA2-68955A37CB03}.job
[2014/07/08 14:17:46 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{15CD4AFF-B521-404B-A696-CFE62BAE15AB}.job
[2014/07/08 14:10:54 | 000,001,106 | ---- | M] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 5.lnk
[2014/07/08 14:10:54 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize 5.job
[2014/07/08 14:10:54 | 000,000,250 | ---- | M] () -- C:\Windows\tasks\GU5SkipUAC.job
[2014/07/08 14:10:52 | 000,020,160 | ---- | M] (Glarysoft Ltd) -- C:\Windows\SysNative\drivers\GUBootStartup.sys
[2014/07/08 13:22:01 | 000,369,168 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysNative\wpcap.dll
[2014/07/08 13:22:01 | 000,281,104 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysWow64\wpcap.dll
[2014/07/08 13:22:01 | 000,106,000 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysNative\packet.dll
[2014/07/08 13:22:01 | 000,096,784 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysWow64\packet.dll
[2014/07/08 13:22:01 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysNative\drivers\npf.sys
[2014/07/08 13:22:01 | 000,002,052 | ---- | M] () -- C:\Users\Public\Desktop\NETGEAR Genie.lnk
[2014/07/08 12:35:16 | 000,099,580 | ---- | M] () -- C:\Users\Steve\Desktop\House.jpg
[2014/07/08 12:34:17 | 000,099,580 | ---- | M] () -- C:\Users\Steve\Desktop\House 2.jpg
[2014/07/08 12:30:20 | 000,001,993 | ---- | M] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2014/07/07 22:45:16 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{F8075218-9817-41FE-82CC-136A8EB3A619}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{3CD08C26-55B7-4173-A781-208C074089A4}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{39ED2E90-6501-4756-B268-4F4F534F1BF5}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{38C1CE45-6C53-4C14-A879-71C83D07D6EF}.job
[2014/07/07 22:45:14 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{B7D68225-1BF5-455A-BCD6-DD6E285EE27C}.job
[2014/07/07 22:41:01 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{D4446781-1E21-467E-8042-14139BABA3D0}.job
[2014/07/07 22:08:36 | 000,001,103 | ---- | M] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2014/07/07 22:08:36 | 000,001,079 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2014/07/07 20:20:01 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{8F3C5E38-CA8C-4676-A01B-C344FE20AB43}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{D5892677-ABED-4C2F-BAEF-61368A77CD6E}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{1304F0DD-E9DC-4627-9B95-E1B3E7123A7E}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{02A579CE-D884-4A2B-8779-8556BE5A68CE}.job
[2014/07/07 20:19:59 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{E44E59ED-0D10-45CB-A137-B55D13308B5D}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{C6D5B7B0-B7CD-4C90-A7FF-B9CD913A5C8E}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{5694A2C1-E424-444A-8D57-6812908D16A3}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{4D6F2D12-7A7D-47ED-9E6A-7D625B62492C}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{73B949FC-80F0-454B-9C23-5109A385FB7D}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{5E950ACA-662A-49E7-B169-C6A1B26FBB1A}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{4CAB99AD-E91E-46F0-91F8-31BB30279723}.job
[2014/07/07 19:52:08 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{B79F4FF0-63EE-43FD-ACEA-F21F95EDED16}.job
[2014/07/07 19:52:08 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{58BF558E-BD7D-4B1D-9009-758325DA607E}.job
[2014/07/07 19:52:07 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{69C9B166-5E84-48FF-B59A-DDF92AB40F8C}.job
[2014/07/07 19:49:17 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{9145778C-28CD-4F27-8011-86ABD7974233}.job
[2014/07/07 19:49:17 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{231D6AEC-91F7-4269-8ED0-9951CE64D4D9}.job
[2014/07/07 19:49:15 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{0F3661DF-7BC2-45AA-B807-FB599C54CFB7}.job
[2014/07/07 19:49:12 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\hpUrlLauncher.exe_{E40D99B9-6E10-4868-BFAA-F8253B5E9718}.job
[2014/07/05 09:03:17 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/07/03 09:49:07 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014/07/03 00:03:14 | 000,028,960 | ---- | M] (Glarysoft Ltd) -- C:\Windows\SysNative\RegBootDefrag.exe
[2014/07/03 00:03:02 | 000,118,048 | ---- | M] (Glarysoft Ltd) -- C:\Windows\SysNative\BootDefrag.exe
[2014/07/02 11:55:01 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForSteve.job
[2014/07/02 11:42:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/07/02 11:10:10 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
[2014/07/02 10:58:02 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4104090456-942970366-3307904469-1003UA.job
[2014/07/02 09:38:00 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRegina.job
[2014/07/02 07:42:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/07/02 07:24:54 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4104090456-942970366-3307904469-1003Core.job
[2014/07/01 00:52:50 | 000,017,600 | ---- | M] (Glarysoft Ltd) -- C:\Windows\SysNative\drivers\BootDefragDriver.sys
[2014/06/22 13:52:51 | 000,003,728 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
[2014/06/22 13:52:19 | 000,050,464 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2014/06/21 11:57:17 | 000,258,286 | ---- | M] () -- C:\Users\Steve\Documents\NIN.xps
[2014/06/17 16:21:34 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2014/06/17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys
[2014/06/17 16:06:58 | 000,269,080 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2014/06/17 16:06:24 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsha.sys
[2014/06/17 16:06:22 | 000,242,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2014/06/17 16:06:22 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys
[2014/06/17 16:06:20 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2014/06/17 16:06:06 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys
[2014/06/17 12:26:41 | 001,134,536 | ---- | M] () -- C:\Users\Steve\Documents\Marriage Certificate.pdf
[2014/06/17 12:25:21 | 000,236,594 | ---- | M] () -- C:\Users\Steve\Desktop\Pebp letter.pdf
[2014/06/14 12:50:25 | 000,166,668 | ---- | M] () -- C:\Users\Steve\Desktop\Me n Reg.JPG
[2014/06/13 22:16:21 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
========== Files Created - No Company Name ==========
[2014/07/13 13:38:43 | 000,002,250 | ---- | C] () -- C:\Users\Steve\Desktop\HP Photosmart 7510 series.lnk
[2014/07/10 20:53:50 | 000,258,666 | ---- | C] () -- C:\Users\Steve\Documents\NIN seats.xps
[2014/07/10 20:15:10 | 000,002,219 | ---- | C] () -- C:\Users\Steve\Desktop\HP Support Assistant.lnk
[2014/07/10 19:37:29 | 000,000,861 | ---- | C] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2014/07/09 22:16:26 | 000,122,154 | ---- | C] () -- C:\Users\Steve\Documents\registry backup.reg
[2014/07/09 19:06:33 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2014/07/09 13:15:09 | 000,002,250 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart 7510 series.lnk
[2014/07/09 13:15:09 | 000,001,182 | ---- | C] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Photosmart 7510 series.lnk
[2014/07/08 19:45:11 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\HP Photosmart 7510 series.exe_{7BE77095-FC9B-408B-B26A-AEDF1505E35D}.job
[2014/07/08 19:45:00 | 000,000,290 | ---- | C] () -- C:\Windows\tasks\Toolbox.exe_{0A4766BF-E7A7-470E-A1BE-0C3F30EADA5A}.job
[2014/07/08 19:44:59 | 000,000,300 | ---- | C] () -- C:\Windows\tasks\WOWPrint.exe_{D4C9F674-D47B-4FA1-ADA2-68955A37CB03}.job
[2014/07/08 14:17:46 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{15CD4AFF-B521-404B-A696-CFE62BAE15AB}.job
[2014/07/08 14:10:54 | 000,001,106 | ---- | C] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities 5.lnk
[2014/07/08 14:10:54 | 000,001,094 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
[2014/07/08 14:10:53 | 000,000,332 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize 5.job
[2014/07/08 14:10:53 | 000,000,250 | ---- | C] () -- C:\Windows\tasks\GU5SkipUAC.job
[2014/07/08 12:34:16 | 000,099,580 | ---- | C] () -- C:\Users\Steve\Desktop\House 2.jpg
[2014/07/07 22:45:16 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{F8075218-9817-41FE-82CC-136A8EB3A619}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{3CD08C26-55B7-4173-A781-208C074089A4}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{39ED2E90-6501-4756-B268-4F4F534F1BF5}.job
[2014/07/07 22:45:16 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{38C1CE45-6C53-4C14-A879-71C83D07D6EF}.job
[2014/07/07 22:45:14 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{B7D68225-1BF5-455A-BCD6-DD6E285EE27C}.job
[2014/07/07 22:41:01 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{D4446781-1E21-467E-8042-14139BABA3D0}.job
[2014/07/07 22:08:36 | 000,001,103 | ---- | C] () -- C:\Users\Steve\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2014/07/07 22:08:36 | 000,001,079 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2014/07/07 20:20:01 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{8F3C5E38-CA8C-4676-A01B-C344FE20AB43}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{D5892677-ABED-4C2F-BAEF-61368A77CD6E}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{1304F0DD-E9DC-4627-9B95-E1B3E7123A7E}.job
[2014/07/07 20:20:00 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{02A579CE-D884-4A2B-8779-8556BE5A68CE}.job
[2014/07/07 20:19:59 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{E44E59ED-0D10-45CB-A137-B55D13308B5D}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{C6D5B7B0-B7CD-4C90-A7FF-B9CD913A5C8E}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{5694A2C1-E424-444A-8D57-6812908D16A3}.job
[2014/07/07 19:52:10 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{4D6F2D12-7A7D-47ED-9E6A-7D625B62492C}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{73B949FC-80F0-454B-9C23-5109A385FB7D}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{5E950ACA-662A-49E7-B169-C6A1B26FBB1A}.job
[2014/07/07 19:52:09 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{4CAB99AD-E91E-46F0-91F8-31BB30279723}.job
[2014/07/07 19:52:08 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{B79F4FF0-63EE-43FD-ACEA-F21F95EDED16}.job
[2014/07/07 19:52:08 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{58BF558E-BD7D-4B1D-9009-758325DA607E}.job
[2014/07/07 19:52:07 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{69C9B166-5E84-48FF-B59A-DDF92AB40F8C}.job
[2014/07/07 19:49:17 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{9145778C-28CD-4F27-8011-86ABD7974233}.job
[2014/07/07 19:49:17 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{231D6AEC-91F7-4269-8ED0-9951CE64D4D9}.job
[2014/07/07 19:49:15 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{0F3661DF-7BC2-45AA-B807-FB599C54CFB7}.job
[2014/07/07 19:49:12 | 000,000,308 | ---- | C] () -- C:\Windows\tasks\hpUrlLauncher.exe_{E40D99B9-6E10-4868-BFAA-F8253B5E9718}.job
[2014/07/07 19:40:50 | 000,099,580 | ---- | C] () -- C:\Users\Steve\Desktop\House.jpg
[2014/06/21 11:57:16 | 000,258,286 | ---- | C] () -- C:\Users\Steve\Documents\NIN.xps
[2014/06/17 12:26:40 | 001,134,536 | ---- | C] () -- C:\Users\Steve\Documents\Marriage Certificate.pdf
[2014/06/17 12:25:21 | 000,236,594 | ---- | C] () -- C:\Users\Steve\Desktop\Pebp letter.pdf
[2014/06/14 12:50:25 | 000,166,668 | ---- | C] () -- C:\Users\Steve\Desktop\Me n Reg.JPG
[2013/11/14 14:23:10 | 000,305,059 | ---- | C] () -- C:\Users\Steve\AppData\Local\census.cache
[2013/11/14 14:23:05 | 000,136,531 | ---- | C] () -- C:\Users\Steve\AppData\Local\ars.cache
[2013/05/20 17:51:55 | 000,003,728 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
[2011/12/31 17:45:04 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2011/06/05 12:03:24 | 000,000,122 | ---- | C] () -- C:\Users\Steve\AppData\Roaming\wklnhst.dat
[2010/11/23 09:30:58 | 000,000,036 | ---- | C] () -- C:\Users\Steve\AppData\Local\housecall.guid.cache
[2009/12/28 20:20:38 | 000,000,363 | ---- | C] () -- C:\Users\Steve\RecentPlaces.lnk
[2009/12/28 20:20:34 | 000,000,904 | RHS- | C] () -- C:\Users\Steve\ntuser.pol
[2009/12/28 19:03:01 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Grapher
[2009/12/28 19:03:01 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2009/12/28 19:03:01 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Halftone
========== ZeroAccess Check ==========
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 19:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 19:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/10/19 09:23:43 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\AVG2014
[2013/11/14 14:54:23 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\BitLord
[2010/07/21 10:53:17 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/10/29 11:56:14 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\DefaultTab
[2014/07/09 09:54:35 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\DiskDefrag
[2013/10/15 09:51:30 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\DriverCure
[2012/01/08 22:03:08 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\FrostWire
[2014/07/08 14:10:55 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\GlarySoft
[2014/03/21 15:46:46 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\iFunBox.NXGen
[2014/03/21 14:52:32 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\iFunbox_UserCache
[2014/07/06 22:47:22 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Media Finder
[2010/12/25 09:57:23 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Nikon
[2013/10/15 09:51:30 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\ParetoLogic
[2009/12/28 20:20:47 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\PictureMover
[2013/11/14 13:20:14 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Python-Eggs
[2014/03/09 16:24:39 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Seagate
[2013/09/14 17:12:48 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\SearchProtect
[2011/06/05 12:03:25 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Template
[2010/03/04 22:32:04 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Thunderbird
[2012/10/06 08:51:48 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\TuneUp Software
[2012/03/30 10:56:00 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Visan
[2010/03/18 22:14:01 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\WinBatch
[2012/09/29 11:59:58 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:5C321E34
< End of report >