Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Krabweb Searchprotect virus malware - browser redirects - Ads keep pop


  • Please log in to reply

#1
alexisstephani

alexisstephani

    Member

  • Member
  • PipPip
  • 33 posts

I received some Windows - no disk exception processing  messages when I ran OTL

 

My Pc is a Dell E310 Desktop Intel Pentium 4 with Windows XP service pack3

 

The malware and or viruses make it nearly impossible to go on the web because of constant redirects and ads the pop up all over the screen

 

OTL logfile created on: 2/22/2015 8:24:25 PM - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\ALEXIS\My Documents\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.99 Gb Total Physical Memory | 0.42 Gb Available Physical Memory | 20.95% Memory free
2.58 Gb Paging File | 0.69 Gb Available in Paging File | 26.62% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 436.50 Gb Total Space | 199.44 Gb Free Space | 45.69% Space Free | Partition Type: NTFS
 
Computer Name: DH75M091 | User Name: ALEXIS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2015/02/22 20:24:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ALEXIS\My Documents\Downloads\OTL.com
PRC - [2015/02/22 17:22:21 | 000,407,280 | ---- | M] () -- C:\Program Files\Krab Web\bin\utilKrabWeb.exe
PRC - [2015/02/22 17:19:09 | 000,407,280 | ---- | M] () -- C:\Program Files\Krab Web\updateKrabWeb.exe
PRC - [2015/02/22 16:47:58 | 000,101,616 | ---- | M] () -- C:\Program Files\Krab Web\bin\KrabWeb.expext.exe
PRC - [2015/02/22 09:39:44 | 000,105,712 | ---- | M] () -- C:\Program Files\Krab Web\bin\KrabWeb.BrowserAdapter.exe
PRC - [2015/02/21 10:55:02 | 000,205,040 | ---- | M] () -- C:\Program Files\Krab Web\bin\KrabWeb.BRT.Helper.exe
PRC - [2015/02/15 11:44:58 | 005,050,128 | ---- | M] (Client Connect LTD) -- C:\Program Files\SearchProtect\SearchProtect\bin\cltmng.exe
PRC - [2015/02/15 11:44:58 | 003,730,192 | ---- | M] (Client Connect LTD) -- C:\Program Files\SearchProtect\UI\bin\cltmngui.exe
PRC - [2015/02/15 11:44:58 | 003,660,560 | ---- | M] (Client Connect LTD) -- C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe
PRC - [2015/01/29 17:37:16 | 000,091,840 | ---- | M] (Microsoft Corporation) -- c:\36214cac5ce97b097c7eed098d0209\mrtstub.exe
PRC - [2014/10/30 19:11:21 | 004,785,496 | ---- | M] (PC Drivers Headquarters) -- C:\Program Files\Driver Tool\Driver Tool\DriverTool.exe
PRC - [2014/10/19 04:57:56 | 001,399,320 | ---- | M] (Koninklijke Philips N.V.) -- C:\Documents and Settings\ALEXIS\Application Data\DirectLife\ALconnect\ALconnect.exe
PRC - [2014/08/06 22:20:57 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012/10/30 18:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/10/30 18:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/05/03 13:07:40 | 000,217,256 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe
PRC - [2011/08/01 09:11:38 | 001,091,984 | ---- | M] (Western Digital ) -- C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
PRC - [2011/08/01 09:11:36 | 001,592,208 | ---- | M] (Western Digital ) -- C:\Program Files\Western Digital\WD SmartWare\WDFME.exe
PRC - [2011/08/01 09:11:34 | 003,983,760 | ---- | M] (Western Digital Technologies, Inc.) -- C:\Program Files\Western Digital\WD SmartWare\WDDMStatus.exe
PRC - [2011/08/01 09:11:32 | 000,263,056 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
PRC - [2011/07/09 23:00:52 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ALEXIS\Desktop\OTL.exe
PRC - [2011/06/09 12:06:06 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/08/19 12:08:42 | 000,246,400 | ---- | M] (F5 Networks) -- C:\WINDOWS\system32\F5InstallerService.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008/11/13 13:17:38 | 000,439,616 | ---- | M] () -- C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/07/04 15:00:12 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2008/06/24 19:56:38 | 000,431,384 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/29 10:41:16 | 000,737,280 | ---- | M] (ADS Corp.) -- C:\Program Files\ION\EZ VHS Converter\MediaTVMonitor.exe
PRC - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2007/01/18 12:20:24 | 000,024,120 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\Sync\SeaSyncServices.exe
PRC - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2004/03/09 14:59:48 | 000,065,536 | ---- | M] () -- C:\WINDOWS\twain_32\ca561a\SnapDetect.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2015/02/22 17:22:21 | 000,407,280 | ---- | M] () -- C:\Program Files\Krab Web\bin\utilKrabWeb.exe
MOD - [2015/02/22 17:19:09 | 000,407,280 | ---- | M] () -- C:\Program Files\Krab Web\updateKrabWeb.exe
MOD - [2015/02/22 16:47:58 | 000,101,616 | ---- | M] () -- C:\Program Files\Krab Web\bin\KrabWeb.expext.exe
MOD - [2015/02/22 16:47:58 | 000,081,648 | ---- | M] () -- C:\Program Files\Krab Web\bin\KrabWeb.expextdll.dll
MOD - [2015/02/22 16:16:37 | 002,901,504 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\15022203\algo.dll
MOD - [2015/02/22 09:39:44 | 000,105,712 | ---- | M] () -- C:\Program Files\Krab Web\bin\KrabWeb.BrowserAdapter.exe
MOD - [2015/02/22 09:39:40 | 000,197,360 | ---- | M] () -- C:\Program Files\Krab Web\bin\9d5a2aa0d2434ec9aa58.dll
MOD - [2015/02/21 10:55:02 | 000,205,040 | ---- | M] () -- C:\Program Files\Krab Web\bin\KrabWeb.BRT.Helper.exe
MOD - [2015/02/10 11:27:20 | 002,902,528 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\15021001\algo.dll
MOD - [2014/10/30 19:11:27 | 000,428,424 | ---- | M] () -- C:\Program Files\Driver Tool\Driver Tool\Agent.Communication.XmlSerializers.dll
MOD - [2014/10/30 19:11:16 | 000,686,952 | ---- | M] () -- C:\Program Files\Driver Tool\Driver Tool\ThemePack.DriverTool.dll
MOD - [2014/08/06 22:20:55 | 000,353,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.143\ppgooglenaclpluginchrome.dll
MOD - [2014/08/06 22:20:54 | 014,669,128 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll
MOD - [2014/08/06 22:20:53 | 008,537,928 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.143\pdf.dll
MOD - [2014/08/06 22:20:46 | 001,732,936 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
MOD - [2014/02/13 04:10:30 | 001,840,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\6b024176646a5e1a87a2fe51c20aa071\System.Web.Services.ni.dll
MOD - [2014/02/13 04:10:05 | 011,906,048 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\f0b0625c2db624ba9c97ad1b12490d79\System.Web.ni.dll
MOD - [2014/02/13 04:09:45 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8cd995f00848816e3ec49dc326e3d49b\System.ServiceProcess.ni.dll
MOD - [2014/02/13 04:09:28 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\5c157466d360a10b2c97e94b41ddc588\System.Management.ni.dll
MOD - [2014/02/13 04:07:37 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b6e70acd99dc22e29b7fc8f9ac340c4\System.Configuration.ni.dll
MOD - [2014/02/13 03:57:44 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\7faf645dc46781225cb722edf9e1e738\System.Xml.ni.dll
MOD - [2014/02/13 03:56:55 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1cdfe1998ad6794db3237006906c6fa2\System.Windows.Forms.ni.dll
MOD - [2014/02/13 03:54:46 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\424bff3295c6e7539cc6df62b9425bd0\System.Drawing.ni.dll
MOD - [2014/02/13 03:52:39 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\af8afdcab485e00a04b18ed487981f3d\System.Data.ni.dll
MOD - [2014/02/13 03:36:34 | 003,194,880 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2014/02/13 03:36:31 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2014/02/13 03:36:29 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2014/02/13 03:36:22 | 000,372,736 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2014/02/13 03:36:18 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2014/02/13 03:36:12 | 002,052,096 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2014/02/13 03:36:07 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2014/02/13 03:24:35 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4b0455ae94e3cecca4bb3ba8c96828c9\System.ni.dll
MOD - [2014/02/13 03:15:10 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\dae02331a443fb52216ca83292cb2f21\mscorlib.ni.dll
MOD - [2014/02/10 12:44:24 | 004,592,128 | ---- | M] () -- C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libGLESv2.dll
MOD - [2014/02/10 12:44:24 | 000,112,128 | ---- | M] () -- C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libEGL.dll
MOD - [2013/01/02 01:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2012/05/30 19:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/05/30 19:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/02/15 03:28:16 | 001,218,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\b1b57351a88c0c9c46bd9424347336ea\System.Management.ni.dll
MOD - [2012/02/15 03:11:05 | 000,786,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\47a2b7b2fa872de3078d49d0a4c10cb2\System.EnterpriseServices.ni.dll
MOD - [2012/02/15 03:11:04 | 000,236,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\47a2b7b2fa872de3078d49d0a4c10cb2\System.EnterpriseServices.Wrapper.dll
MOD - [2012/02/15 03:11:02 | 000,646,656 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\c3a03bb69e38f5ed9ebce72d48a722ef\System.Transactions.ni.dll
MOD - [2012/02/15 03:05:41 | 006,798,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\97586cdb698c29ba95fd83e44a0c0ca6\System.Data.ni.dll
MOD - [2012/02/15 03:05:04 | 007,054,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\a2b1103ad3d9f329e0c9164994137c81\System.Core.ni.dll
MOD - [2012/02/15 03:05:00 | 005,618,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\21071fcc838660d96f10920c4c3cd206\System.Xml.ni.dll
MOD - [2012/02/15 03:04:46 | 000,980,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\363b05dd092178671e56531a9c4999b6\System.Configuration.ni.dll
MOD - [2012/02/15 03:04:38 | 009,090,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\3ff4657a86a0e14b4be577969e0ec762\System.ni.dll
MOD - [2011/10/14 02:13:34 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\cfba497fc860b32b8d895f57bf148aa7\Microsoft.VisualC.ni.dll
MOD - [2011/10/14 02:07:53 | 014,407,680 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\52f4f785f7cf45a64606a8e13c8cf04c\mscorlib.ni.dll
MOD - [2011/02/04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2010/11/02 07:33:58 | 000,886,272 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\System.Data.SQLite.dll
MOD - [2008/11/13 13:17:38 | 000,439,616 | ---- | M] () -- C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe
MOD - [2008/11/13 13:15:12 | 001,581,056 | ---- | M] () -- C:\Program Files\Pure Digital Technologies\FlipShare\QtCore4.dll
MOD - [2008/04/13 19:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 19:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/04/02 07:49:20 | 000,355,112 | ---- | M] () -- C:\WINDOWS\system32\msjetoledb40.dll
MOD - [2006/01/06 14:51:00 | 000,266,303 | ---- | M] () -- C:\Program Files\ION\EZ VHS Converter\magengin.dll
MOD - [2004/12/14 12:00:00 | 000,430,080 | ---- | M] () -- C:\Program Files\ION\EZ VHS Converter\FPXLIB.DLL
MOD - [2004/12/01 17:21:22 | 000,180,224 | ---- | M] () -- C:\Program Files\ION\EZ VHS Converter\kgl.dll
MOD - [2004/03/09 14:59:48 | 000,065,536 | ---- | M] () -- C:\WINDOWS\twain_32\ca561a\SnapDetect.exe
MOD - [2003/07/29 20:27:40 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\DLBCPP5C.DLL
 
 
========== Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc -- (gupdatem)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe /svc -- (gupdate)
SRV - [2015/02/22 17:22:21 | 000,407,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Krab Web\bin\utilKrabWeb.exe -- (Util Krab Web)
SRV - [2015/02/22 17:19:09 | 000,407,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Krab Web\updateKrabWeb.exe -- (Update Krab Web)
SRV - [2015/02/15 11:44:58 | 003,660,560 | ---- | M] (Client Connect LTD) [Auto | Running] -- C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2015/01/30 20:39:46 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/30 18:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/10/14 20:31:16 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011/08/01 09:11:38 | 001,091,984 | ---- | M] (Western Digital ) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe -- (WDRulesService)
SRV - [2011/08/01 09:11:36 | 001,592,208 | ---- | M] (Western Digital ) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WDFME.exe -- (WDFMEService)
SRV - [2011/08/01 09:11:32 | 000,263,056 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe -- (WDDMService)
SRV - [2010/08/19 12:08:42 | 000,246,400 | ---- | M] (F5 Networks) [Auto | Running] -- C:\WINDOWS\system32\F5InstallerService.exe -- (F5 Networks Component Installer)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/11/13 13:17:38 | 000,439,616 | ---- | M] () [Auto | Running] -- C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/06/24 19:56:38 | 000,431,384 | ---- | M] (Seagate) [Auto | Running] -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2007/01/18 12:20:24 | 000,024,120 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\Sync\SeaSyncServices.exe -- (Seagate Sync Service)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (bvrp_pci)
DRV - [2015/02/20 17:40:32 | 000,055,824 | ---- | M] (StdLib) [Kernel | Disabled | Running] -- C:\WINDOWS\system32\drivers\{9d5a2aa0-d243-4ec9-aa58-38b5de807918}Gt.sys -- ({9d5a2aa0-d243-4ec9-aa58-38b5de807918}Gt)
DRV - [2015/01/21 09:43:02 | 000,055,824 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\{3847db91-525a-43df-a742-93a5141cafa8}Gt.sys -- ({3847db91-525a-43df-a742-93a5141cafa8}Gt)
DRV - [2015/01/18 03:46:58 | 000,055,824 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\{e7c04031-8387-47b1-afd6-40a369d5c38f}Gt.sys -- ({e7c04031-8387-47b1-afd6-40a369d5c38f}Gt)
DRV - [2012/10/30 18:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/10/30 18:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/10/30 18:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/10/30 18:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/10/30 18:51:57 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/10/30 18:51:56 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012/10/30 18:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/10/04 05:22:16 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2011/10/04 05:22:16 | 000,077,624 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2011/02/10 12:34:28 | 000,987,904 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8192cu.sys -- (RTL8192cu)
DRV - [2010/12/23 09:50:58 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2010/12/23 09:50:58 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2010/12/23 09:50:52 | 000,132,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2010/12/23 09:50:42 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\tdrpman.sys -- (tdrpman)
DRV - [2010/01/25 16:18:51 | 000,033,920 | ---- | M] (F5 Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\covpndrv.sys -- (urvpndrv)
DRV - [2010/01/25 16:18:46 | 000,010,752 | ---- | M] (F5 Networks) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\urfltw2k.sys -- (f5ipfw)
DRV - [2008/09/22 15:22:36 | 000,281,024 | R--- | M] (Trident Multimedia Technologies Co.,Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\0140_ION.sys -- (VCR2PC)
DRV - [2008/04/13 13:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2006/11/10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2005/12/15 13:35:20 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2005/10/17 17:50:06 | 000,245,376 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2500usb.sys -- (WUSB54GPV4SRV)
DRV - [2005/08/17 07:41:08 | 001,022,040 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/02/01 18:18:38 | 000,017,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\bcm42rly.sys -- (BCM42RLY)
DRV - [2003/11/17 22:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 22:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 22:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2002/10/01 13:43:32 | 000,119,798 | ---- | M] (SP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\spca561.sys -- (CA561)
DRV - [2002/02/27 18:12:52 | 000,076,160 | R--- | M] (ATMEL) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ma101rnd.sys -- (USBFVNETR)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.trovi.com...A5F448F68&SSPV=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKCU\..\URLSearchHook: {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL (Pando)
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://www.trovi.com...rchTerms}&SSPV=
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekko.com/ws...q={searchTerms}
IE - HKCU\..\SearchScopes\{48BEE687-4D1F-4DB9-9889-4D4A989E4D28}: "URL" = http://delicious.com...p={searchTerms}
IE - HKCU\..\SearchScopes\{5F31840E-E7B1-4915-8C9D-3E6F22B35D52}: "URL" = http://www.flickr.co...q={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...soft:{language}
IE - HKCU\..\SearchScopes\{81133FE2-8F21-4DCF-9CB8-C5C4C3285F73}: "URL" = http://search.yahoo....f-8&fr=chr-yie8
IE - HKCU\..\SearchScopes\{ED2D00CE-667F-4071-B550-87D4145CD07C}: "URL" = http://rover.ebay.co...e={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = file://C:\Program Files\Krab Web\bin\Pac9064.js
 
========== FireFox ==========
 
FF - prefs.js..browser.search.isUS: true
FF - prefs.js..extensions.enabledAddons: %7B9d5a2aa0-d243-4ec9-aa58-38b5de807918%7D:1.0.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:35.0.1
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Musicnotes.com/Musicnotes Viewer: C:\Program Files\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF - HKLM\Software\MozillaPlugins\@Sibelius.com/Scorch Plugin: C:\Program Files\Musicnotes\npsibelius.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.26.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.26.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/27 19:36:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/12/07 22:00:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\WeightWatchers Browser\components [2015/01/10 12:34:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\WeightWatchers Browser\plugins [2015/01/10 12:53:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2015/01/30 20:39:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2015/01/30 20:39:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/27 19:36:46 | 000,000,000 | ---D | M]
 
[2008/11/23 22:27:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ALEXIS\Application Data\Mozilla\Extensions
[2015/01/30 21:01:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ALEXIS\Application Data\Mozilla\Firefox\Profiles\zs1syjzl.default-1422668321096\extensions
[2015/01/30 20:50:46 | 000,009,690 | ---- | M] () (No name found) -- C:\Documents and Settings\ALEXIS\Application Data\Mozilla\Firefox\Profiles\zs1syjzl.default-1422668321096\extensions\{9d5a2aa0-d243-4ec9-aa58-38b5de807918}.xpi
[2015/01/30 20:39:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2015/01/30 20:39:24 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2015/01/30 20:39:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2015/01/30 20:39:50 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/04/18 10:56:34 | 000,118,784 | ---- | M] (CANON INC.) -- C:\Program Files\mozilla firefox\plugins\MyCamera.dll
[2008/04/18 10:55:58 | 000,053,248 | ---- | M] (CANON INC.) -- C:\Program Files\mozilla firefox\plugins\NPCIG.dll
[2011/07/19 04:05:25 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009/05/12 16:38:33 | 000,024,668 | ---- | M] (Pando Networks, Inc.) -- C:\Program Files\mozilla firefox\plugins\NPPandBr.dll
[2009/04/23 10:57:14 | 000,239,432 | ---- | M] (Pando Networks) -- C:\Program Files\mozilla firefox\plugins\npPandoWebInst.dll
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\36.0.1985.143\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java™ Platform SE 6 U13 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java™ Platform SE 6 U13 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft® Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Chrome NaCl (Enabled) = C:\Program Files\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\36.0.1985.143\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 6.0\Reader\Browser\nppdf32.dll
CHR - plugin: Canon Online Photo Plugin Module (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPCIG.dll
CHR - plugin: Musicnotes (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npmusicn.dll
CHR - plugin: Pando Toolbar Plugin Stub (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPPandBr.dll
CHR - plugin: Pando Web Installer (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
CHR - plugin: ScorchPlugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPSibelius.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: YouTube = C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: YouTube = C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: Google Search = C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Krab Web = C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\febkdjgmamneemglhikdhgmoejlneehc\1.0.1_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: No name found = C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lpokjbnkbdmombjfkpbdchcgohaelldk\1.0\
CHR - Extension: No name found = C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mniemiglepnbomengdhcdgigldjaioek\1.0\
CHR - Extension: Google Wallet = C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: Download and Sa = C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pndndplglkleohabdcogjfjlnkejfglh\7.1_0\
 
O1 HOSTS File: ([2011/07/29 20:16:25 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (Pando Search Assistant BHO) - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL (Pando)
O2 - BHO: (CInterceptor Object) - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll (Pando Networks)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll File not found
O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll File not found
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Download and Sa Class) - {6081698E-7272-E96C-7B4A-A278CB7097F8} - C:\Documents and Settings\All Users\Application Data\Download and Sa\5099edaabd416.ocx ()
O2 - BHO: (blekko search bar) - {636a1cf4-2af8-462e-ba54-5f0d75ad6eef} - C:\Program Files\blekkotb_026\blekkotb_019X.dll ()
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Pando Toolbar BHO) - {E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL (Pando)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (Krab Web 1.0.0.7) - {feadf62f-aec2-46a1-a087-40149f311df9} - C:\Program Files\Krab Web\KrabWebBHO.dll (Krab Web)
O3 - HKLM\..\Toolbar: (blekko search bar) - {636a1cf4-2af8-462e-ba54-5f0d75ad6eef} - C:\Program Files\blekkotb_026\blekkotb_019X.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Pando Toolbar) - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL (Pando)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Pando Toolbar) - {E3EA4FD9-CADE-4AE5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL (Pando)
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray File not found
O4 - HKCU..\Run: [ALconnect] C:\Documents and Settings\ALEXIS\Application Data\DirectLife\ALconnect\ALconnect.exe (Koninklijke Philips N.V.)
O4 - HKCU..\Run: [Driver Tool] C:\Program Files\Driver Tool\Driver Tool\DriverTool.exe (PC Drivers Headquarters)
O4 - HKCU..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AtHomeConnect.lnk = C:\Program Files\AtHomeConnect\AtHomeConnect.exe (HR Block                            )
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EZ VHS Converter Monitor.lnk = C:\Program Files\ION\EZ VHS Converter\MediaTVMonitor.exe (ADS Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SnapDetect.lnk = C:\WINDOWS\twain_32\ca561a\SnapDetect.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WD Quick View.lnk = C:\Program Files\Western Digital\WD SmartWare\WDDMStatus.exe (Western Digital Technologies, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O15 - HKCU\..Trusted Domains: weightwatchers.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: weightwatchers.com ([]https in Trusted sites)
O16 - DPF: {00627E89-A19D-4A2B-938B-059CB7B1B493} file://C:/Program Files/F5 VPN/F5_TMP/f5certchk.cab (F5 Networks Certificate Checker)
O16 - DPF: {195538FD-1C39-44B1-A7C3-5D7137A8A8F1} file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab (OPSWAT AntiViruses Class)
O16 - DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} file://C:/Program Files/F5 VPN/F5_TMP/cachecleaner.cab (F5 Networks CacheCleaner)
O16 - DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} file://C:/Program Files/F5 VPN/F5_TMP/urxvpn.cab (F5 Networks VPN Manager)
O16 - DPF: {30CF9713-6614-4556-B5F5-66F8C7F9DEF1} file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab (OPSWAT FireWalls Class)
O16 - DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} file://C:/Program Files/F5 VPN/F5_TMP/f5tunsrv.cab (F5 Networks Dynamic Application Tunnel Control)
O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} file://C:/Program Files/F5 VPN/F5_TMP/InstallerControl.cab (F5 Networks Auto Update)
O16 - DPF: {49EC7987-E331-44E3-B170-748B58A268B9} file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab (OPSWAT ProcessesScanner Class)
O16 - DPF: {57C76689-F052-487B-A19F-855AFDDF28EE} file://C:/Program Files/F5 VPN/F5_TMP/f5InspectionHost.cab  (F5 Networks Policy Agent Host Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1364587138156 (WUWebControl Class)
O16 - DPF: {7584c670-2274-4efb-b00b-d6aaba6d3850} file://C:/Program Files/F5 VPN/F5_TMP/msrdp.cab (Microsoft RDP Client Control (redist))
O16 - DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} file://C:/Program Files/F5 VPN/F5_TMP/vdeskctrl.cab (F5 Virtual Sandbox Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {8F6AFB67-F834-4227-94A7-A51377E0678E} file://C:/Program Files/F5 VPN/F5_TMP/f5GroupPolicyAgent.cab (F5 Networks Group Policy Control)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} file://C:/Program Files/F5 VPN/F5_TMP/urxshost.cab (F5 Networks SuperHost Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} file://C:/Program Files/F5 VPN/F5_TMP/urxhost.cab (F5 Networks Host Control)
O16 - DPF: {E615C9EA-AD69-4AE9-83C9-9D906A0ACA6D} file://C:/Program Files/F5 VPN/F5_TMP/f5syschk.cab (F5 Networks OS Policy Agent)
O16 - DPF: {EBDC91CB-F23F-477D-B152-3F7243760D04} file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab (F5 Networks OPSWAT Helper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E39239C1-0D13-4B7F-BF28-905EA0076D36}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F721F1C6-3135-40A6-8BA7-367B9A6172FE}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\SearchProtect\SearchProtect\bin\VC32Loader.dll) - C:\Program Files\SearchProtect\SearchProtect\bin\VC32Loader.dll (Client Connect LTD)
O20 - AppInit_DLLs: (c:\progra~1\sw_boo~1\assist~1.dll) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 05:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{141e348d-ebdd-11e2-87a3-08863b50be52}\Shell - "" = AutoRun
O33 - MountPoints2\{141e348d-ebdd-11e2-87a3-08863b50be52}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{141e348d-ebdd-11e2-87a3-08863b50be52}\Shell\AutoRun\command - "" = F:\VZW_Software_upgrade_assistant.exe
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (aswBoot.exe /M:169665ee4cd895 /dir:"C:\Program Files\AVAST Software\Avast")
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2015/02/21 01:05:51 | 000,055,824 | ---- | C] (StdLib) -- C:\WINDOWS\System32\drivers\{9d5a2aa0-d243-4ec9-aa58-38b5de807918}Gt.sys
[2015/02/19 04:33:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALEXIS\Local Settings\Application Data\avayvxvaxc
[2015/02/11 03:00:19 | 000,000,000 | ---D | C] -- C:\36214cac5ce97b097c7eed098d0209
[2015/02/03 02:35:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\SearchProtect
[2015/01/30 20:39:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2015/01/30 20:34:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALEXIS\Desktop\Old Firefox Data
[2015/01/30 19:43:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\424f222c0000415c
[2015/01/25 13:39:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALEXIS\Application Data\BRT
[2009/07/04 17:48:17 | 000,283,952 | ---- | C] (Musicnotes, Inc.) -- C:\Program Files\npmusicn.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2015/02/22 20:53:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2015/02/22 20:51:00 | 000,000,994 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-1009UA.job
[2015/02/22 20:43:06 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2015/02/22 20:43:03 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2015/02/22 20:02:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\TidyNetwork Update.job
[2015/02/22 20:01:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-501UA.job
[2015/02/22 17:50:59 | 000,000,972 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-1009Core.job
[2015/02/22 10:00:00 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2015/02/21 22:01:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-501Core.job
[2015/02/20 17:40:32 | 000,055,824 | ---- | M] (StdLib) -- C:\WINDOWS\System32\drivers\{9d5a2aa0-d243-4ec9-aa58-38b5de807918}Gt.sys
[2015/02/20 07:22:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2015/02/17 11:29:00 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\Driver Tool-RTMRules.job
[2015/02/17 09:26:00 | 000,000,456 | ---- | M] () -- C:\WINDOWS\tasks\Driver Tool-RTMUpdater.job
[2015/02/12 23:10:50 | 000,133,120 | ---- | M] () -- C:\Documents and Settings\ALEXIS\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2015/02/11 19:49:07 | 000,000,458 | ---- | M] () -- C:\WINDOWS\tasks\Driver Tool-RTMScan.job
[2015/02/10 13:26:46 | 000,000,224 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2015/02/10 12:50:06 | 000,482,976 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2015/02/10 12:50:06 | 000,080,380 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2015/02/10 12:44:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015/02/09 07:44:57 | 000,000,218 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2015/02/09 07:44:12 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2015/02/02 12:51:25 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2099/01/01 12:00:00 | 000,006,456 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\dabukuyi
[2014/08/31 10:28:19 | 000,000,394 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2014/03/09 16:52:06 | 000,137,371 | ---- | C] () -- C:\WINDOWS\HPHins15.dat
[2014/03/09 16:52:06 | 000,002,828 | ---- | C] () -- C:\WINDOWS\hphmdl15.dat
[2011/06/17 23:19:47 | 000,017,406 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\037ta678tf55b13niyu466uwy36t77
[2011/06/17 23:19:47 | 000,017,390 | -HS- | C] () -- C:\Documents and Settings\ALEXIS\Local Settings\Application Data\037ta678tf55b13niyu466uwy36t77
[2010/12/12 17:38:31 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ALEXIS\Ÿ9Ÿ9
[2010/04/30 23:09:57 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ALEXIS\Local Settings\Application Data\prvlcl.dat
[2009/08/26 21:13:43 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\ALEXIS\Application Data\$_hpcst$.hpc
[2008/11/27 11:52:41 | 000,133,120 | ---- | C] () -- C:\Documents and Settings\ALEXIS\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/23 17:10:41 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\ALEXIS\Local Settings\Application Data\fusioncache.dat
 
========== ZeroAccess Check ==========
 
[2005/08/16 05:39:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2013/02/06 05:48:44 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2009/09/20 10:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\Blackberry Desktop
[2013/03/29 14:16:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\blekkotb_019
[2013/03/29 15:09:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\blekkotb_026
[2015/01/25 13:39:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\BRT
[2014/10/19 04:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\DirectLife
[2008/11/27 12:43:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\Leadertech
[2012/01/06 22:56:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\Musicnotes
[2009/09/20 09:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\Research In Motion
[2012/11/07 00:11:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\SendSpace
[2015/01/30 19:13:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\SoftwareUpdater
[2012/12/14 16:33:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\SyncTunesDesktop
[2014/02/08 17:06:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\TaxCut
[2015/01/30 19:13:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\VOPackage
[2013/07/14 08:58:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\WDC
[2013/11/28 09:43:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2015/01/30 19:43:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\424f222c0000415c
[2014/08/31 10:28:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\72d26ccea46796d7
[2009/03/01 18:33:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2012/11/07 00:11:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor
[2011/07/29 22:39:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2010/10/14 22:16:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2012/11/07 00:13:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\blekko toolbars
[2011/07/09 12:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\dG28258OmOeO28258
[2005/08/16 21:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2013/03/29 14:16:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Download and Sa
[2014/03/09 16:33:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Tool
[2010/01/24 16:13:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\dumizuyo
[2014/08/31 10:28:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2011/02/13 20:47:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MakeMusic
[2010/10/14 22:10:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009/07/04 18:16:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes
[2014/08/31 10:28:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PoriceChoOp
[2012/11/07 00:11:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Premium
[2008/11/27 11:51:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pure Digital Technologies
[2010/02/03 12:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\rimasafi
[2012/11/07 00:12:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2014/08/31 10:28:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SaveMiaSs
[2010/12/23 09:51:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2014/02/08 15:28:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TaxCut
[2009/12/13 12:50:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2014/10/30 19:11:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2014/08/31 10:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VenusApp Software
[2009/03/01 18:33:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2013/03/29 15:26:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Western Digital
[2010/01/24 16:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\wizunure
[2010/02/03 12:08:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\yiyizesa
[2010/01/24 16:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\zopiwaka
[2010/12/23 13:01:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/12/13 10:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
 
========== Purity Check ==========
 
 
 
< End of report >
 

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP
 
Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer
 
NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.
 
Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).
 
scan-results.jpg
 
Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
 
The report will be saved in the C:\AdwCleaner folder.
 
 
 
Junkware-Removal-Tool
 
Please download Junkware Removal Tool to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
  • Pause your anti-virus.  Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  •  
     
     
    Please download Farbar Recovery Scan Tool and save it to your Desktop. 
     
    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. 
     
    •  
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. 
  • Press Scan button. 
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here. 
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. 
  •  
     
     
    Copy the text in the code box:
     
    DRIVES
    nnetsvcs
    %SYSTEMDRIVE%\*.exe
    %systemroot%\assembly\GAC_32\*.ini
    %systemroot%\assembly\GAC_64\*.ini
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.exe
    %APPDATA%\*.
    /md5start
    rsvpsp.dll
    pnrpnsp.dll 
    nwprovau.dll
    nlaapi.dll
    napinsp.dll
    mswsock.dll
    winrnr.dll
    wshelper.dll
    services.exe
    atapi.sys
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    csrss.exe
    PrintIsolationHost.exe
    consrv.dll
    user32.dll
    /md5stop
    C:\Windows\assembly\tmp\U\*.* /s
    %systemroot%\*. /mp /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %ProgramFiles%\WINDOWS NT\*.* /s
    %systemroot%\system32\drivers\*.sys /lockedfiles
    CREATERESTOREPOINT
    
     
    Run OTL (Vista or Win 7 => right click and Run As Administrator)
     
    Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes
     
    Select the All option in the Extra Registry group then Run Scan.
     
    You should get two logs.  Please copy and paste both of them.
     
    Ron

    • 0

    #3
    alexisstephani

    alexisstephani

      Member

    • Topic Starter
    • Member
    • PipPip
    • 33 posts

    # AdwCleaner v4.111 - Logfile created 24/02/2015 at 08:29:31
    # Updated 18/02/2015 by Xplode
    # Database : 2015-02-18.3 [Server]
    # Operating system : Microsoft Windows XP Service Pack 3 (x86)
    # Username : ALEXIS - DH75M091
    # Running from : C:\Documents and Settings\ALEXIS\My Documents\Downloads\AdwCleaner.exe
    # Option : Cleaning

    ***** [ Services ] *****

    Service Deleted : CltMngSvc
    Service Deleted : Viewpoint Manager Service
    Service Deleted : YahooAUService
    [#] Service Deleted : Update Krab Web
    [#] Service Deleted : Util Krab Web
    [#] Service Deleted : {3847db91-525a-43df-a742-93a5141cafa8}Gt
    [#] Service Deleted : {9d5a2aa0-d243-4ec9-aa58-38b5de807918}t
    [#] Service Deleted : {e7c04031-8387-47b1-afd6-40a369d5c38f}Gt

    ***** [ Files / Folders ] *****

    Folder Deleted : C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\blekko toolbars
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\Download and Sa
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\Premium
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\PoriceChoOp
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\SaveMiaSs
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\424f222c0000415c
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\72d26ccea46796d7
    Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\Download and Sa
    Folder Deleted : C:\Program Files\PepperZip
    Folder Deleted : C:\Program Files\SearchProtect
    Folder Deleted : C:\Program Files\Viewpoint
    [!] Folder Deleted : C:\Program Files\Krab Web
    Folder Deleted : C:\Program Files\PoriceChoOp
    Folder Deleted : C:\Program Files\SaveMiaSs
    [!] Folder Deleted : C:\Program Files\Krab Web
    Folder Deleted : C:\DOCUME~1\ALEXIS\LOCALS~1\Temp\Krab Web
    Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Chromatic Browser
    Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\torch
    Folder Deleted : C:\Documents and Settings\ALEX\Local Settings\Application Data\Chromatic Browser
    Folder Deleted : C:\Documents and Settings\ALEX\Local Settings\Application Data\torch
    Folder Deleted : C:\Documents and Settings\ALEX\Application Data\HPAppData
    Folder Deleted : C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Chromatic Browser
    Folder Deleted : C:\Documents and Settings\ALEXIS\Local Settings\Application Data\ConvertAd
    Folder Deleted : C:\Documents and Settings\ALEXIS\Local Settings\Application Data\PackageAware
    Folder Deleted : C:\Documents and Settings\ALEXIS\Local Settings\Application Data\SearchProtect
    Folder Deleted : C:\Documents and Settings\ALEXIS\Local Settings\Application Data\torch
    Folder Deleted : C:\Documents and Settings\ALEXIS\Local Settings\Application Data\visi_coupon
    Folder Deleted : C:\Documents and Settings\ALEXIS\Local Settings\Application Data\wincheck
    Folder Deleted : C:\Documents and Settings\ALEXIS\Application Data\HPAppData
    Folder Deleted : C:\Documents and Settings\ALEXIS\Application Data\SendSpace
    Folder Deleted : C:\Documents and Settings\ALEXIS\Application Data\SoftwareUpdater
    Folder Deleted : C:\Documents and Settings\ALEXIS\Application Data\VOPackage
    Folder Deleted : C:\Documents and Settings\ALEXIS\Start Menu\Programs\PepperZip
    Folder Deleted : C:\Documents and Settings\ALEXIS\Start Menu\Programs\VOPackage
    Folder Deleted : C:\Documents and Settings\CATHYLYNN\Local Settings\Application Data\Chromatic Browser
    Folder Deleted : C:\Documents and Settings\CATHYLYNN\Local Settings\Application Data\torch
    Folder Deleted : C:\Documents and Settings\CATHYLYNN\Application Data\HPAppData
    Folder Deleted : C:\Documents and Settings\CATHYLYNN\Application Data\Viewpoint
    Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Application Data\Chromatic Browser
    Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Application Data\torch
    Folder Deleted : C:\Documents and Settings\Guest\Application Data\HPAppData
    Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Chromatic Browser
    Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\torch
    Folder Deleted : C:\Documents and Settings\MARISSA\Local Settings\Application Data\Chromatic Browser
    Folder Deleted : C:\Documents and Settings\MARISSA\Local Settings\Application Data\PackageAware
    Folder Deleted : C:\Documents and Settings\MARISSA\Local Settings\Application Data\SearchProtect
    Folder Deleted : C:\Documents and Settings\MARISSA\Local Settings\Application Data\TidyNetwork
    Folder Deleted : C:\Documents and Settings\MARISSA\Local Settings\Application Data\torch
    Folder Deleted : C:\Documents and Settings\MARISSA\Local Settings\Application Data\WordLayers
    Folder Deleted : C:\Documents and Settings\MARISSA\Application Data\HPAppData
    Folder Deleted : C:\Documents and Settings\MARISSA\Application Data\Viewpoint
    Folder Deleted : C:\Documents and Settings\MARISSA\Application Data\catalina – print savings
    Folder Deleted : C:\Documents and Settings\MARISSA\Start Menu\Programs\catalina – print savings
    Folder Deleted : C:\Documents and Settings\Mom's iPod Account\Local Settings\Application Data\Chromatic Browser
    Folder Deleted : C:\Documents and Settings\Mom's iPod Account\Local Settings\Application Data\torch
    Folder Deleted : C:\Documents and Settings\Mom's iPod Account\Application Data\HPAppData
    Folder Deleted : C:\Documents and Settings\NICK\Local Settings\Application Data\Chromatic Browser
    Folder Deleted : C:\Documents and Settings\NICK\Local Settings\Application Data\SearchProtect
    Folder Deleted : C:\Documents and Settings\NICK\Local Settings\Application Data\torch
    Folder Deleted : C:\Documents and Settings\NICK\Application Data\HPAppData
    Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser
    Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\torch
    Folder Deleted : C:\Documents and Settings\MARISSA\Application Data\Mozilla\Firefox\Profiles\t1yqzknt.default\Extensions\tidynetwork@tidynetwork
    Folder Deleted : C:\Documents and Settings\ALEX\Application Data\Mozilla\Firefox\Profiles\d6mjed2a.default\Extensions\[email protected]
    Folder Deleted : C:\Documents and Settings\ALEX\Application Data\Mozilla\Firefox\Profiles\d6mjed2a.default\Extensions\[email protected]
    [!] Folder Deleted : C:\Documents and Settings\MARISSA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gjkpcnacdgdlpfejlgflolpaigoicibh
    [!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lpokjbnkbdmombjfkpbdchcgohaelldk
    [!] Folder Deleted : C:\Documents and Settings\ALEX\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lpokjbnkbdmombjfkpbdchcgohaelldk
    [!] Folder Deleted : C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lpokjbnkbdmombjfkpbdchcgohaelldk
    [!] Folder Deleted : C:\Documents and Settings\CATHYLYNN\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lpokjbnkbdmombjfkpbdchcgohaelldk
    [!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lpokjbnkbdmombjfkpbdchcgohaelldk
    [!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lpokjbnkbdmombjfkpbdchcgohaelldk
    [!] Folder Deleted : C:\Documents and Settings\MARISSA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lpokjbnkbdmombjfkpbdchcgohaelldk
    [!] Folder Deleted : C:\Documents and Settings\Mom's iPod Account\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lpokjbnkbdmombjfkpbdchcgohaelldk
    [!] Folder Deleted : C:\Documents and Settings\NICK\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lpokjbnkbdmombjfkpbdchcgohaelldk
    [!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lpokjbnkbdmombjfkpbdchcgohaelldk
    [!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mniemiglepnbomengdhcdgigldjaioek
    [!] Folder Deleted : C:\Documents and Settings\ALEX\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mniemiglepnbomengdhcdgigldjaioek
    [!] Folder Deleted : C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mniemiglepnbomengdhcdgigldjaioek
    [!] Folder Deleted : C:\Documents and Settings\CATHYLYNN\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mniemiglepnbomengdhcdgigldjaioek
    [!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mniemiglepnbomengdhcdgigldjaioek
    [!] Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mniemiglepnbomengdhcdgigldjaioek
    [!] Folder Deleted : C:\Documents and Settings\MARISSA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mniemiglepnbomengdhcdgigldjaioek
    [!] Folder Deleted : C:\Documents and Settings\Mom's iPod Account\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mniemiglepnbomengdhcdgigldjaioek
    [!] Folder Deleted : C:\Documents and Settings\NICK\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mniemiglepnbomengdhcdgigldjaioek
    [!] Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mniemiglepnbomengdhcdgigldjaioek
    [!] Folder Deleted : C:\Documents and Settings\ALEX\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
    [!] Folder Deleted : C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
    [!] Folder Deleted : C:\Documents and Settings\CATHYLYNN\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
    [!] Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
    [!] Folder Deleted : C:\Documents and Settings\MARISSA\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
    [!] Folder Deleted : C:\Documents and Settings\Mom's iPod Account\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
    [!] Folder Deleted : C:\Documents and Settings\NICK\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
    [!] Folder Deleted : C:\Documents and Settings\ALEX\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pndndplglkleohabdcogjfjlnkejfglh

     

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.4.2 (02.02.2015:1)
    OS: Microsoft Windows XP x86
    Ran by ALEXIS on Tue 02/24/2015 at 20:05:50.70
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values

    Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\anti-phishing domain advisor
    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
    Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{636a1cf4-2af8-462e-ba54-5f0d75ad6eef}
    Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3236530329-1147617518-3913851753-1005\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06663B51-0D73-4f9f-BCC5-4AA941470AFD}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{06663B51-0D73-4f9f-BCC5-4AA941470AFD}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6081698E-7272-E96C-7B4A-A278CB7097F8}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{6081698E-7272-E96C-7B4A-A278CB7097F8}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{636a1cf4-2af8-462e-ba54-5f0d75ad6eef}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{636a1cf4-2af8-462e-ba54-5f0d75ad6eef}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{636a1cf4-2af8-462e-ba54-5f0d75ad6eef}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4}
    Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06663B51-0D73-4f9f-BCC5-4AA941470AFD}
    Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{06663B51-0D73-4f9f-BCC5-4AA941470AFD}
    Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6081698E-7272-E96C-7B4A-A278CB7097F8}
    Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{6081698E-7272-E96C-7B4A-A278CB7097F8}
    Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{636a1cf4-2af8-462e-ba54-5f0d75ad6eef}
    Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{636a1cf4-2af8-462e-ba54-5f0d75ad6eef}
    Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4}
    Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4}



    ~~~ Files

    Successfully deleted: [File] C:\WINDOWS\Tasks\Driver Tool-RTMRules.job
    Successfully deleted: [File] C:\WINDOWS\Tasks\Driver Tool-RTMScan.job
    Successfully deleted: [File] C:\WINDOWS\Tasks\Driver Tool-RTMUpdater.job
    Successfully deleted: [File] C:\WINDOWS\prefetch\DRIVERTOOL.EXE-38649AC5.pf
    Successfully deleted: [File] "C:\WINDOWS\wininit.ini"



    ~~~ Folders

    Successfully deleted: [Folder] "C:\Documents and Settings\ALEXIS\Local Settings\Application Data\pc_drivers_headquarters"
    Successfully deleted: [Folder] "C:\Program Files\sw_booster"





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Tue 02/24/2015 at 20:13:42.22
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-02-2015
    Ran by ALEXIS (administrator) on DH75M091 on 24-02-2015 20:20:16
    Running from C:\Documents and Settings\ALEXIS\My Documents\Downloads
    Loaded Profiles: ALEXIS & NICK (Available profiles: ALEXIS & CATHYLYNN & NICK & MARISSA & ALEX & Mom's iPod Account & Administrator & Guest)
    Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
    Internet Explorer Version 8 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Lexmark International, Inc.) C:\WINDOWS\system32\LEXBCES.EXE
    (ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
    (Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
    (F5 Networks) C:\WINDOWS\system32\F5InstallerService.exe
    () C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe
    (Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
    (Seagate Technology LLC) C:\Program Files\Seagate\Sync\SeaSyncServices.exe
    (Seagate) C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
    (WDC) C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
    (Western Digital ) C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
    (Canon Inc.) C:\Program Files\Canon\CAL\CALMAIN.exe
    (Microsoft Corporation) C:\WINDOWS\system32\fxssvc.exe
    (Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
    (Western Digital ) C:\Program Files\Western Digital\WD SmartWare\WDFME.exe
    (Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
    (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
    (Microsoft Corporation) C:\36214cac5ce97b097c7eed098d0209\mrtstub.exe
    (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
    () C:\Program Files\Krab Web\updateKrabWeb.exe
    () C:\Program Files\Krab Web\bin\utilKrabWeb.exe
    () C:\Program Files\Krab Web\bin\KrabWeb.BrowserAdapter.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2005-07-20] (Intel Corporation)
    HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [114688 2005-07-20] (Intel Corporation)
    HKLM\...\Run: [dla] => C:\WINDOWS\system32\dla\tfswctrl.exe [127035 2004-12-06] (Sonic Solutions)
    HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [86960 2006-09-11] (Macrovision Corporation)
    HKLM\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4297136 2012-10-30] (AVAST Software)
    HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
    HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [109056 2008-07-04] (ArcSoft Inc.)
    HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
    HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
    HKLM\...\Run: [Malwarebytes' Anti-Malware] => "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
    HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
    HKLM\...\Policies\Explorer: [NoCDBurning] 0
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\...\Run: [ISUSPM] => "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-13] (Microsoft Corporation)
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\...\Run: [Driver Tool] => C:\Program Files\Driver Tool\Driver Tool\DriverTool.exe [4785496 2014-10-30] (PC Drivers Headquarters)
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\...\Run: [ALconnect] => C:\Documents and Settings\ALEXIS\Application Data\DirectLife\ALconnect\ALconnect.exe [1399320 2014-10-19] (Koninklijke Philips N.V.)
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\...\MountPoints2: {141e348d-ebdd-11e2-87a3-08863b50be52} - F:\VZW_Software_upgrade_assistant.exe
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\...\MountPoints2: {361ac05d-0e0d-11da-9aa9-806d6172696f} - E:\setup.exe
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1007\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1007\...\Run: [H/PC Connection Agent] => "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1007\...\Run: [ISUSPM] => "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1007\...\MountPoints2: {361ac05d-0e0d-11da-9aa9-806d6172696f} - E:\setup.exe
    Lsa: [Authentication Packages] msv1_0 relog_ap
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AtHomeConnect.lnk
    ShortcutTarget: AtHomeConnect.lnk -> C:\Program Files\AtHomeConnect\AtHomeConnect.exe (HR Block                            )
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
    ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\dlbcserv.lnk
    ShortcutTarget: dlbcserv.lnk -> C:\Program Files\Dell Photo Printer 720\dlbcserv.exe ()
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EZ VHS Converter Monitor.lnk
    ShortcutTarget: EZ VHS Converter Monitor.lnk -> C:\Program Files\ION\EZ VHS Converter\MediaTVMonitor.exe (ADS Corp.)
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
    ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SnapDetect.lnk
    ShortcutTarget: SnapDetect.lnk -> C:\WINDOWS\twain_32\ca561a\SnapDetect.exe ()
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WD Quick View.lnk
    ShortcutTarget: WD Quick View.lnk -> C:\Program Files\Western Digital\WD SmartWare\WDDMStatus.exe (Western Digital Technologies, Inc.)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
    ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
    ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
    ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
    ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
    ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
    ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
    BootExecute: autocheck autochk * aswBoot.exe /M:169665ee4cd895 /dir:"C:\Program Files\AVAST Software\Avast"
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1007\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=fp-yie8
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1007\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1007\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1007\Software\Microsoft\Internet Explorer\Main,First Home Page = http://downloads.yah...xplorer/welcome
    URLSearchHook: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005 - (No Name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL (Pando)
    URLSearchHook: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005 - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
    URLSearchHook: HKU\S-1-5-21-3236530329-1147617518-3913851753-1007 - (No Name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} -  No File
    URLSearchHook: HKU\S-1-5-21-3236530329-1147617518-3913851753-1007 - (No Name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL (Pando)
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
    SearchScopes: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
    SearchScopes: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005 -> {48BEE687-4D1F-4DB9-9889-4D4A989E4D28} URL = http://delicious.com...p={searchTerms}
    SearchScopes: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005 -> {5F31840E-E7B1-4915-8C9D-3E6F22B35D52} URL = http://www.flickr.co...q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.co...soft:{language}
    SearchScopes: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005 -> {81133FE2-8F21-4DCF-9CB8-C5C4C3285F73} URL = http://search.yahoo....f-8&fr=chr-yie8
    SearchScopes: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005 -> {ED2D00CE-667F-4071-B550-87D4145CD07C} URL = http://rover.ebay.co...e={searchTerms}
    SearchScopes: HKU\S-1-5-21-3236530329-1147617518-3913851753-1007 -> DefaultScope {FFC6ACC2-EC35-449B-A9EE-4CA29A455D64} URL = http://search.yahoo....f-8&fr=chr-yie8
    SearchScopes: HKU\S-1-5-21-3236530329-1147617518-3913851753-1007 -> {64875A55-CE35-4A15-AB7D-BC5A6F312EEF} URL = http://www.flickr.co...q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3236530329-1147617518-3913851753-1007 -> {8E59AF1B-03C5-495D-AF3D-54E5119677BA} URL = http://rover.ebay.co...e={searchTerms}
    SearchScopes: HKU\S-1-5-21-3236530329-1147617518-3913851753-1007 -> {F3010E48-2E83-4161-BB29-410712E55B06} URL = http://delicious.com...p={searchTerms}
    SearchScopes: HKU\S-1-5-21-3236530329-1147617518-3913851753-1007 -> {FFC6ACC2-EC35-449B-A9EE-4CA29A455D64} URL = http://search.yahoo....f-8&fr=chr-yie8
    BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
    BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    BHO: CInterceptor Object -> {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} -> C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll (Pando Networks)
    BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG9\avgssie.dll No File
    BHO: No Name -> {4D25F921-B9FE-4682-BF72-8AB8210D6D75} -> C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll No File
    BHO: DriveLetterAccess -> {5CA3D70E-1895-11CF-8E15-001234567890} -> C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
    BHO: avast! WebRep -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
    BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
    BHO: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
    BHO: Krab Web 1.0.0.7 -> {feadf62f-aec2-46a1-a087-40149f311df9} -> C:\Program Files\Krab Web\KrabWebBHO.dll No File
    BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
    Toolbar: HKLM - Pando Toolbar - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL (Pando)
    Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
    Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    Toolbar: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005 -> Pando Toolbar - {E3EA4FD9-CADE-4AE5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL (Pando)
    DPF: {00627E89-A19D-4A2B-938B-059CB7B1B493} file://C:/Program Files/F5 VPN/F5_TMP/f5certchk.cab
    DPF: {195538FD-1C39-44B1-A7C3-5D7137A8A8F1} file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab
    DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} file://C:/Program Files/F5 VPN/F5_TMP/cachecleaner.cab
    DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} file://C:/Program Files/F5 VPN/F5_TMP/urxvpn.cab
    DPF: {30CF9713-6614-4556-B5F5-66F8C7F9DEF1} file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab
    DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} file://C:/Program Files/F5 VPN/F5_TMP/f5tunsrv.cab
    DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} file://C:/Program Files/F5 VPN/F5_TMP/InstallerControl.cab
    DPF: {49EC7987-E331-44E3-B170-748B58A268B9} file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab
    DPF: {57C76689-F052-487B-A19F-855AFDDF28EE} file://C:/Program Files/F5 VPN/F5_TMP/f5InspectionHost.cab
    DPF: {7584c670-2274-4efb-b00b-d6aaba6d3850} file://C:/Program Files/F5 VPN/F5_TMP/msrdp.cab
    DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} file://C:/Program Files/F5 VPN/F5_TMP/vdeskctrl.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
    DPF: {8F6AFB67-F834-4227-94A7-A51377E0678E} file://C:/Program Files/F5 VPN/F5_TMP/f5GroupPolicyAgent.cab
    DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
    DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} file://C:/Program Files/F5 VPN/F5_TMP/urxshost.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab
    DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} file://C:/Program Files/F5 VPN/F5_TMP/urxhost.cab
    DPF: {E615C9EA-AD69-4AE9-83C9-9D906A0ACA6D} file://C:/Program Files/F5 VPN/F5_TMP/f5syschk.cab
    DPF: {EBDC91CB-F23F-477D-B152-3F7243760D04} file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab
    Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

    FireFox:
    ========
    FF ProfilePath: C:\Documents and Settings\ALEXIS\Application Data\Mozilla\Firefox\Profiles\zs1syjzl.default-1422668321096
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
    FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF Plugin: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
    FF Plugin: @Sibelius.com/Scorch Plugin -> C:\Program Files\Musicnotes\npsibelius.dll ()
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.7\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.7\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @viewpoint.com/VMP -> C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll No File
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\MyCamera.dll (CANON INC.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPCIG.dll (CANON INC.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPPandBr.dll (Pando Networks, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPandoWebInst.dll (Pando Networks)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npViewpoint.dll ()
    FF Extension: Krab Web 1.0.1 - C:\Documents and Settings\ALEXIS\Application Data\Mozilla\Firefox\Profiles\zs1syjzl.default-1422668321096\Extensions\{9d5a2aa0-d243-4ec9-aa58-38b5de807918}.xpi [2015-01-30]
    FF Extension: Skype extension for Firefox - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2015-01-30]
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-22]
    FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-03-27]
    FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-07-29]
    FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
    FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-06-28]
    FF HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

    Chrome:
    =======
    CHR dev: Chrome dev build detected! <======= ATTENTION
    CHR Profile: C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-23]
    CHR Extension: (YouTube) - C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-01-06]
    CHR Extension: (Google Search) - C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-01-06]
    CHR Extension: (No Name) - C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2011-07-29]
    CHR Extension: (No Name) - C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lpokjbnkbdmombjfkpbdchcgohaelldk [2014-08-31]
    CHR Extension: (No Name) - C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mniemiglepnbomengdhcdgigldjaioek [2014-08-31]
    CHR Extension: (Krab Web) - C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\niimnfadmhjonmfnniajjhkpodghlaan [2015-02-24]
    CHR Extension: (Google Wallet) - C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-16]
    CHR Extension: (Gmail) - C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-01-06]
    CHR Extension: (Download and Sa) - C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pndndplglkleohabdcogjfjlnkejfglh [2012-12-07]
    CHR Extension: (Extutil) - C:\DOCUME~1\ALEXIS\LOCALS~1\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2015-01-18]
    CHR Extension: (Managera) - C:\DOCUME~1\ALEXIS\LOCALS~1\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2015-01-18]
    CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2011-07-29]
    CHR HKLM\...\Chrome\Extension: [pndndplglkleohabdcogjfjlnkejfglh] - C:\Documents and Settings\All Users\Application Data\Download and Sa\pndndplglkleohabdcogjfjlnkejfglh.crx [Not Found]

    ========================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808 2012-10-30] (AVAST Software)
    R2 CCALib8; C:\Program Files\Canon\CAL\CALMAIN.exe [96370 2007-01-31] (Canon Inc.) [File not signed]
    R2 F5 Networks Component Installer; C:\WINDOWS\system32\F5InstallerService.exe [246400 2010-08-19] (F5 Networks) [File not signed]
    R2 FlipShare Service; C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe [439616 2008-11-13] ()
    R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
    R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
    R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-20] (Hewlett-Packard Co.) [File not signed]
    S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
    R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2011-07-19] (Sun Microsystems, Inc.)
    R2 LexBceS; C:\WINDOWS\system32\LEXBCES.EXE [311296 2004-03-04] (Lexmark International, Inc.)
    R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
    S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
    R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
    S3 NetSvc; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [147456 2004-11-19] (Intel® Corporation) [File not signed]
    R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
    R2 Seagate Sync Service; C:\Program Files\Seagate\Sync\SeaSyncServices.exe [24120 2007-01-18] (Seagate Technology LLC)
    R2 SgtSch2Svc; C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe [431384 2008-06-24] (Seagate)
    R2 Update Krab Web; C:\Program Files\Krab Web\updateKrabWeb.exe [396016 2015-02-24] ()
    R2 Util Krab Web; C:\Program Files\Krab Web\bin\utilKrabWeb.exe [396016 2015-02-24] ()

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R1 Aavmker4; C:\WINDOWS\system32\Drivers\Aavmker4.sys [25256 2012-10-30] (AVAST Software)
    S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
    R3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
    R2 ASCTRM; C:\WINDOWS\system32\Drivers\ASCTRM.sys [8552 2005-12-15] (Windows ® 2000 DDK provider) [File not signed]
    R2 aswFsBlk; C:\WINDOWS\system32\Drivers\aswFsBlk.sys [21256 2012-10-30] (AVAST Software)
    R2 aswMon2; C:\WINDOWS\system32\Drivers\aswMon2.sys [97608 2012-10-30] (AVAST Software)
    R1 aswRdr; C:\WINDOWS\system32\Drivers\aswRdr.sys [35928 2012-10-30] (AVAST Software)
    R1 aswSnx; C:\WINDOWS\system32\Drivers\aswSnx.sys [738504 2012-10-30] (AVAST Software)
    R1 aswSP; C:\WINDOWS\system32\Drivers\aswSP.sys [361032 2012-10-30] (AVAST Software)
    R1 aswTdi; C:\WINDOWS\system32\Drivers\aswTdi.sys [54232 2012-10-30] (AVAST Software)
    S3 BCM42RLY; C:\WINDOWS\System32\BCM42RLY.SYS [17992 2005-02-01] (Broadcom Corporation) [File not signed]
    S3 CA561; C:\WINDOWS\System32\Drivers\SPCA561.SYS [119798 2002-10-01] (SP)
    S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
    R0 drvmcdb; C:\WINDOWS\System32\drivers\drvmcdb.sys [87488 2004-12-01] (Sonic Solutions) [File not signed]
    R2 drvnddm; C:\WINDOWS\System32\drivers\drvnddm.sys [40480 2004-11-23] (Sonic Solutions) [File not signed]
    S3 f5ipfw; C:\WINDOWS\system32\drivers\urfltw2k.sys [10752 2010-01-25] (F5 Networks)
    S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2008-10-28] (HP)
    S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2008-10-28] (HP)
    S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2008-10-28] (HP)
    S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
    S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
    S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
    S3 RTL8192cu; C:\WINDOWS\System32\DRIVERS\RTL8192cu.sys [987904 2011-02-10] (Realtek Semiconductor Corporation                           )
    R1 sscdbhk5; C:\WINDOWS\System32\drivers\sscdbhk5.sys [5627 2004-07-14] (Sonic Solutions) [File not signed]
    R1 ssrtln; C:\WINDOWS\System32\drivers\ssrtln.sys [23545 2004-07-14] (Sonic Solutions) [File not signed]
    R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1022040 2005-08-17] (SigmaTel, Inc.)
    R0 tdrpman; C:\WINDOWS\System32\DRIVERS\tdrpman.sys [368480 2010-12-23] (Acronis)
    R2 tfsnboio; C:\WINDOWS\System32\dla\tfsnboio.sys [25883 2004-12-06] (Sonic Solutions) [File not signed]
    R2 tfsncofs; C:\WINDOWS\System32\dla\tfsncofs.sys [34843 2004-12-06] (Sonic Solutions) [File not signed]
    R2 tfsndrct; C:\WINDOWS\System32\dla\tfsndrct.sys [4123 2004-12-06] (Sonic Solutions) [File not signed]
    R2 tfsndres; C:\WINDOWS\System32\dla\tfsndres.sys [2239 2004-12-06] (Sonic Solutions) [File not signed]
    R2 tfsnifs; C:\WINDOWS\System32\dla\tfsnifs.sys [86586 2004-12-06] (Sonic Solutions) [File not signed]
    R2 tfsnopio; C:\WINDOWS\System32\dla\tfsnopio.sys [15227 2004-12-06] (Sonic Solutions) [File not signed]
    R2 tfsnpool; C:\WINDOWS\System32\dla\tfsnpool.sys [6363 2004-12-06] (Sonic Solutions) [File not signed]
    R2 tfsnudf; C:\WINDOWS\System32\dla\tfsnudf.sys [98714 2004-12-06] (Sonic Solutions) [File not signed]
    R2 tfsnudfa; C:\WINDOWS\System32\dla\tfsnudfa.sys [100603 2004-12-06] (Sonic Solutions) [File not signed]
    R2 tifsfilter; C:\WINDOWS\System32\DRIVERS\tifsfilt.sys [44384 2010-12-23] (Acronis)
    R3 urvpndrv; C:\WINDOWS\System32\DRIVERS\covpndrv.sys [33920 2010-01-25] (F5 Networks, Inc.)
    S3 USBFVNETR; C:\WINDOWS\System32\DRIVERS\ma101rnd.sys [76160 2002-02-27] (ATMEL) [File not signed]
    S3 VCR2PC; C:\WINDOWS\System32\DRIVERS\0140_ION.sys [281024 2008-09-22] (Trident Multimedia Technologies Co.,Ltd)
    S3 WUSB54GPV4SRV; C:\WINDOWS\System32\DRIVERS\rt2500usb.sys [245376 2005-10-17] (Ralink Technology Inc.)
    R4 {3847db91-525a-43df-a742-93a5141cafa8}Gt; C:\WINDOWS\System32\drivers\{3847db91-525a-43df-a742-93a5141cafa8}Gt.sys [55824 2015-01-21] (StdLib)
    R4 {9d5a2aa0-d243-4ec9-aa58-38b5de807918}Gt; C:\WINDOWS\System32\drivers\{9d5a2aa0-d243-4ec9-aa58-38b5de807918}Gt.sys [55824 2015-02-20] (StdLib)
    R4 {9d5a2aa0-d243-4ec9-aa58-38b5de807918}t; C:\WINDOWS\System32\drivers\{9d5a2aa0-d243-4ec9-aa58-38b5de807918}t.sys [55824 2015-02-22] (StdLib)
    R4 {e7c04031-8387-47b1-afd6-40a369d5c38f}Gt; C:\WINDOWS\System32\drivers\{e7c04031-8387-47b1-afd6-40a369d5c38f}Gt.sys [55824 2015-01-18] (StdLib)
    S3 bvrp_pci; No ImagePath
    U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
    S3 wanatw; system32\DRIVERS\wanatw4.sys [X]
    U1 WS2IFSL; No ImagePath

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

    NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2099-12-31 63384:163 - 2010-01-24 01:58 - 00006456 ___HC () C:\Documents and Settings\All Users\Application Data\dabukuyi
    2015-02-24 20:19 - 2015-02-24 20:20 - 00000000 ____D () C:\FRST
    2015-02-24 20:13 - 2015-02-24 20:16 - 00005440 _____ () C:\Documents and Settings\ALEXIS\Desktop\JRT.txt
    2015-02-24 07:59 - 2015-02-24 08:29 - 00000000 ____D () C:\AdwCleaner
    2015-02-23 17:45 - 2015-02-23 17:45 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
    2015-02-22 21:23 - 2015-02-22 10:31 - 00055824 _____ (StdLib) C:\WINDOWS\system32\Drivers\{9d5a2aa0-d243-4ec9-aa58-38b5de807918}t.sys
    2015-02-21 01:05 - 2015-02-20 17:40 - 00055824 _____ (StdLib) C:\WINDOWS\system32\Drivers\{9d5a2aa0-d243-4ec9-aa58-38b5de807918}Gt.sys
    2015-02-19 04:33 - 2015-02-22 03:49 - 00000000 ____D () C:\Documents and Settings\ALEXIS\Local Settings\Application Data\avayvxvaxc
    2015-02-11 03:00 - 2015-02-11 19:00 - 00000000 ____D () C:\36214cac5ce97b097c7eed098d0209
    2015-02-03 02:35 - 2015-02-03 02:35 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\SearchProtect
    2015-01-30 20:39 - 2015-01-30 20:39 - 00000000 ____D () C:\Program Files\Mozilla Firefox
    2015-01-30 20:34 - 2015-01-30 20:38 - 00000000 ____D () C:\Documents and Settings\ALEXIS\Desktop\Old Firefox Data
    2015-01-25 13:39 - 2015-01-25 13:39 - 00000000 ____D () C:\Documents and Settings\ALEXIS\Application Data\BRT
    2015-01-25 13:38 - 2015-01-25 13:39 - 00000000 ____D () C:\Documents and Settings\NICK\Application Data\BRT
    2015-01-25 00:34 - 2015-01-25 00:34 - 00000000 ____D () C:\Documents and Settings\MARISSA\Application Data\BRT
    2015-01-25 00:33 - 2015-01-20 17:37 - 00770384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100.dll

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-02-24 20:20 - 2008-11-23 17:10 - 00000000 ____D () C:\Documents and Settings\ALEXIS\Local Settings\Temp
    2015-02-24 20:07 - 2015-01-18 12:21 - 00000000 ____D () C:\Program Files\Krab Web
    2015-02-24 20:07 - 2005-08-16 05:18 - 00001017 _____ () C:\WINDOWS\win.ini
    2015-02-24 20:02 - 2013-11-11 02:02 - 00000366 _____ () C:\WINDOWS\Tasks\TidyNetwork Update.job
    2015-02-24 20:01 - 2009-06-30 00:19 - 00000978 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-501UA.job
    2015-02-24 19:53 - 2012-10-14 20:31 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2015-02-24 19:43 - 2011-07-29 22:40 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2015-02-24 17:51 - 2011-11-10 23:41 - 00000994 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-1009UA.job
    2015-02-24 17:51 - 2011-11-10 23:41 - 00000972 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-1009Core.job
    2015-02-24 16:53 - 2005-08-16 05:49 - 00032532 _____ () C:\WINDOWS\SchedLgU.Txt
    2015-02-24 10:00 - 2012-12-07 22:00 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
    2015-02-24 09:10 - 2005-08-16 05:40 - 01202486 _____ () C:\WINDOWS\WindowsUpdate.log
    2015-02-24 07:50 - 2014-03-29 11:25 - 00000224 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
    2015-02-24 07:50 - 2011-07-29 22:40 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2015-02-24 07:49 - 2008-11-23 22:38 - 00000178 ___SH () C:\Documents and Settings\NICK\ntuser.ini
    2015-02-24 07:49 - 2008-11-23 22:38 - 00000000 ____D () C:\Documents and Settings\NICK\Local Settings\Temp
    2015-02-24 07:49 - 2008-11-23 22:38 - 00000000 ____D () C:\Documents and Settings\NICK
    2015-02-23 22:01 - 2009-06-30 00:19 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-501Core.job
    2015-02-23 17:50 - 2005-08-16 05:35 - 00000395 _____ () C:\WINDOWS\wiadebug.log
    2015-02-23 17:48 - 2009-12-09 03:21 - 00246076 _____ () C:\WINDOWS\setupapi.log
    2015-02-22 21:53 - 2008-11-23 17:10 - 00000278 ___SH () C:\Documents and Settings\ALEXIS\ntuser.ini
    2015-02-22 21:53 - 2008-11-23 17:10 - 00000000 ____D () C:\Documents and Settings\ALEXIS
    2015-02-22 20:48 - 2013-01-07 17:03 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Drive
    2015-02-22 14:30 - 2011-07-10 08:58 - 00096160 _____ () C:\Documents and Settings\ALEXIS\Desktop\OTL.Txt
    2015-02-20 07:22 - 2012-02-18 15:15 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    2015-02-12 23:10 - 2008-11-27 11:52 - 00133120 ____C () C:\Documents and Settings\ALEXIS\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2015-02-11 19:57 - 2005-08-16 05:38 - 00075962 ____C () C:\WINDOWS\wmsetup.log
    2015-02-11 03:00 - 2013-07-29 02:00 - 00000000 ____D () C:\WINDOWS\system32\MRT
    2015-02-11 03:00 - 2008-11-27 10:33 - 113756392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2015-02-10 12:50 - 2005-08-16 05:33 - 00574990 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
    2015-02-10 12:46 - 2005-08-16 05:38 - 00000000 ____D () C:\WINDOWS\Registration
    2015-02-10 12:45 - 2005-08-16 05:35 - 00000049 _____ () C:\WINDOWS\wiaservc.log
    2015-02-10 12:44 - 2005-08-16 05:49 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
    2015-02-10 08:14 - 2008-11-23 22:42 - 00000278 __SHC () C:\Documents and Settings\MARISSA\ntuser.ini
    2015-02-09 10:23 - 2008-11-23 22:42 - 00000000 ____D () C:\Documents and Settings\MARISSA\Local Settings\Temp
    2015-02-09 07:44 - 2014-03-29 11:25 - 00000218 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
    2015-02-09 07:44 - 2005-08-16 05:18 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
    2015-02-07 18:51 - 2012-01-07 10:32 - 00000000 ____D () C:\Documents and Settings\MARISSA\Local Settings\Application Data\HP
    2015-02-07 18:51 - 2009-02-22 13:13 - 00002483 ____C () C:\Documents and Settings\MARISSA\Desktop\Microsoft Word.lnk
    2015-02-07 18:51 - 2009-02-22 12:39 - 00002487 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Excel.lnk
    2015-02-02 12:51 - 2010-03-12 21:31 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
    2015-02-01 17:59 - 2005-12-15 13:16 - 00011792 _____ () C:\WINDOWS\setupact.log
    2015-01-30 20:40 - 2012-05-06 14:36 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
    2015-01-30 19:18 - 2005-08-16 05:49 - 00000000 __SHD () C:\Documents and Settings\LocalService
    2015-01-30 19:17 - 2005-08-16 05:49 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Temp
    2015-01-30 19:11 - 2008-11-23 22:42 - 00000000 ____D () C:\Documents and Settings\MARISSA

    ==================== Files in the root of some directories =======

    2009-07-04 17:48 - 2009-07-04 17:48 - 0283952 ____C (Musicnotes, Inc.) C:\Program Files\npmusicn.dll
    2009-08-26 21:13 - 2009-08-26 21:13 - 0002528 ____C () C:\Documents and Settings\ALEXIS\Application Data\$_hpcst$.hpc
    2011-06-17 23:19 - 2011-06-17 23:35 - 0017390 ___SH () C:\Documents and Settings\ALEXIS\Local Settings\Application Data\037ta678tf55b13niyu466uwy36t77
    2008-11-27 11:52 - 2015-02-12 23:10 - 0133120 ____C () C:\Documents and Settings\ALEXIS\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2008-11-23 17:10 - 2008-11-27 10:59 - 0000129 ____C () C:\Documents and Settings\ALEXIS\Local Settings\Application Data\fusioncache.dat
    2010-04-30 23:09 - 2010-10-14 19:35 - 0000000 ____C () C:\Documents and Settings\ALEXIS\Local Settings\Application Data\prvlcl.dat

    Files to move or delete:
    ====================
    C:\Documents and Settings\MARISSA\4521980.exe


    Some content of TEMP:
    ====================
    C:\Documents and Settings\ALEX\Local Settings\Temp\jre-6u39-windows-i586-iftw.exe
    C:\Documents and Settings\ALEX\Local Settings\Temp\jre-7u15-windows-i586-iftw.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\FastDownload.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\hpqrrx08.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\hpzmsi01.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\hpzscr01.EXE
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\jre-7u15-windows-i586-iftw.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\jre-7u17-windows-i586-iftw.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\jre-7u21-windows-i586-iftw.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\jre-7u45-windows-i586-iftw.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\jre-7u51-windows-i586-iftw.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\jre-7u55-windows-i586-iftw.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\jre-7u60-windows-i586-iftw.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\jre-7u75-windows-i586-iftw.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\Quarantine.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\setup.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\sqlite3.dll
    C:\Documents and Settings\CATHYLYNN\Local Settings\Temp\jre-6u30-windows-i586-iftw-rv.exe
    C:\Documents and Settings\CATHYLYNN\Local Settings\Temp\jre-6u35-windows-i586-iftw.exe
    C:\Documents and Settings\CATHYLYNN\Local Settings\Temp\jre-7u21-windows-i586-iftw.exe
    C:\Documents and Settings\CATHYLYNN\Local Settings\Temp\jre-7u45-windows-i586-iftw.exe
    C:\Documents and Settings\CATHYLYNN\Local Settings\Temp\jre-7u55-windows-i586-iftw.exe
    C:\Documents and Settings\Guest\Local Settings\Temp\jre-6u39-windows-i586-iftw.exe
    C:\Documents and Settings\MARISSA\Local Settings\Temp\jre-6u39-windows-i586-iftw.exe
    C:\Documents and Settings\MARISSA\Local Settings\Temp\jre-7u15-windows-i586-iftw.exe
    C:\Documents and Settings\MARISSA\Local Settings\Temp\jre-7u17-windows-i586-iftw.exe
    C:\Documents and Settings\MARISSA\Local Settings\Temp\jre-7u21-windows-i586-iftw.exe
    C:\Documents and Settings\MARISSA\Local Settings\Temp\jre-7u25-windows-i586-iftw.exe
    C:\Documents and Settings\MARISSA\Local Settings\Temp\jre-7u60-windows-i586-iftw.exe
    C:\Documents and Settings\MARISSA\Local Settings\Temp\jre-7u71-windows-i586-iftw.exe
    C:\Documents and Settings\MARISSA\Local Settings\Temp\lowproc.exe
    C:\Documents and Settings\MARISSA\Local Settings\Temp\stubhelper.dll
    C:\Documents and Settings\Mom's iPod Account\Local Settings\Temp\jre-7u17-windows-i586-iftw.exe
    C:\Documents and Settings\NICK\Local Settings\Temp\jre-7u15-windows-i586-iftw.exe
    C:\Documents and Settings\NICK\Local Settings\Temp\jre-7u17-windows-i586-iftw.exe
    C:\Documents and Settings\NICK\Local Settings\Temp\jre-7u75-windows-i586-iftw.exe
    C:\Documents and Settings\NICK\Local Settings\Temp\Setup.exe


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

    ==================== End Of Log ============================

     

    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-02-2015
    Ran by ALEXIS at 2015-02-24 20:21:46
    Running from C:\Documents and Settings\ALEXIS\My Documents\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
    3ivx MPEG-4 5.0.3 (remove only) (HKLM\...\3ivx MPEG-4 5.0.3) (Version: 5.0.3 - 3ivx Technologies, Pty. Ltd.)
    ActiveLink Connect (HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\...\ActiveLink Connect) (Version: 5.8.0.17220 - Koninklijke Philips Electronics N.V.)
    ActiveLink Connect (Version: 5.8.0.17220 - Koninklijke Philips Electronics N.V.) Hidden
    Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.2.202.235 - Adobe Systems Incorporated)
    Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.2.202.235 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.2) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.2 - Adobe Systems Incorporated)
    AIM 6 (HKLM\...\AIM_6) (Version:  - )
    AIMTunes (HKLM\...\AIMTunes) (Version:  - )
    Anti-phishing Domain Advisor (HKLM\...\Anti-phishing Domain Advisor) (Version: 1.0.0.0 - Visicom Media Inc. (Powered by Panda Security))
    AOLIcon (Version: 1.00.0000 - Dell) Hidden
    Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
    Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    AtHomeConnect version 1.0.1.0 (HKLM\...\{631EFC00-5A7A-4A90-9578-039EDA92DE0F}_is1) (Version: 1.0.1.0 - HRBlock)
    avast! Free Antivirus (HKLM\...\avast) (Version: 7.0.1474.0 - AVAST Software)
    AVG 2011 (Version: 10.0.422 - AVG Technologies) Hidden
    Belkin N300 Micro USB Wireless Adapter (HKLM\...\{B20F9D1C-A0A5-4cd8-8306-DA03872311B1}) (Version: 1.00.0155 - )
    BlackBerry Desktop Software 4.5 (HKLM\...\BlackBerry_{CE5E3F15-320A-4865-97D3-F07227C5BB2F}) (Version: 4.5.0.15 - Research In Motion Ltd.)
    BlackBerry Desktop Software 4.5 (Version: 4.5.0.15 - Research In Motion Ltd.) Hidden
    blekko search bar (HKLM\...\blekkotb_026) (Version: 1.9.12.12 - Visicom Media Inc.) <==== ATTENTION
    Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
    BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
    Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version:  - Alactro LLC) <==== ATTENTION
    C4700 (Version: 130.0.373.000 - Hewlett-Packard) Hidden
    Canon Camera Access Library (HKLM\...\CAL) (Version: 8.4.0.1 - Canon Inc.)
    Canon Camera Support Core Library (HKLM\...\CSCLIB) (Version: 7.3.1.6 - Canon Inc.)
    Canon G.726 WMP-Decoder (HKLM\...\Canon G.726 WMP-Decoder) (Version: 1.1.0.4 - Canon Inc.)
    CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.6.0.12 - Canon Inc.)
    Canon Internet Library for ZoomBrowser EX (HKLM\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.2.7 - Canon Inc.)
    Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 2.6.0.4 - Canon Inc.)
    Canon RAW Image Task for ZoomBrowser EX (HKLM\...\RAW Image Task) (Version: 0.9.3.9 - Canon Inc.)
    Canon ScanGear Toolbox CS 2.2 (HKLM\...\Canon ScanGear Toolbox CS) (Version:  - )
    Canon Utilities CameraWindow (HKLM\...\CameraWindowLauncher) (Version: 7.1.0.2 - Canon Inc.)
    Canon Utilities CameraWindow DC (HKLM\...\CameraWindowDC) (Version: 7.1.0.7 - Canon Inc.)
    Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX (HKLM\...\CameraWindowDVC5) (Version: 5.4.5.17 - Canon Inc.)
    Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM\...\CameraWindowDVC6) (Version: 6.4.2.16 - Canon Inc.)
    Canon Utilities EOS Utility (HKLM\...\EOS Utility) (Version: 1.1.0.8 - Canon Inc.)
    Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 6.4.0.5 - Canon Inc.)
    Canon Utilities MyCamera DC (HKLM\...\MyCameraDC) (Version: 7.0.1.8 - Canon Inc.)
    Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.21.45 - Canon Inc.)
    Canon Utilities RemoteCapture DC (HKLM\...\RemoteCaptureDC) (Version: 3.0.1.8 - Canon Inc.)
    Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM\...\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.)
    Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.1.1.21 - Canon Inc.)
    Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.1.0.8 - Canon Inc.)
    Catalina Savings Printer (HKLM\...\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}) (Version: 1.0.0 - Catalina Marketing Corp) <==== ATTENTION
    Conexant D850 56K V.9x DFVc Modem (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1) (Version:  - )
    ConvertAd (HKLM\...\ConvertAd) (Version: 1.0.0.0 - ConvertAd) <==== ATTENTION
    CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
    D2400 (Version: 90.0.235.000 - Hewlett-Packard) Hidden
    D2400_Help (Version: 90.0.235.000 - Hewlett-Packard) Hidden
    Dell Digital Jukebox Driver (HKLM\...\Dell Digital Jukebox Driver) (Version:  - )
    Dell Driver Reset Tool (HKLM\...\{5905F42D-3F5F-4916-ADA6-94A3646AEE76}) (Version: 1.02.0000 - Dell Inc.)
    Dell Photo Printer 720 (HKLM\...\Dell Photo Printer 720) (Version:  - )
    Dell Photo Printer 720 Logger (HKLM\...\Dell Photo Printer 720 Logger) (Version: 1.0 - Dell)
    Dell Support 3.1 (HKLM\...\{548EEA8E-8299-497F-8057-811D2D7097DC}) (Version: 5.1.760 - Dell)
    Dell System Restore (HKLM\...\{74F7662C-B1DB-489E-A8AC-07A06B24978B}) (Version: 2.00.0000 - Dell Inc.)
    Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
    DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden
    Digital Content Portal (HKLM\...\{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}) (Version: 1.00.0000 - Dell)
    Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.10 - BVRP Software, Inc)
    DJ_SF_03_D4300_ProductContext (Version: 100.0.215.000 - Hewlett-Packard) Hidden
    DJ_SF_03_D4300_Software (Version: 100.0.206.000 - Hewlett-Packard) Hidden
    DJ_SF_03_D4300_Software_Min (Version: 100.0.206.000 - Hewlett-Packard) Hidden
    dj_sf_ProductContext (Version: 90.0.235.000 - Hewlett-Packard) Hidden
    dj_sf_software (Version: 90.0.235.000 - Hewlett-Packard) Hidden
    dj_sf_software_req (Version: 90.0.235.000 - Hewlett-Packard) Hidden
    Download and Sa (HKLM\...\{20E7BC40-33F6-4A81-9D52-B58349326206}) (Version:  - Dnsave)
    Driver Tool (HKLM\...\{AF142A83-507D-4F0F-92FC-40C7F76C1F87}) (Version: 8.1 - Driver Tool)
    EducateU (HKLM\...\{A683A2C0-821C-486F-858C-FA634DB5E864}) (Version: 1.00.0000 - Dell)
    ESPNMotion (HKLM\...\ESPNMotion) (Version: 2.1.6.0011 - ESPN Internet Ventures)
    EZSuite For Video Chat Kit (HKLM\...\{848e2630-c0c0-478a-a758-6639e5115993}) (Version: 1.0 - )
    F5 Networks VPN Client for Windows (HKLM\...\{6D4839CB-28B4-4070-8CA7-612CA92CA3D0}) (Version: 60.2010.0408.1513 - F5 Networks)
    Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
    ffdshow [rev 2202] [2008-10-10] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
    FlipShare (HKLM\...\{7732DA71-2FB6-5C99-D0D9-58A2DB360895}) (Version: 4.0.6.31692 - Pure Digital Technologies)
    Free DVD Creator version 2.0 (HKLM\...\Free DVD Creator (by minidvdsoft)_is1) (Version: 2.0 - www.minidvdsoft.com)
    FreeAgent Go Tools (HKLM\...\InstallShield_{ECD43B7A-CB3B-4AF8-91F6-C460A575E411}) (Version: 1.00.0032 - Seagate)
    FreeAgent Go Tools (Version: 1.00.0032 - Seagate) Hidden
    GemMaster Mystic (HKLM\...\12133444-BF36-4d4e-B7FB-A3424C645DE4) (Version:  - )
    Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
    Google Drive (HKLM\...\{65EACBB4-B0B8-4A5B-AE46-22DBE15C70B5}) (Version: 1.19.8406.6504 - Google, Inc.)
    Google Earth (HKLM\...\{9509674F-3972-11DE-806D-005056806466}) (Version: 5.0.11733.9347 - Google)
    Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
    Google Update Helper (Version: 1.3.26.7 - Google Inc.) Hidden
    H&R Block Deluxe + Efile + State 2010 (HKLM\...\{10964A8F-21C1-45EA-BC2D-F84B505C3848}) (Version: 10.04.6402 - HRB Technology, LLC.)
    H&R Block Deluxe + Efile + State 2011 (HKLM\...\{C6006AED-E5A7-4F77-BAD5-95AC43DE04F3}) (Version: 11.05.7102 - HRB Technology, LLC.)
    H&R Block Deluxe + Efile + State 2012 (HKLM\...\{89D20029-0578-4D8D-979A-695C8D868868}) (Version: 12.05.7803 - HRB Technology, LLC.)
    H&R Block Deluxe + Efile + State 2013 (HKLM\...\{EDE796DE-0A72-464D-9D21-F04BC41A092B}) (Version: 13.05.7601 - HRB Technology, LLC.)
    H&R Block New York 2009 (HKLM\...\{56F59702-1BB9-4C1B-BB8A-FB5F84A90378}) (Version: 1.09.4601 - HRB Technology, LLC.)
    H&R Block New York 2010 (HKLM\...\{5A80C75C-EB3A-4275-A6C4-2E20349DBF4C}) (Version: 1.10.4901 - HRB Technology, LLC.)
    H&R Block New York 2011 (HKLM\...\{6C434B52-8D0F-4080-9649-7497445DDCD4}) (Version: 1.11.4401 - HRB Technology, LLC.)
    H&R Block New York 2012 (HKLM\...\{0A5FB059-9FF1-4A78-9753-4D7656560DAF}) (Version: 1.12.7001 - HRB Technology, LLC.)
    H&R Block New York 2013 (HKLM\...\{E3B9117D-7476-4C74-8C22-337F630D6602}) (Version: 1.13.6101 - HRB Technology, LLC.)
    H&R Block Premium + Efile + State 2009 (HKLM\...\{90AACECD-1E42-4D22-ABAD-7FB9B67B262D}) (Version: 09.06.6501 - HRB Technology, LLC.)
    High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
    HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
    HP Deskjet D4300 Printer Driver Software 10.0 Rel .3 (HKLM\...\{387D9916-BD27-480f-8CF0-3228832BBAA2}) (Version: 10.0 - HP)
    HP Deskjet Printer Driver Software 9.0 (HKLM\...\{03E66394-42F0-4745-85F7-0A2F8F35C09F}) (Version: 9.0 - HP)
    HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
    HP Photosmart C4700 All-In-One Driver Software 13.0 Rel .6 (HKLM\...\{2012D762-5DCA-455A-B5FE-EDF79BC93E18}) (Version: 13.0 - HP)
    HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
    HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
    HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
    HP Update (HKLM\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
    hpPrintProjects (Version: 130.0.303.000 - Hewlett-Packard) Hidden
    HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
    hpWLPGInstaller (Version: 130.0.303.000 - Hewlett-Packard) Hidden
    iCopyExpert 3.1.2 (HKLM\...\iCopyExpert_is1) (Version:  - iCopyExpert.com)
    Intel® Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4363 - )
    Intel® PRO Network Connections Drivers (HKLM\...\PROSet) (Version:  - )
    Intel® PROSet for Wired Connections (HKLM\...\{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}) (Version: 9.20.0000 - Dell)
    Internet Explorer Default Page (Version: 1.00.03 - Dell Inc.) Hidden
    ION EZ VHS Converter (HKLM\...\{04E364F1-4582-4567-A6C8-C7FBBCC86C91}) (Version:  - ION)
    iTunes (HKLM\...\{C197BC08-3D82-4651-8886-E68C21578A38}) (Version: 11.1.3.8 - Apple Inc.)
    Java 2 Runtime Environment, SE v1.4.2_03 (HKLM\...\{7148F0A8-6813-11D6-A77B-00B0D0142030}) (Version: 1.4.2_03 - Sun Microsystems, Inc.)
    Java™ 6 Update 27 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216013FF}) (Version: 6.0.270 - Sun Microsystems, Inc.)
    Krab Web (HKLM\...\Krab Web) (Version: 2015.01.18.122328 - Krab Web) <==== ATTENTION
    Learn2 Player (Uninstall Only) (HKLM\...\StreetPlugin) (Version:  - )
    Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
    MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
    Microsoft .NET Framework 1.0 Hotfix (KB2572066) (HKLM\...\KB2572066) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.0 Hotfix (KB2604042) (HKLM\...\KB2604042) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.0 Hotfix (KB2656378) (HKLM\...\KB2656378) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.0 Hotfix (KB953295) (HKLM\...\KB953295) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM\...\KB979904) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.0 Security Update (KB2698035) (HKLM\...\KB2698035) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM\...\KB2742607) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.0 Security Update (KB2833951) (HKLM\...\KB2833951) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM\...\KB2904878) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
    Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
    Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
    Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
    Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
    Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
    Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft Office XP Professional with FrontPage (HKLM\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.01 - Microsoft Corporation)
    Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3514 - Microsoft Corporation)
    Microsoft Plus! Photo Story 2 LE (HKLM\...\{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft WinUsb 1.0 (HKLM\...\winusb0100) (Version:  - Microsoft Corporation)
    Modem Helper (HKLM\...\{7F142D56-3326-11D5-B229-002078017FBF}) (Version: 2.40 - BVRP Software)
    Mozilla Firefox 35.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Music Rescue (HKLM\...\{3364BD16-5A28-4862-86A1-A8FF5FD23919}) (Version: 4.1.2.45 - KennettNet Software Ltd)
    Musicmatch for Windows Media Player (HKLM\...\{E93E5EF6-D361-481E-849D-F16EF5C78EBC}) (Version: 0.00.000 - )
    Musicmatch® Jukebox (HKLM\...\{85D3CC30-8859-481A-9654-FD9B74310BEF}) (Version: 10.10.0097 - )
    Musicnotes Software Suite 1.6.0 (HKLM\...\Musicnotes Combined Installer_is1) (Version: 1.6.0 - Musicnotes Inc.)
    MyWay Search Assistant (HKLM\...\{E7559288-223B-453C-9F06-340E3BE21E39}) (Version: 1.0.1 - MyWay)
    NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.12 - BVRP Software, Inc)
    Network (Version: 130.0.572.000 - Hewlett-Packard) Hidden
    NetZeroInstallers (HKLM\...\{352310C3-E46B-42D3-8F32-54721FDD72D9}) (Version: 1.0.0 - NetZero, Inc.)
    Otto (HKLM\...\B3EE3001-DC24-4cd1-8743-5692C716659F) (Version:  - )
    Pando (HKLM\...\{AB480DA0-7EE9-465D-9C12-4CDE65BF18FB}) (Version: 2.3.0009 - Pando Networks Inc.)
    Pando Toolbar (HKLM\...\PandoBar Uninstall) (Version:  - Pando.com)
    PanoStandAlone (Version: 90.0.146.000 - Hewlett-Packard) Hidden
    PepperZip 2.0 (HKLM\...\PepperZip) (Version: 2.0 - PepperWare Co.Ltd.) <==== ATTENTION
    Picasa 3 (HKLM\...\Picasa 3) (Version: 3.1 - Google, Inc.)
    PoriceChoOp (HKLM\...\{B945F928-45A2-231E-495F-38C40CA198E9}) (Version: 3.2.0.1010 - )
    PowerDVD 5.5 (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
    PS_AIO_06_C4700_SW_Min (Version: 130.0.373.000 - Hewlett-Packard) Hidden
    PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden
    QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
    RealPlayer Basic (HKLM\...\RealPlayer 6.0) (Version:  - )
    Remote Desktop Access (VuuPC) (HKLM\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.6.0 - SAMSUNG Electronics Co., Ltd.)
    SaveMiaSs (HKLM\...\{F7FFE175-E3D6-2E86-0226-1D3AE4905E40}) (Version: 3.3.0.1507 - )
    Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Seagate DiscWizard (HKLM\...\{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}) (Version: 11.0.8142 - Seagate)
    Search Protect (HKLM\...\SearchProtect) (Version: 2.21.0.204 - Client Connect LTD) <==== ATTENTION
    Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
    Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
    Sibelius Scorch (Firefox, Opera, Netscape only) (HKLM\...\{7115EE2B-62BF-4DEB-B4AA-91456D245F47}) (Version: 6.0.2 - Sibelius Software)
    Skype Toolbars (HKLM\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
    Skype™ 4.2 (HKLM\...\{D103C4BA-F905-437A-8049-DB24763BBE36}) (Version: 4.2.155 - Skype Technologies S.A.)
    Skype™ 5.5 (HKLM\...\{AA59DDE4-B672-4621-A016-4C248204957A}) (Version: 5.5.124 - Skype Technologies S.A.)
    SmartMusic 2011a (HKLM\...\SmartMusic 2011a) (Version: 13.0.0 - MakeMusic)
    SmartWebPrinting (Version: 130.0.373.000 - Hewlett-Packard) Hidden
    Software Updater (HKLM\...\SoftwareUpdater) (Version: 1.0.0.0 - Software Updater Ltd)
    Sonic DLA (HKLM\...\{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 4.95 - Sonic Solutions)
    Sonic Encoders (HKLM\...\{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)
    Sonic MyDVD LE (HKLM\...\{21657574-BD54-48A2-9450-EB03B2C7FC29}) (Version: 6.1.1 - Sonic Solutions)
    Sonic RecordNow Audio (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.0 - Sonic Solutions)
    Sonic RecordNow Copy (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.0 - Sonic Solutions)
    Sonic RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.0 - Sonic Solutions)
    Sonic Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Sonic Solutions)
    Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden
    SW_Sustainer 1.80 (HKLM\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{280f2936}) (Version:  - Certified Publisher) <==== ATTENTION
    Synctunes Desktop (HKLM\...\{684F10A9-E071-4629-B5F6-445C54C37AB3}) (Version: 1.0.4 - MAhmed Labs)
    TaxCut New York 2008 (HKLM\...\{4BAC29B6-145B-49D0-A2FC-A79AE4F606E5}) (Version: 1.08.4701 - H&R Block Digital Tax Solutions LLC.)
    TaxCut Premium + State + Efile 2008 (HKLM\...\{BBB33AD6-BCF7-4002-B6A0-6DC679AE5C18}) (Version: 08.07.7101 - H & R Block)
    Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
    TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden
    UnloadSupport (Version: 10.0.0 - Hewlett-Packard) Hidden
    Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM\...\KB900325) (Version:  - Microsoft Corporation)
    USB PC Camera (HKLM\...\{A9698A67-7E71-11D8-B9BF-00E018FAA1E4}) (Version:  - )
    VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden
    Viewpoint Media Player (HKLM\...\ViewpointMediaPlayer) (Version:  - )
    Walmart MP3 Music Downloads (HKLM\...\Walmart MP3 Music Downloads) (Version: 1.5.0.7 - Walmart.com)
    WD Link (HKLM\...\WD Link) (Version: 1.00.03 - Western Digital)
    WD SmartWare (HKLM\...\{51B055DD-A5F8-4D0C-A09C-66E58AD56F20}) (Version: 1.5.1 - Western Digital)
    WebCyberCoach 3.2 Dell (HKLM\...\WebCyberCoach_wtrb) (Version:  - )
    WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
    WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
    WeightWatchers Connections 2010 Portal (HKLM\...\{4496E9B5-56AF-4A9C-BC02-BCBF63824224}) (Version: 1.0 - WeightWatchers)
    WildTangent Web Driver (HKLM\...\WildTangent CDA) (Version:  - )
    WinCheck (HKLM\...\wincheck) (Version: 1.0.0.0 - WinCheck) <==== ATTENTION!
    Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
    Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
    Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
    Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
    Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
    Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
    Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
    Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
    Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
    Windows Media Player 10 Hotfix - KB894476 (HKLM\...\KB894476) (Version:  - Microsoft Corporation)
    Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information] (HKLM\...\EmeraldQFE2) (Version:  - Microsoft Corporation)
    Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
    Windows XP Media Center Edition 2005 KB2502898 (HKLM\...\KB2502898) (Version:  - Microsoft Corporation)
    Windows XP Media Center Edition 2005 KB2619340 (HKLM\...\KB2619340) (Version:  - Microsoft Corporation)
    Windows XP Media Center Edition 2005 KB2628259 (HKLM\...\KB2628259) (Version:  - Microsoft Corporation)
    Windows XP Media Center Edition 2005 KB908246 (HKLM\...\KB908246) (Version:  - Microsoft Corporation)
    Windows XP Media Center Edition 2005 KB908250 (HKLM\...\KB908250) (Version:  - Microsoft Corporation)
    Windows XP Media Center Edition 2005 KB973768 (HKLM\...\KB973768) (Version:  - Microsoft Corporation)
    Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
    Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )
    Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{0C1EB979-8EC7-46E8-8097-246957D6B94C}\localserver32 -> C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{10A31DA6-8BF9-4767-9C2E-E4C4F4FF2310}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\rim_hh.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{1434DD3D-0AF6-41E0-BB71-8C86010D9AF5}\localserver32 -> C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{326787D9-37B9-47A6-B539-EE13E7B04B8B}\InprocServer32 -> C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\devicemanagerproperties.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{3A7AD31E-F164-4861-928B-4FE44092F5B8}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\IS71 Connectors\Data Migration Wizard\Connectors\Windows Mobile Connector\WinCEConnector.dll (Nokia Corporation.)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{44EC053A-400F-11D0-9DCD-00A0C90391D3}\InprocServer32 -> No File Path
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{47F64EC4-1AD6-4168-9D4C-00F3842F7CFB}\InprocServer32 -> C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\DeviceManagerProperties.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{5F6FFE82-8B74-43BF-A583-EF4E3AEF9C3D}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\IS71 Connectors\Data Migration Wizard\Connectors\Palm Desktop\syncproxy.dll (Nokia Corporation.)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{78496FD9-A9D7-4F59-8934-84A5DC5679D8}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\IS71 Connectors\Data Migration Wizard\Connectors\Palm Desktop\PDXlator.dll (Nokia Corporation.)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{82D1C283-A637-4A07-B1EC-8C7AE661EAF1}\InprocServer32 -> C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\devicemanagerproperties.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{8376CB5C-B66B-4678-AB07-03E5FDA2F04E}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\IS71 Connectors\Data Migration Wizard\CXLServer1.dll (Nokia Corporation.)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{A4DB76BC-7A1C-44e7-8B3F-9F55E7AF32C0}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\IS71 Connectors\YahooNotifier.dll No File
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{A7266397-8FCE-495E-847A-13E56C5E5F56}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\rim_asci.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{B776FDAF-2388-42D0-8A7C-386E1BC2E19E}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\IS71 Connectors\Data Migration Wizard\Connectors\Palm Desktop\pdapi2.dll (Nokia Corporation.)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{B922E441-248E-419B-898C-D994FFBA56EE}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\RIMCXLServer.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{BA3D0120-E617-4F66-ADCA-585CC2FB86DB}\localserver32 -> C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{C8992C14-DF59-4518-808F-CCFBB5850282}\InprocServer32 -> C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\devicemanagerproperties.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{CAFCE71A-72F0-41AD-A8A4-4F70CDD72381}\InprocServer32 -> C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManagerps.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{E2159021-A507-48F9-9DF1-EC5AFDBA5066}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\IS71 Connectors\Data Migration Wizard\Connectors\Palm Desktop\PDAPI.dll (Nokia Corporation.)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{E3AA9B8F-F8BF-4536-A3D8-B405A4C6B5AE}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\IS71 Connectors\Yahoo Connector\DCSXlator.dll (Nokia)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{EB59852D-B38E-4A4C-94BA-6731836E5538}\InprocServer32 -> C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\DeviceManagerProperties.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{EE7F6B66-AC97-41CF-BD88-372DDB786DB6}\localserver32 -> C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{F6CF0104-4F4A-4EBE-999D-A12D838E65B5}\InprocServer32 -> C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgrPs.dll (Research In Motion Limited)

    ==================== Restore Points  =========================

    14-01-2015 03:00:16 Software Distribution Service 3.0
    15-01-2015 03:08:37 System Checkpoint
    30-01-2015 21:34:51 System Checkpoint
    31-01-2015 22:23:40 System Checkpoint
    02-02-2015 08:18:47 System Checkpoint
    07-02-2015 07:45:30 System Checkpoint
    08-02-2015 08:15:53 System Checkpoint
    09-02-2015 08:20:25 System Checkpoint
    10-02-2015 13:03:58 System Checkpoint
    11-02-2015 03:00:17 Software Distribution Service 3.0
    12-02-2015 04:17:17 System Checkpoint
    16-02-2015 23:10:45 System Checkpoint
    18-02-2015 00:04:59 System Checkpoint
    19-02-2015 00:10:09 System Checkpoint
    20-02-2015 00:36:17 System Checkpoint
    21-02-2015 00:36:47 System Checkpoint
    22-02-2015 01:48:35 System Checkpoint
    23-02-2015 02:51:34 System Checkpoint
    24-02-2015 03:00:01 System Checkpoint

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2005-08-16 05:18 - 2011-07-29 20:16 - 00000098 ____A C:\WINDOWS\system32\Drivers\etc\hosts
    127.0.0.1       localhost
    ::1       localhost

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
    Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-1009Core.job => C:\Documents and Settings\ALEX\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
    Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-1009UA.job => C:\Documents and Settings\ALEX\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-501Core.job => C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-501UA.job => C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
    Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
    Task: C:\WINDOWS\Tasks\TidyNetwork Update.job => C:\Documents and Settings\MARISSA\Local Settings\Application Data\TidyNetwork\petnupdate.exe

    ==================== Loaded Modules (whitelisted) ==============

    2015-02-10 12:47 - 2015-02-10 11:27 - 02902528 _____ () C:\Program Files\AVAST Software\Avast\defs\15021001\algo.dll
    2015-02-23 13:00 - 2015-02-23 11:23 - 02900992 _____ () C:\Program Files\AVAST Software\Avast\defs\15022301\algo.dll
    2015-02-24 15:59 - 2015-02-24 11:58 - 02902528 _____ () C:\Program Files\AVAST Software\Avast\defs\15022401\algo.dll
    2005-12-15 13:11 - 2003-07-29 20:27 - 00078336 _____ () C:\WINDOWS\System32\spool\PRTPROCS\W32X86\DLBCPP5C.dll
    2012-05-30 19:06 - 2012-05-30 19:06 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2012-05-30 19:06 - 2012-05-30 19:06 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2005-08-16 05:18 - 2011-02-04 17:48 - 00291840 _____ () C:\WINDOWS\system32\sbe.dll
    2005-08-16 05:18 - 2013-01-02 01:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
    2005-08-16 05:18 - 2008-04-13 19:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
    2005-08-16 05:18 - 2008-04-13 19:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
    2008-11-13 13:17 - 2008-11-13 13:17 - 00439616 _____ () C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe
    2008-11-13 13:15 - 2008-11-13 13:15 - 01581056 _____ () C:\Program Files\Pure Digital Technologies\FlipShare\QtCore4.dll
    2010-11-02 07:33 - 2010-11-02 07:33 - 00886272 _____ () C:\Program Files\Western Digital\WD SmartWare\System.Data.SQLite.dll
    2005-12-15 13:11 - 2005-01-06 14:51 - 00048128 _____ () C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBCUI5C.DLL
    2015-02-24 13:37 - 2015-02-24 18:37 - 00396016 _____ () C:\Program Files\Krab Web\updateKrabWeb.exe
    2015-02-24 08:36 - 2015-02-24 18:40 - 00396016 _____ () C:\Program Files\Krab Web\bin\utilKrabWeb.exe
    2015-02-24 13:37 - 2015-02-24 13:37 - 00337920 _____ () C:\Program Files\Krab Web\bin\sqlite3.dll
    2015-02-21 00:01 - 2015-02-24 14:16 - 00105712 _____ () C:\Program Files\Krab Web\bin\KrabWeb.BrowserAdapter.exe

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

    ==================== EXE Association (whitelisted) ===============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\dell.bmp
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1007\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\NICK\Application Data\Mozilla\Firefox\Desktop Background.bmp
    DNS Servers: 192.168.2.1

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
    MSCONFIG\startupreg: AcronisTimounterMonitor => C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
    MSCONFIG\startupreg: AVLoginToDo => "C:\PROGRA~1\VEXIRA~1\Bin\avltd.exe"
    MSCONFIG\startupreg: DiscWizardMonitor.exe => C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
    MSCONFIG\startupreg: DVDLauncher => "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
    MSCONFIG\startupreg: ehTray => C:\WINDOWS\ehome\ehtray.exe
    MSCONFIG\startupreg: H/PC Connection Agent => "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    MSCONFIG\startupreg: hpqSRMon => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: MimBoot => C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
    MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background
    MSCONFIG\startupreg: Pando => "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: RealTray => C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
    MSCONFIG\startupreg: Seagate Scheduler2 Service => "C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe"
    MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    MSCONFIG\startupreg: StxTrayMenu => "C:\Program Files\Seagate\SystemTray\StxMenuMgr.exe"
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Java\jre6\bin\jusched.exe"
    MSCONFIG\startupreg: VBSysTray => "C:\PROGRA~1\VEXIRA~1\Bin\vbsystry.exe"

    ==================== Accounts: =============================

    Administrator (S-1-5-21-3236530329-1147617518-3913851753-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
    ALEX (S-1-5-21-3236530329-1147617518-3913851753-1009 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\ALEX
    ALEXIS (S-1-5-21-3236530329-1147617518-3913851753-1005 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\ALEXIS
    CATHYLYNN (S-1-5-21-3236530329-1147617518-3913851753-1006 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\CATHYLYNN
    Guest (S-1-5-21-3236530329-1147617518-3913851753-501 - Limited - Enabled) => %SystemDrive%\Documents and Settings\Guest
    HelpAssistant (S-1-5-21-3236530329-1147617518-3913851753-1004 - Limited - Disabled)
    MARISSA (S-1-5-21-3236530329-1147617518-3913851753-1008 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\MARISSA
    Mom's iPod Account (S-1-5-21-3236530329-1147617518-3913851753-1010 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Mom's iPod Account
    NICK (S-1-5-21-3236530329-1147617518-3913851753-1007 - Limited - Enabled) => %SystemDrive%\Documents and Settings\NICK
    SUPPORT_388945a0 (S-1-5-21-3236530329-1147617518-3913851753-1002 - Limited - Disabled)

    ==================== Faulty Device Manager Devices =============

    Name: Photosmart C4700 series
    Description: Photosmart C4700 series
    Class Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}
    Manufacturer: HP
    Service:
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

    Name: Officejet Pro 6830
    Description: Officejet Pro 6830
    Class Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}
    Manufacturer: HP
    Service:
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/24/2015 08:00:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: Hanging application AdwCleaner.exe, version 4.1.1.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

    Error: (02/19/2015 09:37:48 PM) (Source: Picasa3) (EventID: 1) (User: )
    Description: Picasa has crashed.  A crash dump has been generated: C:\DOCUME~1\ALEXIS\LOCALS~1\Temp\Picasa_150219-213741.dmp

    Error: (02/06/2015 08:56:10 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application plugin-container.exe, version 35.0.1.5500, faulting module mozalloc.dll, version 35.0.1.5500, fault address 0x00001425.
    Processing media-specific event for [plugin-container.exe!ws!]

    Error: (01/26/2015 10:16:05 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application plugin-container.exe, version 35.0.0.5486, faulting module mozalloc.dll, version 35.0.0.5486, fault address 0x00001425.
    Processing media-specific event for [plugin-container.exe!ws!]

    Error: (01/26/2015 10:03:56 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application plugin-container.exe, version 35.0.0.5486, faulting module mozalloc.dll, version 35.0.0.5486, fault address 0x00001425.
    Processing media-specific event for [plugin-container.exe!ws!]

    Error: (01/26/2015 10:03:44 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: Hanging application firefox.exe, version 35.0.0.5486, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

    Error: (01/26/2015 10:03:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: Hanging application firefox.exe, version 35.0.0.5486, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

    Error: (01/18/2015 00:40:28 PM) (Source: crypt32) (EventID: 11) (User: )
    Description: Failed extract of third-party root list from auto update cab at: <http://www.download....authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

    Error: (01/18/2015 00:40:27 PM) (Source: crypt32) (EventID: 11) (User: )
    Description: Failed extract of third-party root list from auto update cab at: <http://www.download....authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

    Error: (12/21/2014 11:47:24 PM) (Source: Picasa3) (EventID: 1) (User: )
    Description: Picasa has crashed.  A crash dump has been generated: C:\DOCUME~1\ALEXIS\LOCALS~1\Temp\Picasa_141221-234719.dmp


    System errors:
    =============
    Error: (02/24/2015 08:06:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Util Krab Web service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

    Error: (02/24/2015 08:06:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Update Krab Web service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

    Error: (02/19/2015 09:35:43 PM) (Source: DCOM) (EventID: 10000) (User: DH75M091)
    Description: Unable to start a DCOM Server: {FA08F856-F05E-499B-9A48-F153A147DF27}.
    The error:
    "%%14001"
    Happened while starting this command:
    "C:\Program Files\Pando Networks\Pando\pando.exe" -Embedding

    Error: (02/19/2015 09:35:43 PM) (Source: SideBySide) (EventID: 59) (User: )
    Description: Generate Activation Context failed for C:\Program Files\Pando Networks\Pando\pando.exe.
    Reference error message: The operation completed successfully.
    .

    Error: (02/16/2015 07:57:49 PM) (Source: Dhcp) (EventID: 1002) (User: )
    Description: The IP address lease 192.168.2.4 for the Network Card with network address 001320A72F3F has been
    denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

    Error: (02/14/2015 02:53:50 AM) (Source: Dhcp) (EventID: 1002) (User: )
    Description: The IP address lease 192.168.2.4 for the Network Card with network address 001320A72F3F has been
    denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

    Error: (02/11/2015 07:00:17 PM) (Source: Windows Update Agent) (EventID: 20) (User: )
    Description: Installation Failure: Windows failed to install the following update with error 0x80242007: Windows Malicious Software Removal Tool - February 2015 (KB890830).

    Error: (02/10/2015 00:46:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 9 service to connect.

    Error: (02/10/2015 00:46:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Google Update Service (gupdate) service failed to start due to the following error:
    %%2

    Error: (02/09/2015 07:46:16 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 9 service to connect.


    Microsoft Office Sessions:
    =========================
    Error: (02/24/2015 08:00:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: AdwCleaner.exe4.1.1.1hungapp0.0.0.000000000

    Error: (02/19/2015 09:37:48 PM) (Source: Picasa3) (EventID: 1) (User: )
    Description: Picasa has crashed.  A crash dump has been generated: C:\DOCUME~1\ALEXIS\LOCALS~1\Temp\Picasa_150219-213741.dmp

    Error: (02/06/2015 08:56:10 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: plugin-container.exe35.0.1.5500mozalloc.dll35.0.1.550000001425

    Error: (01/26/2015 10:16:05 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: plugin-container.exe35.0.0.5486mozalloc.dll35.0.0.548600001425

    Error: (01/26/2015 10:03:56 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: plugin-container.exe35.0.0.5486mozalloc.dll35.0.0.548600001425

    Error: (01/26/2015 10:03:44 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: firefox.exe35.0.0.5486hungapp0.0.0.000000000

    Error: (01/26/2015 10:03:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: firefox.exe35.0.0.5486hungapp0.0.0.000000000

    Error: (01/18/2015 00:40:28 PM) (Source: crypt32) (EventID: 11) (User: )
    Description: http://www.download....uthrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

    Error: (01/18/2015 00:40:27 PM) (Source: crypt32) (EventID: 11) (User: )
    Description: http://www.download....uthrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

    Error: (12/21/2014 11:47:24 PM) (Source: Picasa3) (EventID: 1) (User: )
    Description: Picasa has crashed.  A crash dump has been generated: C:\DOCUME~1\ALEXIS\LOCALS~1\Temp\Picasa_141221-234719.dmp


    ==================== Memory info ===========================

    Processor:  Intel® Pentium® 4 CPU 2.80GHz
    Percentage of memory in use: 35%
    Total physical RAM: 2038.07 MB
    Available physical RAM: 1324.54 MB
    Total Pagefile: 2640.2 MB
    Available Pagefile: 1841.09 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1923.43 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:436.5 GB) (Free:199.61 GB) NTFS ==>[Drive with boot components (Windows XP)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 465.8 GB) (Disk ID: 57A21624)
    Partition 1: (Not Active) - (Size=251 MB) - (Type=DE)
    Partition 2: (Active) - (Size=436.5 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=29 GB) - (Type=DB)

    ==================== End Of Log ============================

     

    OTL logfile created on: 2/24/2015 8:34:59 PM - Run 4
    OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\ALEXIS\My Documents\Downloads
    Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
     
    1.99 Gb Total Physical Memory | 0.68 Gb Available Physical Memory | 33.94% Memory free
    2.58 Gb Paging File | 1.16 Gb Available in Paging File | 44.89% Paging File free
    Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 436.50 Gb Total Space | 199.61 Gb Free Space | 45.73% Space Free | Partition Type: NTFS
     
    Computer Name: DH75M091 | User Name: ALEXIS | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Processes (SafeList) ==========
     
    PRC - [2015/02/24 18:40:45 | 000,396,016 | ---- | M] () -- C:\Program Files\Krab Web\bin\utilKrabWeb.exe
    PRC - [2015/02/24 18:37:35 | 000,396,016 | ---- | M] () -- C:\Program Files\Krab Web\updateKrabWeb.exe
    PRC - [2015/02/24 14:16:34 | 000,105,712 | ---- | M] () -- C:\Program Files\Krab Web\bin\KrabWeb.BrowserAdapter.exe
    PRC - [2015/02/22 20:24:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ALEXIS\My Documents\Downloads\OTL.com
    PRC - [2015/01/30 20:39:48 | 000,338,032 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
    PRC - [2015/01/29 17:37:16 | 000,091,840 | ---- | M] (Microsoft Corporation) -- c:\36214cac5ce97b097c7eed098d0209\mrtstub.exe
    PRC - [2012/10/30 18:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
    PRC - [2012/10/30 18:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    PRC - [2011/08/01 09:11:38 | 001,091,984 | ---- | M] (Western Digital ) -- C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
    PRC - [2011/08/01 09:11:36 | 001,592,208 | ---- | M] (Western Digital ) -- C:\Program Files\Western Digital\WD SmartWare\WDFME.exe
    PRC - [2011/08/01 09:11:32 | 000,263,056 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
    PRC - [2010/08/19 12:08:42 | 000,246,400 | ---- | M] (F5 Networks) -- C:\WINDOWS\system32\F5InstallerService.exe
    PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    PRC - [2008/11/13 13:17:38 | 000,439,616 | ---- | M] () -- C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe
    PRC - [2008/06/24 19:56:38 | 000,431,384 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
    PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
    PRC - [2007/01/18 12:20:24 | 000,024,120 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\Sync\SeaSyncServices.exe
     
     
    ========== Modules (No Company Name) ==========
     
    MOD - [2015/02/24 18:40:45 | 000,396,016 | ---- | M] () -- C:\Program Files\Krab Web\bin\utilKrabWeb.exe
    MOD - [2015/02/24 18:37:35 | 000,396,016 | ---- | M] () -- C:\Program Files\Krab Web\updateKrabWeb.exe
    MOD - [2015/02/24 14:16:34 | 000,105,712 | ---- | M] () -- C:\Program Files\Krab Web\bin\KrabWeb.BrowserAdapter.exe
    MOD - [2015/02/24 13:37:39 | 000,337,920 | ---- | M] () -- C:\Program Files\Krab Web\bin\sqlite3.dll
    MOD - [2015/02/24 11:58:07 | 002,902,528 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\15022401\algo.dll
    MOD - [2015/02/23 11:23:12 | 002,900,992 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\15022301\algo.dll
    MOD - [2015/02/10 11:27:20 | 002,902,528 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\15021001\algo.dll
    MOD - [2015/01/30 20:39:46 | 003,925,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
    MOD - [2014/02/13 04:09:45 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8cd995f00848816e3ec49dc326e3d49b\System.ServiceProcess.ni.dll
    MOD - [2014/02/13 04:09:28 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\5c157466d360a10b2c97e94b41ddc588\System.Management.ni.dll
    MOD - [2014/02/13 04:07:37 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b6e70acd99dc22e29b7fc8f9ac340c4\System.Configuration.ni.dll
    MOD - [2014/02/13 03:57:44 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\7faf645dc46781225cb722edf9e1e738\System.Xml.ni.dll
    MOD - [2014/02/13 03:36:34 | 003,194,880 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
    MOD - [2014/02/13 03:36:31 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
    MOD - [2014/02/13 03:36:29 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
    MOD - [2014/02/13 03:36:22 | 000,372,736 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
    MOD - [2014/02/13 03:36:12 | 002,052,096 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
    MOD - [2014/02/13 03:36:07 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
    MOD - [2014/02/13 03:24:35 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4b0455ae94e3cecca4bb3ba8c96828c9\System.ni.dll
    MOD - [2014/02/13 03:15:10 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\dae02331a443fb52216ca83292cb2f21\mscorlib.ni.dll
    MOD - [2013/01/02 01:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
    MOD - [2012/05/30 19:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2012/05/30 19:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2012/02/15 03:28:16 | 001,218,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\b1b57351a88c0c9c46bd9424347336ea\System.Management.ni.dll
    MOD - [2012/02/15 03:11:05 | 000,786,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\47a2b7b2fa872de3078d49d0a4c10cb2\System.EnterpriseServices.ni.dll
    MOD - [2012/02/15 03:11:04 | 000,236,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\47a2b7b2fa872de3078d49d0a4c10cb2\System.EnterpriseServices.Wrapper.dll
    MOD - [2012/02/15 03:11:02 | 000,646,656 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\c3a03bb69e38f5ed9ebce72d48a722ef\System.Transactions.ni.dll
    MOD - [2012/02/15 03:05:41 | 006,798,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\97586cdb698c29ba95fd83e44a0c0ca6\System.Data.ni.dll
    MOD - [2012/02/15 03:05:04 | 007,054,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\a2b1103ad3d9f329e0c9164994137c81\System.Core.ni.dll
    MOD - [2012/02/15 03:05:00 | 005,618,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\21071fcc838660d96f10920c4c3cd206\System.Xml.ni.dll
    MOD - [2012/02/15 03:04:46 | 000,980,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\363b05dd092178671e56531a9c4999b6\System.Configuration.ni.dll
    MOD - [2012/02/15 03:04:38 | 009,090,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\3ff4657a86a0e14b4be577969e0ec762\System.ni.dll
    MOD - [2011/10/14 02:13:34 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\cfba497fc860b32b8d895f57bf148aa7\Microsoft.VisualC.ni.dll
    MOD - [2011/10/14 02:07:53 | 014,407,680 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\52f4f785f7cf45a64606a8e13c8cf04c\mscorlib.ni.dll
    MOD - [2011/08/01 06:34:44 | 000,064,000 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\WDCollections.dll
    MOD - [2011/02/04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
    MOD - [2010/11/02 07:33:58 | 000,886,272 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\System.Data.SQLite.dll
    MOD - [2008/11/13 13:17:38 | 000,439,616 | ---- | M] () -- C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe
    MOD - [2008/11/13 13:15:12 | 001,581,056 | ---- | M] () -- C:\Program Files\Pure Digital Technologies\FlipShare\QtCore4.dll
    MOD - [2008/04/13 19:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
    MOD - [2008/04/13 19:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
    MOD - [2003/07/29 20:27:40 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\DLBCPP5C.DLL
     
     
    ========== Services (SafeList) ==========
     
    SRV - [2015/02/24 18:40:45 | 000,396,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Krab Web\bin\utilKrabWeb.exe -- (Util Krab Web)
    SRV - [2015/02/24 18:37:35 | 000,396,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Krab Web\updateKrabWeb.exe -- (Update Krab Web)
    SRV - [2015/01/30 20:39:46 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2012/10/30 18:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
    SRV - [2012/10/14 20:31:16 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2011/08/01 09:11:38 | 001,091,984 | ---- | M] (Western Digital ) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe -- (WDRulesService)
    SRV - [2011/08/01 09:11:36 | 001,592,208 | ---- | M] (Western Digital ) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WDFME.exe -- (WDFMEService)
    SRV - [2011/08/01 09:11:32 | 000,263,056 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe -- (WDDMService)
    SRV - [2010/08/19 12:08:42 | 000,246,400 | ---- | M] (F5 Networks) [Auto | Running] -- C:\WINDOWS\system32\F5InstallerService.exe -- (F5 Networks Component Installer)
    SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
    SRV - [2008/11/13 13:17:38 | 000,439,616 | ---- | M] () [Auto | Running] -- C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe -- (FlipShare Service)
    SRV - [2008/06/24 19:56:38 | 000,431,384 | ---- | M] (Seagate) [Auto | Running] -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
    SRV - [2007/01/31 14:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
    SRV - [2007/01/18 12:20:24 | 000,024,120 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\Sync\SeaSyncServices.exe -- (Seagate Sync Service)
     
     
    ========== Driver Services (SafeList) ==========
     
    DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw)
    DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
    DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
    DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
    DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
    DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
    DRV - File not found [Kernel | On_Demand | Stopped] --  -- (bvrp_pci)
    DRV - [2015/02/22 10:31:14 | 000,055,824 | ---- | M] (StdLib) [Kernel | Disabled | Running] -- C:\WINDOWS\system32\drivers\{9d5a2aa0-d243-4ec9-aa58-38b5de807918}t.sys -- ({9d5a2aa0-d243-4ec9-aa58-38b5de807918}t)
    DRV - [2015/02/20 17:40:32 | 000,055,824 | ---- | M] (StdLib) [Kernel | Disabled | Running] -- C:\WINDOWS\system32\drivers\{9d5a2aa0-d243-4ec9-aa58-38b5de807918}Gt.sys -- ({9d5a2aa0-d243-4ec9-aa58-38b5de807918}Gt)
    DRV - [2015/01/21 09:43:02 | 000,055,824 | ---- | M] (StdLib) [Kernel | Disabled | Running] -- C:\WINDOWS\system32\drivers\{3847db91-525a-43df-a742-93a5141cafa8}Gt.sys -- ({3847db91-525a-43df-a742-93a5141cafa8}Gt)
    DRV - [2015/01/18 03:46:58 | 000,055,824 | ---- | M] (StdLib) [Kernel | Disabled | Running] -- C:\WINDOWS\system32\drivers\{e7c04031-8387-47b1-afd6-40a369d5c38f}Gt.sys -- ({e7c04031-8387-47b1-afd6-40a369d5c38f}Gt)
    DRV - [2012/10/30 18:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
    DRV - [2012/10/30 18:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
    DRV - [2012/10/30 18:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
    DRV - [2012/10/30 18:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
    DRV - [2012/10/30 18:51:57 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
    DRV - [2012/10/30 18:51:56 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
    DRV - [2012/10/30 18:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV - [2011/10/04 05:22:16 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
    DRV - [2011/10/04 05:22:16 | 000,077,624 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
    DRV - [2011/02/10 12:34:28 | 000,987,904 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8192cu.sys -- (RTL8192cu)
    DRV - [2010/12/23 09:50:58 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
    DRV - [2010/12/23 09:50:58 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
    DRV - [2010/12/23 09:50:52 | 000,132,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
    DRV - [2010/12/23 09:50:42 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\tdrpman.sys -- (tdrpman)
    DRV - [2010/01/25 16:18:51 | 000,033,920 | ---- | M] (F5 Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\covpndrv.sys -- (urvpndrv)
    DRV - [2010/01/25 16:18:46 | 000,010,752 | ---- | M] (F5 Networks) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\urfltw2k.sys -- (f5ipfw)
    DRV - [2008/09/22 15:22:36 | 000,281,024 | R--- | M] (Trident Multimedia Technologies Co.,Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\0140_ION.sys -- (VCR2PC)
    DRV - [2008/04/13 13:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
    DRV - [2006/11/10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
    DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
    DRV - [2005/12/15 13:35:20 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
    DRV - [2005/10/17 17:50:06 | 000,245,376 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2500usb.sys -- (WUSB54GPV4SRV)
    DRV - [2005/08/17 07:41:08 | 001,022,040 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
    DRV - [2005/02/01 18:18:38 | 000,017,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\bcm42rly.sys -- (BCM42RLY)
    DRV - [2003/11/17 22:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
    DRV - [2003/11/17 22:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
    DRV - [2003/11/17 22:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
    DRV - [2002/10/01 13:43:32 | 000,119,798 | ---- | M] (SP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\spca561.sys -- (CA561)
    DRV - [2002/02/27 18:12:52 | 000,076,160 | R--- | M] (ATMEL) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ma101rnd.sys -- (USBFVNETR)
     
     
    ========== Standard Registry (SafeList) ==========
     
     
    ========== Internet Explorer ==========
     
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
     
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
    IE - HKCU\..\URLSearchHook: {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL (Pando)
    IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
    IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
    IE - HKCU\..\SearchScopes\{48BEE687-4D1F-4DB9-9889-4D4A989E4D28}: "URL" = http://delicious.com...p={searchTerms}
    IE - HKCU\..\SearchScopes\{5F31840E-E7B1-4915-8C9D-3E6F22B35D52}: "URL" = http://www.flickr.co...q={searchTerms}
    IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...soft:{language}
    IE - HKCU\..\SearchScopes\{81133FE2-8F21-4DCF-9CB8-C5C4C3285F73}: "URL" = http://search.yahoo....f-8&fr=chr-yie8
    IE - HKCU\..\SearchScopes\{ED2D00CE-667F-4071-B550-87D4145CD07C}: "URL" = http://rover.ebay.co...e={searchTerms}
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
     
    ========== FireFox ==========
     
    FF - prefs.js..browser.search.isUS: true
    FF - prefs.js..extensions.enabledAddons: %7B9d5a2aa0-d243-4ec9-aa58-38b5de807918%7D:1.0.1
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:35.0.1
    FF - user.js - File not found
     
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@Musicnotes.com/Musicnotes Viewer: C:\Program Files\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Sibelius.com/Scorch Plugin: C:\Program Files\Musicnotes\npsibelius.dll ()
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.26.7\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.26.7\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll File not found
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
     
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/27 19:36:46 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/12/07 22:00:47 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\WeightWatchers Browser\components [2015/01/10 12:34:24 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\WeightWatchers Browser\plugins [2015/01/10 12:53:21 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2015/01/30 20:39:23 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2015/01/30 20:39:31 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/03/27 19:36:46 | 000,000,000 | ---D | M]
     
    [2008/11/23 22:27:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ALEXIS\Application Data\Mozilla\Extensions
    [2015/01/30 21:01:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ALEXIS\Application Data\Mozilla\Firefox\Profiles\zs1syjzl.default-1422668321096\extensions
    [2015/01/30 20:50:46 | 000,009,690 | ---- | M] () (No name found) -- C:\Documents and Settings\ALEXIS\Application Data\Mozilla\Firefox\Profiles\zs1syjzl.default-1422668321096\extensions\{9d5a2aa0-d243-4ec9-aa58-38b5de807918}.xpi
    [2015/01/30 20:39:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2015/01/30 20:39:24 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
    [2015/01/30 20:39:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
    [2015/01/30 20:39:50 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2008/04/18 10:56:34 | 000,118,784 | ---- | M] (CANON INC.) -- C:\Program Files\mozilla firefox\plugins\MyCamera.dll
    [2008/04/18 10:55:58 | 000,053,248 | ---- | M] (CANON INC.) -- C:\Program Files\mozilla firefox\plugins\NPCIG.dll
    [2011/07/19 04:05:25 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
    [2009/05/12 16:38:33 | 000,024,668 | ---- | M] (Pando Networks, Inc.) -- C:\Program Files\mozilla firefox\plugins\NPPandBr.dll
    [2009/04/23 10:57:14 | 000,239,432 | ---- | M] (Pando Networks) -- C:\Program Files\mozilla firefox\plugins\npPandoWebInst.dll
    [2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
     
    ========== Chrome  ==========
     
    CHR - default_search_provider:  (Enabled)
    CHR - default_search_provider: search_url =
    CHR - default_search_provider: suggest_url =
    CHR - homepage: http://www.trovi.com...A5F448F68&SSPV=
    CHR - plugin: Default Profile (Enabled) = default_plugin
    CHR - plugin: Error reading preferences file
    CHR - Extension: Google Voice Search Hotword (Beta) = C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
    CHR - Extension: YouTube = C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
    CHR - Extension: YouTube = C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
    CHR - Extension: Google Search = C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
    CHR - Extension: Krab Web = C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\niimnfadmhjonmfnniajjhkpodghlaan\1.0.1_0\
    CHR - Extension: Google Wallet = C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
    CHR - Extension: Gmail = C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
    CHR - Extension: Download and Sa = C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pndndplglkleohabdcogjfjlnkejfglh\7.1_0\
     
    O1 HOSTS File: ([2011/07/29 20:16:25 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
    O1 - Hosts: 127.0.0.1       localhost
    O1 - Hosts: ::1       localhost
    O2 - BHO: (CInterceptor Object) - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll (Pando Networks)
    O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll File not found
    O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll File not found
    O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
    O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
    O2 - BHO: (Krab Web 1.0.0.7) - {feadf62f-aec2-46a1-a087-40149f311df9} - C:\Program Files\Krab Web\KrabWebBHO.dll File not found
    O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3 - HKLM\..\Toolbar: (Pando Toolbar) - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL (Pando)
    O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Pando Toolbar) - {E3EA4FD9-CADE-4AE5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL (Pando)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray File not found
    O4 - HKCU..\Run: [ALconnect] C:\Documents and Settings\ALEXIS\Application Data\DirectLife\ALconnect\ALconnect.exe (Koninklijke Philips N.V.)
    O4 - HKCU..\Run: [Driver Tool] C:\Program Files\Driver Tool\Driver Tool\DriverTool.exe (PC Drivers Headquarters)
    O4 - HKCU..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler File not found
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AtHomeConnect.lnk = C:\Program Files\AtHomeConnect\AtHomeConnect.exe (HR Block                            )
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\dlbcserv.lnk = C:\Program Files\Dell Photo Printer 720\dlbcserv.exe ()
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EZ VHS Converter Monitor.lnk = C:\Program Files\ION\EZ VHS Converter\MediaTVMonitor.exe (ADS Corp.)
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SnapDetect.lnk = C:\WINDOWS\twain_32\ca561a\SnapDetect.exe ()
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WD Quick View.lnk = C:\Program Files\Western Digital\WD SmartWare\WDDMStatus.exe (Western Digital Technologies, Inc.)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: weightwatchers.com ([]http in Trusted sites)
    O15 - HKCU\..Trusted Domains: weightwatchers.com ([]https in Trusted sites)
    O16 - DPF: {00627E89-A19D-4A2B-938B-059CB7B1B493} file://C:/Program Files/F5 VPN/F5_TMP/f5certchk.cab (F5 Networks Certificate Checker)
    O16 - DPF: {195538FD-1C39-44B1-A7C3-5D7137A8A8F1} file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab (OPSWAT AntiViruses Class)
    O16 - DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} file://C:/Program Files/F5 VPN/F5_TMP/cachecleaner.cab (F5 Networks CacheCleaner)
    O16 - DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} file://C:/Program Files/F5 VPN/F5_TMP/urxvpn.cab (F5 Networks VPN Manager)
    O16 - DPF: {30CF9713-6614-4556-B5F5-66F8C7F9DEF1} file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab (OPSWAT FireWalls Class)
    O16 - DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} file://C:/Program Files/F5 VPN/F5_TMP/f5tunsrv.cab (F5 Networks Dynamic Application Tunnel Control)
    O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} file://C:/Program Files/F5 VPN/F5_TMP/InstallerControl.cab (F5 Networks Auto Update)
    O16 - DPF: {49EC7987-E331-44E3-B170-748B58A268B9} file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab (OPSWAT ProcessesScanner Class)
    O16 - DPF: {57C76689-F052-487B-A19F-855AFDDF28EE} file://C:/Program Files/F5 VPN/F5_TMP/f5InspectionHost.cab  (F5 Networks Policy Agent Host Class)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1364587138156 (WUWebControl Class)
    O16 - DPF: {7584c670-2274-4efb-b00b-d6aaba6d3850} file://C:/Program Files/F5 VPN/F5_TMP/msrdp.cab (Microsoft RDP Client Control (redist))
    O16 - DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} file://C:/Program Files/F5 VPN/F5_TMP/vdeskctrl.cab (F5 Virtual Sandbox Class)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
    O16 - DPF: {8F6AFB67-F834-4227-94A7-A51377E0678E} file://C:/Program Files/F5 VPN/F5_TMP/f5GroupPolicyAgent.cab (F5 Networks Group Policy Control)
    O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
    O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} file://C:/Program Files/F5 VPN/F5_TMP/urxshost.cab (F5 Networks SuperHost Class)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
    O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} file://C:/Program Files/F5 VPN/F5_TMP/urxhost.cab (F5 Networks Host Control)
    O16 - DPF: {E615C9EA-AD69-4AE9-83C9-9D906A0ACA6D} file://C:/Program Files/F5 VPN/F5_TMP/f5syschk.cab (F5 Networks OS Policy Agent)
    O16 - DPF: {EBDC91CB-F23F-477D-B152-3F7243760D04} file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab (F5 Networks OPSWAT Helper Control)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E39239C1-0D13-4B7F-BF28-905EA0076D36}: DhcpNameServer = 192.168.2.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F721F1C6-3135-40A6-8BA7-367B9A6172FE}: DhcpNameServer = 192.168.2.1
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop BackupWallPaper: C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2005/08/16 05:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O33 - MountPoints2\{141e348d-ebdd-11e2-87a3-08863b50be52}\Shell - "" = AutoRun
    O33 - MountPoints2\{141e348d-ebdd-11e2-87a3-08863b50be52}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{141e348d-ebdd-11e2-87a3-08863b50be52}\Shell\AutoRun\command - "" = F:\VZW_Software_upgrade_assistant.exe
    O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell - "" = AutoRun
    O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}\Shell\AutoRun\command - "" = E:\setup.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O34 - HKLM BootExecute: (aswBoot.exe /M:169665ee4cd895 /dir:"C:\Program Files\AVAST Software\Avast")
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
     
    NetSvcs: 6to4 -  File not found
    NetSvcs: Ias -  File not found
    NetSvcs: Iprip -  File not found
    NetSvcs: Irmon -  File not found
    NetSvcs: NWCWorkstation -  File not found
    NetSvcs: Nwsapagent -  File not found
    NetSvcs: WmdmPmSp -  File not found
     
    MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE - (Microsoft Corporation)
    MsConfig - StartUpReg: AcronisTimounterMonitor - hkey= - key= - C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe (Acronis)
    MsConfig - StartUpReg: AVLoginToDo - hkey= - key= -  File not found
    MsConfig - StartUpReg: DiscWizardMonitor.exe - hkey= - key= - C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe (Seagate)
    MsConfig - StartUpReg: DVDLauncher - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe (CyberLink Corp.)
    MsConfig - StartUpReg: ehTray - hkey= - key= - C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
    MsConfig - StartUpReg: H/PC Connection Agent - hkey= - key= -  File not found
    MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
    MsConfig - StartUpReg: hpqSRMon - hkey= - key= - C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
    MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
    MsConfig - StartUpReg: MimBoot - hkey= - key= - C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mimboot.exe (Musicmatch, Inc.)
    MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
    MsConfig - StartUpReg: Pando - hkey= - key= - C:\Program Files\Pando Networks\Pando\Pando.exe (Pando Networks)
    MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
    MsConfig - StartUpReg: RealTray - hkey= - key= - C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
    MsConfig - StartUpReg: RoxWatchTray - hkey= - key= - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
    MsConfig - StartUpReg: Seagate Scheduler2 Service - hkey= - key= - C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe (Seagate)
    MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
    MsConfig - StartUpReg: StxTrayMenu - hkey= - key= - C:\Program Files\Seagate\SystemTray\StxMenuMgr.exe (Seagate LLC)
    MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= -  File not found
    MsConfig - StartUpReg: VBSysTray - hkey= - key= -  File not found
    MsConfig - State: "system.ini" - 0
    MsConfig - State: "win.ini" - 0
    MsConfig - State: "bootini" - 0
    MsConfig - State: "services" - 0
    MsConfig - State: "startup" - 2
     
    SafeBootMin: Base - Driver Group
    SafeBootMin: Boot Bus Extender - Driver Group
    SafeBootMin: Boot file system - Driver Group
    SafeBootMin: File system - Driver Group
    SafeBootMin: Filter - Driver Group
    SafeBootMin: PCI Configuration - Driver Group
    SafeBootMin: PNP Filter - Driver Group
    SafeBootMin: Primary disk - Driver Group
    SafeBootMin: SCSI Class - Driver Group
    SafeBootMin: sermouse.sys - Driver
    SafeBootMin: System Bus Extender - Driver Group
    SafeBootMin: vds - Service
    SafeBootMin: vga.sys - Driver
    SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
    SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
     
    SafeBootNet: Base - Driver Group
    SafeBootNet: Boot Bus Extender - Driver Group
    SafeBootNet: Boot file system - Driver Group
    SafeBootNet: File system - Driver Group
    SafeBootNet: Filter - Driver Group
    SafeBootNet: NDIS Wrapper - Driver Group
    SafeBootNet: NetBIOSGroup - Driver Group
    SafeBootNet: NetDDEGroup - Driver Group
    SafeBootNet: Network - Driver Group
    SafeBootNet: NetworkProvider - Driver Group
    SafeBootNet: PCI Configuration - Driver Group
    SafeBootNet: PNP Filter - Driver Group
    SafeBootNet: PNP_TDI - Driver Group
    SafeBootNet: Primary disk - Driver Group
    SafeBootNet: SCSI Class - Driver Group
    SafeBootNet: sermouse.sys - Driver
    SafeBootNet: Streams Drivers - Driver Group
    SafeBootNet: System Bus Extender - Driver Group
    SafeBootNet: TDI - Driver Group
    SafeBootNet: vga.sys - Driver
    SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
    SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
    SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
    SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
    SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
    SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
    SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
    SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
    SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
    SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
    SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
    SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
    SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
    SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
    SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
    SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
    SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
     
    ActiveX: {00F0EE7F-2C61-4EBD-A209-00281BDC869C} - Yahoo! Toolbar
    ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
    ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
    ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
    ActiveX: {14F4D1F6-79E4-4256-A10B-3CCD138698C6} - Microsoft .NET Framework 1.0 Hotfix (KB2656378)
    ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
    ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
    ActiveX: {270C7F22-6D59-4041-B865-76C48D190D91} - Yahoo! Search Settings Update
    ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
    ActiveX: {29A43E48-B726-47B6-9EAC-AA2B7B48E133} - Microsoft .NET Framework 1.0 Security Update (KB2698035)
    ActiveX: {29E7D24F-BF30-45E7-8A40-AD27AFD8F5C6} - Microsoft .NET Framework 1.0 Hotfix (KB979904)
    ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {339E9413-F230-4F0F-ADDD-17914D95FD6D} - Microsoft .NET Framework 1.0 Hotfix (KB2604042)
    ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
    ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
    ActiveX: {407408d4-94ed-4d86-ab69-a7f649d112ee} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf
    ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
    ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
    ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
    ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4F00D11B-8327-4C55-B7DA-B8D8C10F28A8} - Microsoft .NET Framework 1.0 Hotfix (KB2572066)
    ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
    ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
    ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
    ActiveX: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files\Google\Chrome\Application\40.0.2214.115\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
    ActiveX: {8BF1B8CD-9A6C-4382-A454-CC769B913F48} - Microsoft .NET Framework 1.0 Hotfix (KB2656378)
    ActiveX: {8F736E10-8E5C-4399-A532-D0C00A406227} - Microsoft .NET Framework 1.1 Security Update (KB2698023)
    ActiveX: {8FD9D712-A285-4834-9F46-705AD5146A6B} - NoIETour
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
    ActiveX: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\advpack.dll,LaunchINFSectionEx C:\Program Files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
    ActiveX: {BA0BE1B1-C5E7-483B-B524-71F5B2C43FBA} - Microsoft .NET Framework 1.0 Security Update (KB2904878)
    ActiveX: {BDE0FA43-6952-4BA8-8C58-09AF690F88E1} - Microsoft .NET Framework 1.0 Hotfix (KB930494)
    ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
    ActiveX: {C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0} - Microsoft .NET Framework 1.1 Security Update (KB2833941)
    ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
    ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
    ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
    ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Reg Error: Value error.
    ActiveX: {D6C3E2A4-60CF-4540-860B-F2B1FB51689B} - Microsoft .NET Framework 1.0 Security Update (KB2833951)
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {DE895E98-54B2-4180-91E1-7A0020EDF577} - Microsoft .NET Framework 1.0 Security Update (KB2742607)
    ActiveX: {E8EA5BD6-D931-4001-ABF6-81BAA500360A} - Microsoft .NET Framework 1.0 Hotfix (KB953295)
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3
    ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework
    ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
    ActiveX: >{64A10DCF-7FF1-4600-9824-DE0BCC2AA72E} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
    ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
    ActiveX: KB910393 - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall
     
    Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
    Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
    Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
    Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: vidc.3IV2 - C:\WINDOWS\System32\3ivxVfWCodec.dll (3ivx Technologies Pty. Ltd.)
    Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
    Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
    Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
    Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
    Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
     
    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point
     
    ========== Files/Folders - Created Within 30 Days ==========
     
    [2015/02/24 20:19:57 | 000,000,000 | ---D | C] -- C:\FRST
    [2015/02/24 07:59:30 | 000,000,000 | ---D | C] -- C:\AdwCleaner
    [2015/02/23 17:45:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
    [2015/02/22 21:23:40 | 000,055,824 | ---- | C] (StdLib) -- C:\WINDOWS\System32\drivers\{9d5a2aa0-d243-4ec9-aa58-38b5de807918}t.sys
    [2015/02/21 01:05:51 | 000,055,824 | ---- | C] (StdLib) -- C:\WINDOWS\System32\drivers\{9d5a2aa0-d243-4ec9-aa58-38b5de807918}Gt.sys
    [2015/02/19 04:33:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALEXIS\Local Settings\Application Data\avayvxvaxc
    [2015/02/11 03:00:19 | 000,000,000 | ---D | C] -- C:\36214cac5ce97b097c7eed098d0209
    [2015/02/03 02:35:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\SearchProtect
    [2015/01/30 20:39:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
    [2015/01/30 20:34:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALEXIS\Desktop\Old Firefox Data
    [2009/07/04 17:48:17 | 000,283,952 | ---- | C] (Musicnotes, Inc.) -- C:\Program Files\npmusicn.dll
    [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
     
    ========== Files - Modified Within 30 Days ==========
     
    [2015/02/24 20:02:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\TidyNetwork Update.job
    [2015/02/24 20:01:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-501UA.job
    [2015/02/24 19:53:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
    [2015/02/24 19:43:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2015/02/24 17:51:00 | 000,000,994 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-1009UA.job
    [2015/02/24 17:51:00 | 000,000,972 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-1009Core.job
    [2015/02/24 10:00:00 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
    [2015/02/24 07:50:50 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2015/02/24 07:50:49 | 000,000,224 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
    [2015/02/23 22:01:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-501Core.job
    [2015/02/22 10:31:14 | 000,055,824 | ---- | M] (StdLib) -- C:\WINDOWS\System32\drivers\{9d5a2aa0-d243-4ec9-aa58-38b5de807918}t.sys
    [2015/02/20 17:40:32 | 000,055,824 | ---- | M] (StdLib) -- C:\WINDOWS\System32\drivers\{9d5a2aa0-d243-4ec9-aa58-38b5de807918}Gt.sys
    [2015/02/20 07:22:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2015/02/12 23:10:50 | 000,133,120 | ---- | M] () -- C:\Documents and Settings\ALEXIS\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2015/02/10 12:50:06 | 000,482,976 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2015/02/10 12:50:06 | 000,080,380 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2015/02/10 12:44:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2015/02/09 07:44:57 | 000,000,218 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
    [2015/02/09 07:44:12 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2015/02/02 12:51:25 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
    [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
     
    ========== Files Created - No Company Name ==========
     
    [2099/01/01 12:00:00 | 000,006,456 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\dabukuyi
    [2014/08/31 10:28:19 | 000,000,394 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
    [2014/03/09 16:52:06 | 000,137,371 | ---- | C] () -- C:\WINDOWS\HPHins15.dat
    [2014/03/09 16:52:06 | 000,002,828 | ---- | C] () -- C:\WINDOWS\hphmdl15.dat
    [2011/06/17 23:19:47 | 000,017,406 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\037ta678tf55b13niyu466uwy36t77
    [2011/06/17 23:19:47 | 000,017,390 | -HS- | C] () -- C:\Documents and Settings\ALEXIS\Local Settings\Application Data\037ta678tf55b13niyu466uwy36t77
    [2010/12/12 17:38:31 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ALEXIS\Ÿ9Ÿ9
    [2010/04/30 23:09:57 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\ALEXIS\Local Settings\Application Data\prvlcl.dat
    [2009/08/26 21:13:43 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\ALEXIS\Application Data\$_hpcst$.hpc
    [2008/11/27 11:52:41 | 000,133,120 | ---- | C] () -- C:\Documents and Settings\ALEXIS\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2008/11/23 17:10:41 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\ALEXIS\Local Settings\Application Data\fusioncache.dat
     
    ========== ZeroAccess Check ==========
     
    [2005/08/16 05:39:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
     
    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
     
    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shdocvw.dll -- [2013/02/06 05:48:44 | 001,510,400 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both
     
    ========== Custom Scans ==========
     
    <       >
     
    <  >
     
    <     ⌂ Home >
     
    <     alexis >
     
    <     ⚙ Help >
     
    <  >
     
    < Press ? for keyboard shortcuts. >
     
    <  >
     
    <     1 >
     
    <  >
     
    < New reply to Krabweb Searchprotect virus malware - browser redirects - Ads keep pop >
     
    < Geeks to Go Forum >
     
    < To >
     
    < me >
     
    <  >
     
    ========== Drive Information ==========
     
    Physical Drives
    ---------------
     
    Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media
    Interface type: IDE
    Media Type: Fixed\thard disk media
    Model: ST3500418AS
    Partitions: 3
    Status: OK
    Status Info: 0
     
    Drive: \\\\.\\PHYSICALDRIVE1 -
    Interface type: USB
    Media Type:
    Model: TEAC USB   HS-CF Card USB Device
    Partitions: 0
    Status: OK
    Status Info: 0
     
    Drive: \\\\.\\PHYSICALDRIVE2 -
    Interface type: USB
    Media Type:
    Model: TEAC USB   HS-xD/SM USB Device
    Partitions: 0
    Status: OK
    Status Info: 0
     
    Drive: \\\\.\\PHYSICALDRIVE3 -
    Interface type: USB
    Media Type:
    Model: TEAC USB   HS-MS Card USB Device
    Partitions: 0
    Status: OK
    Status Info: 0
     
    Drive: \\\\.\\PHYSICALDRIVE4 -
    Interface type: USB
    Media Type:
    Model: TEAC USB   HS-SD Card USB Device
    Partitions: 0
    Status: OK
    Status Info: 0
     
    Drive: \\\\.\\PHYSICALDRIVE5 -
    Interface type: USB
    Media Type:
    Model: HP Officejet Pro 68 USB Device
    Partitions: 0
    Status: OK
    Status Info: 0
     
    Partitions
    ---------------
     
    DeviceID: Disk #0, Partition #0
    PartitionType: Unknown
    Bootable: False
    BootPartition: False
    PrimaryPartition: True
    Size: 251.00MB
    Starting Offset: 32256
    Hidden sectors: 0
     
     
    DeviceID: Disk #0, Partition #1
    PartitionType: Installable File System
    Bootable: True
    BootPartition: True
    PrimaryPartition: True
    Size: 436.00GB
    Starting Offset: 263208960
    Hidden sectors: 0
     
     
    DeviceID: Disk #0, Partition #2
    PartitionType: Unknown
    Bootable: False
    BootPartition: False
    PrimaryPartition: True
    Size: 29.00GB
    Starting Offset: 468947888640
    Hidden sectors: 0
     
     
    < %SYSTEMDRIVE%\*.exe >
     
    < %systemroot%\assembly\GAC_32\*.ini >
     
    < %systemroot%\assembly\GAC_64\*.ini >
     
    < %SYSTEMDRIVE%\*.exe >
     
    < %ALLUSERSPROFILE%\Application >
     
    < Data\*.exe >
     
    < %APPDATA%\*. >
    [2012/03/13 20:31:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\Adobe
    [2012/01/12 22:18:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\AdobeUM
    [2013/02/16 16:19:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\Apple Computer
    [2012/01/25 20:16:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\ArcSoft
    [2009/09/20 10:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\Blackberry Desktop
    [2013/03/29 14:16:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\blekkotb_019
    [2013/03/29 15:09:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\blekkotb_026
    [2015/01/25 13:39:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\BRT
    [2014/10/19 04:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\DirectLife
    [2005/12/15 13:37:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\ALEXIS\Application Data\Gtek
    [2009/06/20 21:11:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\Help
    [2014/03/09 16:55:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\HP
    [2005/08/16 05:50:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\Identities
    [2009/09/20 09:49:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\InstallShield
    [2008/11/27 12:43:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\Leadertech
    [2008/11/23 22:22:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\Macromedia
    [2011/06/18 01:27:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\Malwarebytes
    [2013/08/04 10:38:39 | 000,000,000 | --SD | M] -- C:\Documents and Settings\ALEXIS\Application Data\Microsoft
    [2008/11/23 22:27:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\Mozilla
    [2012/01/06 22:56:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\Musicnotes
    [2009/09/20 09:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\Research In Motion
    [2009/07/04 18:50:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\Sibelius Software
    [2011/07/09 12:21:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\Skype
    [2011/07/09 08:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\skypePM
    [2008/11/27 12:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\Sonic
    [2005/12/15 13:27:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\Sun
    [2012/12/14 16:33:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\SyncTunesDesktop
    [2014/02/08 17:06:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\TaxCut
    [2009/03/15 13:23:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\U3
    [2013/07/14 08:58:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\WDC
    [2013/03/29 14:40:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ALEXIS\Application Data\Yahoo!
     
    < MD5 for: ATAPI.SYS  >
    [2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
    [2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
    [2008/12/26 16:16:08 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
    [2008/12/26 16:16:08 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
    [2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
    [2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
    [2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys
    [2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
    [2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
    [2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\atapi.sys
     
    < MD5 for: CSRSS.EXE  >
    [2008/04/13 19:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\ServicePackFiles\i386\csrss.exe
    [2008/04/13 19:12:15 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\system32\csrss.exe
    [2004/08/10 06:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=F12B178B1678D778CFD3FF1FC38C71FB -- C:\i386\csrss.exe
    [2004/08/10 06:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=F12B178B1678D778CFD3FF1FC38C71FB -- C:\WINDOWS\$NtServicePackUninstall$\csrss.exe
     
    < MD5 for: EXPLORER.EXE  >
    [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
    [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
    [2004/08/10 06:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
     
    < MD5 for: MSWSOCK.DLL  >
    [2004/08/10 06:00:00 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=4E74AF063C3271FBEA20DD940CFD1184 -- C:\WINDOWS\$NtServicePackUninstall$\mswsock.dll
    [2008/06/20 12:46:57 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=832E4DD8964AB7ACC880B2837CB1ED20 -- C:\WINDOWS\$NtUninstallKB2509553$\mswsock.dll
    [2008/06/20 11:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\system32\dllcache\mswsock.dll
    [2008/06/20 11:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=943337D786A56729263071623BBB9DE5 -- C:\WINDOWS\system32\mswsock.dll
    [2008/04/13 19:12:01 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=B4138E99236F0F57D4CF49BAE98A0746 -- C:\WINDOWS\$NtUninstallKB951748$\mswsock.dll
    [2008/04/13 19:12:01 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=B4138E99236F0F57D4CF49BAE98A0746 -- C:\WINDOWS\ServicePackFiles\i386\mswsock.dll
    [2008/06/20 12:43:05 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
    [2008/06/20 12:43:05 | 000,245,248 | ---- | M] (Microsoft Corporation) MD5=FCEE5FCB99F7C724593365C706D28388 -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll
     
    < MD5 for: NWPROVAU.DLL  >
    [2008/04/13 19:12:02 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=06E587F41466569F32BEAAC7260E8AEC -- C:\WINDOWS\ServicePackFiles\i386\nwprovau.dll
    [2008/04/13 19:12:02 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=06E587F41466569F32BEAAC7260E8AEC -- C:\WINDOWS\system32\nwprovau.dll
    [2004/08/10 06:00:00 | 000,144,384 | ---- | M] (Microsoft Corporation) MD5=F01D97A8E0380BA52F58249A7B3BD7F1 -- C:\WINDOWS\$NtServicePackUninstall$\nwprovau.dll
     
    < MD5 for: PNRPNSP.DLL  >
    [2004/08/10 06:00:00 | 000,048,640 | ---- | M] (Microsoft Corporation) MD5=74D3620D2E63489975E3956A40DDD35F -- C:\WINDOWS\$NtServicePackUninstall$\pnrpnsp.dll
    [2008/04/13 19:12:02 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AF1449AC1D79D37C7026C1D8912DDA8E -- C:\WINDOWS\ServicePackFiles\i386\pnrpnsp.dll
    [2008/04/13 19:12:02 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AF1449AC1D79D37C7026C1D8912DDA8E -- C:\WINDOWS\system32\dllcache\pnrpnsp.dll
    [2008/04/13 19:12:02 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=AF1449AC1D79D37C7026C1D8912DDA8E -- C:\WINDOWS\system32\pnrpnsp.dll
     
    < MD5 for: RSVPSP.DLL  >
    [2008/04/13 19:12:04 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=72451FD61DDBB0A1FB071B7C3CDE5594 -- C:\WINDOWS\ServicePackFiles\i386\rsvpsp.dll
    [2008/04/13 19:12:04 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=72451FD61DDBB0A1FB071B7C3CDE5594 -- C:\WINDOWS\system32\rsvpsp.dll
    [2004/08/10 06:00:00 | 000,090,112 | ---- | M] (Microsoft Corporation) MD5=90491683ABD587C702B16F181AB0D99D -- C:\WINDOWS\$NtServicePackUninstall$\rsvpsp.dll
     
    < MD5 for: SERVICES.EXE  >
    [2009/02/06 06:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
    [2008/04/13 19:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
    [2008/04/13 19:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
    [2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
    [2009/02/06 06:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
    [2004/08/10 06:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\i386\services.exe
    [2004/08/10 06:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
     
    < MD5 for: SVCHOST.EXE  >
    [2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
    [2008/04/13 19:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
    [2004/08/10 06:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\i386\svchost.exe
    [2004/08/10 06:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
    [2014/10/01 11:09:16 | 000,761,656 | ---- | M] (MalwareBytes) MD5=C0AFB3C7E6C7CA3F6E42FF242BBBCB1F -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
     
    < MD5 for: USER32.DLL  >
    [2008/04/13 19:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
    [2008/04/13 19:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll
    [2004/08/10 06:00:00 | 000,577,024 | ---- | M] (Microsoft Corporation) MD5=C72661F8552ACE7C5C85E16A3CF505C4 -- C:\i386\user32.dll
    [2004/08/10 06:00:00 | 000,577,024 | ---- | M] (Microsoft Corporation) MD5=C72661F8552ACE7C5C85E16A3CF505C4 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
     
    < MD5 for: USERINIT.EXE  >
    [2004/08/10 06:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\i386\userinit.exe
    [2004/08/10 06:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
    [2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
    [2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
     
    < MD5 for: WINLOGON.EXE  >
    [2004/08/10 06:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\i386\winlogon.exe
    [2004/08/10 06:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
    [2014/10/01 11:09:16 | 000,761,656 | ---- | M] (MalwareBytes) MD5=C0AFB3C7E6C7CA3F6E42FF242BBBCB1F -- C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
    [2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
    [2008/04/13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
     
    < MD5 for: WINRNR.DLL  >
    [2004/08/10 06:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=2C8FDB176F22629EA5342DB474FAC391 -- C:\i386\winrnr.dll
    [2004/08/10 06:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=2C8FDB176F22629EA5342DB474FAC391 -- C:\WINDOWS\$NtServicePackUninstall$\winrnr.dll
    [2008/04/13 19:12:09 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D72B9EC3337B247A666F098F3D6B43DE -- C:\WINDOWS\ServicePackFiles\i386\winrnr.dll
    [2008/04/13 19:12:09 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=D72B9EC3337B247A666F098F3D6B43DE -- C:\WINDOWS\system32\winrnr.dll
     
    < C:\Windows\assembly\tmp\U\*.* /s >
     
    < %systemroot%\*. /mp /s >
     
    < hklm\software\clients\startmenuinternet|command /rs >
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2014/08/06 22:20:57 | 000,860,488 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2015/01/30 20:39:44 | 000,922,168 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2015/01/30 20:39:44 | 000,922,168 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2015/01/30 20:39:44 | 000,922,168 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" [2015/01/30 20:39:48 | 000,338,032 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2015/01/30 20:39:48 | 000,338,032 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2015/01/30 20:39:48 | 000,338,032 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2014/08/06 22:20:57 | 000,860,488 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2014/08/06 22:20:57 | 000,860,488 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2014/08/06 22:20:57 | 000,860,488 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2014/08/06 22:20:57 | 000,860,488 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2014/03/06 05:17:24 | 000,174,592 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2014/03/06 05:17:24 | 000,174,592 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2014/03/06 05:17:24 | 000,174,592 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
     
    < hklm\software\clients\startmenuinternet|command /64 /rs >
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2014/08/06 22:20:57 | 000,860,488 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2015/01/30 20:39:44 | 000,922,168 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2015/01/30 20:39:44 | 000,922,168 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2015/01/30 20:39:44 | 000,922,168 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" [2015/01/30 20:39:48 | 000,338,032 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2015/01/30 20:39:48 | 000,338,032 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2015/01/30 20:39:48 | 000,338,032 | ---- | M] (Mozilla Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2014/08/06 22:20:57 | 000,860,488 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2014/08/06 22:20:57 | 000,860,488 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2014/08/06 22:20:57 | 000,860,488 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2014/08/06 22:20:57 | 000,860,488 | ---- | M] (Google Inc.)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2014/03/06 05:17:24 | 000,174,592 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2014/03/06 05:17:24 | 000,174,592 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2014/03/06 05:17:24 | 000,174,592 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
    HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
     
    < %systemroot%\system32\*.dll /lockedfiles >
     
    < %systemroot%\Tasks\*.job /lockedfiles >
     
    < %ProgramFiles%\WINDOWS NT\*.* /s >
    [2008/04/13 19:12:17 | 000,539,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\dialer.exe
    [2004/08/10 06:00:00 | 000,013,312 | ---- | M] (Hilgraeve, Inc.) -- C:\Program Files\WINDOWS NT\htrn_jis.dll
    [2004/08/10 06:00:00 | 000,028,160 | ---- | M] (Hilgraeve, Inc.) -- C:\Program Files\WINDOWS NT\hypertrm.exe
    [2009/11/20 06:14:51 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\Accessories\mswrd6.wpc
    [2010/12/21 07:51:53 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\Accessories\mswrd8.wpc
    [2010/07/12 07:55:03 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\Accessories\wordpad.exe
    [2009/11/20 06:14:50 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\Accessories\write.wpc
    [2004/08/10 06:00:00 | 000,003,947 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\FONT.DAT
    [2004/08/10 06:00:00 | 000,928,700 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\PINBALL.DAT
    [2008/04/13 19:12:31 | 000,281,088 | ---- | M] (Cinematronics) -- C:\Program Files\WINDOWS NT\Pinball\pinball.exe
    [2004/08/10 06:00:00 | 000,108,607 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\PINBALL.MID
    [2004/08/10 06:00:00 | 000,028,888 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\PINBALL2.MID
    [2004/08/10 06:00:00 | 000,055,490 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND1.WAV
    [2004/08/10 06:00:00 | 000,001,226 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND104.WAV
    [2004/08/10 06:00:00 | 000,001,968 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND105.WAV
    [2004/08/10 06:00:00 | 000,007,754 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND108.WAV
    [2004/08/10 06:00:00 | 000,000,890 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND111.WAV
    [2004/08/10 06:00:00 | 000,000,824 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND112.WAV
    [2004/08/10 06:00:00 | 000,004,296 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND12.WAV
    [2004/08/10 06:00:00 | 000,008,034 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND13.WAV
    [2004/08/10 06:00:00 | 000,001,290 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND131.WAV
    [2004/08/10 06:00:00 | 000,019,282 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND136.WAV
    [2004/08/10 06:00:00 | 000,003,002 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND14.WAV
    [2004/08/10 06:00:00 | 000,001,046 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND16.WAV
    [2004/08/10 06:00:00 | 000,002,090 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND17.WAV
    [2004/08/10 06:00:00 | 000,003,986 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND18.WAV
    [2004/08/10 06:00:00 | 000,027,472 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND181.WAV
    [2004/08/10 06:00:00 | 000,005,230 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND19.WAV
    [2004/08/10 06:00:00 | 000,008,650 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND20.WAV
    [2004/08/10 06:00:00 | 000,009,194 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND21.WAV
    [2004/08/10 06:00:00 | 000,007,376 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND22.WAV
    [2004/08/10 06:00:00 | 000,012,106 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND24.WAV
    [2004/08/10 06:00:00 | 000,014,600 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND240.WAV
    [2004/08/10 06:00:00 | 000,020,712 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND243.WAV
    [2004/08/10 06:00:00 | 000,025,704 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND25.WAV
    [2004/08/10 06:00:00 | 000,007,306 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND26.WAV
    [2004/08/10 06:00:00 | 000,020,242 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND27.WAV
    [2004/08/10 06:00:00 | 000,008,650 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND28.WAV
    [2004/08/10 06:00:00 | 000,010,364 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND29.WAV
    [2004/08/10 06:00:00 | 000,022,858 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND3.WAV
    [2004/08/10 06:00:00 | 000,022,570 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND30.WAV
    [2004/08/10 06:00:00 | 000,001,520 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND34.WAV
    [2004/08/10 06:00:00 | 000,019,498 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND35.WAV
    [2004/08/10 06:00:00 | 000,033,848 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND36.WAV
    [2004/08/10 06:00:00 | 000,013,024 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND38.WAV
    [2004/08/10 06:00:00 | 000,028,282 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND39.WAV
    [2004/08/10 06:00:00 | 000,016,626 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND4.WAV
    [2004/08/10 06:00:00 | 000,029,140 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND42.WAV
    [2004/08/10 06:00:00 | 000,022,796 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND43.WAV
    [2004/08/10 06:00:00 | 000,009,770 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND45.WAV
    [2004/08/10 06:00:00 | 000,001,876 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND49.WAV
    [2004/08/10 06:00:00 | 000,003,330 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND49D.WAV
    [2004/08/10 06:00:00 | 000,003,180 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND5.WAV
    [2004/08/10 06:00:00 | 000,012,074 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND50.WAV
    [2004/08/10 06:00:00 | 000,008,932 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND528.WAV
    [2004/08/10 06:00:00 | 000,009,022 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND53.WAV
    [2004/08/10 06:00:00 | 000,018,250 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND54.WAV
    [2004/08/10 06:00:00 | 000,021,890 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND55.WAV
    [2004/08/10 06:00:00 | 000,029,004 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND560.WAV
    [2004/08/10 06:00:00 | 000,024,192 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND563.WAV
    [2004/08/10 06:00:00 | 000,030,502 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND57.WAV
    [2004/08/10 06:00:00 | 000,003,408 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND58.WAV
    [2004/08/10 06:00:00 | 000,004,376 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND6.WAV
    [2004/08/10 06:00:00 | 000,017,676 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND65.WAV
    [2004/08/10 06:00:00 | 000,032,402 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND68.WAV
    [2004/08/10 06:00:00 | 000,026,442 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND7.WAV
    [2004/08/10 06:00:00 | 000,014,592 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND713.WAV
    [2004/08/10 06:00:00 | 000,027,268 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND735.WAV
    [2004/08/10 06:00:00 | 000,002,102 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND8.WAV
    [2004/08/10 06:00:00 | 000,047,230 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND827.WAV
    [2004/08/10 06:00:00 | 000,020,098 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND9.WAV
    [2004/08/10 06:00:00 | 000,006,742 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\SOUND999.WAV
    [2004/08/10 06:00:00 | 000,339,178 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\table.bmp
    [2004/08/10 06:00:00 | 000,002,687 | ---- | M] () -- C:\Program Files\WINDOWS NT\Pinball\wavemix.inf
     
    < %systemroot%\system32\drivers\*.sys /lockedfiles >

    < End of report >

    OTL Extras logfile created on: 2/24/2015 8:35:00 PM - Run 4
    OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\ALEXIS\My Documents\Downloads
    Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
     
    1.99 Gb Total Physical Memory | 0.68 Gb Available Physical Memory | 33.94% Memory free
    2.58 Gb Paging File | 1.16 Gb Available in Paging File | 44.89% Paging File free
    Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 436.50 Gb Total Space | 199.61 Gb Free Space | 45.73% Space Free | Partition Type: NTFS
     
    Computer Name: DH75M091 | User Name: ALEXIS | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Extra Registry (All) ==========
     
     
    ========== File Associations ==========
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .bat [@ = batfile] -- "%1" %*
    .chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
    .cmd [@ = cmdfile] -- "%1" %*
    .com [@ = comfile] -- "%1" %*
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .exe [@ = exefile] -- "%1" %*
    .hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
    .hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
    .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
    .inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
    .ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
    .url [@ = InternetShortcut] -- C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation)
    .js [@ = JSFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
    .jse [@ = JSEFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
    .pif [@ = piffile] -- "%1" %*
    .reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
    .scr [@ = scrfile] -- "%1" /S
    .txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
    .vbe [@ = VBEFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
    .vbs [@ = VBSFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
    .wsf [@ = WSFFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
    .wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
     
    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
     
    ========== Shell Spawning ==========
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
    hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    vbefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
    vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
    vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    vbsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
    vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
    wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
    wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
    wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
    wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
     
    ========== Security Center Settings ==========
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "AntiVirusDisableNotify" = 0
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
     
    ========== System Restore Settings ==========
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2
     
    ========== Firewall Settings ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
    "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
    "427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP
    "427:UDP" = 427:UDP:LocalSubNet:Enabled:SLP_Port(427)_UDP
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0
    "DoNotAllowExceptions" = 0
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
    "56334:TCP" = 56334:TCP:*:Enabled:Pando P2P TCP Listening Port
    "56334:UDP" = 56334:UDP:*:Enabled:Pando P2P UDP Listening Port
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
    "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
    "427:TCP" = 427:TCP:LocalSubNet:Enabled:SLP_Port(427)_TCP
    "427:UDP" = 427:UDP:LocalSubNet:Enabled:SLP_Port(427)_UDP
     
    ========== Authorized Applications List ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
    "C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
    "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
    "C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL
    "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
    "D:\setup\hpznui01.exe" = D:\setup\hpznui01.exe:*:Enabled:hpznui01.exe
    "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
    "C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()
    "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
    "C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
    "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
    "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
    "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe
    "C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe
    "C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
    "C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
    "C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
    "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
    "C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL
    "C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
    "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
    "C:\WINDOWS\system32\LEXPPS.EXE" = C:\WINDOWS\system32\LEXPPS.EXE:*:Disabled:LEXPPS.EXE -- (Lexmark International, Inc.)
    "C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
    "C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- (AOL LLC)
    "C:\Program Files\Pando Networks\Pando\pando.exe" = C:\Program Files\Pando Networks\Pando\pando.exe:*:Enabled:Pando Application -- (Pando Networks)
    "C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
    "D:\setup\hpznui01.exe" = D:\setup\hpznui01.exe:*:Enabled:hpznui01.exe
    "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
    "C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- ()
    "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
    "C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
    "C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
    "C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
    "C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe
    "C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe
    "C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard)
    "C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = C:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
    "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
    "C:\Program Files\ION\EZ VHS Converter\MediaTV.exe" = C:\Program Files\ION\EZ VHS Converter\MediaTV.exe:LocalSubNet:Enabled:ION MediaTV -- (ADS Corp.)
    "C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
    "C:\Program Files\MAhmed Labs\Synctunes Desktop\SyncTunes.exe" = C:\Program Files\MAhmed Labs\Synctunes Desktop\SyncTunes.exe:*:Enabled:SyncTunes -- (MAhmed Lab)
    "C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft  Fax Console -- (Microsoft Corporation)
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
    "C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
    "C:\Program Files\Google\Chrome\Application\chrome.exe" = C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
    "C:\Documents and Settings\ALEX\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\ALEX\Local Settings\Application Data\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited)
    "C:\Program Files\Krab Web\bin\KrabWeb.BRT.Helper.exe" = C:\Program Files\Krab Web\bin\KrabWeb.BRT.Helper.exe:*:Enabled:KrabWeb.BRT.Helper.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox) -- (Mozilla Corporation)
    "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
     
     
    ========== HKEY_LOCAL_MACHINE Uninstall List ==========
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{03E66394-42F0-4745-85F7-0A2F8F35C09F}" = HP Deskjet Printer Driver Software 9.0
    "{04E364F1-4582-4567-A6C8-C7FBBCC86C91}" = ION EZ VHS Converter
    "{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}" = Apple Mobile Device Support
    "{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
    "{07620C4F-0964-4086-A872-C9C12E418E52}" = DJ_SF_03_D4300_Software
    "{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
    "{0A5FB059-9FF1-4A78-9753-4D7656560DAF}" = H&R Block New York 2012
    "{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
    "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
    "{10964A8F-21C1-45EA-BC2D-F84B505C3848}" = H&R Block Deluxe + Efile + State 2010
    "{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
    "{15C70064-2463-49dd-9A88-B700F75BB428}" = dj_sf_ProductContext
    "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{2012D762-5DCA-455A-B5FE-EDF79BC93E18}" = HP Photosmart C4700 All-In-One Driver Software 13.0 Rel .6
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
    "{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
    "{20E7BC40-33F6-4A81-9D52-B58349326206}" = Download and Sa
    "{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD LE
    "{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{25349513-852F-470D-AB31-9B42100C926B}" = ActiveLink Connect
    "{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 27
    "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
    "{2F467E6E-F7D2-43cc-91B9-4FCC105AE30D}" = D2400
    "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
    "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
    "{3364BD16-5A28-4862-86A1-A8FF5FD23919}" = Music Rescue
    "{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
    "{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
    "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZeroInstallers
    "{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
    "{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}" = Catalina Savings Printer
    "{387D9916-BD27-480f-8CF0-3228832BBAA2}" = HP Deskjet D4300 Printer Driver Software 10.0 Rel .3
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}" = QuickTime 7
    "{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
    "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
    "{4496E9B5-56AF-4A9C-BC02-BCBF63824224}" = WeightWatchers Connections 2010 Portal
    "{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
    "{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
    "{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
    "{4BAC29B6-145B-49D0-A2FC-A79AE4F606E5}" = TaxCut New York 2008
    "{51B055DD-A5F8-4D0C-A09C-66E58AD56F20}" = WD SmartWare
    "{548EEA8E-8299-497F-8057-811D2D7097DC}" = Dell Support 3.1
    "{56F59702-1BB9-4C1B-BB8A-FB5F84A90378}" = H&R Block New York 2009
    "{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
    "{5A80C75C-EB3A-4275-A6C4-2E20349DBF4C}" = H&R Block New York 2010
    "{5F189DF5-2D05-472B-9091-84D9848AE48B}{280f2936}" = SW_Sustainer 1.80
    "{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
    "{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
    "{631EFC00-5A7A-4A90-9578-039EDA92DE0F}_is1" = AtHomeConnect version 1.0.1.0
    "{65EACBB4-B0B8-4A5B-AE46-22DBE15C70B5}" = Google Drive
    "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.5
    "{684F10A9-E071-4629-B5F6-445C54C37AB3}" = Synctunes Desktop
    "{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
    "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
    "{6C434B52-8D0F-4080-9649-7497445DDCD4}" = H&R Block New York 2011
    "{6D4839CB-28B4-4070-8CA7-612CA92CA3D0}" = F5 Networks VPN Client for Windows
    "{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
    "{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
    "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
    "{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
    "{7115EE2B-62BF-4DEB-B4AA-91456D245F47}" = Sibelius Scorch (Firefox, Opera, Netscape only)
    "{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
    "{730837D4-FF5E-48DB-BA49-33E732DFF0B3}" = PanoStandAlone
    "{739F4CE3-6443-40AB-ACB3-2CF6FD3702AE}" = AVG 2011
    "{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
    "{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network
    "{75C22B40-6D12-4439-80DC-CAB3313EADA5}" = dj_sf_software_req
    "{7732DA71-2FB6-5C99-D0D9-58A2DB360895}" = FlipShare
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
    "{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}" = Intel® PROSet for Wired Connections
    "{848e2630-c0c0-478a-a758-6639e5115993}" = EZSuite For Video Chat Kit
    "{85D3CC30-8859-481A-9654-FD9B74310BEF}" = Musicmatch® Jukebox
    "{89D20029-0578-4D8D-979A-695C8D868868}" = H&R Block Deluxe + Efile + State 2012
    "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
    "{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
    "{8B0A7592-2AE0-48EA-A327-6EB7DAB25E4A}" = DJ_SF_03_D4300_Software_Min
    "{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
    "{90AACECD-1E42-4D22-ABAD-7FB9B67B262D}" = H&R Block Premium + Efile + State 2009
    "{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
    "{9509674F-3972-11DE-806D-005056806466}" = Google Earth
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9521B818-19CE-4d28-8200-DD26133E19E6}" = D2400_Help
    "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
    "{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{A55F4F9F-CCA8-4732-AA1F-0390A4A50947}" = C4700
    "{A683A2C0-821C-486F-858C-FA634DB5E864}" = EducateU
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9698A67-7E71-11D8-B9BF-00E018FAA1E4}" = USB PC Camera
    "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
    "{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
    "{AB480DA0-7EE9-465D-9C12-4CDE65BF18FB}" = Pando
    "{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
    "{ac225167-00fc-452d-94c5-bb93600e7d9a}" = Buzzdock
    "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
    "{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
    "{AF142A83-507D-4F0F-92FC-40C7F76C1F87}" = Driver Tool
    "{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
    "{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
    "{B20F9D1C-A0A5-4cd8-8306-DA03872311B1}" = Belkin N300 Micro USB Wireless Adapter
    "{B28759B8-5FC6-4F56-9C6C-6EDAD36455A9}" = Roxio Media Manager
    "{B639110D-747F-40DC-9682-95D94EF73790}" = dj_sf_software
    "{B945F928-45A2-231E-495F-38C40CA198E9}" = PoriceChoOp
    "{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
    "{BBB33AD6-BCF7-4002-B6A0-6DC679AE5C18}" = TaxCut Premium + State + Efile 2008
    "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{C197BC08-3D82-4651-8886-E68C21578A38}" = iTunes
    "{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}" = Seagate DiscWizard
    "{C6006AED-E5A7-4F77-BAD5-95AC43DE04F3}" = H&R Block Deluxe + Efile + State 2011
    "{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{CE5E3F15-320A-4865-97D3-F07227C5BB2F}" = BlackBerry Desktop Software 4.5
    "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
    "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
    "{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
    "{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
    "{E36F3199-C282-47CA-BAC7-2B77D247E760}" = PS_AIO_06_C4700_SW_Min
    "{E3B9117D-7476-4C74-8C22-337F630D6602}" = H&R Block New York 2013
    "{E60A3FF1-856E-4DD2-BFC6-FD9B976FE1C5}" = DJ_SF_03_D4300_ProductContext
    "{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
    "{E7559288-223B-453C-9F06-340E3BE21E39}" = MyWay Search Assistant
    "{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player
    "{ECD43B7A-CB3B-4AF8-91F6-C460A575E411}" = FreeAgent Go Tools
    "{EDE796DE-0A72-464D-9D21-F04BC41A092B}" = H&R Block Deluxe + Efile + State 2013
    "{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F7FFE175-E3D6-2E86-0226-1D3AE4905E40}" = SaveMiaSs
    "12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic
    "3ivx MPEG-4 5.0.3" = 3ivx MPEG-4 5.0.3 (remove only)
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "AIM_6" = AIM 6
    "AIMTunes" = AIMTunes
    "Anti-phishing Domain Advisor" = Anti-phishing Domain Advisor
    "avast" = avast! Free Antivirus
    "B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
    "BlackBerry_{CE5E3F15-320A-4865-97D3-F07227C5BB2F}" = BlackBerry Desktop Software 4.5
    "blekkotb_026" = blekko search bar
    "CAL" = Canon Camera Access Library
    "CameraWindowDC" = Canon Utilities CameraWindow DC
    "CameraWindowDVC5" = Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
    "CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
    "CameraWindowLauncher" = Canon Utilities CameraWindow
    "Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
    "CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
    "Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
    "Canon ScanGear Toolbox CS" = Canon ScanGear Toolbox CS 2.2
    "CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
    "ConvertAd" = ConvertAd
    "CSCLIB" = Canon Camera Support Core Library
    "Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
    "Dell Photo Printer 720" = Dell Photo Printer 720
    "Dell Photo Printer 720 Logger" = Dell Photo Printer 720 Logger
    "EmeraldQFE2" = Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
    "EOS Utility" = Canon Utilities EOS Utility
    "ESPNMotion" = ESPNMotion
    "ffdshow_is1" = ffdshow [rev 2202] [2008-10-10]
    "Free DVD Creator (by minidvdsoft)_is1" = Free DVD Creator version 2.0
    "Google Chrome" = Google Chrome
    "HP Imaging Device Functions" = HP Imaging Device Functions 13.0
    "HP Photosmart Essential" = HP Photosmart Essential 2.5
    "HP Print Projects" = HP Print Projects 1.0
    "HP Smart Web Printing" = HP Smart Web Printing 4.5
    "HPExtendedCapabilities" = HP Customer Participation Program 13.0
    "iCopyExpert_is1" = iCopyExpert 3.1.2
    "ie8" = Windows Internet Explorer 8
    "InstallShield_{ECD43B7A-CB3B-4AF8-91F6-C460A575E411}" = FreeAgent Go Tools
    "Krab Web" = Krab Web
    "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.3.1025
    "Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
    "Mozilla Firefox 35.0.1 (x86 en-US)" = Mozilla Firefox 35.0.1 (x86 en-US)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "Musicnotes Combined Installer_is1" = Musicnotes Software Suite 1.6.0
    "MyCamera" = Canon Utilities MyCamera
    "MyCameraDC" = Canon Utilities MyCamera DC
    "PandoBar Uninstall" = Pando Toolbar
    "PepperZip" = PepperZip 2.0
    "PhotoStitch" = Canon Utilities PhotoStitch
    "Picasa 3" = Picasa 3
    "PROSet" = Intel® PRO Network Connections Drivers
    "RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
    "RealPlayer 6.0" = RealPlayer Basic
    "RemoteCaptureDC" = Canon Utilities RemoteCapture DC
    "RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
    "SearchProtect" = Search Protect
    "Shop for HP Supplies" = Shop for HP Supplies
    "SmartMusic 2011a" = SmartMusic 2011a
    "SoftwareUpdater" = Software Updater
    "StreetPlugin" = Learn2 Player (Uninstall Only)
    "ViewpointMediaPlayer" = Viewpoint Media Player
    "VOPackage" = Remote Desktop Access (VuuPC)
    "Walmart MP3 Music Downloads" = Walmart MP3 Music Downloads
    "WD Link" = WD Link
    "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
    "WebCyberCoach_wtrb" = WebCyberCoach 3.2 Dell
    "WildTangent CDA" = WildTangent Web Driver
    "wincheck" = WinCheck
    "Windows Media Format Runtime" = Windows Media Format Runtime
    "Windows XP Service Pack" = Windows XP Service Pack 3
    "WinLiveSuite_Wave3" = Windows Live Essentials
    "winusb0100" = Microsoft WinUsb 1.0
    "Yahoo! Companion" = Yahoo! Toolbar
    "Yahoo! Software Update" = Yahoo! Software Update
    "ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
    "ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
     
    ========== HKEY_CURRENT_USER Uninstall List ==========
     
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "ActiveLink Connect" = ActiveLink Connect
     
    ========== Last 20 Event Log Errors ==========
     
    [ Application Events ]
    Error - 12/22/2014 12:47:24 AM | Computer Name = DH75M091 | Source = Picasa3 | ID = 1
    Description = Picasa has crashed.  A crash dump has been generated: C:\DOCUME~1\ALEXIS\LOCALS~1\Temp\Picasa_141221-234719.dmp

     
    Error - 1/18/2015 1:40:27 PM | Computer Name = DH75M091 | Source = crypt32 | ID = 131083
    Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
     with error: A required certificate is not within its validity period when verifying
     against the current system clock or the timestamp in the signed file.  
     
    Error - 1/18/2015 1:40:28 PM | Computer Name = DH75M091 | Source = crypt32 | ID = 131083
    Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
     with error: A required certificate is not within its validity period when verifying
     against the current system clock or the timestamp in the signed file.  
     
    Error - 1/26/2015 11:03:39 AM | Computer Name = DH75M091 | Source = Application Hang | ID = 1002
    Description = Hanging application firefox.exe, version 35.0.0.5486, hang module
    hungapp, version 0.0.0.0, hang address 0x00000000.
     
    Error - 1/26/2015 11:03:44 AM | Computer Name = DH75M091 | Source = Application Hang | ID = 1002
    Description = Hanging application firefox.exe, version 35.0.0.5486, hang module
    hungapp, version 0.0.0.0, hang address 0x00000000.
     
    Error - 1/26/2015 11:03:56 AM | Computer Name = DH75M091 | Source = Application Error | ID = 1000
    Description = Faulting application plugin-container.exe, version 35.0.0.5486, faulting
     module mozalloc.dll, version 35.0.0.5486, fault address 0x00001425.
     
    Error - 1/26/2015 11:16:05 AM | Computer Name = DH75M091 | Source = Application Error | ID = 1000
    Description = Faulting application plugin-container.exe, version 35.0.0.5486, faulting
     module mozalloc.dll, version 35.0.0.5486, fault address 0x00001425.
     
    Error - 2/6/2015 9:56:10 PM | Computer Name = DH75M091 | Source = Application Error | ID = 1000
    Description = Faulting application plugin-container.exe, version 35.0.1.5500, faulting
     module mozalloc.dll, version 35.0.1.5500, fault address 0x00001425.
     
    Error - 2/19/2015 10:37:48 PM | Computer Name = DH75M091 | Source = Picasa3 | ID = 1
    Description = Picasa has crashed.  A crash dump has been generated: C:\DOCUME~1\ALEXIS\LOCALS~1\Temp\Picasa_150219-213741.dmp

     
    Error - 2/24/2015 9:00:22 PM | Computer Name = DH75M091 | Source = Application Hang | ID = 1002
    Description = Hanging application AdwCleaner.exe, version 4.1.1.1, hang module hungapp,
     version 0.0.0.0, hang address 0x00000000.
     
    [ System Events ]
    Error - 2/9/2015 8:46:16 AM | Computer Name = DH75M091 | Source = Service Control Manager | ID = 7009
    Description = Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher
     9 service to connect.
     
    Error - 2/10/2015 1:46:21 PM | Computer Name = DH75M091 | Source = Service Control Manager | ID = 7000
    Description = The Google Update Service (gupdate) service failed to start due to
     the following error:   %%2
     
    Error - 2/10/2015 1:46:21 PM | Computer Name = DH75M091 | Source = Service Control Manager | ID = 7009
    Description = Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher
     9 service to connect.
     
    Error - 2/11/2015 8:00:17 PM | Computer Name = DH75M091 | Source = Windows Update Agent | ID = 20
    Description = Installation Failure: Windows failed to install the following update
     with error 0x80242007: Windows Malicious Software Removal Tool - February 2015
    (KB890830).
     
    Error - 2/14/2015 3:53:50 AM | Computer Name = DH75M091 | Source = Dhcp | ID = 1002
    Description = The IP address lease 192.168.2.4 for the Network Card with network
     address 001320A72F3F has been  denied by the DHCP server 0.0.0.0 (The DHCP Server
     sent a DHCPNACK message).
     
    Error - 2/16/2015 8:57:49 PM | Computer Name = DH75M091 | Source = Dhcp | ID = 1002
    Description = The IP address lease 192.168.2.4 for the Network Card with network
     address 001320A72F3F has been  denied by the DHCP server 0.0.0.0 (The DHCP Server
     sent a DHCPNACK message).
     
    Error - 2/19/2015 10:35:43 PM | Computer Name = DH75M091 | Source = SideBySide | ID = 16842811
    Description = Generate Activation Context failed for C:\Program Files\Pando Networks\Pando\pando.exe.
    Reference
     error message: The operation completed successfully.  .
     
    Error - 2/19/2015 10:35:43 PM | Computer Name = DH75M091 | Source = DCOM | ID = 10000
    Description = Unable to start a DCOM Server: {FA08F856-F05E-499B-9A48-F153A147DF27}.
    The
     error:  "%14001"  Happened while starting this command:  "C:\Program Files\Pando Networks\Pando\pando.exe"
     -Embedding
     
    Error - 2/24/2015 9:06:47 PM | Computer Name = DH75M091 | Source = Service Control Manager | ID = 7031
    Description = The Update Krab Web service terminated unexpectedly.  It has done
    this 1 time(s).  The following corrective action will be taken in 5000 milliseconds:
     Restart the service.
     
    Error - 2/24/2015 9:06:48 PM | Computer Name = DH75M091 | Source = Service Control Manager | ID = 7031
    Description = The Util Krab Web service terminated unexpectedly.  It has done this
     1 time(s).  The following corrective action will be taken in 5000 milliseconds:
     Restart the service.
     
     
    < End of report >


     


    • 0

    #4
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 24,598 posts
    • MVP
    Download the attached fixlist.txt to the same location as FRST
    Run FRST and press Fix
    A fix log will be generated please post that.  Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.
     
     

    • 0

    #5
    alexisstephani

    alexisstephani

      Member

    • Topic Starter
    • Member
    • PipPip
    • 33 posts

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 25-02-2015 01
    Ran by ALEXIS at 2015-02-25 22:32:56 Run:2
    Running from C:\Documents and Settings\ALEXIS\My Documents\Downloads
    Loaded Profiles: ALEXIS & NICK (Available profiles: ALEXIS & CATHYLYNN & NICK & MARISSA & ALEX & Mom's iPod Account & Administrator & Guest)
    Boot Mode: Normal

    ==============================================

    Content of fixlist:
    *****************
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1007\Software\Microsoft\Internet Explorer\Main,First Home Page = http://downloads.yah...xplorer/welcome
    URLSearchHook: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005 - (No Name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL (Pando)
    URLSearchHook: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005 - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
    URLSearchHook: HKU\S-1-5-21-3236530329-1147617518-3913851753-1007 - (No Name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} -  No File
    URLSearchHook: HKU\S-1-5-21-3236530329-1147617518-3913851753-1007 - (No Name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Program Files\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL (Pando)
    BHO: CInterceptor Object -> {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} -> C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll (Pando Networks)
    BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG9\avgssie.dll No File
    BHO: No Name -> {4D25F921-B9FE-4682-BF72-8AB8210D6D75} -> C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll No File
    BHO: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
    BHO: Krab Web 1.0.0.7 -> {feadf62f-aec2-46a1-a087-40149f311df9} -> C:\Program Files\Krab Web\KrabWebBHO.dll No File
    Toolbar: HKLM - Pando Toolbar - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL (Pando)
    Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
    Toolbar: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005 -> Pando Toolbar - {E3EA4FD9-CADE-4AE5-84F7-086EEE888BE4} - C:\Program Files\PandoBar\bar\1.bin\PANDOBAR.DLL (Pando)
    FF Extension: Krab Web 1.0.1 - C:\Documents and Settings\ALEXIS\Application Data\Mozilla\Firefox\Profiles\zs1syjzl.default-1422668321096\Extensions\{9d5a2aa0-d243-4ec9-aa58-38b5de807918}.xpi [2015-01-30]
    FF Plugin: @viewpoint.com/VMP -> C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll No File
    CHR HKLM\...\Chrome\Extension: [pndndplglkleohabdcogjfjlnkejfglh] - C:\Documents and Settings\All Users\Application Data\Download and Sa\pndndplglkleohabdcogjfjlnkejfglh.crx [Not Found]
    R2 Update Krab Web; C:\Program Files\Krab Web\updateKrabWeb.exe [396016 2015-02-24] ()
    R2 Util Krab Web; C:\Program Files\Krab Web\bin\utilKrabWeb.exe [396016 2015-02-24] ()
    R4 {3847db91-525a-43df-a742-93a5141cafa8}Gt; C:\WINDOWS\System32\drivers\{3847db91-525a-43df-a742-93a5141cafa8}Gt.sys [55824 2015-01-21] (StdLib)
    R4 {9d5a2aa0-d243-4ec9-aa58-38b5de807918}Gt; C:\WINDOWS\System32\drivers\{9d5a2aa0-d243-4ec9-aa58-38b5de807918}Gt.sys [55824 2015-02-20] (StdLib)
    R4 {9d5a2aa0-d243-4ec9-aa58-38b5de807918}t; C:\WINDOWS\System32\drivers\{9d5a2aa0-d243-4ec9-aa58-38b5de807918}t.sys [55824 2015-02-22] (StdLib)
    R4 {e7c04031-8387-47b1-afd6-40a369d5c38f}Gt; C:\WINDOWS\System32\drivers\{e7c04031-8387-47b1-afd6-40a369d5c38f}Gt.sys [55824 2015-01-18] (StdLib)
    S3 bvrp_pci; No ImagePath
    S3 wanatw; system32\DRIVERS\wanatw4.sys [X]
    U1 WS2IFSL; No ImagePath
    2099-12-31 63384:163 - 2010-01-24 01:58 - 00006456 ___HC () C:\Documents and Settings\All Users\Application Data\dabukuyi
    2015-02-23 17:45 - 2015-02-23 17:45 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
    2015-02-22 21:23 - 2015-02-22 10:31 - 00055824 _____ (StdLib) C:\WINDOWS\system32\Drivers\{9d5a2aa0-d243-4ec9-aa58-38b5de807918}t.sys
    2015-02-21 01:05 - 2015-02-20 17:40 - 00055824 _____ (StdLib) C:\WINDOWS\system32\Drivers\{9d5a2aa0-d243-4ec9-aa58-38b5de807918}Gt.sys
    2015-02-19 04:33 - 2015-02-22 03:49 - 00000000 ____D () C:\Documents and Settings\ALEXIS\Local Settings\Application Data\avayvxvaxc
    2015-02-03 02:35 - 2015-02-03 02:35 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\SearchProtect
    2015-02-24 20:07 - 2015-01-18 12:21 - 00000000 ____D () C:\Program Files\Krab Web
    2015-02-24 20:02 - 2013-11-11 02:02 - 00000366 _____ () C:\WINDOWS\Tasks\TidyNetwork Update.job
    2009-07-04 17:48 - 2009-07-04 17:48 - 0283952 ____C (Musicnotes, Inc.) C:\Program Files\npmusicn.dll
    2009-08-26 21:13 - 2009-08-26 21:13 - 0002528 ____C () C:\Documents and Settings\ALEXIS\Application Data\$_hpcst$.hpc
    2011-06-17 23:19 - 2011-06-17 23:35 - 0017390 ___SH () C:\Documents and Settings\ALEXIS\Local Settings\Application Data\037ta678tf55b13niyu466uwy36t77
    C:\Documents and Settings\MARISSA\4521980.exe
    Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-1009Core.job => C:\Documents and Settings\ALEX\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
    Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-1009UA.job => C:\Documents and Settings\ALEX\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
    Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
    Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
    Task: C:\WINDOWS\Tasks\TidyNetwork Update.job => C:\Documents and Settings\MARISSA\Local Settings\Application Data\TidyNetwork\petnupdate.exe
    2015-02-24 13:37 - 2015-02-24 18:37 - 00396016 _____ () C:\Program Files\Krab Web\updateKrabWeb.exe
    2015-02-24 08:36 - 2015-02-24 18:40 - 00396016 _____ () C:\Program Files\Krab Web\bin\utilKrabWeb.exe
    2015-02-24 13:37 - 2015-02-24 13:37 - 00337920 _____ () C:\Program Files\Krab Web\bin\sqlite3.dll
    2015-02-21 00:01 - 2015-02-24 14:16 - 00105712 _____ () C:\Program Files\Krab Web\bin\KrabWeb.BrowserAdapter.exe
    C:\Program Files\Krab Web
    C:\Documents and Settings\All Users\Application Data\037ta678tf55b13niyu466uwy36t77
    C:\Documents and Settings\ALEXIS\Local Settings\Application Data\037ta678tf55b13niyu466uwy36t77
    *****************

    "C:\WINDOWS\system32\GroupPolicy\Machine" => File/Directory not found.
    HKLM\SOFTWARE\Policies\Google => Key not found.
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1007\Software\Microsoft\Internet Explorer\Main\\First Home Page => Value not found.
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\{06663B56-0D73-4f9f-BCC5-4AA941470AFD} => Value not found.
    "HKCR\CLSID\{06663B56-0D73-4f9f-BCC5-4AA941470AFD}" => Key deleted successfully.
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} => value deleted successfully.
    "HKCR\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}" => Key deleted successfully.
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1007\Software\Microsoft\Internet Explorer\URLSearchHooks\\{4D25F926-B9FE-4682-BF72-8AB8210D6D75} => value deleted successfully.
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1007\Software\Microsoft\Internet Explorer\URLSearchHooks\\{06663B56-0D73-4f9f-BCC5-4AA941470AFD} => value deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38D3FE60-3D53-4F37-BB0E-C7A97A26A156}" => Key deleted successfully.
    "HKCR\CLSID\{38D3FE60-3D53-4F37-BB0E-C7A97A26A156}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => Key deleted successfully.
    "HKCR\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D25F921-B9FE-4682-BF72-8AB8210D6D75}" => Key deleted successfully.
    "HKCR\CLSID\{4D25F921-B9FE-4682-BF72-8AB8210D6D75}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}" => Key deleted successfully.
    "HKCR\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{feadf62f-aec2-46a1-a087-40149f311df9}" => Key deleted successfully.
    "HKCR\CLSID\{feadf62f-aec2-46a1-a087-40149f311df9}" => Key deleted successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} => value deleted successfully.
    "HKCR\CLSID\{E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4}" => Key deleted successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} => value deleted successfully.
    "HKCR\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}" => Key deleted successfully.
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E3EA4FD9-CADE-4AE5-84F7-086EEE888BE4} => value deleted successfully.
    HKCR\CLSID\{E3EA4FD9-CADE-4AE5-84F7-086EEE888BE4} => Key not found.
    C:\Documents and Settings\ALEXIS\Application Data\Mozilla\Firefox\Profiles\zs1syjzl.default-1422668321096\Extensions\{9d5a2aa0-d243-4ec9-aa58-38b5de807918}.xpi => Moved successfully.
    "HKLM\Software\MozillaPlugins\@viewpoint.com/VMP" => Key deleted successfully.
    "HKLM\SOFTWARE\Google\Chrome\Extensions\pndndplglkleohabdcogjfjlnkejfglh" => Key deleted successfully.
    Update Krab Web => Unable to stop service
    Update Krab Web => Service deleted successfully.
    Util Krab Web => Unable to stop service
    Util Krab Web => Service deleted successfully.
    {3847db91-525a-43df-a742-93a5141cafa8}Gt => Unable to stop service
    {3847db91-525a-43df-a742-93a5141cafa8}Gt => Service deleted successfully.
    {9d5a2aa0-d243-4ec9-aa58-38b5de807918}Gt => Unable to stop service
    {9d5a2aa0-d243-4ec9-aa58-38b5de807918}Gt => Service deleted successfully.
    {9d5a2aa0-d243-4ec9-aa58-38b5de807918}t => Unable to stop service
    {9d5a2aa0-d243-4ec9-aa58-38b5de807918}t => Service deleted successfully.
    {e7c04031-8387-47b1-afd6-40a369d5c38f}Gt => Unable to stop service
    {e7c04031-8387-47b1-afd6-40a369d5c38f}Gt => Service deleted successfully.
    bvrp_pci => Service deleted successfully.
    wanatw => Service deleted successfully.
    WS2IFSL => Service deleted successfully.
    C:\Documents and Settings\All Users\Application Data\dabukuyi => Moved successfully.
    C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1 => Moved successfully.
    C:\WINDOWS\system32\Drivers\{9d5a2aa0-d243-4ec9-aa58-38b5de807918}t.sys => Moved successfully.
    C:\WINDOWS\system32\Drivers\{9d5a2aa0-d243-4ec9-aa58-38b5de807918}Gt.sys => Moved successfully.
    C:\Documents and Settings\ALEXIS\Local Settings\Application Data\avayvxvaxc => Moved successfully.
    C:\Documents and Settings\LocalService\Local Settings\Application Data\SearchProtect => Moved successfully.

    "C:\Program Files\Krab Web" directory move:

    Could not move "C:\Program Files\Krab Web\bin\9d5a2aa0d2434ec9aa5838b5de807918.dll" => Scheduled to move on reboot.
    C:\Program Files\Krab Web\bin\9d5a2aa0d2434ec9aa5838b5de80791864.dll => Moved successfully.
    C:\Program Files\Krab Web\bin\9d5a2aa0d2434ec9aa5864.dll => Moved successfully.
    C:\Program Files\Krab Web\bin\bau => Moved successfully.
    C:\Program Files\Krab Web\bin\BrowserAdapter.7z => Moved successfully.
    C:\Program Files\Krab Web\bin\eula.txt => Moved successfully.
    C:\Program Files\Krab Web\bin\KrabWeb.BrowserAdapter.exe => Moved successfully.
    C:\Program Files\Krab Web\bin\KrabWeb.BrowserAdapter64.exe => Moved successfully.
    C:\Program Files\Krab Web\bin\KrabWeb.PurBrowse.exe => Moved successfully.
    C:\Program Files\Krab Web\bin\KrabWeb.PurBrowse.zip => Moved successfully.
    C:\Program Files\Krab Web\bin\sqlite3.dll => Moved successfully.
    C:\Program Files\Krab Web\bin\tmp23A.tmp => Moved successfully.
    C:\Program Files\Krab Web\bin\tmp295.tmp => Moved successfully.
    C:\Program Files\Krab Web\bin\tmp297.tmp => Moved successfully.
    C:\Program Files\Krab Web\bin\tmp299.tmp => Moved successfully.
    C:\Program Files\Krab Web\bin\tmp29B.tmp => Moved successfully.
    C:\Program Files\Krab Web\bin\tmp29D.tmp => Moved successfully.
    C:\Program Files\Krab Web\bin\utilKrabWeb.exe => Moved successfully.
    C:\Program Files\Krab Web\bin\utilKrabWeb.InstallState => Moved successfully.
    C:\Program Files\Krab Web\bin\plugins\KrabWeb.BrowserAdapter.dll => Moved successfully.
    C:\Program Files\Krab Web\bin\plugins\KrabWeb.BRT.dll => Moved successfully.
    C:\Program Files\Krab Web\bin\plugins\KrabWeb.CompatibilityChecker.dll => Moved successfully.
    C:\Program Files\Krab Web\bin\plugins\KrabWeb.ExpExt.dll => Moved successfully.
    C:\Program Files\Krab Web\bin\plugins\KrabWeb.FFUpdate.dll => Moved successfully.
    C:\Program Files\Krab Web\bin\plugins\KrabWeb.GCUpdate.dll => Moved successfully.
    C:\Program Files\Krab Web\bin\plugins\KrabWeb.PurBrowse.dll => Moved successfully.
    C:\Program Files\Krab Web\bin\plugins\KrabWeb.Repmon.dll => Moved successfully.
    Could not move "C:\Program Files\Krab Web" directory. => Scheduled to move on reboot.

    C:\WINDOWS\Tasks\TidyNetwork Update.job => Moved successfully.
    C:\Program Files\npmusicn.dll => Moved successfully.
    C:\Documents and Settings\ALEXIS\Application Data\$_hpcst$.hpc => Moved successfully.
    C:\Documents and Settings\ALEXIS\Local Settings\Application Data\037ta678tf55b13niyu466uwy36t77 => Moved successfully.
    C:\Documents and Settings\MARISSA\4521980.exe => Moved successfully.
    C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-1009Core.job => Moved successfully.
    C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-1009UA.job => Moved successfully.
    C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => Moved successfully.
    C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => Moved successfully.
    C:\WINDOWS\Tasks\TidyNetwork Update.job not found.
    "C:\Program Files\Krab Web\updateKrabWeb.exe" => File/Directory not found.
    "C:\Program Files\Krab Web\bin\utilKrabWeb.exe" => File/Directory not found.
    "C:\Program Files\Krab Web\bin\sqlite3.dll" => File/Directory not found.
    "C:\Program Files\Krab Web\bin\KrabWeb.BrowserAdapter.exe" => File/Directory not found.

    "C:\Program Files\Krab Web" directory move:

    Could not move "C:\Program Files\Krab Web\bin\9d5a2aa0d2434ec9aa5838b5de807918.dll" => Scheduled to move on reboot.
    Could not move "C:\Program Files\Krab Web" directory. => Scheduled to move on reboot.

    C:\Documents and Settings\All Users\Application Data\037ta678tf55b13niyu466uwy36t77 => Moved successfully.
    "C:\Documents and Settings\ALEXIS\Local Settings\Application Data\037ta678tf55b13niyu466uwy36t77" => File/Directory not found.

    => Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-02-25 22:35:45)<=

    C:\Program Files\Krab Web\bin\9d5a2aa0d2434ec9aa5838b5de807918.dll => Is moved successfully.
    C:\Program Files\Krab Web => Is moved successfully.
    C:\Program Files\Krab Web\bin\9d5a2aa0d2434ec9aa5838b5de807918.dll => Is moved successfully.
    C:\Program Files\Krab Web => Is moved successfully.

    ==== End of Fixlog 22:35:46 ====

     

     


    • 0

    #6
    alexisstephani

    alexisstephani

      Member

    • Topic Starter
    • Member
    • PipPip
    • 33 posts

    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-02-2015 01
    Ran by ALEXIS at 2015-02-25 22:44:29
    Running from C:\Documents and Settings\ALEXIS\My Documents\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
    3ivx MPEG-4 5.0.3 (remove only) (HKLM\...\3ivx MPEG-4 5.0.3) (Version: 5.0.3 - 3ivx Technologies, Pty. Ltd.)
    ActiveLink Connect (HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\...\ActiveLink Connect) (Version: 5.8.0.17220 - Koninklijke Philips Electronics N.V.)
    ActiveLink Connect (Version: 5.8.0.17220 - Koninklijke Philips Electronics N.V.) Hidden
    Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.2.202.235 - Adobe Systems Incorporated)
    Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.2.202.235 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.2) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.2 - Adobe Systems Incorporated)
    AIM 6 (HKLM\...\AIM_6) (Version:  - )
    AIMTunes (HKLM\...\AIMTunes) (Version:  - )
    Anti-phishing Domain Advisor (HKLM\...\Anti-phishing Domain Advisor) (Version: 1.0.0.0 - Visicom Media Inc. (Powered by Panda Security))
    AOLIcon (Version: 1.00.0000 - Dell) Hidden
    Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
    Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    AtHomeConnect version 1.0.1.0 (HKLM\...\{631EFC00-5A7A-4A90-9578-039EDA92DE0F}_is1) (Version: 1.0.1.0 - HRBlock)
    avast! Free Antivirus (HKLM\...\avast) (Version: 7.0.1474.0 - AVAST Software)
    AVG 2011 (Version: 10.0.422 - AVG Technologies) Hidden
    Belkin N300 Micro USB Wireless Adapter (HKLM\...\{B20F9D1C-A0A5-4cd8-8306-DA03872311B1}) (Version: 1.00.0155 - )
    BlackBerry Desktop Software 4.5 (HKLM\...\BlackBerry_{CE5E3F15-320A-4865-97D3-F07227C5BB2F}) (Version: 4.5.0.15 - Research In Motion Ltd.)
    BlackBerry Desktop Software 4.5 (Version: 4.5.0.15 - Research In Motion Ltd.) Hidden
    blekko search bar (HKLM\...\blekkotb_026) (Version: 1.9.12.12 - Visicom Media Inc.) <==== ATTENTION
    Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
    BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
    Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version:  - Alactro LLC) <==== ATTENTION
    C4700 (Version: 130.0.373.000 - Hewlett-Packard) Hidden
    Canon Camera Access Library (HKLM\...\CAL) (Version: 8.4.0.1 - Canon Inc.)
    Canon Camera Support Core Library (HKLM\...\CSCLIB) (Version: 7.3.1.6 - Canon Inc.)
    Canon G.726 WMP-Decoder (HKLM\...\Canon G.726 WMP-Decoder) (Version: 1.1.0.4 - Canon Inc.)
    CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.6.0.12 - Canon Inc.)
    Canon Internet Library for ZoomBrowser EX (HKLM\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.2.7 - Canon Inc.)
    Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 2.6.0.4 - Canon Inc.)
    Canon RAW Image Task for ZoomBrowser EX (HKLM\...\RAW Image Task) (Version: 0.9.3.9 - Canon Inc.)
    Canon ScanGear Toolbox CS 2.2 (HKLM\...\Canon ScanGear Toolbox CS) (Version:  - )
    Canon Utilities CameraWindow (HKLM\...\CameraWindowLauncher) (Version: 7.1.0.2 - Canon Inc.)
    Canon Utilities CameraWindow DC (HKLM\...\CameraWindowDC) (Version: 7.1.0.7 - Canon Inc.)
    Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX (HKLM\...\CameraWindowDVC5) (Version: 5.4.5.17 - Canon Inc.)
    Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM\...\CameraWindowDVC6) (Version: 6.4.2.16 - Canon Inc.)
    Canon Utilities EOS Utility (HKLM\...\EOS Utility) (Version: 1.1.0.8 - Canon Inc.)
    Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 6.4.0.5 - Canon Inc.)
    Canon Utilities MyCamera DC (HKLM\...\MyCameraDC) (Version: 7.0.1.8 - Canon Inc.)
    Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.21.45 - Canon Inc.)
    Canon Utilities RemoteCapture DC (HKLM\...\RemoteCaptureDC) (Version: 3.0.1.8 - Canon Inc.)
    Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM\...\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.)
    Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.1.1.21 - Canon Inc.)
    Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.1.0.8 - Canon Inc.)
    Catalina Savings Printer (HKLM\...\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}) (Version: 1.0.0 - Catalina Marketing Corp) <==== ATTENTION
    Conexant D850 56K V.9x DFVc Modem (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1) (Version:  - )
    ConvertAd (HKLM\...\ConvertAd) (Version: 1.0.0.0 - ConvertAd) <==== ATTENTION
    CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
    D2400 (Version: 90.0.235.000 - Hewlett-Packard) Hidden
    D2400_Help (Version: 90.0.235.000 - Hewlett-Packard) Hidden
    Dell Digital Jukebox Driver (HKLM\...\Dell Digital Jukebox Driver) (Version:  - )
    Dell Driver Reset Tool (HKLM\...\{5905F42D-3F5F-4916-ADA6-94A3646AEE76}) (Version: 1.02.0000 - Dell Inc.)
    Dell Photo Printer 720 (HKLM\...\Dell Photo Printer 720) (Version:  - )
    Dell Photo Printer 720 Logger (HKLM\...\Dell Photo Printer 720 Logger) (Version: 1.0 - Dell)
    Dell Support 3.1 (HKLM\...\{548EEA8E-8299-497F-8057-811D2D7097DC}) (Version: 5.1.760 - Dell)
    Dell System Restore (HKLM\...\{74F7662C-B1DB-489E-A8AC-07A06B24978B}) (Version: 2.00.0000 - Dell Inc.)
    Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
    DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden
    Digital Content Portal (HKLM\...\{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}) (Version: 1.00.0000 - Dell)
    Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.10 - BVRP Software, Inc)
    DJ_SF_03_D4300_ProductContext (Version: 100.0.215.000 - Hewlett-Packard) Hidden
    DJ_SF_03_D4300_Software (Version: 100.0.206.000 - Hewlett-Packard) Hidden
    DJ_SF_03_D4300_Software_Min (Version: 100.0.206.000 - Hewlett-Packard) Hidden
    dj_sf_ProductContext (Version: 90.0.235.000 - Hewlett-Packard) Hidden
    dj_sf_software (Version: 90.0.235.000 - Hewlett-Packard) Hidden
    dj_sf_software_req (Version: 90.0.235.000 - Hewlett-Packard) Hidden
    Download and Sa (HKLM\...\{20E7BC40-33F6-4A81-9D52-B58349326206}) (Version:  - Dnsave)
    Driver Tool (HKLM\...\{AF142A83-507D-4F0F-92FC-40C7F76C1F87}) (Version: 8.1 - Driver Tool)
    EducateU (HKLM\...\{A683A2C0-821C-486F-858C-FA634DB5E864}) (Version: 1.00.0000 - Dell)
    ESPNMotion (HKLM\...\ESPNMotion) (Version: 2.1.6.0011 - ESPN Internet Ventures)
    EZSuite For Video Chat Kit (HKLM\...\{848e2630-c0c0-478a-a758-6639e5115993}) (Version: 1.0 - )
    F5 Networks VPN Client for Windows (HKLM\...\{6D4839CB-28B4-4070-8CA7-612CA92CA3D0}) (Version: 60.2010.0408.1513 - F5 Networks)
    Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
    ffdshow [rev 2202] [2008-10-10] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
    FlipShare (HKLM\...\{7732DA71-2FB6-5C99-D0D9-58A2DB360895}) (Version: 4.0.6.31692 - Pure Digital Technologies)
    Free DVD Creator version 2.0 (HKLM\...\Free DVD Creator (by minidvdsoft)_is1) (Version: 2.0 - www.minidvdsoft.com)
    FreeAgent Go Tools (HKLM\...\InstallShield_{ECD43B7A-CB3B-4AF8-91F6-C460A575E411}) (Version: 1.00.0032 - Seagate)
    FreeAgent Go Tools (Version: 1.00.0032 - Seagate) Hidden
    GemMaster Mystic (HKLM\...\12133444-BF36-4d4e-B7FB-A3424C645DE4) (Version:  - )
    Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
    Google Drive (HKLM\...\{65EACBB4-B0B8-4A5B-AE46-22DBE15C70B5}) (Version: 1.19.8406.6504 - Google, Inc.)
    Google Earth (HKLM\...\{9509674F-3972-11DE-806D-005056806466}) (Version: 5.0.11733.9347 - Google)
    Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
    Google Update Helper (Version: 1.3.26.7 - Google Inc.) Hidden
    H&R Block Deluxe + Efile + State 2010 (HKLM\...\{10964A8F-21C1-45EA-BC2D-F84B505C3848}) (Version: 10.04.6402 - HRB Technology, LLC.)
    H&R Block Deluxe + Efile + State 2011 (HKLM\...\{C6006AED-E5A7-4F77-BAD5-95AC43DE04F3}) (Version: 11.05.7102 - HRB Technology, LLC.)
    H&R Block Deluxe + Efile + State 2012 (HKLM\...\{89D20029-0578-4D8D-979A-695C8D868868}) (Version: 12.05.7803 - HRB Technology, LLC.)
    H&R Block Deluxe + Efile + State 2013 (HKLM\...\{EDE796DE-0A72-464D-9D21-F04BC41A092B}) (Version: 13.05.7601 - HRB Technology, LLC.)
    H&R Block New York 2009 (HKLM\...\{56F59702-1BB9-4C1B-BB8A-FB5F84A90378}) (Version: 1.09.4601 - HRB Technology, LLC.)
    H&R Block New York 2010 (HKLM\...\{5A80C75C-EB3A-4275-A6C4-2E20349DBF4C}) (Version: 1.10.4901 - HRB Technology, LLC.)
    H&R Block New York 2011 (HKLM\...\{6C434B52-8D0F-4080-9649-7497445DDCD4}) (Version: 1.11.4401 - HRB Technology, LLC.)
    H&R Block New York 2012 (HKLM\...\{0A5FB059-9FF1-4A78-9753-4D7656560DAF}) (Version: 1.12.7001 - HRB Technology, LLC.)
    H&R Block New York 2013 (HKLM\...\{E3B9117D-7476-4C74-8C22-337F630D6602}) (Version: 1.13.6101 - HRB Technology, LLC.)
    H&R Block Premium + Efile + State 2009 (HKLM\...\{90AACECD-1E42-4D22-ABAD-7FB9B67B262D}) (Version: 09.06.6501 - HRB Technology, LLC.)
    High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
    HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
    HP Deskjet D4300 Printer Driver Software 10.0 Rel .3 (HKLM\...\{387D9916-BD27-480f-8CF0-3228832BBAA2}) (Version: 10.0 - HP)
    HP Deskjet Printer Driver Software 9.0 (HKLM\...\{03E66394-42F0-4745-85F7-0A2F8F35C09F}) (Version: 9.0 - HP)
    HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
    HP Photosmart C4700 All-In-One Driver Software 13.0 Rel .6 (HKLM\...\{2012D762-5DCA-455A-B5FE-EDF79BC93E18}) (Version: 13.0 - HP)
    HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
    HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
    HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
    HP Update (HKLM\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
    hpPrintProjects (Version: 130.0.303.000 - Hewlett-Packard) Hidden
    HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
    hpWLPGInstaller (Version: 130.0.303.000 - Hewlett-Packard) Hidden
    iCopyExpert 3.1.2 (HKLM\...\iCopyExpert_is1) (Version:  - iCopyExpert.com)
    Intel® Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4363 - )
    Intel® PRO Network Connections Drivers (HKLM\...\PROSet) (Version:  - )
    Intel® PROSet for Wired Connections (HKLM\...\{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}) (Version: 9.20.0000 - Dell)
    Internet Explorer Default Page (Version: 1.00.03 - Dell Inc.) Hidden
    ION EZ VHS Converter (HKLM\...\{04E364F1-4582-4567-A6C8-C7FBBCC86C91}) (Version:  - ION)
    iTunes (HKLM\...\{C197BC08-3D82-4651-8886-E68C21578A38}) (Version: 11.1.3.8 - Apple Inc.)
    Java 2 Runtime Environment, SE v1.4.2_03 (HKLM\...\{7148F0A8-6813-11D6-A77B-00B0D0142030}) (Version: 1.4.2_03 - Sun Microsystems, Inc.)
    Java™ 6 Update 27 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216013FF}) (Version: 6.0.270 - Sun Microsystems, Inc.)
    Krab Web (HKLM\...\Krab Web) (Version: 2015.01.18.122328 - Krab Web) <==== ATTENTION
    Learn2 Player (Uninstall Only) (HKLM\...\StreetPlugin) (Version:  - )
    Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
    MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
    Microsoft .NET Framework 1.0 Hotfix (KB2572066) (HKLM\...\KB2572066) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.0 Hotfix (KB2604042) (HKLM\...\KB2604042) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.0 Hotfix (KB2656378) (HKLM\...\KB2656378) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.0 Hotfix (KB953295) (HKLM\...\KB953295) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM\...\KB979904) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.0 Security Update (KB2698035) (HKLM\...\KB2698035) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM\...\KB2742607) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.0 Security Update (KB2833951) (HKLM\...\KB2833951) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM\...\KB2904878) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
    Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
    Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
    Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
    Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
    Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
    Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft Office XP Professional with FrontPage (HKLM\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.01 - Microsoft Corporation)
    Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3514 - Microsoft Corporation)
    Microsoft Plus! Photo Story 2 LE (HKLM\...\{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft WinUsb 1.0 (HKLM\...\winusb0100) (Version:  - Microsoft Corporation)
    Modem Helper (HKLM\...\{7F142D56-3326-11D5-B229-002078017FBF}) (Version: 2.40 - BVRP Software)
    Mozilla Firefox 35.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Music Rescue (HKLM\...\{3364BD16-5A28-4862-86A1-A8FF5FD23919}) (Version: 4.1.2.45 - KennettNet Software Ltd)
    Musicmatch for Windows Media Player (HKLM\...\{E93E5EF6-D361-481E-849D-F16EF5C78EBC}) (Version: 0.00.000 - )
    Musicmatch® Jukebox (HKLM\...\{85D3CC30-8859-481A-9654-FD9B74310BEF}) (Version: 10.10.0097 - )
    Musicnotes Software Suite 1.6.0 (HKLM\...\Musicnotes Combined Installer_is1) (Version: 1.6.0 - Musicnotes Inc.)
    MyWay Search Assistant (HKLM\...\{E7559288-223B-453C-9F06-340E3BE21E39}) (Version: 1.0.1 - MyWay)
    NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.12 - BVRP Software, Inc)
    Network (Version: 130.0.572.000 - Hewlett-Packard) Hidden
    NetZeroInstallers (HKLM\...\{352310C3-E46B-42D3-8F32-54721FDD72D9}) (Version: 1.0.0 - NetZero, Inc.)
    Otto (HKLM\...\B3EE3001-DC24-4cd1-8743-5692C716659F) (Version:  - )
    Pando (HKLM\...\{AB480DA0-7EE9-465D-9C12-4CDE65BF18FB}) (Version: 2.3.0009 - Pando Networks Inc.)
    Pando Toolbar (HKLM\...\PandoBar Uninstall) (Version:  - Pando.com)
    PanoStandAlone (Version: 90.0.146.000 - Hewlett-Packard) Hidden
    PepperZip 2.0 (HKLM\...\PepperZip) (Version: 2.0 - PepperWare Co.Ltd.) <==== ATTENTION
    Picasa 3 (HKLM\...\Picasa 3) (Version: 3.1 - Google, Inc.)
    PoriceChoOp (HKLM\...\{B945F928-45A2-231E-495F-38C40CA198E9}) (Version: 3.2.0.1010 - )
    PowerDVD 5.5 (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
    PS_AIO_06_C4700_SW_Min (Version: 130.0.373.000 - Hewlett-Packard) Hidden
    PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden
    QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
    RealPlayer Basic (HKLM\...\RealPlayer 6.0) (Version:  - )
    Remote Desktop Access (VuuPC) (HKLM\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.6.0 - SAMSUNG Electronics Co., Ltd.)
    SaveMiaSs (HKLM\...\{F7FFE175-E3D6-2E86-0226-1D3AE4905E40}) (Version: 3.3.0.1507 - )
    Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Seagate DiscWizard (HKLM\...\{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}) (Version: 11.0.8142 - Seagate)
    Search Protect (HKLM\...\SearchProtect) (Version: 2.21.0.204 - Client Connect LTD) <==== ATTENTION
    Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
    Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
    Sibelius Scorch (Firefox, Opera, Netscape only) (HKLM\...\{7115EE2B-62BF-4DEB-B4AA-91456D245F47}) (Version: 6.0.2 - Sibelius Software)
    Skype Toolbars (HKLM\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
    Skype™ 4.2 (HKLM\...\{D103C4BA-F905-437A-8049-DB24763BBE36}) (Version: 4.2.155 - Skype Technologies S.A.)
    Skype™ 5.5 (HKLM\...\{AA59DDE4-B672-4621-A016-4C248204957A}) (Version: 5.5.124 - Skype Technologies S.A.)
    SmartMusic 2011a (HKLM\...\SmartMusic 2011a) (Version: 13.0.0 - MakeMusic)
    SmartWebPrinting (Version: 130.0.373.000 - Hewlett-Packard) Hidden
    Software Updater (HKLM\...\SoftwareUpdater) (Version: 1.0.0.0 - Software Updater Ltd)
    Sonic DLA (HKLM\...\{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 4.95 - Sonic Solutions)
    Sonic Encoders (HKLM\...\{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)
    Sonic MyDVD LE (HKLM\...\{21657574-BD54-48A2-9450-EB03B2C7FC29}) (Version: 6.1.1 - Sonic Solutions)
    Sonic RecordNow Audio (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.0 - Sonic Solutions)
    Sonic RecordNow Copy (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.0 - Sonic Solutions)
    Sonic RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.0 - Sonic Solutions)
    Sonic Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Sonic Solutions)
    Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden
    SW_Sustainer 1.80 (HKLM\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{280f2936}) (Version:  - Certified Publisher) <==== ATTENTION
    Synctunes Desktop (HKLM\...\{684F10A9-E071-4629-B5F6-445C54C37AB3}) (Version: 1.0.4 - MAhmed Labs)
    TaxCut New York 2008 (HKLM\...\{4BAC29B6-145B-49D0-A2FC-A79AE4F606E5}) (Version: 1.08.4701 - H&R Block Digital Tax Solutions LLC.)
    TaxCut Premium + State + Efile 2008 (HKLM\...\{BBB33AD6-BCF7-4002-B6A0-6DC679AE5C18}) (Version: 08.07.7101 - H & R Block)
    Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
    TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden
    UnloadSupport (Version: 10.0.0 - Hewlett-Packard) Hidden
    Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM\...\KB900325) (Version:  - Microsoft Corporation)
    USB PC Camera (HKLM\...\{A9698A67-7E71-11D8-B9BF-00E018FAA1E4}) (Version:  - )
    VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden
    Viewpoint Media Player (HKLM\...\ViewpointMediaPlayer) (Version:  - )
    Walmart MP3 Music Downloads (HKLM\...\Walmart MP3 Music Downloads) (Version: 1.5.0.7 - Walmart.com)
    WD Link (HKLM\...\WD Link) (Version: 1.00.03 - Western Digital)
    WD SmartWare (HKLM\...\{51B055DD-A5F8-4D0C-A09C-66E58AD56F20}) (Version: 1.5.1 - Western Digital)
    WebCyberCoach 3.2 Dell (HKLM\...\WebCyberCoach_wtrb) (Version:  - )
    WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
    WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
    WeightWatchers Connections 2010 Portal (HKLM\...\{4496E9B5-56AF-4A9C-BC02-BCBF63824224}) (Version: 1.0 - WeightWatchers)
    WildTangent Web Driver (HKLM\...\WildTangent CDA) (Version:  - )
    WinCheck (HKLM\...\wincheck) (Version: 1.0.0.0 - WinCheck) <==== ATTENTION!
    Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
    Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
    Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
    Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
    Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
    Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
    Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
    Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
    Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
    Windows Media Player 10 Hotfix - KB894476 (HKLM\...\KB894476) (Version:  - Microsoft Corporation)
    Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information] (HKLM\...\EmeraldQFE2) (Version:  - Microsoft Corporation)
    Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
    Windows XP Media Center Edition 2005 KB2502898 (HKLM\...\KB2502898) (Version:  - Microsoft Corporation)
    Windows XP Media Center Edition 2005 KB2619340 (HKLM\...\KB2619340) (Version:  - Microsoft Corporation)
    Windows XP Media Center Edition 2005 KB2628259 (HKLM\...\KB2628259) (Version:  - Microsoft Corporation)
    Windows XP Media Center Edition 2005 KB908246 (HKLM\...\KB908246) (Version:  - Microsoft Corporation)
    Windows XP Media Center Edition 2005 KB908250 (HKLM\...\KB908250) (Version:  - Microsoft Corporation)
    Windows XP Media Center Edition 2005 KB973768 (HKLM\...\KB973768) (Version:  - Microsoft Corporation)
    Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
    Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )
    Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{0C1EB979-8EC7-46E8-8097-246957D6B94C}\localserver32 -> C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{10A31DA6-8BF9-4767-9C2E-E4C4F4FF2310}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\rim_hh.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{1434DD3D-0AF6-41E0-BB71-8C86010D9AF5}\localserver32 -> C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{326787D9-37B9-47A6-B539-EE13E7B04B8B}\InprocServer32 -> C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\devicemanagerproperties.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{3A7AD31E-F164-4861-928B-4FE44092F5B8}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\IS71 Connectors\Data Migration Wizard\Connectors\Windows Mobile Connector\WinCEConnector.dll (Nokia Corporation.)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{44EC053A-400F-11D0-9DCD-00A0C90391D3}\InprocServer32 -> No File Path
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{47F64EC4-1AD6-4168-9D4C-00F3842F7CFB}\InprocServer32 -> C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\DeviceManagerProperties.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{5F6FFE82-8B74-43BF-A583-EF4E3AEF9C3D}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\IS71 Connectors\Data Migration Wizard\Connectors\Palm Desktop\syncproxy.dll (Nokia Corporation.)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{78496FD9-A9D7-4F59-8934-84A5DC5679D8}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\IS71 Connectors\Data Migration Wizard\Connectors\Palm Desktop\PDXlator.dll (Nokia Corporation.)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{82D1C283-A637-4A07-B1EC-8C7AE661EAF1}\InprocServer32 -> C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\devicemanagerproperties.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{8376CB5C-B66B-4678-AB07-03E5FDA2F04E}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\IS71 Connectors\Data Migration Wizard\CXLServer1.dll (Nokia Corporation.)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{A4DB76BC-7A1C-44e7-8B3F-9F55E7AF32C0}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\IS71 Connectors\YahooNotifier.dll No File
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{A7266397-8FCE-495E-847A-13E56C5E5F56}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\rim_asci.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{B776FDAF-2388-42D0-8A7C-386E1BC2E19E}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\IS71 Connectors\Data Migration Wizard\Connectors\Palm Desktop\pdapi2.dll (Nokia Corporation.)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{B922E441-248E-419B-898C-D994FFBA56EE}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\RIMCXLServer.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{BA3D0120-E617-4F66-ADCA-585CC2FB86DB}\localserver32 -> C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{C8992C14-DF59-4518-808F-CCFBB5850282}\InprocServer32 -> C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\devicemanagerproperties.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{CAFCE71A-72F0-41AD-A8A4-4F70CDD72381}\InprocServer32 -> C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManagerps.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{E2159021-A507-48F9-9DF1-EC5AFDBA5066}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\IS71 Connectors\Data Migration Wizard\Connectors\Palm Desktop\PDAPI.dll (Nokia Corporation.)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{E3AA9B8F-F8BF-4536-A3D8-B405A4C6B5AE}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\IS71 Connectors\Yahoo Connector\DCSXlator.dll (Nokia)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{EB59852D-B38E-4A4C-94BA-6731836E5538}\InprocServer32 -> C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\DeviceManagerProperties.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{EE7F6B66-AC97-41CF-BD88-372DDB786DB6}\localserver32 -> C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{F6CF0104-4F4A-4EBE-999D-A12D838E65B5}\InprocServer32 -> C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgrPs.dll (Research In Motion Limited)

    ==================== Restore Points  =========================

    14-01-2015 03:00:16 Software Distribution Service 3.0
    15-01-2015 03:08:37 System Checkpoint
    30-01-2015 21:34:51 System Checkpoint
    31-01-2015 22:23:40 System Checkpoint
    02-02-2015 08:18:47 System Checkpoint
    07-02-2015 07:45:30 System Checkpoint
    08-02-2015 08:15:53 System Checkpoint
    09-02-2015 08:20:25 System Checkpoint
    10-02-2015 13:03:58 System Checkpoint
    11-02-2015 03:00:17 Software Distribution Service 3.0
    12-02-2015 04:17:17 System Checkpoint
    16-02-2015 23:10:45 System Checkpoint
    18-02-2015 00:04:59 System Checkpoint
    19-02-2015 00:10:09 System Checkpoint
    20-02-2015 00:36:17 System Checkpoint
    21-02-2015 00:36:47 System Checkpoint
    22-02-2015 01:48:35 System Checkpoint
    23-02-2015 02:51:34 System Checkpoint
    24-02-2015 03:00:01 System Checkpoint
    24-02-2015 20:39:25 OTL Restore Point - 2/24/2015 8:39:15 PM
    25-02-2015 20:48:11 System Checkpoint

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2005-08-16 05:18 - 2011-07-29 20:16 - 00000098 ____A C:\WINDOWS\system32\Drivers\etc\hosts
    127.0.0.1       localhost
    ::1       localhost

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
    Task: C:\WINDOWS\Tasks\Driver Tool-RTMRules.job => C:\Program Files\Driver Tool\Driver Tool\DriverTool.exe
    Task: C:\WINDOWS\Tasks\Driver Tool-RTMScan.job => C:\Program Files\Driver Tool\Driver Tool\DriverTool.exe
    Task: C:\WINDOWS\Tasks\Driver Tool-RTMScanRunOnce.job => C:\Program Files\Driver Tool\Driver Tool\DriverTool.exe
    Task: C:\WINDOWS\Tasks\Driver Tool-RTMUpdater.job => C:\Program Files\Driver Tool\Driver Tool\DriverTool.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-501Core.job => C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-501UA.job => C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) ==============

    2015-02-25 16:04 - 2015-02-25 14:09 - 02902528 _____ () C:\Program Files\AVAST Software\Avast\defs\15022503\algo.dll
    2005-12-15 13:11 - 2003-07-29 20:27 - 00078336 _____ () C:\WINDOWS\System32\spool\PRTPROCS\W32X86\DLBCPP5C.dll
    2012-05-30 19:06 - 2012-05-30 19:06 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2012-05-30 19:06 - 2012-05-30 19:06 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2005-08-16 05:18 - 2011-02-04 17:48 - 00291840 _____ () C:\WINDOWS\system32\sbe.dll
    2005-08-16 05:18 - 2013-01-02 01:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
    2005-08-16 05:18 - 2008-04-13 19:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
    2005-08-16 05:18 - 2008-04-13 19:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
    2008-11-13 13:17 - 2008-11-13 13:17 - 00439616 _____ () C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe
    2008-11-13 13:15 - 2008-11-13 13:15 - 01581056 _____ () C:\Program Files\Pure Digital Technologies\FlipShare\QtCore4.dll
    2010-11-02 07:33 - 2010-11-02 07:33 - 00886272 _____ () C:\Program Files\Western Digital\WD SmartWare\System.Data.SQLite.dll
    2014-02-20 09:59 - 2014-10-30 19:11 - 00686952 _____ () C:\Program Files\Driver Tool\Driver Tool\ThemePack.DriverTool.dll
    2014-02-20 09:35 - 2014-10-30 19:11 - 00428424 _____ () C:\Program Files\Driver Tool\Driver Tool\Agent.Communication.XmlSerializers.dll
    2015-01-30 20:39 - 2015-01-30 20:39 - 03925104 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
    2012-01-09 00:28 - 2004-12-14 12:00 - 00430080 _____ () C:\Program Files\ION\EZ VHS Converter\fpxlib.dll
    2012-01-09 00:28 - 2006-01-06 14:51 - 00266303 _____ () C:\Program Files\ION\EZ VHS Converter\magengin.dll
    2012-01-09 00:28 - 2004-12-01 17:21 - 00180224 _____ () C:\Program Files\ION\EZ VHS Converter\kgl.dll
    2005-08-16 05:18 - 2007-04-02 07:49 - 00355112 _____ () C:\WINDOWS\system32\msjetoledb40.dll
    2010-03-31 19:57 - 2004-03-09 14:59 - 00065536 _____ () C:\WINDOWS\Twain_32\CA561A\SnapDetect.exe

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

    ==================== EXE Association (whitelisted) ===============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\dell.bmp
    DNS Servers: 192.168.2.1

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
    MSCONFIG\startupreg: AcronisTimounterMonitor => C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
    MSCONFIG\startupreg: AVLoginToDo => "C:\PROGRA~1\VEXIRA~1\Bin\avltd.exe"
    MSCONFIG\startupreg: DiscWizardMonitor.exe => C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
    MSCONFIG\startupreg: DVDLauncher => "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
    MSCONFIG\startupreg: ehTray => C:\WINDOWS\ehome\ehtray.exe
    MSCONFIG\startupreg: H/PC Connection Agent => "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    MSCONFIG\startupreg: hpqSRMon => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: MimBoot => C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
    MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background
    MSCONFIG\startupreg: Pando => "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: RealTray => C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
    MSCONFIG\startupreg: Seagate Scheduler2 Service => "C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe"
    MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    MSCONFIG\startupreg: StxTrayMenu => "C:\Program Files\Seagate\SystemTray\StxMenuMgr.exe"
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Java\jre6\bin\jusched.exe"
    MSCONFIG\startupreg: VBSysTray => "C:\PROGRA~1\VEXIRA~1\Bin\vbsystry.exe"

    ==================== Accounts: =============================

    Administrator (S-1-5-21-3236530329-1147617518-3913851753-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
    ALEX (S-1-5-21-3236530329-1147617518-3913851753-1009 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\ALEX
    ALEXIS (S-1-5-21-3236530329-1147617518-3913851753-1005 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\ALEXIS
    CATHYLYNN (S-1-5-21-3236530329-1147617518-3913851753-1006 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\CATHYLYNN
    Guest (S-1-5-21-3236530329-1147617518-3913851753-501 - Limited - Enabled) => %SystemDrive%\Documents and Settings\Guest
    HelpAssistant (S-1-5-21-3236530329-1147617518-3913851753-1004 - Limited - Disabled)
    MARISSA (S-1-5-21-3236530329-1147617518-3913851753-1008 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\MARISSA
    Mom's iPod Account (S-1-5-21-3236530329-1147617518-3913851753-1010 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Mom's iPod Account
    NICK (S-1-5-21-3236530329-1147617518-3913851753-1007 - Limited - Enabled) => %SystemDrive%\Documents and Settings\NICK
    SUPPORT_388945a0 (S-1-5-21-3236530329-1147617518-3913851753-1002 - Limited - Disabled)

    ==================== Faulty Device Manager Devices =============

    Name: Photosmart C4700 series
    Description: Photosmart C4700 series
    Class Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}
    Manufacturer: HP
    Service:
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

    Name: Officejet Pro 6830
    Description: Officejet Pro 6830
    Class Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}
    Manufacturer: HP
    Service:
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/25/2015 10:32:17 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application frst.exe, version 25.2.2015.1, faulting module frst.exe, version 25.2.2015.1, fault address 0x0001f09e.
    Processing media-specific event for [frst.exe!ws!]

    Error: (02/24/2015 08:00:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: Hanging application AdwCleaner.exe, version 4.1.1.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

    Error: (02/19/2015 09:37:48 PM) (Source: Picasa3) (EventID: 1) (User: )
    Description: Picasa has crashed.  A crash dump has been generated: C:\DOCUME~1\ALEXIS\LOCALS~1\Temp\Picasa_150219-213741.dmp

    Error: (02/06/2015 08:56:10 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application plugin-container.exe, version 35.0.1.5500, faulting module mozalloc.dll, version 35.0.1.5500, fault address 0x00001425.
    Processing media-specific event for [plugin-container.exe!ws!]

    Error: (01/26/2015 10:16:05 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application plugin-container.exe, version 35.0.0.5486, faulting module mozalloc.dll, version 35.0.0.5486, fault address 0x00001425.
    Processing media-specific event for [plugin-container.exe!ws!]

    Error: (01/26/2015 10:03:56 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application plugin-container.exe, version 35.0.0.5486, faulting module mozalloc.dll, version 35.0.0.5486, fault address 0x00001425.
    Processing media-specific event for [plugin-container.exe!ws!]

    Error: (01/26/2015 10:03:44 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: Hanging application firefox.exe, version 35.0.0.5486, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

    Error: (01/26/2015 10:03:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: Hanging application firefox.exe, version 35.0.0.5486, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

    Error: (01/18/2015 00:40:28 PM) (Source: crypt32) (EventID: 11) (User: )
    Description: Failed extract of third-party root list from auto update cab at: <http://www.download....authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

    Error: (01/18/2015 00:40:27 PM) (Source: crypt32) (EventID: 11) (User: )
    Description: Failed extract of third-party root list from auto update cab at: <http://www.download....authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


    System errors:
    =============
    Error: (02/25/2015 10:36:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 9 service to connect.

    Error: (02/25/2015 10:32:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The COM+ System Application service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.

    Error: (02/25/2015 10:31:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The COM+ System Application service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.

    Error: (02/24/2015 08:06:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Util Krab Web service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

    Error: (02/24/2015 08:06:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Update Krab Web service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

    Error: (02/19/2015 09:35:43 PM) (Source: DCOM) (EventID: 10000) (User: DH75M091)
    Description: Unable to start a DCOM Server: {FA08F856-F05E-499B-9A48-F153A147DF27}.
    The error:
    "%%14001"
    Happened while starting this command:
    "C:\Program Files\Pando Networks\Pando\pando.exe" -Embedding

    Error: (02/19/2015 09:35:43 PM) (Source: SideBySide) (EventID: 59) (User: )
    Description: Generate Activation Context failed for C:\Program Files\Pando Networks\Pando\pando.exe.
    Reference error message: The operation completed successfully.
    .

    Error: (02/16/2015 07:57:49 PM) (Source: Dhcp) (EventID: 1002) (User: )
    Description: The IP address lease 192.168.2.4 for the Network Card with network address 001320A72F3F has been
    denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

    Error: (02/14/2015 02:53:50 AM) (Source: Dhcp) (EventID: 1002) (User: )
    Description: The IP address lease 192.168.2.4 for the Network Card with network address 001320A72F3F has been
    denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

    Error: (02/11/2015 07:00:17 PM) (Source: Windows Update Agent) (EventID: 20) (User: )
    Description: Installation Failure: Windows failed to install the following update with error 0x80242007: Windows Malicious Software Removal Tool - February 2015 (KB890830).


    Microsoft Office Sessions:
    =========================
    Error: (02/25/2015 10:32:17 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: frst.exe25.2.2015.1frst.exe25.2.2015.10001f09e

    Error: (02/24/2015 08:00:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: AdwCleaner.exe4.1.1.1hungapp0.0.0.000000000

    Error: (02/19/2015 09:37:48 PM) (Source: Picasa3) (EventID: 1) (User: )
    Description: Picasa has crashed.  A crash dump has been generated: C:\DOCUME~1\ALEXIS\LOCALS~1\Temp\Picasa_150219-213741.dmp

    Error: (02/06/2015 08:56:10 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: plugin-container.exe35.0.1.5500mozalloc.dll35.0.1.550000001425

    Error: (01/26/2015 10:16:05 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: plugin-container.exe35.0.0.5486mozalloc.dll35.0.0.548600001425

    Error: (01/26/2015 10:03:56 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: plugin-container.exe35.0.0.5486mozalloc.dll35.0.0.548600001425

    Error: (01/26/2015 10:03:44 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: firefox.exe35.0.0.5486hungapp0.0.0.000000000

    Error: (01/26/2015 10:03:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: firefox.exe35.0.0.5486hungapp0.0.0.000000000

    Error: (01/18/2015 00:40:28 PM) (Source: crypt32) (EventID: 11) (User: )
    Description: http://www.download....uthrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

    Error: (01/18/2015 00:40:27 PM) (Source: crypt32) (EventID: 11) (User: )
    Description: http://www.download....uthrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


    ==================== Memory info ===========================

    Processor:  Intel® Pentium® 4 CPU 2.80GHz
    Percentage of memory in use: 47%
    Total physical RAM: 2038.07 MB
    Available physical RAM: 1077.04 MB
    Total Pagefile: 2640.2 MB
    Available Pagefile: 1847.14 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1927.5 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:436.5 GB) (Free:199.75 GB) NTFS ==>[Drive with boot components (Windows XP)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 465.8 GB) (Disk ID: 57A21624)
    Partition 1: (Not Active) - (Size=251 MB) - (Type=DE)
    Partition 2: (Active) - (Size=436.5 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=29 GB) - (Type=DB)

    ==================== End Of Log ============================

     

    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-02-2015 01
    Ran by ALEXIS at 2015-02-25 22:44:29
    Running from C:\Documents and Settings\ALEXIS\My Documents\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
    3ivx MPEG-4 5.0.3 (remove only) (HKLM\...\3ivx MPEG-4 5.0.3) (Version: 5.0.3 - 3ivx Technologies, Pty. Ltd.)
    ActiveLink Connect (HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\...\ActiveLink Connect) (Version: 5.8.0.17220 - Koninklijke Philips Electronics N.V.)
    ActiveLink Connect (Version: 5.8.0.17220 - Koninklijke Philips Electronics N.V.) Hidden
    Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.2.202.235 - Adobe Systems Incorporated)
    Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.2.202.235 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.2) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.2 - Adobe Systems Incorporated)
    AIM 6 (HKLM\...\AIM_6) (Version:  - )
    AIMTunes (HKLM\...\AIMTunes) (Version:  - )
    Anti-phishing Domain Advisor (HKLM\...\Anti-phishing Domain Advisor) (Version: 1.0.0.0 - Visicom Media Inc. (Powered by Panda Security))
    AOLIcon (Version: 1.00.0000 - Dell) Hidden
    Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
    Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    AtHomeConnect version 1.0.1.0 (HKLM\...\{631EFC00-5A7A-4A90-9578-039EDA92DE0F}_is1) (Version: 1.0.1.0 - HRBlock)
    avast! Free Antivirus (HKLM\...\avast) (Version: 7.0.1474.0 - AVAST Software)
    AVG 2011 (Version: 10.0.422 - AVG Technologies) Hidden
    Belkin N300 Micro USB Wireless Adapter (HKLM\...\{B20F9D1C-A0A5-4cd8-8306-DA03872311B1}) (Version: 1.00.0155 - )
    BlackBerry Desktop Software 4.5 (HKLM\...\BlackBerry_{CE5E3F15-320A-4865-97D3-F07227C5BB2F}) (Version: 4.5.0.15 - Research In Motion Ltd.)
    BlackBerry Desktop Software 4.5 (Version: 4.5.0.15 - Research In Motion Ltd.) Hidden
    blekko search bar (HKLM\...\blekkotb_026) (Version: 1.9.12.12 - Visicom Media Inc.) <==== ATTENTION
    Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
    BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
    Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version:  - Alactro LLC) <==== ATTENTION
    C4700 (Version: 130.0.373.000 - Hewlett-Packard) Hidden
    Canon Camera Access Library (HKLM\...\CAL) (Version: 8.4.0.1 - Canon Inc.)
    Canon Camera Support Core Library (HKLM\...\CSCLIB) (Version: 7.3.1.6 - Canon Inc.)
    Canon G.726 WMP-Decoder (HKLM\...\Canon G.726 WMP-Decoder) (Version: 1.1.0.4 - Canon Inc.)
    CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.6.0.12 - Canon Inc.)
    Canon Internet Library for ZoomBrowser EX (HKLM\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.2.7 - Canon Inc.)
    Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 2.6.0.4 - Canon Inc.)
    Canon RAW Image Task for ZoomBrowser EX (HKLM\...\RAW Image Task) (Version: 0.9.3.9 - Canon Inc.)
    Canon ScanGear Toolbox CS 2.2 (HKLM\...\Canon ScanGear Toolbox CS) (Version:  - )
    Canon Utilities CameraWindow (HKLM\...\CameraWindowLauncher) (Version: 7.1.0.2 - Canon Inc.)
    Canon Utilities CameraWindow DC (HKLM\...\CameraWindowDC) (Version: 7.1.0.7 - Canon Inc.)
    Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX (HKLM\...\CameraWindowDVC5) (Version: 5.4.5.17 - Canon Inc.)
    Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM\...\CameraWindowDVC6) (Version: 6.4.2.16 - Canon Inc.)
    Canon Utilities EOS Utility (HKLM\...\EOS Utility) (Version: 1.1.0.8 - Canon Inc.)
    Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 6.4.0.5 - Canon Inc.)
    Canon Utilities MyCamera DC (HKLM\...\MyCameraDC) (Version: 7.0.1.8 - Canon Inc.)
    Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.21.45 - Canon Inc.)
    Canon Utilities RemoteCapture DC (HKLM\...\RemoteCaptureDC) (Version: 3.0.1.8 - Canon Inc.)
    Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM\...\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.)
    Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.1.1.21 - Canon Inc.)
    Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.1.0.8 - Canon Inc.)
    Catalina Savings Printer (HKLM\...\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}) (Version: 1.0.0 - Catalina Marketing Corp) <==== ATTENTION
    Conexant D850 56K V.9x DFVc Modem (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1) (Version:  - )
    ConvertAd (HKLM\...\ConvertAd) (Version: 1.0.0.0 - ConvertAd) <==== ATTENTION
    CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
    D2400 (Version: 90.0.235.000 - Hewlett-Packard) Hidden
    D2400_Help (Version: 90.0.235.000 - Hewlett-Packard) Hidden
    Dell Digital Jukebox Driver (HKLM\...\Dell Digital Jukebox Driver) (Version:  - )
    Dell Driver Reset Tool (HKLM\...\{5905F42D-3F5F-4916-ADA6-94A3646AEE76}) (Version: 1.02.0000 - Dell Inc.)
    Dell Photo Printer 720 (HKLM\...\Dell Photo Printer 720) (Version:  - )
    Dell Photo Printer 720 Logger (HKLM\...\Dell Photo Printer 720 Logger) (Version: 1.0 - Dell)
    Dell Support 3.1 (HKLM\...\{548EEA8E-8299-497F-8057-811D2D7097DC}) (Version: 5.1.760 - Dell)
    Dell System Restore (HKLM\...\{74F7662C-B1DB-489E-A8AC-07A06B24978B}) (Version: 2.00.0000 - Dell Inc.)
    Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
    DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden
    Digital Content Portal (HKLM\...\{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}) (Version: 1.00.0000 - Dell)
    Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.10 - BVRP Software, Inc)
    DJ_SF_03_D4300_ProductContext (Version: 100.0.215.000 - Hewlett-Packard) Hidden
    DJ_SF_03_D4300_Software (Version: 100.0.206.000 - Hewlett-Packard) Hidden
    DJ_SF_03_D4300_Software_Min (Version: 100.0.206.000 - Hewlett-Packard) Hidden
    dj_sf_ProductContext (Version: 90.0.235.000 - Hewlett-Packard) Hidden
    dj_sf_software (Version: 90.0.235.000 - Hewlett-Packard) Hidden
    dj_sf_software_req (Version: 90.0.235.000 - Hewlett-Packard) Hidden
    Download and Sa (HKLM\...\{20E7BC40-33F6-4A81-9D52-B58349326206}) (Version:  - Dnsave)
    Driver Tool (HKLM\...\{AF142A83-507D-4F0F-92FC-40C7F76C1F87}) (Version: 8.1 - Driver Tool)
    EducateU (HKLM\...\{A683A2C0-821C-486F-858C-FA634DB5E864}) (Version: 1.00.0000 - Dell)
    ESPNMotion (HKLM\...\ESPNMotion) (Version: 2.1.6.0011 - ESPN Internet Ventures)
    EZSuite For Video Chat Kit (HKLM\...\{848e2630-c0c0-478a-a758-6639e5115993}) (Version: 1.0 - )
    F5 Networks VPN Client for Windows (HKLM\...\{6D4839CB-28B4-4070-8CA7-612CA92CA3D0}) (Version: 60.2010.0408.1513 - F5 Networks)
    Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
    ffdshow [rev 2202] [2008-10-10] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
    FlipShare (HKLM\...\{7732DA71-2FB6-5C99-D0D9-58A2DB360895}) (Version: 4.0.6.31692 - Pure Digital Technologies)
    Free DVD Creator version 2.0 (HKLM\...\Free DVD Creator (by minidvdsoft)_is1) (Version: 2.0 - www.minidvdsoft.com)
    FreeAgent Go Tools (HKLM\...\InstallShield_{ECD43B7A-CB3B-4AF8-91F6-C460A575E411}) (Version: 1.00.0032 - Seagate)
    FreeAgent Go Tools (Version: 1.00.0032 - Seagate) Hidden
    GemMaster Mystic (HKLM\...\12133444-BF36-4d4e-B7FB-A3424C645DE4) (Version:  - )
    Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
    Google Drive (HKLM\...\{65EACBB4-B0B8-4A5B-AE46-22DBE15C70B5}) (Version: 1.19.8406.6504 - Google, Inc.)
    Google Earth (HKLM\...\{9509674F-3972-11DE-806D-005056806466}) (Version: 5.0.11733.9347 - Google)
    Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
    Google Update Helper (Version: 1.3.26.7 - Google Inc.) Hidden
    H&R Block Deluxe + Efile + State 2010 (HKLM\...\{10964A8F-21C1-45EA-BC2D-F84B505C3848}) (Version: 10.04.6402 - HRB Technology, LLC.)
    H&R Block Deluxe + Efile + State 2011 (HKLM\...\{C6006AED-E5A7-4F77-BAD5-95AC43DE04F3}) (Version: 11.05.7102 - HRB Technology, LLC.)
    H&R Block Deluxe + Efile + State 2012 (HKLM\...\{89D20029-0578-4D8D-979A-695C8D868868}) (Version: 12.05.7803 - HRB Technology, LLC.)
    H&R Block Deluxe + Efile + State 2013 (HKLM\...\{EDE796DE-0A72-464D-9D21-F04BC41A092B}) (Version: 13.05.7601 - HRB Technology, LLC.)
    H&R Block New York 2009 (HKLM\...\{56F59702-1BB9-4C1B-BB8A-FB5F84A90378}) (Version: 1.09.4601 - HRB Technology, LLC.)
    H&R Block New York 2010 (HKLM\...\{5A80C75C-EB3A-4275-A6C4-2E20349DBF4C}) (Version: 1.10.4901 - HRB Technology, LLC.)
    H&R Block New York 2011 (HKLM\...\{6C434B52-8D0F-4080-9649-7497445DDCD4}) (Version: 1.11.4401 - HRB Technology, LLC.)
    H&R Block New York 2012 (HKLM\...\{0A5FB059-9FF1-4A78-9753-4D7656560DAF}) (Version: 1.12.7001 - HRB Technology, LLC.)
    H&R Block New York 2013 (HKLM\...\{E3B9117D-7476-4C74-8C22-337F630D6602}) (Version: 1.13.6101 - HRB Technology, LLC.)
    H&R Block Premium + Efile + State 2009 (HKLM\...\{90AACECD-1E42-4D22-ABAD-7FB9B67B262D}) (Version: 09.06.6501 - HRB Technology, LLC.)
    High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
    HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
    HP Deskjet D4300 Printer Driver Software 10.0 Rel .3 (HKLM\...\{387D9916-BD27-480f-8CF0-3228832BBAA2}) (Version: 10.0 - HP)
    HP Deskjet Printer Driver Software 9.0 (HKLM\...\{03E66394-42F0-4745-85F7-0A2F8F35C09F}) (Version: 9.0 - HP)
    HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
    HP Photosmart C4700 All-In-One Driver Software 13.0 Rel .6 (HKLM\...\{2012D762-5DCA-455A-B5FE-EDF79BC93E18}) (Version: 13.0 - HP)
    HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
    HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
    HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
    HP Update (HKLM\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
    hpPrintProjects (Version: 130.0.303.000 - Hewlett-Packard) Hidden
    HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
    hpWLPGInstaller (Version: 130.0.303.000 - Hewlett-Packard) Hidden
    iCopyExpert 3.1.2 (HKLM\...\iCopyExpert_is1) (Version:  - iCopyExpert.com)
    Intel® Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4363 - )
    Intel® PRO Network Connections Drivers (HKLM\...\PROSet) (Version:  - )
    Intel® PROSet for Wired Connections (HKLM\...\{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}) (Version: 9.20.0000 - Dell)
    Internet Explorer Default Page (Version: 1.00.03 - Dell Inc.) Hidden
    ION EZ VHS Converter (HKLM\...\{04E364F1-4582-4567-A6C8-C7FBBCC86C91}) (Version:  - ION)
    iTunes (HKLM\...\{C197BC08-3D82-4651-8886-E68C21578A38}) (Version: 11.1.3.8 - Apple Inc.)
    Java 2 Runtime Environment, SE v1.4.2_03 (HKLM\...\{7148F0A8-6813-11D6-A77B-00B0D0142030}) (Version: 1.4.2_03 - Sun Microsystems, Inc.)
    Java™ 6 Update 27 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216013FF}) (Version: 6.0.270 - Sun Microsystems, Inc.)
    Krab Web (HKLM\...\Krab Web) (Version: 2015.01.18.122328 - Krab Web) <==== ATTENTION
    Learn2 Player (Uninstall Only) (HKLM\...\StreetPlugin) (Version:  - )
    Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
    MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
    Microsoft .NET Framework 1.0 Hotfix (KB2572066) (HKLM\...\KB2572066) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.0 Hotfix (KB2604042) (HKLM\...\KB2604042) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.0 Hotfix (KB2656378) (HKLM\...\KB2656378) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.0 Hotfix (KB953295) (HKLM\...\KB953295) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM\...\KB979904) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.0 Security Update (KB2698035) (HKLM\...\KB2698035) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM\...\KB2742607) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.0 Security Update (KB2833951) (HKLM\...\KB2833951) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM\...\KB2904878) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
    Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
    Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
    Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
    Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
    Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
    Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft Office XP Professional with FrontPage (HKLM\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.01 - Microsoft Corporation)
    Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3514 - Microsoft Corporation)
    Microsoft Plus! Photo Story 2 LE (HKLM\...\{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft WinUsb 1.0 (HKLM\...\winusb0100) (Version:  - Microsoft Corporation)
    Modem Helper (HKLM\...\{7F142D56-3326-11D5-B229-002078017FBF}) (Version: 2.40 - BVRP Software)
    Mozilla Firefox 35.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Music Rescue (HKLM\...\{3364BD16-5A28-4862-86A1-A8FF5FD23919}) (Version: 4.1.2.45 - KennettNet Software Ltd)
    Musicmatch for Windows Media Player (HKLM\...\{E93E5EF6-D361-481E-849D-F16EF5C78EBC}) (Version: 0.00.000 - )
    Musicmatch® Jukebox (HKLM\...\{85D3CC30-8859-481A-9654-FD9B74310BEF}) (Version: 10.10.0097 - )
    Musicnotes Software Suite 1.6.0 (HKLM\...\Musicnotes Combined Installer_is1) (Version: 1.6.0 - Musicnotes Inc.)
    MyWay Search Assistant (HKLM\...\{E7559288-223B-453C-9F06-340E3BE21E39}) (Version: 1.0.1 - MyWay)
    NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.12 - BVRP Software, Inc)
    Network (Version: 130.0.572.000 - Hewlett-Packard) Hidden
    NetZeroInstallers (HKLM\...\{352310C3-E46B-42D3-8F32-54721FDD72D9}) (Version: 1.0.0 - NetZero, Inc.)
    Otto (HKLM\...\B3EE3001-DC24-4cd1-8743-5692C716659F) (Version:  - )
    Pando (HKLM\...\{AB480DA0-7EE9-465D-9C12-4CDE65BF18FB}) (Version: 2.3.0009 - Pando Networks Inc.)
    Pando Toolbar (HKLM\...\PandoBar Uninstall) (Version:  - Pando.com)
    PanoStandAlone (Version: 90.0.146.000 - Hewlett-Packard) Hidden
    PepperZip 2.0 (HKLM\...\PepperZip) (Version: 2.0 - PepperWare Co.Ltd.) <==== ATTENTION
    Picasa 3 (HKLM\...\Picasa 3) (Version: 3.1 - Google, Inc.)
    PoriceChoOp (HKLM\...\{B945F928-45A2-231E-495F-38C40CA198E9}) (Version: 3.2.0.1010 - )
    PowerDVD 5.5 (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
    PS_AIO_06_C4700_SW_Min (Version: 130.0.373.000 - Hewlett-Packard) Hidden
    PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden
    QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
    RealPlayer Basic (HKLM\...\RealPlayer 6.0) (Version:  - )
    Remote Desktop Access (VuuPC) (HKLM\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.6.0 - SAMSUNG Electronics Co., Ltd.)
    SaveMiaSs (HKLM\...\{F7FFE175-E3D6-2E86-0226-1D3AE4905E40}) (Version: 3.3.0.1507 - )
    Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Seagate DiscWizard (HKLM\...\{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}) (Version: 11.0.8142 - Seagate)
    Search Protect (HKLM\...\SearchProtect) (Version: 2.21.0.204 - Client Connect LTD) <==== ATTENTION
    Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
    Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
    Sibelius Scorch (Firefox, Opera, Netscape only) (HKLM\...\{7115EE2B-62BF-4DEB-B4AA-91456D245F47}) (Version: 6.0.2 - Sibelius Software)
    Skype Toolbars (HKLM\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
    Skype™ 4.2 (HKLM\...\{D103C4BA-F905-437A-8049-DB24763BBE36}) (Version: 4.2.155 - Skype Technologies S.A.)
    Skype™ 5.5 (HKLM\...\{AA59DDE4-B672-4621-A016-4C248204957A}) (Version: 5.5.124 - Skype Technologies S.A.)
    SmartMusic 2011a (HKLM\...\SmartMusic 2011a) (Version: 13.0.0 - MakeMusic)
    SmartWebPrinting (Version: 130.0.373.000 - Hewlett-Packard) Hidden
    Software Updater (HKLM\...\SoftwareUpdater) (Version: 1.0.0.0 - Software Updater Ltd)
    Sonic DLA (HKLM\...\{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 4.95 - Sonic Solutions)
    Sonic Encoders (HKLM\...\{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)
    Sonic MyDVD LE (HKLM\...\{21657574-BD54-48A2-9450-EB03B2C7FC29}) (Version: 6.1.1 - Sonic Solutions)
    Sonic RecordNow Audio (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.0 - Sonic Solutions)
    Sonic RecordNow Copy (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.0 - Sonic Solutions)
    Sonic RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.0 - Sonic Solutions)
    Sonic Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Sonic Solutions)
    Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden
    SW_Sustainer 1.80 (HKLM\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{280f2936}) (Version:  - Certified Publisher) <==== ATTENTION
    Synctunes Desktop (HKLM\...\{684F10A9-E071-4629-B5F6-445C54C37AB3}) (Version: 1.0.4 - MAhmed Labs)
    TaxCut New York 2008 (HKLM\...\{4BAC29B6-145B-49D0-A2FC-A79AE4F606E5}) (Version: 1.08.4701 - H&R Block Digital Tax Solutions LLC.)
    TaxCut Premium + State + Efile 2008 (HKLM\...\{BBB33AD6-BCF7-4002-B6A0-6DC679AE5C18}) (Version: 08.07.7101 - H & R Block)
    Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
    TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden
    UnloadSupport (Version: 10.0.0 - Hewlett-Packard) Hidden
    Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM\...\KB900325) (Version:  - Microsoft Corporation)
    USB PC Camera (HKLM\...\{A9698A67-7E71-11D8-B9BF-00E018FAA1E4}) (Version:  - )
    VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden
    Viewpoint Media Player (HKLM\...\ViewpointMediaPlayer) (Version:  - )
    Walmart MP3 Music Downloads (HKLM\...\Walmart MP3 Music Downloads) (Version: 1.5.0.7 - Walmart.com)
    WD Link (HKLM\...\WD Link) (Version: 1.00.03 - Western Digital)
    WD SmartWare (HKLM\...\{51B055DD-A5F8-4D0C-A09C-66E58AD56F20}) (Version: 1.5.1 - Western Digital)
    WebCyberCoach 3.2 Dell (HKLM\...\WebCyberCoach_wtrb) (Version:  - )
    WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
    WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
    WeightWatchers Connections 2010 Portal (HKLM\...\{4496E9B5-56AF-4A9C-BC02-BCBF63824224}) (Version: 1.0 - WeightWatchers)
    WildTangent Web Driver (HKLM\...\WildTangent CDA) (Version:  - )
    WinCheck (HKLM\...\wincheck) (Version: 1.0.0.0 - WinCheck) <==== ATTENTION!
    Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
    Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
    Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
    Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
    Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
    Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
    Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
    Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
    Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
    Windows Media Player 10 Hotfix - KB894476 (HKLM\...\KB894476) (Version:  - Microsoft Corporation)
    Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information] (HKLM\...\EmeraldQFE2) (Version:  - Microsoft Corporation)
    Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
    Windows XP Media Center Edition 2005 KB2502898 (HKLM\...\KB2502898) (Version:  - Microsoft Corporation)
    Windows XP Media Center Edition 2005 KB2619340 (HKLM\...\KB2619340) (Version:  - Microsoft Corporation)
    Windows XP Media Center Edition 2005 KB2628259 (HKLM\...\KB2628259) (Version:  - Microsoft Corporation)
    Windows XP Media Center Edition 2005 KB908246 (HKLM\...\KB908246) (Version:  - Microsoft Corporation)
    Windows XP Media Center Edition 2005 KB908250 (HKLM\...\KB908250) (Version:  - Microsoft Corporation)
    Windows XP Media Center Edition 2005 KB973768 (HKLM\...\KB973768) (Version:  - Microsoft Corporation)
    Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
    Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )
    Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{0C1EB979-8EC7-46E8-8097-246957D6B94C}\localserver32 -> C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{10A31DA6-8BF9-4767-9C2E-E4C4F4FF2310}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\rim_hh.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{1434DD3D-0AF6-41E0-BB71-8C86010D9AF5}\localserver32 -> C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{326787D9-37B9-47A6-B539-EE13E7B04B8B}\InprocServer32 -> C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\devicemanagerproperties.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{3A7AD31E-F164-4861-928B-4FE44092F5B8}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\IS71 Connectors\Data Migration Wizard\Connectors\Windows Mobile Connector\WinCEConnector.dll (Nokia Corporation.)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{44EC053A-400F-11D0-9DCD-00A0C90391D3}\InprocServer32 -> No File Path
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{47F64EC4-1AD6-4168-9D4C-00F3842F7CFB}\InprocServer32 -> C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\DeviceManagerProperties.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{5F6FFE82-8B74-43BF-A583-EF4E3AEF9C3D}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\IS71 Connectors\Data Migration Wizard\Connectors\Palm Desktop\syncproxy.dll (Nokia Corporation.)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{78496FD9-A9D7-4F59-8934-84A5DC5679D8}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\IS71 Connectors\Data Migration Wizard\Connectors\Palm Desktop\PDXlator.dll (Nokia Corporation.)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{82D1C283-A637-4A07-B1EC-8C7AE661EAF1}\InprocServer32 -> C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\devicemanagerproperties.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{8376CB5C-B66B-4678-AB07-03E5FDA2F04E}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\IS71 Connectors\Data Migration Wizard\CXLServer1.dll (Nokia Corporation.)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{A4DB76BC-7A1C-44e7-8B3F-9F55E7AF32C0}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\IS71 Connectors\YahooNotifier.dll No File
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{A7266397-8FCE-495E-847A-13E56C5E5F56}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\rim_asci.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{B776FDAF-2388-42D0-8A7C-386E1BC2E19E}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\IS71 Connectors\Data Migration Wizard\Connectors\Palm Desktop\pdapi2.dll (Nokia Corporation.)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{B922E441-248E-419B-898C-D994FFBA56EE}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\RIMCXLServer.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{BA3D0120-E617-4F66-ADCA-585CC2FB86DB}\localserver32 -> C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{C8992C14-DF59-4518-808F-CCFBB5850282}\InprocServer32 -> C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\devicemanagerproperties.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{CAFCE71A-72F0-41AD-A8A4-4F70CDD72381}\InprocServer32 -> C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManagerps.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll (EasyBits Media AS)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{E2159021-A507-48F9-9DF1-EC5AFDBA5066}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\IS71 Connectors\Data Migration Wizard\Connectors\Palm Desktop\PDAPI.dll (Nokia Corporation.)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{E3AA9B8F-F8BF-4536-A3D8-B405A4C6B5AE}\InprocServer32 -> C:\Program Files\Research In Motion\BlackBerry\IS71 Connectors\Yahoo Connector\DCSXlator.dll (Nokia)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{EB59852D-B38E-4A4C-94BA-6731836E5538}\InprocServer32 -> C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\DeviceManagerProperties.dll (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{EE7F6B66-AC97-41CF-BD88-372DDB786DB6}\localserver32 -> C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (Research In Motion Limited)
    CustomCLSID: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005_Classes\CLSID\{F6CF0104-4F4A-4EBE-999D-A12D838E65B5}\InprocServer32 -> C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgrPs.dll (Research In Motion Limited)

    ==================== Restore Points  =========================

    14-01-2015 03:00:16 Software Distribution Service 3.0
    15-01-2015 03:08:37 System Checkpoint
    30-01-2015 21:34:51 System Checkpoint
    31-01-2015 22:23:40 System Checkpoint
    02-02-2015 08:18:47 System Checkpoint
    07-02-2015 07:45:30 System Checkpoint
    08-02-2015 08:15:53 System Checkpoint
    09-02-2015 08:20:25 System Checkpoint
    10-02-2015 13:03:58 System Checkpoint
    11-02-2015 03:00:17 Software Distribution Service 3.0
    12-02-2015 04:17:17 System Checkpoint
    16-02-2015 23:10:45 System Checkpoint
    18-02-2015 00:04:59 System Checkpoint
    19-02-2015 00:10:09 System Checkpoint
    20-02-2015 00:36:17 System Checkpoint
    21-02-2015 00:36:47 System Checkpoint
    22-02-2015 01:48:35 System Checkpoint
    23-02-2015 02:51:34 System Checkpoint
    24-02-2015 03:00:01 System Checkpoint
    24-02-2015 20:39:25 OTL Restore Point - 2/24/2015 8:39:15 PM
    25-02-2015 20:48:11 System Checkpoint

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2005-08-16 05:18 - 2011-07-29 20:16 - 00000098 ____A C:\WINDOWS\system32\Drivers\etc\hosts
    127.0.0.1       localhost
    ::1       localhost

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
    Task: C:\WINDOWS\Tasks\Driver Tool-RTMRules.job => C:\Program Files\Driver Tool\Driver Tool\DriverTool.exe
    Task: C:\WINDOWS\Tasks\Driver Tool-RTMScan.job => C:\Program Files\Driver Tool\Driver Tool\DriverTool.exe
    Task: C:\WINDOWS\Tasks\Driver Tool-RTMScanRunOnce.job => C:\Program Files\Driver Tool\Driver Tool\DriverTool.exe
    Task: C:\WINDOWS\Tasks\Driver Tool-RTMUpdater.job => C:\Program Files\Driver Tool\Driver Tool\DriverTool.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-501Core.job => C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-501UA.job => C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) ==============

    2015-02-25 16:04 - 2015-02-25 14:09 - 02902528 _____ () C:\Program Files\AVAST Software\Avast\defs\15022503\algo.dll
    2005-12-15 13:11 - 2003-07-29 20:27 - 00078336 _____ () C:\WINDOWS\System32\spool\PRTPROCS\W32X86\DLBCPP5C.dll
    2012-05-30 19:06 - 2012-05-30 19:06 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2012-05-30 19:06 - 2012-05-30 19:06 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2005-08-16 05:18 - 2011-02-04 17:48 - 00291840 _____ () C:\WINDOWS\system32\sbe.dll
    2005-08-16 05:18 - 2013-01-02 01:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
    2005-08-16 05:18 - 2008-04-13 19:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
    2005-08-16 05:18 - 2008-04-13 19:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
    2008-11-13 13:17 - 2008-11-13 13:17 - 00439616 _____ () C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe
    2008-11-13 13:15 - 2008-11-13 13:15 - 01581056 _____ () C:\Program Files\Pure Digital Technologies\FlipShare\QtCore4.dll
    2010-11-02 07:33 - 2010-11-02 07:33 - 00886272 _____ () C:\Program Files\Western Digital\WD SmartWare\System.Data.SQLite.dll
    2014-02-20 09:59 - 2014-10-30 19:11 - 00686952 _____ () C:\Program Files\Driver Tool\Driver Tool\ThemePack.DriverTool.dll
    2014-02-20 09:35 - 2014-10-30 19:11 - 00428424 _____ () C:\Program Files\Driver Tool\Driver Tool\Agent.Communication.XmlSerializers.dll
    2015-01-30 20:39 - 2015-01-30 20:39 - 03925104 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
    2012-01-09 00:28 - 2004-12-14 12:00 - 00430080 _____ () C:\Program Files\ION\EZ VHS Converter\fpxlib.dll
    2012-01-09 00:28 - 2006-01-06 14:51 - 00266303 _____ () C:\Program Files\ION\EZ VHS Converter\magengin.dll
    2012-01-09 00:28 - 2004-12-01 17:21 - 00180224 _____ () C:\Program Files\ION\EZ VHS Converter\kgl.dll
    2005-08-16 05:18 - 2007-04-02 07:49 - 00355112 _____ () C:\WINDOWS\system32\msjetoledb40.dll
    2010-03-31 19:57 - 2004-03-09 14:59 - 00065536 _____ () C:\WINDOWS\Twain_32\CA561A\SnapDetect.exe

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

    ==================== EXE Association (whitelisted) ===============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\dell.bmp
    DNS Servers: 192.168.2.1

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
    MSCONFIG\startupreg: AcronisTimounterMonitor => C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
    MSCONFIG\startupreg: AVLoginToDo => "C:\PROGRA~1\VEXIRA~1\Bin\avltd.exe"
    MSCONFIG\startupreg: DiscWizardMonitor.exe => C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
    MSCONFIG\startupreg: DVDLauncher => "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
    MSCONFIG\startupreg: ehTray => C:\WINDOWS\ehome\ehtray.exe
    MSCONFIG\startupreg: H/PC Connection Agent => "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    MSCONFIG\startupreg: hpqSRMon => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: MimBoot => C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
    MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background
    MSCONFIG\startupreg: Pando => "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: RealTray => C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
    MSCONFIG\startupreg: Seagate Scheduler2 Service => "C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe"
    MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    MSCONFIG\startupreg: StxTrayMenu => "C:\Program Files\Seagate\SystemTray\StxMenuMgr.exe"
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Java\jre6\bin\jusched.exe"
    MSCONFIG\startupreg: VBSysTray => "C:\PROGRA~1\VEXIRA~1\Bin\vbsystry.exe"

    ==================== Accounts: =============================

    Administrator (S-1-5-21-3236530329-1147617518-3913851753-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
    ALEX (S-1-5-21-3236530329-1147617518-3913851753-1009 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\ALEX
    ALEXIS (S-1-5-21-3236530329-1147617518-3913851753-1005 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\ALEXIS
    CATHYLYNN (S-1-5-21-3236530329-1147617518-3913851753-1006 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\CATHYLYNN
    Guest (S-1-5-21-3236530329-1147617518-3913851753-501 - Limited - Enabled) => %SystemDrive%\Documents and Settings\Guest
    HelpAssistant (S-1-5-21-3236530329-1147617518-3913851753-1004 - Limited - Disabled)
    MARISSA (S-1-5-21-3236530329-1147617518-3913851753-1008 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\MARISSA
    Mom's iPod Account (S-1-5-21-3236530329-1147617518-3913851753-1010 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Mom's iPod Account
    NICK (S-1-5-21-3236530329-1147617518-3913851753-1007 - Limited - Enabled) => %SystemDrive%\Documents and Settings\NICK
    SUPPORT_388945a0 (S-1-5-21-3236530329-1147617518-3913851753-1002 - Limited - Disabled)

    ==================== Faulty Device Manager Devices =============

    Name: Photosmart C4700 series
    Description: Photosmart C4700 series
    Class Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}
    Manufacturer: HP
    Service:
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

    Name: Officejet Pro 6830
    Description: Officejet Pro 6830
    Class Guid: {4D36E971-E325-11CE-BFC1-08002BE10318}
    Manufacturer: HP
    Service:
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/25/2015 10:32:17 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application frst.exe, version 25.2.2015.1, faulting module frst.exe, version 25.2.2015.1, fault address 0x0001f09e.
    Processing media-specific event for [frst.exe!ws!]

    Error: (02/24/2015 08:00:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: Hanging application AdwCleaner.exe, version 4.1.1.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

    Error: (02/19/2015 09:37:48 PM) (Source: Picasa3) (EventID: 1) (User: )
    Description: Picasa has crashed.  A crash dump has been generated: C:\DOCUME~1\ALEXIS\LOCALS~1\Temp\Picasa_150219-213741.dmp

    Error: (02/06/2015 08:56:10 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application plugin-container.exe, version 35.0.1.5500, faulting module mozalloc.dll, version 35.0.1.5500, fault address 0x00001425.
    Processing media-specific event for [plugin-container.exe!ws!]

    Error: (01/26/2015 10:16:05 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application plugin-container.exe, version 35.0.0.5486, faulting module mozalloc.dll, version 35.0.0.5486, fault address 0x00001425.
    Processing media-specific event for [plugin-container.exe!ws!]

    Error: (01/26/2015 10:03:56 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application plugin-container.exe, version 35.0.0.5486, faulting module mozalloc.dll, version 35.0.0.5486, fault address 0x00001425.
    Processing media-specific event for [plugin-container.exe!ws!]

    Error: (01/26/2015 10:03:44 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: Hanging application firefox.exe, version 35.0.0.5486, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

    Error: (01/26/2015 10:03:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: Hanging application firefox.exe, version 35.0.0.5486, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

    Error: (01/18/2015 00:40:28 PM) (Source: crypt32) (EventID: 11) (User: )
    Description: Failed extract of third-party root list from auto update cab at: <http://www.download....authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

    Error: (01/18/2015 00:40:27 PM) (Source: crypt32) (EventID: 11) (User: )
    Description: Failed extract of third-party root list from auto update cab at: <http://www.download....authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


    System errors:
    =============
    Error: (02/25/2015 10:36:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 9 service to connect.

    Error: (02/25/2015 10:32:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The COM+ System Application service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.

    Error: (02/25/2015 10:31:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The COM+ System Application service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.

    Error: (02/24/2015 08:06:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Util Krab Web service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

    Error: (02/24/2015 08:06:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Update Krab Web service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

    Error: (02/19/2015 09:35:43 PM) (Source: DCOM) (EventID: 10000) (User: DH75M091)
    Description: Unable to start a DCOM Server: {FA08F856-F05E-499B-9A48-F153A147DF27}.
    The error:
    "%%14001"
    Happened while starting this command:
    "C:\Program Files\Pando Networks\Pando\pando.exe" -Embedding

    Error: (02/19/2015 09:35:43 PM) (Source: SideBySide) (EventID: 59) (User: )
    Description: Generate Activation Context failed for C:\Program Files\Pando Networks\Pando\pando.exe.
    Reference error message: The operation completed successfully.
    .

    Error: (02/16/2015 07:57:49 PM) (Source: Dhcp) (EventID: 1002) (User: )
    Description: The IP address lease 192.168.2.4 for the Network Card with network address 001320A72F3F has been
    denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

    Error: (02/14/2015 02:53:50 AM) (Source: Dhcp) (EventID: 1002) (User: )
    Description: The IP address lease 192.168.2.4 for the Network Card with network address 001320A72F3F has been
    denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

    Error: (02/11/2015 07:00:17 PM) (Source: Windows Update Agent) (EventID: 20) (User: )
    Description: Installation Failure: Windows failed to install the following update with error 0x80242007: Windows Malicious Software Removal Tool - February 2015 (KB890830).


    Microsoft Office Sessions:
    =========================
    Error: (02/25/2015 10:32:17 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: frst.exe25.2.2015.1frst.exe25.2.2015.10001f09e

    Error: (02/24/2015 08:00:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: AdwCleaner.exe4.1.1.1hungapp0.0.0.000000000

    Error: (02/19/2015 09:37:48 PM) (Source: Picasa3) (EventID: 1) (User: )
    Description: Picasa has crashed.  A crash dump has been generated: C:\DOCUME~1\ALEXIS\LOCALS~1\Temp\Picasa_150219-213741.dmp

    Error: (02/06/2015 08:56:10 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: plugin-container.exe35.0.1.5500mozalloc.dll35.0.1.550000001425

    Error: (01/26/2015 10:16:05 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: plugin-container.exe35.0.0.5486mozalloc.dll35.0.0.548600001425

    Error: (01/26/2015 10:03:56 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: plugin-container.exe35.0.0.5486mozalloc.dll35.0.0.548600001425

    Error: (01/26/2015 10:03:44 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: firefox.exe35.0.0.5486hungapp0.0.0.000000000

    Error: (01/26/2015 10:03:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: firefox.exe35.0.0.5486hungapp0.0.0.000000000

    Error: (01/18/2015 00:40:28 PM) (Source: crypt32) (EventID: 11) (User: )
    Description: http://www.download....uthrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

    Error: (01/18/2015 00:40:27 PM) (Source: crypt32) (EventID: 11) (User: )
    Description: http://www.download....uthrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


    ==================== Memory info ===========================

    Processor:  Intel® Pentium® 4 CPU 2.80GHz
    Percentage of memory in use: 47%
    Total physical RAM: 2038.07 MB
    Available physical RAM: 1077.04 MB
    Total Pagefile: 2640.2 MB
    Available Pagefile: 1847.14 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1927.5 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:436.5 GB) (Free:199.75 GB) NTFS ==>[Drive with boot components (Windows XP)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 465.8 GB) (Disk ID: 57A21624)
    Partition 1: (Not Active) - (Size=251 MB) - (Type=DE)
    Partition 2: (Active) - (Size=436.5 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=29 GB) - (Type=DB)

    ==================== End Of Log ============================


    • 0

    #7
    alexisstephani

    alexisstephani

      Member

    • Topic Starter
    • Member
    • PipPip
    • 33 posts

    This is the FRST.txt below, I posted it last and I posted the Addition.txt in the previous post.

    Please let me know if I missed something, Thank You. 

     

     

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-02-2015 01
    Ran by ALEXIS (administrator) on DH75M091 on 25-02-2015 22:42:40
    Running from C:\Documents and Settings\ALEXIS\My Documents\Downloads
    Loaded Profiles: ALEXIS (Available profiles: ALEXIS & CATHYLYNN & NICK & MARISSA & ALEX & Mom's iPod Account & Administrator & Guest)
    Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
    Internet Explorer Version 8 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Lexmark International, Inc.) C:\WINDOWS\system32\LEXBCES.EXE
    (Lexmark International, Inc.) C:\WINDOWS\system32\LEXPPS.EXE
    (ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
    (Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
    (F5 Networks) C:\WINDOWS\system32\F5InstallerService.exe
    () C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe
    (Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
    (Seagate Technology LLC) C:\Program Files\Seagate\Sync\SeaSyncServices.exe
    (Seagate) C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
    (WDC) C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
    (Western Digital ) C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
    (Canon Inc.) C:\Program Files\Canon\CAL\CALMAIN.exe
    (Microsoft Corporation) C:\WINDOWS\system32\fxssvc.exe
    (Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
    (Western Digital ) C:\Program Files\Western Digital\WD SmartWare\WDFME.exe
    (Sonic Solutions) C:\WINDOWS\system32\dla\tfswctrl.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
    (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
    (ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    (Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
    (PC Drivers Headquarters) C:\Program Files\Driver Tool\Driver Tool\DriverTool.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Koninklijke Philips N.V.) C:\Documents and Settings\ALEXIS\Application Data\DirectLife\ALconnect\ALconnect.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (BVRP Software) C:\Program Files\Digital Line Detect\DLG.exe
    (ADS Corp.) C:\Program Files\ION\EZ VHS Converter\MediaTVMonitor.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    () C:\WINDOWS\twain_32\ca561a\SnapDetect.exe
    (Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD SmartWare\WDDMStatus.exe
    (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2005-07-20] (Intel Corporation)
    HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [114688 2005-07-20] (Intel Corporation)
    HKLM\...\Run: [dla] => C:\WINDOWS\system32\dla\tfswctrl.exe [127035 2004-12-06] (Sonic Solutions)
    HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [86960 2006-09-11] (Macrovision Corporation)
    HKLM\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4297136 2012-10-30] (AVAST Software)
    HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
    HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [109056 2008-07-04] (ArcSoft Inc.)
    HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
    HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
    HKLM\...\Run: [Malwarebytes' Anti-Malware] => "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
    HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
    HKLM\...\Policies\Explorer: [NoCDBurning] 0
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\...\Run: [ISUSPM] => "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-13] (Microsoft Corporation)
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\...\Run: [Driver Tool] => C:\Program Files\Driver Tool\Driver Tool\DriverTool.exe [4785496 2014-10-30] (PC Drivers Headquarters)
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\...\Run: [ALconnect] => C:\Documents and Settings\ALEXIS\Application Data\DirectLife\ALconnect\ALconnect.exe [1399320 2014-10-19] (Koninklijke Philips N.V.)
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\...\MountPoints2: {141e348d-ebdd-11e2-87a3-08863b50be52} - F:\VZW_Software_upgrade_assistant.exe
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\...\MountPoints2: {361ac05d-0e0d-11da-9aa9-806d6172696f} - E:\setup.exe
    Lsa: [Authentication Packages] msv1_0 relog_ap
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AtHomeConnect.lnk
    ShortcutTarget: AtHomeConnect.lnk -> C:\Program Files\AtHomeConnect\AtHomeConnect.exe (HR Block                            )
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
    ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\dlbcserv.lnk
    ShortcutTarget: dlbcserv.lnk -> C:\Program Files\Dell Photo Printer 720\dlbcserv.exe ()
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\EZ VHS Converter Monitor.lnk
    ShortcutTarget: EZ VHS Converter Monitor.lnk -> C:\Program Files\ION\EZ VHS Converter\MediaTVMonitor.exe (ADS Corp.)
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
    ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SnapDetect.lnk
    ShortcutTarget: SnapDetect.lnk -> C:\WINDOWS\twain_32\ca561a\SnapDetect.exe ()
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WD Quick View.lnk
    ShortcutTarget: WD Quick View.lnk -> C:\Program Files\Western Digital\WD SmartWare\WDDMStatus.exe (Western Digital Technologies, Inc.)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
    ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
    ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
    ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
    ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
    ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
    ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
    HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
    SearchScopes: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
    SearchScopes: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005 -> {48BEE687-4D1F-4DB9-9889-4D4A989E4D28} URL = http://delicious.com...p={searchTerms}
    SearchScopes: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005 -> {5F31840E-E7B1-4915-8C9D-3E6F22B35D52} URL = http://www.flickr.co...q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.co...soft:{language}
    SearchScopes: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005 -> {81133FE2-8F21-4DCF-9CB8-C5C4C3285F73} URL = http://search.yahoo....f-8&fr=chr-yie8
    SearchScopes: HKU\S-1-5-21-3236530329-1147617518-3913851753-1005 -> {ED2D00CE-667F-4071-B550-87D4145CD07C} URL = http://rover.ebay.co...e={searchTerms}
    BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
    BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    BHO: No Name -> {5CA3D70E-1895-11CF-8E15-001234567890} ->  No File
    BHO: avast! WebRep -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
    BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
    BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
    Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    DPF: {00627E89-A19D-4A2B-938B-059CB7B1B493} file://C:/Program Files/F5 VPN/F5_TMP/f5certchk.cab
    DPF: {195538FD-1C39-44B1-A7C3-5D7137A8A8F1} file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab
    DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} file://C:/Program Files/F5 VPN/F5_TMP/cachecleaner.cab
    DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} file://C:/Program Files/F5 VPN/F5_TMP/urxvpn.cab
    DPF: {30CF9713-6614-4556-B5F5-66F8C7F9DEF1} file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab
    DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} file://C:/Program Files/F5 VPN/F5_TMP/f5tunsrv.cab
    DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} file://C:/Program Files/F5 VPN/F5_TMP/InstallerControl.cab
    DPF: {49EC7987-E331-44E3-B170-748B58A268B9} file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab
    DPF: {57C76689-F052-487B-A19F-855AFDDF28EE} file://C:/Program Files/F5 VPN/F5_TMP/f5InspectionHost.cab
    DPF: {7584c670-2274-4efb-b00b-d6aaba6d3850} file://C:/Program Files/F5 VPN/F5_TMP/msrdp.cab
    DPF: {7E73BE8F-FD87-44EC-8E22-023D5FF960FF} file://C:/Program Files/F5 VPN/F5_TMP/vdeskctrl.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
    DPF: {8F6AFB67-F834-4227-94A7-A51377E0678E} file://C:/Program Files/F5 VPN/F5_TMP/f5GroupPolicyAgent.cab
    DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
    DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} file://C:/Program Files/F5 VPN/F5_TMP/urxshost.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab
    DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} file://C:/Program Files/F5 VPN/F5_TMP/urxhost.cab
    DPF: {E615C9EA-AD69-4AE9-83C9-9D906A0ACA6D} file://C:/Program Files/F5 VPN/F5_TMP/f5syschk.cab
    DPF: {EBDC91CB-F23F-477D-B152-3F7243760D04} file://C:/Program Files/F5 VPN/F5_TMP/f5opswati.cab
    Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

    FireFox:
    ========
    FF ProfilePath: C:\Documents and Settings\ALEXIS\Application Data\Mozilla\Firefox\Profiles\zs1syjzl.default-1422668321096
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
    FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF Plugin: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
    FF Plugin: @Sibelius.com/Scorch Plugin -> C:\Program Files\Musicnotes\npsibelius.dll ()
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.7\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.7\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\MyCamera.dll (CANON INC.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPCIG.dll (CANON INC.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPPandBr.dll (Pando Networks, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPandoWebInst.dll (Pando Networks)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npViewpoint.dll ()
    FF Extension: Skype extension for Firefox - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2015-01-30]
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-22]
    FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-03-27]
    FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-07-29]
    FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
    FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-06-28]
    FF HKU\S-1-5-21-3236530329-1147617518-3913851753-1005\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

    Chrome:
    =======
    CHR dev: Chrome dev build detected! <======= ATTENTION
    CHR Profile: C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-23]
    CHR Extension: (YouTube) - C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-01-06]
    CHR Extension: (Google Search) - C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-01-06]
    CHR Extension: (Krab Web) - C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\niimnfadmhjonmfnniajjhkpodghlaan [2015-02-24]
    CHR Extension: (Google Wallet) - C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-16]
    CHR Extension: (Gmail) - C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-01-06]
    CHR Extension: (Download and Sa) - C:\Documents and Settings\ALEXIS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pndndplglkleohabdcogjfjlnkejfglh [2012-12-07]
    CHR Extension: (Extutil) - C:\DOCUME~1\ALEXIS\LOCALS~1\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2015-01-18]
    CHR Extension: (Managera) - C:\DOCUME~1\ALEXIS\LOCALS~1\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2015-01-18]
    CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2011-07-29]

    ========================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808 2012-10-30] (AVAST Software)
    R2 CCALib8; C:\Program Files\Canon\CAL\CALMAIN.exe [96370 2007-01-31] (Canon Inc.) [File not signed]
    R2 F5 Networks Component Installer; C:\WINDOWS\system32\F5InstallerService.exe [246400 2010-08-19] (F5 Networks) [File not signed]
    R2 FlipShare Service; C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe [439616 2008-11-13] ()
    R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
    R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
    R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-20] (Hewlett-Packard Co.) [File not signed]
    S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
    R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2011-07-19] (Sun Microsystems, Inc.)
    R2 LexBceS; C:\WINDOWS\system32\LEXBCES.EXE [311296 2004-03-04] (Lexmark International, Inc.)
    R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
    S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
    R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
    S3 NetSvc; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [147456 2004-11-19] (Intel® Corporation) [File not signed]
    R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
    R2 Seagate Sync Service; C:\Program Files\Seagate\Sync\SeaSyncServices.exe [24120 2007-01-18] (Seagate Technology LLC)
    R2 SgtSch2Svc; C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe [431384 2008-06-24] (Seagate)

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R1 Aavmker4; C:\WINDOWS\system32\Drivers\Aavmker4.sys [25256 2012-10-30] (AVAST Software)
    S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
    R3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
    R2 ASCTRM; C:\WINDOWS\system32\Drivers\ASCTRM.sys [8552 2005-12-15] (Windows ® 2000 DDK provider) [File not signed]
    R2 aswFsBlk; C:\WINDOWS\system32\Drivers\aswFsBlk.sys [21256 2012-10-30] (AVAST Software)
    R2 aswMon2; C:\WINDOWS\system32\Drivers\aswMon2.sys [97608 2012-10-30] (AVAST Software)
    R1 aswRdr; C:\WINDOWS\system32\Drivers\aswRdr.sys [35928 2012-10-30] (AVAST Software)
    R1 aswSnx; C:\WINDOWS\system32\Drivers\aswSnx.sys [738504 2012-10-30] (AVAST Software)
    R1 aswSP; C:\WINDOWS\system32\Drivers\aswSP.sys [361032 2012-10-30] (AVAST Software)
    R1 aswTdi; C:\WINDOWS\system32\Drivers\aswTdi.sys [54232 2012-10-30] (AVAST Software)
    S3 BCM42RLY; C:\WINDOWS\System32\BCM42RLY.SYS [17992 2005-02-01] (Broadcom Corporation) [File not signed]
    S3 CA561; C:\WINDOWS\System32\Drivers\SPCA561.SYS [119798 2002-10-01] (SP)
    S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
    R0 drvmcdb; C:\WINDOWS\System32\drivers\drvmcdb.sys [87488 2004-12-01] (Sonic Solutions) [File not signed]
    R2 drvnddm; C:\WINDOWS\System32\drivers\drvnddm.sys [40480 2004-11-23] (Sonic Solutions) [File not signed]
    S3 f5ipfw; C:\WINDOWS\system32\drivers\urfltw2k.sys [10752 2010-01-25] (F5 Networks)
    S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2008-10-28] (HP)
    S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2008-10-28] (HP)
    S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2008-10-28] (HP)
    S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
    S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
    S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
    S3 RTL8192cu; C:\WINDOWS\System32\DRIVERS\RTL8192cu.sys [987904 2011-02-10] (Realtek Semiconductor Corporation                           )
    R1 sscdbhk5; C:\WINDOWS\System32\drivers\sscdbhk5.sys [5627 2004-07-14] (Sonic Solutions) [File not signed]
    R1 ssrtln; C:\WINDOWS\System32\drivers\ssrtln.sys [23545 2004-07-14] (Sonic Solutions) [File not signed]
    R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1022040 2005-08-17] (SigmaTel, Inc.)
    R0 tdrpman; C:\WINDOWS\System32\DRIVERS\tdrpman.sys [368480 2010-12-23] (Acronis)
    R2 tfsnboio; C:\WINDOWS\System32\dla\tfsnboio.sys [25883 2004-12-06] (Sonic Solutions) [File not signed]
    R2 tfsncofs; C:\WINDOWS\System32\dla\tfsncofs.sys [34843 2004-12-06] (Sonic Solutions) [File not signed]
    R2 tfsndrct; C:\WINDOWS\System32\dla\tfsndrct.sys [4123 2004-12-06] (Sonic Solutions) [File not signed]
    R2 tfsndres; C:\WINDOWS\System32\dla\tfsndres.sys [2239 2004-12-06] (Sonic Solutions) [File not signed]
    R2 tfsnifs; C:\WINDOWS\System32\dla\tfsnifs.sys [86586 2004-12-06] (Sonic Solutions) [File not signed]
    R2 tfsnopio; C:\WINDOWS\System32\dla\tfsnopio.sys [15227 2004-12-06] (Sonic Solutions) [File not signed]
    R2 tfsnpool; C:\WINDOWS\System32\dla\tfsnpool.sys [6363 2004-12-06] (Sonic Solutions) [File not signed]
    R2 tfsnudf; C:\WINDOWS\System32\dla\tfsnudf.sys [98714 2004-12-06] (Sonic Solutions) [File not signed]
    R2 tfsnudfa; C:\WINDOWS\System32\dla\tfsnudfa.sys [100603 2004-12-06] (Sonic Solutions) [File not signed]
    R2 tifsfilter; C:\WINDOWS\System32\DRIVERS\tifsfilt.sys [44384 2010-12-23] (Acronis)
    R3 urvpndrv; C:\WINDOWS\System32\DRIVERS\covpndrv.sys [33920 2010-01-25] (F5 Networks, Inc.)
    S3 USBFVNETR; C:\WINDOWS\System32\DRIVERS\ma101rnd.sys [76160 2002-02-27] (ATMEL) [File not signed]
    S3 VCR2PC; C:\WINDOWS\System32\DRIVERS\0140_ION.sys [281024 2008-09-22] (Trident Multimedia Technologies Co.,Ltd)
    S3 WUSB54GPV4SRV; C:\WINDOWS\System32\DRIVERS\rt2500usb.sys [245376 2005-10-17] (Ralink Technology Inc.)
    U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

    NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-02-24 21:53 - 2015-02-24 21:53 - 00000458 _____ () C:\WINDOWS\Tasks\Driver Tool-RTMScanRunOnce.job
    2015-02-24 21:53 - 2015-02-24 21:53 - 00000458 _____ () C:\WINDOWS\Tasks\Driver Tool-RTMScan.job
    2015-02-24 21:53 - 2015-02-24 21:53 - 00000456 _____ () C:\WINDOWS\Tasks\Driver Tool-RTMUpdater.job
    2015-02-24 21:53 - 2015-02-24 21:53 - 00000446 _____ () C:\WINDOWS\Tasks\Driver Tool-RTMRules.job
    2015-02-24 21:52 - 2015-02-24 21:52 - 00000000 ____D () C:\Documents and Settings\ALEXIS\Local Settings\Application Data\PC_Drivers_Headquarters
    2015-02-24 20:19 - 2015-02-25 22:42 - 00000000 ____D () C:\FRST
    2015-02-24 20:13 - 2015-02-24 20:16 - 00005440 _____ () C:\Documents and Settings\ALEXIS\Desktop\JRT.txt
    2015-02-24 07:59 - 2015-02-24 08:29 - 00000000 ____D () C:\AdwCleaner
    2015-02-11 03:00 - 2015-02-11 19:00 - 00000000 ____D () C:\36214cac5ce97b097c7eed098d0209
    2015-01-30 20:39 - 2015-01-30 20:39 - 00000000 ____D () C:\Program Files\Mozilla Firefox
    2015-01-30 20:34 - 2015-01-30 20:38 - 00000000 ____D () C:\Documents and Settings\ALEXIS\Desktop\Old Firefox Data

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-02-25 22:43 - 2011-07-29 22:40 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2015-02-25 22:43 - 2008-11-23 17:10 - 00000000 ____D () C:\Documents and Settings\ALEXIS\Local Settings\Temp
    2015-02-25 22:40 - 2012-12-07 22:00 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
    2015-02-25 22:40 - 2005-08-16 05:33 - 00574990 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
    2015-02-25 22:38 - 2005-08-16 05:40 - 01215758 _____ () C:\WINDOWS\WindowsUpdate.log
    2015-02-25 22:36 - 2014-08-31 10:28 - 00000008 __RSH () C:\Documents and Settings\All Users\ntuser.pol
    2015-02-25 22:36 - 2005-08-16 05:38 - 00000000 ____D () C:\WINDOWS\Registration
    2015-02-25 22:36 - 2005-08-16 05:35 - 00000159 _____ () C:\WINDOWS\wiadebug.log
    2015-02-25 22:36 - 2005-08-16 05:35 - 00000049 _____ () C:\WINDOWS\wiaservc.log
    2015-02-25 22:35 - 2011-07-29 22:40 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2015-02-25 22:35 - 2005-08-16 05:49 - 00032410 _____ () C:\WINDOWS\SchedLgU.Txt
    2015-02-25 22:35 - 2005-08-16 05:49 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
    2015-02-25 22:34 - 2008-11-23 22:38 - 00000000 ____D () C:\Documents and Settings\NICK\Local Settings\Temp
    2015-02-25 22:33 - 2008-11-23 22:42 - 00000000 ____D () C:\Documents and Settings\MARISSA
    2015-02-25 22:33 - 2008-11-23 17:10 - 00000278 ___SH () C:\Documents and Settings\ALEXIS\ntuser.ini
    2015-02-25 22:33 - 2008-11-23 17:10 - 00000000 ____D () C:\Documents and Settings\ALEXIS
    2015-02-25 22:33 - 2005-08-16 05:18 - 00001017 _____ () C:\WINDOWS\win.ini
    2015-02-25 22:31 - 2014-08-31 10:28 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
    2015-02-25 22:01 - 2009-06-30 00:19 - 00000978 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-501UA.job
    2015-02-25 22:01 - 2009-06-30 00:19 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3236530329-1147617518-3913851753-501Core.job
    2015-02-25 21:53 - 2012-10-14 20:31 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2015-02-24 07:49 - 2008-11-23 22:38 - 00000178 ___SH () C:\Documents and Settings\NICK\ntuser.ini
    2015-02-24 07:49 - 2008-11-23 22:38 - 00000000 ____D () C:\Documents and Settings\NICK
    2015-02-23 17:48 - 2009-12-09 03:21 - 00246076 _____ () C:\WINDOWS\setupapi.log
    2015-02-22 20:48 - 2013-01-07 17:03 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Drive
    2015-02-22 14:30 - 2011-07-10 08:58 - 00096160 _____ () C:\Documents and Settings\ALEXIS\Desktop\OTL.Txt
    2015-02-20 07:22 - 2012-02-18 15:15 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    2015-02-12 23:10 - 2008-11-27 11:52 - 00133120 ____C () C:\Documents and Settings\ALEXIS\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2015-02-11 19:57 - 2005-08-16 05:38 - 00075962 ____C () C:\WINDOWS\wmsetup.log
    2015-02-11 03:00 - 2013-07-29 02:00 - 00000000 ____D () C:\WINDOWS\system32\MRT
    2015-02-11 03:00 - 2008-11-27 10:33 - 113756392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2015-02-10 08:14 - 2008-11-23 22:42 - 00000278 __SHC () C:\Documents and Settings\MARISSA\ntuser.ini
    2015-02-09 10:23 - 2008-11-23 22:42 - 00000000 ____D () C:\Documents and Settings\MARISSA\Local Settings\Temp
    2015-02-09 07:44 - 2005-08-16 05:18 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
    2015-02-07 18:51 - 2012-01-07 10:32 - 00000000 ____D () C:\Documents and Settings\MARISSA\Local Settings\Application Data\HP
    2015-02-07 18:51 - 2009-02-22 13:13 - 00002483 ____C () C:\Documents and Settings\MARISSA\Desktop\Microsoft Word.lnk
    2015-02-07 18:51 - 2009-02-22 12:39 - 00002487 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Excel.lnk
    2015-02-02 12:51 - 2010-03-12 21:31 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
    2015-02-01 17:59 - 2005-12-15 13:16 - 00011792 _____ () C:\WINDOWS\setupact.log
    2015-01-30 20:40 - 2012-05-06 14:36 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
    2015-01-30 19:18 - 2005-08-16 05:49 - 00000000 __SHD () C:\Documents and Settings\LocalService
    2015-01-30 19:17 - 2005-08-16 05:49 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Temp

    ==================== Files in the root of some directories =======

    2008-11-27 11:52 - 2015-02-12 23:10 - 0133120 ____C () C:\Documents and Settings\ALEXIS\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2008-11-23 17:10 - 2008-11-27 10:59 - 0000129 ____C () C:\Documents and Settings\ALEXIS\Local Settings\Application Data\fusioncache.dat
    2010-04-30 23:09 - 2010-10-14 19:35 - 0000000 ____C () C:\Documents and Settings\ALEXIS\Local Settings\Application Data\prvlcl.dat

    Some content of TEMP:
    ====================
    C:\Documents and Settings\ALEX\Local Settings\Temp\jre-6u39-windows-i586-iftw.exe
    C:\Documents and Settings\ALEX\Local Settings\Temp\jre-7u15-windows-i586-iftw.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\comsvcs.dll
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\FastDownload.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\hpqrrx08.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\hpzmsi01.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\hpzscr01.EXE
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\jre-7u15-windows-i586-iftw.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\jre-7u17-windows-i586-iftw.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\jre-7u21-windows-i586-iftw.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\jre-7u45-windows-i586-iftw.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\jre-7u51-windows-i586-iftw.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\jre-7u55-windows-i586-iftw.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\jre-7u60-windows-i586-iftw.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\jre-7u75-windows-i586-iftw.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\msxml3.dll
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\Quarantine.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\setup.exe
    C:\Documents and Settings\ALEXIS\Local Settings\Temp\sqlite3.dll
    C:\Documents and Settings\CATHYLYNN\Local Settings\Temp\jre-6u30-windows-i586-iftw-rv.exe
    C:\Documents and Settings\CATHYLYNN\Local Settings\Temp\jre-6u35-windows-i586-iftw.exe
    C:\Documents and Settings\CATHYLYNN\Local Settings\Temp\jre-7u21-windows-i586-iftw.exe
    C:\Documents and Settings\CATHYLYNN\Local Settings\Temp\jre-7u45-windows-i586-iftw.exe
    C:\Documents and Settings\CATHYLYNN\Local Settings\Temp\jre-7u55-windows-i586-iftw.exe
    C:\Documents and Settings\Guest\Local Settings\Temp\jre-6u39-windows-i586-iftw.exe
    C:\Documents and Settings\MARISSA\Local Settings\Temp\jre-6u39-windows-i586-iftw.exe
    C:\Documents and Settings\MARISSA\Local Settings\Temp\jre-7u15-windows-i586-iftw.exe
    C:\Documents and Settings\MARISSA\Local Settings\Temp\jre-7u17-windows-i586-iftw.exe
    C:\Documents and Settings\MARISSA\Local Settings\Temp\jre-7u21-windows-i586-iftw.exe
    C:\Documents and Settings\MARISSA\Local Settings\Temp\jre-7u25-windows-i586-iftw.exe
    C:\Documents and Settings\MARISSA\Local Settings\Temp\jre-7u60-windows-i586-iftw.exe
    C:\Documents and Settings\MARISSA\Local Settings\Temp\jre-7u71-windows-i586-iftw.exe
    C:\Documents and Settings\MARISSA\Local Settings\Temp\lowproc.exe
    C:\Documents and Settings\MARISSA\Local Settings\Temp\stubhelper.dll
    C:\Documents and Settings\Mom's iPod Account\Local Settings\Temp\jre-7u17-windows-i586-iftw.exe
    C:\Documents and Settings\NICK\Local Settings\Temp\jre-7u15-windows-i586-iftw.exe
    C:\Documents and Settings\NICK\Local Settings\Temp\jre-7u17-windows-i586-iftw.exe
    C:\Documents and Settings\NICK\Local Settings\Temp\jre-7u75-windows-i586-iftw.exe


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

    ==================== End Of Log ============================


    • 0

    #8
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 24,598 posts
    • MVP

    Is Krabweb gone?

     

    Let's see if we broke anything:

     

    Start, Run, eventvwr.msc, OK to bring up the Event Viewer.  Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application. 
     
    Reboot. 
     
     
     
    1. Please download the Event Viewer Tool by Vino Rosso
    and save it to your Desktop:
    2. Double-click VEW.exe
    3. Under 'Select log to query', select:
     
    * System
    4. Under 'Select type to list', select:
    * Error
    * Warning
     
     
    Then use the 'Number of events' as follows:
     
     
    1. Click the radio button for 'Number of events'
    Type 20 in the 1 to 20 box
    Then click the Run button.
    Notepad will open with the output log.
     
     
    Please post the Output log in your next reply then repeat but select Application.

    • 0

    #9
    alexisstephani

    alexisstephani

      Member

    • Topic Starter
    • Member
    • PipPip
    • 33 posts

    In answer to your question " Is Krab Web Gone? "  - Yes It Is !  I can go on the web and the redirects don't happen anymore and I don't get all those Crazy pops up that paralize my screen - It seems to be working great, WoW ! Thank You

     

    Here are the logs from VEW:

     

    Vino's Event Viewer v01c run on Windows XP in English
    Report run at 26/02/2015 8:44:08 PM

    Note: All dates below are in the format dd/mm/yyyy

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - error Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'System' Log - warning Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     

    Vino's Event Viewer v01c run on Windows XP in English
    Report run at 26/02/2015 8:49:36 PM

    Note: All dates below are in the format dd/mm/yyyy

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'Application' Log - error Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    'Application' Log - warning Type
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     


    • 0

    #10
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 24,598 posts
    • MVP

    OK Looks like we are done then:

     

    We need to clean up System Restore.  
     
    Copy the following:
     
     
    :Commands
    [CLEARALLRESTOREPOINTS]
    [Reboot]
     
    
     Run OTL.   In the Custom Scans/Fixes box at the bottom, paste in the copied text (Ctrl + v) and then hit Run Fix.
     
    You can uninstall or delete any tools we had you download and their logs. 
     
     
    OTL has a cleanup tab so if you run it again and select cleanup it will remove itself and its backup files.
     
    To hide hidden files again (If you do not run OTL cleanup):
     
    XP
     
    # Close all programs so that you are at your desktop.
    # Double-click on the My Computer icon.
    # Select the Tools menu and click Folder Options.
    # After the new window appears select the View tab.
    # Uncheck the checkbox labeled Display the contents of system folders.
    # Under the Hidden files and folders section select the 'Hide protected operating system files (recommended)' option. 
    # Check the checkbox labeled Hide protected operating system files.
    # Press the Apply button and then the OK button and exit My Computer.
     
    Special note on Java.  Old Java versions should be removed after first clearing the Java Cache by following the instructions in:
    Then remove the old versions by going to Control Panel, Programs and Features and Uninstall all Java programs which are not Java Version 7 update 45 or better.  These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE.  Get the latest version from Java.com.  They will usually attempt to foist some garbage like the Ask toolbar, Yahoo toolbar or McAfee Security Scan on you as part of the download.  Just uncheck the garbage before the download (or install) starts.  If you use a 64-bit browser and want the 64-bit version of Java you need to use it to visit java.com.
    Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it.  If that is the case then you should go in to Control panels, Java, Security and set the slider to the highest level.
     
    Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat. 
     
    Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program.  There is an exploit out there now that can use it to get on your PC.  For Adobe Reader:  Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript.  OK Close program.  It's the same for Foxit reader except you uncheck Enable Javascript Actions. 
     
    To help keep your programs up-to-date you should download and run the UpdateChecker:
    (You don't need to download Betas and if there is a program you don't use you can just uninstall it rather than update it.    You can right click on the updatechecker icon (looks like a downward green arrowhead) and select Settings and tell it no betas.  If you don't use MSN Messenger I would not upgdate it.  MS installs a bunch of stuff when you do.  You can tell the program to not show you that update.)
    If you use Firefox or Chrome then get the AdBlock Plus Add-on.  Adblock Plus is now available for IE too:  Go to
    adblockplus.org/ with your browser and it will offer you the correct add-on.  Once it installs, click on its option page and uncheck the bit about allowing non-intrusive ads.
     
    If Firefox or Chrome is slow loading make sure it only has the current Java add-on.  Then download and run Speedy Fox.
    http://www.crystalidea.com/speedyfox .  Click on Optimize.  When it finishes click on Exit.
     
    Be warned:  If you use Limewire, utorrent or any of the other P2P programs you will almost certain be coming back to the Malware Removal forum.  If you must use P2P then submit any files you get to http://virustotal.com before you open them.
     
    Due to a recent rise in the number of Crytolocker infections I am now recommending you install:
     
    CryptoPrevent
     
     
    The free version does not update on its own so you should check for updated versions once in a while.
     
     
     
    If you have a router, log on to it today and change the default password!  If using a Wireless router you really should be using encryption on the link.  Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business.  See http://www.king5.com...-120637284.html and http://www.seattlepi...ted-1344185.php for why encryption is important.  If you don't know how, visit the router maker's website.  They all have detailed step by step instructions or a wizard you can download.
     
     
    XP does not automatically run defrag so it needs to be done manually every couple of months or it will slow down.  http://support.microsoft.com/kb/314848
     
     
    XP has been out a long time so most XP computers are starting to get clogged with dust.  This makes them overheat which will also slow them down.  To clean a desktop, shut it down but leave it plugged in.  Remove the lid or open it up and use a vacuum cleaner hose and a small brush to clean the air vents in the front and back and the fins of the heatsink and of the fans - including the fan of the power supply.  You may need to unscrew the four screws that hold the fan to the heatsink and lift the fan off to really clean the heatsink.  Start it up while the lid is off and watch the fan (after screwing it back down again if you removed it).  It should start up right away and be at full speed in no time (it may stop running shortly after starting - this is normal).  A fan that is slow starting or which makes noise is worn out and needs to be replaced.  Cleaning a laptop is unfortunately major surgery for most brands.  Make sure the vents are clear and that it is run on a hard surface.  Never on a bed or your lap as that blocks the air vents.  Propping up the back with a book without blocking the air vents will make it run a bit cooler.  If you think it might be running hot you can get speedfan
     
    Download, save and Install it then run it.
     
    It will tell you your temps (if the PC is new enough).  If they seem hot (over 50) then check Automatic Fan Speed.
    Leave it running and see if the temps drop.  If temps are over 80, the CPU will slow down to protect itself.  Disassembling a laptop to clean it isn't that hard.  There are usually YouTube videos for most brands that show you how to do it if you search for them.  Most times you just need some small screwdrivers and maybe a long nose pliers.  The hardest part is reassembling it and getting all of the screws in the right places so takes notes or lots of pictures.  If you take it apart then you should also pull the heatsink and clean it and replace the old thermal pads with Arctic Silver Thermal compound.  Amazon has a kit of cleaner and compound http://www.amazon.co...n/dp/B001FVI91U which I have used.

    • 0

    #11
    alexisstephani

    alexisstephani

      Member

    • Topic Starter
    • Member
    • PipPip
    • 33 posts

    Thank You ! My old windows XP PC works like New !  I am Resolved ! Thank You !

     

    Question, in your last post you had mentioned to clear Java Cache, which I did. I had a really old version Java™ 6 Update 27. I found the Javacpl.exe, opened it to get to java control panel then I deleted temporary files. I then went to my windows XP control panel ( start>Control Panel>Add or Remove Programs) to Un-Install Java and I saw the Krab Web program sitting right beneath the Java Program that I was about to unistall. Should I also uninstall the Krab Web program too? or just leave it alone?

     

    Thanks Again For Your Assistance ! 


    • 0

    #12
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 24,598 posts
    • MVP

    Odds are that it will do nothing so I would just leave it.  You can't always trust the installers for adware to actually install.


    • 0






    Similar Topics

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    As Featured On:

    Microsoft Yahoo BBC MSN PC Magazine Washington Post HP