OTL logfile created on: 11/13/2013 12:46:59 PM - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Blondie\Cookies\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.93 Gb Total Physical Memory | 1.45 Gb Available Physical Memory | 36.83% Memory free
8.07 Gb Paging File | 5.21 Gb Available in Paging File | 64.55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 288.01 Gb Total Space | 123.52 Gb Free Space | 42.89% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 1.45 Gb Free Space | 14.53% Space Free | Partition Type: NTFS
 
Computer Name: BLONDIE-PC | User Name: Blondie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013/11/01 17:29:06 | 029,769,432 | ---- | M] (Dropbox, Inc.) -- C:\Users\Blondie\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/10/12 14:22:59 | 000,109,784 | ---- | M] (Siber Systems) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2013/10/08 19:02:45 | 000,844,752 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/10/04 06:06:26 | 000,237,960 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
PRC - [2013/09/25 17:37:00 | 020,133,824 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2013/08/30 02:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/08/30 02:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/05/31 10:02:22 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2013/05/10 08:31:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Blondie\Cookies\Desktop\OTL.exe
PRC - [2013/02/12 21:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2012/04/04 16:38:14 | 000,136,128 | ---- | M] (Tether) -- C:\Program Files (x86)\Tether\TBService.exe
PRC - [2011/08/19 20:31:14 | 001,248,256 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
PRC - [2008/12/18 13:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2007/09/06 20:20:26 | 000,888,987 | ---- | M] (A-1 Technology, Inc.) -- C:\Program Files (x86)\PayPal Payment Request Wizard\Outlook Wizard\OEHook.exe
PRC - [2007/09/06 20:15:52 | 000,888,987 | ---- | M] (A-1 Technology, Inc.) -- C:\Program Files (x86)\PayPal Payment Request Wizard\QB US edition\OEHook.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013/11/13 12:33:44 | 000,557,056 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\pysqlite2._sqlite.pyd
MOD - [2013/11/13 12:33:44 | 000,320,512 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\win32com.shell.shell.pyd
MOD - [2013/11/13 12:33:44 | 000,128,512 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\_elementtree.pyd
MOD - [2013/11/13 12:33:44 | 000,098,816 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\win32api.pyd
MOD - [2013/11/13 12:33:44 | 000,044,032 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\_socket.pyd
MOD - [2013/11/13 12:33:44 | 000,026,624 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\_multiprocessing.pyd
MOD - [2013/11/13 12:33:44 | 000,022,528 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\win32ts.pyd
MOD - [2013/11/13 12:33:43 | 001,175,040 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\wx._core_.pyd
MOD - [2013/11/13 12:33:43 | 000,805,888 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\wx._gdi_.pyd
MOD - [2013/11/13 12:33:43 | 000,735,232 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\wx._misc_.pyd
MOD - [2013/11/13 12:33:43 | 000,504,832 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\windows._cacheinvalidation.pyd
MOD - [2013/11/13 12:33:43 | 000,364,544 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\pythoncom27.dll
MOD - [2013/11/13 12:33:43 | 000,110,080 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\PyWinTypes27.dll
MOD - [2013/11/13 12:33:43 | 000,108,544 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\win32security.pyd
MOD - [2013/11/13 12:33:43 | 000,087,040 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\_ctypes.pyd
MOD - [2013/11/13 12:33:43 | 000,070,656 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\wx._html2.pyd
MOD - [2013/11/13 12:33:43 | 000,017,408 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\win32profile.pyd
MOD - [2013/11/13 12:33:43 | 000,011,264 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\win32crypt.pyd
MOD - [2013/11/13 12:33:41 | 001,153,024 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\_ssl.pyd
MOD - [2013/11/13 12:33:41 | 000,035,840 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\win32process.pyd
MOD - [2013/11/13 12:33:41 | 000,025,600 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\win32pdh.pyd
MOD - [2013/11/13 12:33:40 | 000,711,680 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\_hashlib.pyd
MOD - [2013/11/13 12:33:39 | 000,811,008 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\wx._windows_.pyd
MOD - [2013/11/13 12:33:39 | 000,122,368 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\wx._wizard.pyd
MOD - [2013/11/13 12:33:39 | 000,119,808 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\win32file.pyd
MOD - [2013/11/13 12:33:39 | 000,038,912 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\win32inet.pyd
MOD - [2013/11/13 12:33:29 | 001,062,400 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\wx._controls_.pyd
MOD - [2013/11/13 12:33:28 | 000,018,432 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\win32event.pyd
MOD - [2013/11/13 12:33:27 | 000,686,080 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\unicodedata.pyd
MOD - [2013/11/13 12:33:27 | 000,127,488 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\pyexpat.pyd
MOD - [2013/11/13 12:33:27 | 000,010,240 | ---- | M] () -- C:\Users\Blondie\AppData\Local\Temp\_MEI38282\select.pyd
MOD - [2013/11/01 17:27:52 | 003,558,400 | ---- | M] () -- C:\Users\Blondie\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013/10/08 19:02:43 | 000,415,184 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll
MOD - [2013/10/08 19:02:41 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll
MOD - [2013/10/08 19:01:47 | 001,604,560 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
MOD - [2013/08/23 14:01:44 | 025,100,288 | ---- | M] () -- C:\Users\Blondie\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/02/12 21:38:06 | 000,100,688 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2013/02/12 21:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2007/09/04 22:48:44 | 000,188,416 | ---- | M] () -- C:\Program Files (x86)\PayPal Payment Request Wizard\QB US edition\OELogger.dll
MOD - [2007/09/01 04:47:52 | 000,200,704 | ---- | M] () -- C:\Program Files (x86)\PayPal Payment Request Wizard\Outlook Wizard\OELogger.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2013/10/11 08:24:40 | 000,038,200 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:[b]64bit:[/b] - [2013/08/30 02:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2012/02/03 17:18:04 | 006,378,128 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [Auto | Running] -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe -- (CarboniteService)
SRV:[b]64bit:[/b] - [2008/12/22 04:26:38 | 000,281,600 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_cce24a4c\STacSV64.exe -- (STacSV)
SRV:[b]64bit:[/b] - [2008/12/22 04:26:06 | 000,088,576 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_cce24a4c\AESTSr64.exe -- (AESTFilters)
SRV:[b]64bit:[/b] - [2008/12/18 13:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:[b]64bit:[/b] - [2008/11/17 07:29:18 | 000,032,768 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\WLTRYSVC.EXE -- (wltrysvc)
SRV:[b]64bit:[/b] - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/10/11 08:24:44 | 002,409,272 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2013/10/11 08:24:40 | 000,030,520 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2013/10/08 20:40:09 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/07/01 09:20:08 | 004,569,856 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll -- (Akamai)
SRV - [2013/05/31 10:02:22 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2013/05/10 02:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/10 01:58:17 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/04 16:38:14 | 000,136,128 | ---- | M] (Tether) [Auto | Running] -- C:\Program Files (x86)\Tether\TBService.exe -- (Tether)
SRV - [2011/08/19 20:31:14 | 001,248,256 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe -- (QBVSS)
SRV - [2011/08/19 20:30:58 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2011/07/06 16:32:58 | 000,147,336 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2011/07/06 16:32:52 | 000,375,176 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2011/01/11 19:04:04 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/24 16:42:56 | 000,386,424 | ---- | M] (SupportSoft, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/03 18:15:32 | 000,242,424 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/10/16 19:31:12 | 000,906,752 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2008/10/16 13:58:30 | 001,668,344 | ---- | M] (AuthenTec, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Fingerprint Sensor\AtService.exe -- (ATService)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2013/08/30 02:48:10 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2013/08/30 02:48:10 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2013/08/30 02:48:10 | 000,204,880 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:[b]64bit:[/b] - [2013/08/30 02:48:10 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:[b]64bit:[/b] - [2013/08/30 02:48:10 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2013/08/30 02:48:10 | 000,059,144 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (AswRdr)
DRV:[b]64bit:[/b] - [2013/08/30 02:48:09 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2013/08/30 02:48:09 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2012/03/21 18:48:18 | 000,052,640 | ---- | M] (Tether) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\qrkis.sys -- (qrkis)
DRV:[b]64bit:[/b] - [2012/03/06 01:20:50 | 001,556,032 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\AE3000vista64.sys -- (AE3000)
DRV:[b]64bit:[/b] - [2012/02/29 08:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011/07/20 13:58:22 | 000,044,032 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:[b]64bit:[/b] - [2011/07/06 16:33:18 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:[b]64bit:[/b] - [2011/03/30 22:54:44 | 001,227,840 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\AE2500vista64.sys -- (Linksys_adapter)
DRV:[b]64bit:[/b] - [2011/02/11 19:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2011/01/11 19:04:04 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:[b]64bit:[/b] - [2011/01/11 19:04:00 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\lmimirr.sys -- (lmimirr)
DRV:[b]64bit:[/b] - [2010/07/26 08:18:58 | 000,020,568 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dgderdrv.sys -- (dgderdrv)
DRV:[b]64bit:[/b] - [2010/07/26 08:15:26 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:[b]64bit:[/b] - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:[b]64bit:[/b] - [2010/03/08 10:03:36 | 000,067,104 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\itecir.sys -- (itecir)
DRV:[b]64bit:[/b] - [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:[b]64bit:[/b] - [2009/04/11 00:43:06 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx)
DRV:[b]64bit:[/b] - [2009/04/11 00:03:32 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:[b]64bit:[/b] - [2009/03/25 01:28:56 | 000,230,960 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Apfiltr.sys -- (ApfiltrService)
DRV:[b]64bit:[/b] - [2009/03/09 01:06:00 | 000,319,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA001Vid.sys -- (OA001Vid)
DRV:[b]64bit:[/b] - [2009/03/06 15:33:58 | 000,159,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA001Ufd.sys -- (OA001Ufd)
DRV:[b]64bit:[/b] - [2008/12/22 04:26:52 | 000,472,064 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:[b]64bit:[/b] - [2008/12/17 04:22:04 | 001,526,776 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX)
DRV:[b]64bit:[/b] - [2008/11/24 03:29:58 | 000,126,464 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:[b]64bit:[/b] - [2008/11/17 07:29:18 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCM42RLY.sys -- (BCM42RLY)
DRV:[b]64bit:[/b] - [2008/08/02 16:36:16 | 000,243,840 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\facap.sys -- (FACAP)
DRV:[b]64bit:[/b] - [2008/07/17 05:59:12 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rixdpx64.sys -- (rismxdp)
DRV:[b]64bit:[/b] - [2008/07/17 05:59:10 | 000,062,976 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimmpx64.sys -- (rimmptsk)
DRV:[b]64bit:[/b] - [2008/07/17 05:59:08 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimspx64.sys -- (rimsptsk)
DRV:[b]64bit:[/b] - [2008/07/16 06:50:42 | 000,239,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\k57nd60a.sys -- (k57nd60a)
DRV:[b]64bit:[/b] - [2008/01/20 21:49:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RootMdm.sys -- (ROOTMODEM)
DRV:[b]64bit:[/b] - [2008/01/20 21:47:25 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam)
DRV:[b]64bit:[/b] - [2008/01/20 21:46:57 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\WSDPrint.sys -- (WSDPrintDevice)
DRV:[b]64bit:[/b] - [2008/01/20 21:46:55 | 000,317,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express)
DRV:[b]64bit:[/b] - [2006/11/02 02:48:50 | 002,488,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
DRV - [2012/09/18 15:02:02 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2011/01/11 19:04:04 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2010/06/14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {1B529BA5-BAE7-4047-AB09-C8B2BE5A760E}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=2706&query={searchTerms}&invocationType=tb50-ie-aim-chromesbox-en-us
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://client.abcfinancial.com/
IE - HKCU\..\SearchScopes,DefaultScope = {1B529BA5-BAE7-4047-AB09-C8B2BE5A760E}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{1B529BA5-BAE7-4047-AB09-C8B2BE5A760E}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3299571&CUI=UN41216644282687519&UM=2
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;*.local;<local>
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultthis.engineName: "MyFreeGames- Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3299571&CUI=UN12049042745538142&UM=2&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/|https://mail.google.com/mail/u/0/?shva=1#inbox|https://www.spundge.com/account/login/?next=/notebooks/"
FF - prefs.js..extensions.enabledAddons: contact%40domainhammer.com:1.7
FF - prefs.js..extensions.enabledAddons: %7B6AC85730-7D0F-4de0-B3FA-21142DD85326%7D:2.8
FF - prefs.js..extensions.enabledAddons: fastimageresearch%40usacyborg.com:1.2
FF - prefs.js..extensions.enabledAddons: fontfinder%40bendodson.com:1.0
FF - prefs.js..extensions.enabledAddons: tineye%40ideeinc.com:1.1
FF - prefs.js..extensions.enabledAddons: seodoctor%40prelovac.com:1.6.2
FF - prefs.js..extensions.enabledAddons: %7B65e41d20-f092-41b7-bb83-c6e8a9ab0f57%7D:1.2.1
FF - prefs.js..extensions.enabledAddons: %7Bd47a9f51-8281-43fa-f450-f28ef8735e9a%7D:2.1.4
FF - prefs.js..extensions.enabledAddons: LogMeInClient%40logmein.com:1.0.0.1024
FF - prefs.js..extensions.enabledAddons: feedly%40devhd:16.0.528
FF - prefs.js..extensions.enabledAddons: readable%40evernote.com:9.3369.854.431
FF - prefs.js..extensions.enabledAddons: googalexa%40rank.it:1.1
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1497
FF - prefs.js..extensions.enabledAddons: toolbar%40alexa.com:2.19
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21
FF - prefs.js..extensions.enabledAddons: %7B75CEEE46-9B64-46f8-94BF-54012DE155F0%7D:0.4.13
FF - prefs.js..extensions.enabledAddons: %7BE0B8C461-F8FB-49b4-8373-FE32E9252800%7D:5.9.0
FF - prefs.js..extensions.enabledAddons: %7B3b56bcc7-54e5-44a2-9b44-66c3ef58c13e%7D:0.9.5.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0
FF - prefs.js..browser.startup.homepage: "https://basecamp.com/1842411/|https://www.facebook.com/|https://mail.google.com/mail/u/0/?shva=1#inbox|http://cloud.feedly.com/#latest"
FF - prefs.js..searchreset.backup.keyword.URL: "http://search.conduit.com/ResultsExt.aspx?octid=CT3299571&ctid=CT3299571&SearchSource=2&CUI=UN12049042745538142&UM=2&q="
 
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@meadco.com/neptune plugin,version=2.0.0.29: C:\PROGRA~2\MeadCo Neptune\npmeadax.dll (MeadCo Corp.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\Blondie\AppData\Local\Citrix\Plugins\92\npappdetector.dll (Citrix Online)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\Blondie\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll ( )
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Blondie\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Blondie\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Blondie\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Blondie\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Blondie\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Blondie\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2011/10/23 18:58:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/09/15 08:04:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/05/19 09:49:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2013/10/12 14:25:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Users\Blondie\AppData\Local\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Users\Blondie\AppData\Local\Mozilla Firefox\plugins [2013/11/13 12:27:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/05/28 06:05:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/09/15 10:30:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2011/10/23 18:58:59 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Users\Blondie\AppData\Local\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Users\Blondie\AppData\Local\Mozilla Firefox\plugins [2013/11/13 12:27:14 | 000,000,000 | ---D | M]
 
[2009/11/03 09:22:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Blondie\AppData\Roaming\Mozilla\Extensions
[2013/11/13 12:08:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Blondie\AppData\Roaming\Mozilla\Firefox\Profiles\23xsrher.default-1354125775422\extensions
[2013/10/10 18:35:55 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\Blondie\AppData\Roaming\Mozilla\Firefox\Profiles\23xsrher.default-1354125775422\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2013/10/23 07:36:30 | 000,000,000 | ---D | M] (Html Validator) -- C:\Users\Blondie\AppData\Roaming\Mozilla\Firefox\Profiles\23xsrher.default-1354125775422\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}
[2012/11/28 13:14:43 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\Blondie\AppData\Roaming\Mozilla\Firefox\Profiles\23xsrher.default-1354125775422\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2013/09/27 12:09:44 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Blondie\AppData\Roaming\Mozilla\Firefox\Profiles\23xsrher.default-1354125775422\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013/10/20 07:45:25 | 000,000,000 | ---D | M] (Evernote Web Clipper) -- C:\Users\Blondie\AppData\Roaming\Mozilla\Firefox\Profiles\23xsrher.default-1354125775422\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
[2012/11/28 13:14:44 | 000,000,000 | ---D | M] (Domain Hammer SEO Analysis) -- C:\Users\Blondie\AppData\Roaming\Mozilla\Firefox\Profiles\23xsrher.default-1354125775422\extensions\contact@domainhammer.com
[2013/06/20 21:18:34 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\Blondie\AppData\Roaming\Mozilla\Firefox\Profiles\23xsrher.default-1354125775422\extensions\LogMeInClient@logmein.com
[2012/12/28 19:11:16 | 000,012,832 | ---- | M] () (No name found) -- C:\Users\Blondie\AppData\Roaming\Mozilla\Firefox\Profiles\23xsrher.default-1354125775422\extensions\fastimageresearch@usacyborg.com.xpi
[2013/06/28 04:13:41 | 000,027,050 | ---- | M] () (No name found) -- C:\Users\Blondie\AppData\Roaming\Mozilla\Firefox\Profiles\23xsrher.default-1354125775422\extensions\feedly@devhd.xpi
[2013/01/27 08:10:17 | 000,040,125 | ---- | M] () (No name found) -- C:\Users\Blondie\AppData\Roaming\Mozilla\Firefox\Profiles\23xsrher.default-1354125775422\extensions\fontfinder@bendodson.com.xpi
[2013/09/01 15:25:01 | 000,043,354 | ---- | M] () (No name found) -- C:\Users\Blondie\AppData\Roaming\Mozilla\Firefox\Profiles\23xsrher.default-1354125775422\extensions\googalexa@rank.it.xpi
[2013/11/13 12:08:07 | 000,322,532 | ---- | M] () (No name found) -- C:\Users\Blondie\AppData\Roaming\Mozilla\Firefox\Profiles\23xsrher.default-1354125775422\extensions\jid1-zUyU7TGKwejAyA@jetpack.xpi
[2013/06/23 06:12:38 | 000,178,105 | ---- | M] () (No name found) -- C:\Users\Blondie\AppData\Roaming\Mozilla\Firefox\Profiles\23xsrher.default-1354125775422\extensions\rapportive@rapportive.com.xpi
[2013/06/29 10:49:40 | 001,343,603 | ---- | M] () (No name found) -- C:\Users\Blondie\AppData\Roaming\Mozilla\Firefox\Profiles\23xsrher.default-1354125775422\extensions\readable@evernote.com.xpi
[2013/03/27 05:53:28 | 000,069,940 | ---- | M] () (No name found) -- C:\Users\Blondie\AppData\Roaming\Mozilla\Firefox\Profiles\23xsrher.default-1354125775422\extensions\seodoctor@prelovac.com.xpi
[2013/02/18 07:43:09 | 000,008,001 | ---- | M] () (No name found) -- C:\Users\Blondie\AppData\Roaming\Mozilla\Firefox\Profiles\23xsrher.default-1354125775422\extensions\tineye@ideeinc.com.xpi
[2013/09/18 14:56:03 | 000,362,568 | ---- | M] () (No name found) -- C:\Users\Blondie\AppData\Roaming\Mozilla\Firefox\Profiles\23xsrher.default-1354125775422\extensions\toolbar@alexa.com.xpi
[2013/04/05 05:23:58 | 000,046,841 | ---- | M] () (No name found) -- C:\Users\Blondie\AppData\Roaming\Mozilla\Firefox\Profiles\23xsrher.default-1354125775422\extensions\{65e41d20-f092-41b7-bb83-c6e8a9ab0f57}.xpi
[2013/10/06 07:41:44 | 000,030,808 | ---- | M] () (No name found) -- C:\Users\Blondie\AppData\Roaming\Mozilla\Firefox\Profiles\23xsrher.default-1354125775422\extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0}.xpi
[2013/02/18 07:42:14 | 000,005,490 | ---- | M] () (No name found) -- C:\Users\Blondie\AppData\Roaming\Mozilla\Firefox\Profiles\23xsrher.default-1354125775422\extensions\{ab4b5718-3998-4a2c-91ae-18a7c2db513e}.xpi
[2013/10/09 18:19:54 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Blondie\AppData\Roaming\Mozilla\Firefox\Profiles\23xsrher.default-1354125775422\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/05/16 04:52:46 | 000,089,171 | ---- | M] () (No name found) -- C:\Users\Blondie\AppData\Roaming\Mozilla\Firefox\Profiles\23xsrher.default-1354125775422\extensions\{d47a9f51-8281-43fa-f450-f28ef8735e9a}.xpi
[2013/06/05 10:26:23 | 000,002,248 | ---- | M] () -- C:\Users\Blondie\AppData\Roaming\Mozilla\Firefox\Profiles\23xsrher.default-1354125775422\searchplugins\creative-commons-search-beta.xml
[2013/09/18 14:57:25 | 000,001,538 | ---- | M] () -- C:\Users\Blondie\AppData\Roaming\Mozilla\Firefox\Profiles\23xsrher.default-1354125775422\searchplugins\web-search-powered-by-google.xml
[2012/10/25 14:01:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/04/25 10:01:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/22 10:22:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/19 07:05:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2012/10/25 13:56:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2012/10/25 13:56:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2013/09/15 08:04:37 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2007/09/05 10:11:14 | 000,081,920 | ---- | M] (MeadCo Corp.) -- C:\Program Files (x86)\mozilla firefox\plugins\npmeadax.dll
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://search.conduit.com/?ctid=CT3299571&SearchSource=48&CUI=UN27042940393533203&UM=2
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpkbhnckbdnalgmkkiegjnegadodlden\10.16.70.501_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpkbhnckbdnalgmkkiegjnegadodlden\10.16.70.501_0\plugins/np-cwmp.dll
CHR - plugin: Conduit Chrome Approve TB Plugin (Enabled) = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpkbhnckbdnalgmkkiegjnegadodlden\10.16.70.501_0\plugins/ChromeApproveTBPlugin.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpkbhnckbdnalgmkkiegjnegadodlden\10.16.70.501_0\search/plugins/npConduitNewTabPlugin.dll
CHR - plugin: RoboForm Plugin for Google Chrome/Opera/etc. (Enabled) = C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\plugin/np-rf-plugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: MeadCo's Neptune (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npmeadax.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Users\Blondie\AppData\Roaming\Mozilla\plugins\npatgpc.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Blondie\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Blondie\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Blondie\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Citrix Online Web Deployment Plugin 1.0.0.92 (Enabled) = C:\Users\Blondie\AppData\Local\Citrix\Plugins\92\npappdetector.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Blondie\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Blondie\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Blondie\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Instant Notifications for Gmail = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\adlgnpfgagimgadbaboilkbdnhbpegmd\1.4.9_0\
CHR - Extension: 280daily = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aibhdihcdjelmifgpkcalcafldalpkbm\3.0_0\
CHR - Extension: Google Drive = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: MindMeister = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdehgigffdnkjpaindemkaniebfaepjm\2.1.3_0\
CHR - Extension: HootSuite Hootlet = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjgfdlplhmndoonmofmflcbiohgbkifn\4.0.10_0\
CHR - Extension: Pixlr Grabber - Screen capture/image grabbing = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjjghkapdciaiogkeofggpblmbbnjinn\1.0.1_0\
CHR - Extension: Facebook Power Editor = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\djicncbfodbeijpfpjjojkfhgbpjnlih\2.0.3_0\
CHR - Extension: MailChimp = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\einnfnfpkbbebamphappjlmbedgjbnoe\1.1_0\
CHR - Extension: Google Calendar = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Sprout Social = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffiilepjogcpodmgneknklaecmeoenbc\3_0\
CHR - Extension: TweetBe.at = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fodfojgmmkbgabpmbhjphcbjhgbdpdil\1.0.1_0\
CHR - Extension: Save to Google Drive = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne\2.0.1_0\
CHR - Extension: Feedly - News, Blogs and Youtube = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob\18.1_0\
CHR - Extension: Newsletter Creator by FlashIssue = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ickiegcmbfnffcapkidefhnjapkbkfee\2.1_0\
CHR - Extension: Pixlr Editor = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk\1.2_0\
CHR - Extension: My Diary = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\igfnkanfehhehlajnhpajibfcfgkaikl\3.2.3_0\
CHR - Extension: Dropbox = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl\3.0.8_0\
CHR - Extension: Page Ruler = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlpkojjdgbllmedoapgfodplfhcbnbpn\2.0.2_0\
CHR - Extension: HackerWeb = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfdnmpnbedonhjjhbiiklcmahnncjjbc\0.1_0\
CHR - Extension: RoboForm Lite = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kidhjpmgjfbkmcfpfakmdddddgfbhahj\4.6.9_1\
CHR - Extension: HootSuite = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kneloppijbcidgidihgdjnooihjcdbij\5.244_0\
CHR - Extension: Evernote Web = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\
CHR - Extension: Simplebooklet = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhfhnhfkmicpmbafobnpegjhaihjinph\8.14_0\
CHR - Extension: Facebook Cover Maker & Editor = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjibidejkfaggepnbcnobhinfpojlcmb\5.888_0\
CHR - Extension: Buffer = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjojodpkaeeclkgaidibcbknlhjflhle\1.0.3_0\
CHR - Extension: Floral Blue = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mndpkoimnhcijdanbkehgccnadibcceg\1.0_0\
CHR - Extension: Google Wallet = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0\
CHR - Extension: Evernote Web Clipper = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.0.3_0\
CHR - Extension: Gmail = C:\Users\Blondie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012/01/30 20:41:22 | 000,350,681 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 12023 more lines...
O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:[b]64bit:[/b] - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O2 - BHO: (FAIESSOHelper Class) - {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {61D1C847-DF80-423A-8C6D-DC03B97E6EBE} - No CLSID value found.
O3:[b]64bit:[/b] - HKCU\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\SysNative\WLTRAY.exe (Dell Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_DFAE3D58D9AA8F9495DEE924D62E7C71] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - Startup: C:\Users\Blondie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Blondie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Blondie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O9:[b]64bit:[/b] - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:[b]64bit:[/b] - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:[b]64bit:[/b] - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files (x86)\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files (x86)\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files (x86)\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:[b]64bit:[/b] - ..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: abcfinancial.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: agentsocialink.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: google.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: logmein123.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: twitter.com ([]* in Trusted sites)
O16:[b]64bit:[/b] - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/x64/ractrl.cab?lmi=722 (Performance Viewer Activex Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 1.7.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.96.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4AB8B8A2-48D2-4151-939A-A9F4C78B581C}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{84C9DFB5-E1B8-4A1A-8013-FBCFA2DAD6B1}: DhcpNameServer = 192.168.4.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6427B8A-FBC5-49B0-A07A-5101156DE3FD}: DhcpNameServer = 192.168.96.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DE2AD286-5E2F-4A8C-BF55-C8A9FA3849D4}: DhcpNameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DE2AD286-5E2F-4A8C-BF55-C8A9FA3849D4}: NameServer = 8.8.8.8,8.8.4.4
O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\intu-help-qb2 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\intu-help-qb5 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\qbwc - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\intu-help-qb5 {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\FastAccess: DllName - (C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll) - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll ()
O24 - Desktop WallPaper: C:\Users\Blondie\Documents\+eZone Bible\Rates\Rates.jpg
O24 - Desktop BackupWallPaper: C:\Users\Blondie\Documents\+eZone Bible\Rates\Rates.jpg
O27:[b]64bit:[/b] - HKLM IFEO\acrord32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\amazingadventures2-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\bb2-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\blackhawk2-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\bookworm-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\buildalot3-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\chuzzle-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\ci3-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\dinerdash2-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\dora-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\farm-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\fate-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\flipwords-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\golf-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\granny-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\hpwucli.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\insaniquarium-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\jewelquest-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\jqsolitaire-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\mahjong-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\mytribe-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\onplay.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\pcdlauncher.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\poker3-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\polar-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\slingo-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\tradewinds-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\virtualvillagers-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\wheel of fortune-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\winbej2-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\worldofgoo-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:[b]64bit:[/b] - HKLM IFEO\zuma-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\amazingadventures2-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\bb2-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\blackhawk2-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\bookworm-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\buildalot3-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\chuzzle-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\ci3-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\dinerdash2-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\dora-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\farm-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\fate-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\flipwords-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\golf-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\granny-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\hpwucli.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\insaniquarium-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\jewelquest-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\jqsolitaire-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\mahjong-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\mytribe-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\onplay.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\pcdlauncher.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\poker3-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\polar-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\slingo-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\tradewinds-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\virtualvillagers-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\wheel of fortune-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\winbej2-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\worldofgoo-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\zuma-wt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/07/21 11:04:50 | 000,000,000 | ---D | M] - C:\AutoMacroRecorder -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013/11/07 07:54:39 | 000,000,000 | ---D | C] -- C:\Users\Blondie\AppData\Local\Mozilla Firefox(2855)
[2013/11/07 07:54:39 | 000,000,000 | ---D | C] -- C:\Users\Blondie\AppData\Local\Mozilla Firefox
[2013/10/30 10:35:49 | 000,000,000 | ---D | C] -- C:\Users\Blondie\Documents\Business-in-a-Box Files
[2013/10/30 10:33:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Business-in-a-Box
[2013/10/30 10:32:32 | 000,620,848 | ---- | C] (Biztree Inc.) -- C:\Users\Blondie\Cookies\Desktop\Business-in-a-Box_Setup_FT.exe
[2013/10/28 16:04:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Market Samurai
[2013/10/28 15:54:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
[2013/10/19 22:51:09 | 000,026,936 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2013/10/19 22:51:09 | 000,022,328 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2013/10/19 22:50:59 | 000,038,200 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2013/10/19 22:50:58 | 000,030,520 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2013/10/17 11:20:31 | 000,312,744 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013/10/17 11:19:58 | 000,108,968 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013/10/17 11:19:57 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013/10/17 11:19:57 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013/10/17 11:18:00 | 030,694,824 | ---- | C] (Oracle Corporation) -- C:\Users\Blondie\Cookies\Desktop\jre-7u45-windows-x64.exe
[2013/10/17 11:16:21 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/10/17 11:15:50 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/10/17 11:15:50 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/10/17 11:15:50 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/10/17 11:12:43 | 029,040,552 | ---- | C] (Oracle Corporation) -- C:\Users\Blondie\Cookies\Desktop\jre-7u45-windows-i586.exe
[2010/12/23 13:43:55 | 008,582,536 | ---- | C] (Mozilla) -- C:\Users\Blondie\Firefox Setup 3.6.13.exe
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013/11/13 12:46:27 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2668337199-2518303771-3018020695-1000UA.job
[2013/11/13 12:42:07 | 000,760,446 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/13 12:42:07 | 000,643,790 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/13 12:42:07 | 000,119,950 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/11/13 12:39:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/13 12:38:23 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/13 12:38:19 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/13 12:35:01 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/13 12:33:57 | 000,001,793 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/11/13 12:33:49 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013/11/13 12:30:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/11 06:12:15 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/10 08:46:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2668337199-2518303771-3018020695-1000Core.job
[2013/11/04 06:26:58 | 000,000,359 | ---- | M] () -- C:\Users\Blondie\AppData\Roaming\bibstats
[2013/11/02 14:12:51 | 000,001,693 | ---- | M] () -- C:\Users\Blondie\Cookies\Desktop\Google Drive.lnk
[2013/11/01 18:56:45 | 000,000,997 | ---- | M] () -- C:\Users\Blondie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/11/01 18:56:25 | 000,000,975 | ---- | M] () -- C:\Users\Blondie\Cookies\Desktop\Dropbox.lnk
[2013/10/30 10:32:24 | 000,620,848 | ---- | M] (Biztree Inc.) -- C:\Users\Blondie\Cookies\Desktop\Business-in-a-Box_Setup_FT.exe
[2013/10/17 11:19:51 | 000,108,968 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013/10/17 11:19:48 | 000,312,744 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013/10/17 11:19:48 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013/10/17 11:19:48 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013/10/17 11:18:15 | 030,694,824 | ---- | M] (Oracle Corporation) -- C:\Users\Blondie\Cookies\Desktop\jre-7u45-windows-x64.exe
[2013/10/17 11:15:41 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/10/17 11:15:38 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/10/17 11:15:38 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/10/17 11:15:38 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/10/17 11:12:55 | 029,040,552 | ---- | M] (Oracle Corporation) -- C:\Users\Blondie\Cookies\Desktop\jre-7u45-windows-i586.exe
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/11/12 07:46:39 | 000,001,793 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/10/30 10:36:03 | 000,000,359 | ---- | C] () -- C:\Users\Blondie\AppData\Roaming\bibstats
[2013/10/28 16:05:52 | 000,000,882 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Market Samurai.lnk
[2013/09/05 11:29:40 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/07/30 06:37:02 | 012,804,096 | ---- | C] () -- C:\Users\Blondie\s-1-5-21-2668337199-2518303771-3018020695-1000.rrr
[2012/11/07 11:11:17 | 000,004,096 | -H-- | C] () -- C:\Users\Blondie\AppData\Local\keyfile3.drm
[2012/08/27 08:06:12 | 000,013,034 | ---- | C] () -- C:\Users\Blondie\AppData\Roaming\Comma Separated Values (Windows).CAL
[2011/10/11 11:09:31 | 000,009,332 | ---- | C] () -- C:\Users\Blondie\AppData\Roaming\Comma Separated Values (Windows).EML
[2011/10/03 17:51:21 | 000,534,049 | ---- | C] () -- C:\Users\Blondie\.linkassistant.properties
[2011/10/03 17:49:34 | 003,157,050 | ---- | C] () -- C:\Users\Blondie\.websiteauditor.properties
[2011/09/08 11:54:49 | 000,210,061 | ---- | C] () -- C:\Users\Blondie\.ranktracker.properties
[2011/05/17 15:58:54 | 000,011,264 | ---- | C] () -- C:\Users\Blondie\PANELWERKS.DES
[2011/04/22 12:15:32 | 000,007,728 | ---- | C] () -- C:\Users\Blondie\AppData\Local\d3d9caps.dat
[2011/04/16 08:42:39 | 000,000,732 | ---- | C] () -- C:\Users\Blondie\AppData\Local\d3d9caps64.dat
[2011/04/05 16:50:48 | 000,006,144 | -H-- | C] () -- C:\Users\Blondie\photothumb.db
[2011/03/29 09:27:43 | 929,989,632 | ---- | C] () -- C:\Users\Blondie\archive.pst
[2011/03/02 14:29:24 | 000,025,088 | ---- | C] () -- C:\Users\Blondie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/29 11:47:30 | 000,110,456 | ---- | C] () -- C:\Users\Blondie\g2ax_customer_downloadhelper_win32_x86.exe
[2011/01/28 07:01:47 | 000,009,687 | ---- | C] () -- C:\Users\Blondie\AppData\Roaming\Microsoft Excel 97-2003.EML
[2011/01/27 15:15:26 | 000,000,088 | -HS- | C] () -- C:\Users\Blondie\AppData\Roaming\27FGHDTZQ43K327FV6JFD8LTD7
[2010/12/19 17:41:54 | 000,012,955 | ---- | C] () -- C:\Users\Blondie\AppData\Roaming\Microsoft Excel 97-2003.CAL
[2010/11/09 15:39:44 | 000,031,049 | ---- | C] () -- C:\Users\Blondie\AppData\Roaming\UserTile.png
[2010/09/12 17:44:01 | 000,011,405 | ---- | C] () -- C:\Users\Blondie\AppData\Roaming\Microsoft Excel 97-2003.TSK
[2010/08/02 19:39:10 | 000,172,702 | ---- | C] () -- C:\Users\Blondie\A-List.csv
[2010/04/01 11:53:19 | 000,219,136 | ---- | C] () -- C:\Users\Blondie\AppData\Roaming\TweetAdder
[2010/02/06 08:57:52 | 000,020,853 | ---- | C] () -- C:\Users\Blondie\Jennifer Moreau.jpg
[2009/12/27 07:32:02 | 000,011,397 | ---- | C] () -- C:\Users\Blondie\AppData\Roaming\Microsoft Excel.TSK
[2009/12/19 17:33:13 | 000,038,451 | ---- | C] () -- C:\Users\Blondie\AppData\Roaming\Tab Separated Values (Windows).ADR
[2009/09/24 08:42:04 | 000,001,326 | ---- | C] () -- C:\Users\Blondie\AppData\Roaming\wklnhst.dat
[2009/09/08 13:18:43 | 000,000,600 | ---- | C] () -- C:\Users\Blondie\AppData\Roaming\winscp.rnd
[2009/09/01 18:21:07 | 000,000,081 | ---- | C] () -- C:\Users\Blondie\CTX.DAT
[2009/07/22 12:50:54 | 000,023,949 | ---- | C] () -- C:\Users\Blondie\AppData\Roaming\Comma Separated Values (Windows).ADR
[2009/07/02 19:49:57 | 000,060,864 | ---- | C] () -- C:\Users\Blondie\g2mdlhlpx.exe
[2009/06/23 14:17:58 | 000,038,416 | ---- | C] () -- C:\Users\Blondie\AppData\Roaming\Microsoft Excel.ADR
[2009/06/12 09:19:03 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/06/01 11:52:12 | 000,000,091 | ---- | C] () -- C:\Users\Blondie\appletfile.props
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2006/11/02 10:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 12:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 02:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 21:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 143 bytes -> C:\Users\Blondie\AppData\Roaming\Microsoft Excel 97-2003.EML:OECustomProperty
@Alternate Data Stream - 143 bytes -> C:\Users\Blondie\AppData\Roaming\Comma Separated Values (Windows).EML:OECustomProperty
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5C321E34
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >