Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Avast keeps giving windows.malware-gen and win32.downloader.PKU 9tj) a

Started by betsym , Jul 22 2012 03:46 AM

  • This topic is locked This topic is locked

#91
Essexboy
Posted 02 November 2012 - 07:57 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0

Advertisements

#92
Essexboy
Posted 27 November 2012 - 08:16 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
User returned
  • 0

#93
Essexboy
Posted 02 December 2012 - 05:47 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
User returned
  • 0

#94
betsym
Posted 05 December 2012 - 02:35 AM

betsym

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 153 posts
OTL logfile created on: 12/1/2012 11:51:31 PM - Run 5
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Betsy\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.98 Gb Total Physical Memory | 2.29 Gb Available Physical Memory | 57.51% Memory free
7.96 Gb Paging File | 5.73 Gb Available in Paging File | 72.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 699.90 Gb Free Space | 75.14% Space Free | Partition Type: NTFS

Computer Name: BETSY-PC | User Name: Betsy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/27 22:43:18 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/10/30 17:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/10/30 17:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/10/10 20:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/10/09 12:17:40 | 000,099,328 | ---- | M] () -- C:\Program Files (x86)\AddLyrics\YTLUpdater.exe
PRC - [2012/10/02 12:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/09/19 23:02:24 | 000,363,752 | ---- | M] (BillP Studios) -- C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2012/09/08 09:05:08 | 000,277,744 | ---- | M] (SpeedBit Ltd.) -- C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe
PRC - [2012/08/10 12:51:32 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Betsy\Desktop\OTL.exe
PRC - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/18 23:54:46 | 001,192,664 | ---- | M] () -- C:\Users\Betsy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012/07/05 17:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2011/10/11 12:49:14 | 001,179,648 | ---- | M] (W3i, LLC) -- C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe
PRC - [2011/03/28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/12/20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/12/20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (No Company Name) ==========

MOD - [2012/11/27 22:43:17 | 000,460,904 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\ppgooglenaclpluginchrome.dll
MOD - [2012/11/27 22:43:15 | 004,008,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\pdf.dll
MOD - [2012/11/27 22:42:30 | 000,587,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\libglesv2.dll
MOD - [2012/11/27 22:42:29 | 000,124,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\libegl.dll
MOD - [2012/11/27 22:42:22 | 000,157,304 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\avutil-51.dll
MOD - [2012/11/27 22:42:21 | 002,168,952 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\avcodec-54.dll
MOD - [2012/11/27 22:42:21 | 000,275,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\avformat-54.dll
MOD - [2012/10/09 12:17:40 | 000,099,328 | ---- | M] () -- C:\Program Files (x86)\AddLyrics\YTLUpdater.exe
MOD - [2012/07/18 23:54:46 | 001,192,664 | ---- | M] () -- C:\Users\Betsy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MOD - [2012/06/20 16:23:00 | 000,599,419 | ---- | M] () -- C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2011/11/01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/10/30 17:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012/09/22 02:22:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2011/08/05 12:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:64bit: - [2011/08/05 12:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:64bit: - [2011/08/05 12:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2010/11/20 22:24:51 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\snmp.exe -- (SNMP)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:41:10 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iprip.dll -- (iprip)
SRV:64bit: - [2009/07/13 20:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)
SRV:64bit: - [2009/07/13 20:39:20 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
SRV:64bit: - [2009/07/13 20:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV - [2012/11/09 14:49:17 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/11/03 18:45:05 | 000,115,168 | ---- | M] (Mozilla Foundation) [Auto | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/10 20:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/10/02 12:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/09/08 09:05:08 | 000,277,744 | ---- | M] (SpeedBit Ltd.) [Auto | Running] -- C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/05 17:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/06/29 13:56:24 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) [Auto | Running] -- C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe -- (cbVSCService11)
SRV - [2011/04/01 11:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/03/28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/12/20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/12/20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/11/20 22:25:10 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP)
SRV - [2010/11/20 22:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/11/20 22:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010/11/20 22:24:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/07/13 20:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/10/30 17:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/10/30 17:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/10/30 17:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/10/30 17:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/10/30 17:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/10/15 11:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/08/23 09:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 09:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 09:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/28 01:15:28 | 000,057,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/06/21 15:04:52 | 000,549,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SRS_AE_amd64.sys -- (SRS_AE_Service)
DRV:64bit: - [2012/05/25 12:14:24 | 000,057,976 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SBREDrv.sys -- (SBRE)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/22 11:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 16:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/05 16:35:20 | 000,253,528 | ---- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SbFw.sys -- (SbFw)
DRV:64bit: - [2011/04/05 16:35:20 | 000,094,296 | ---- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\sbtis.sys -- (SbTis)
DRV:64bit: - [2011/04/05 16:35:20 | 000,060,504 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbhips.sys -- (sbhips)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/08 08:14:20 | 000,084,568 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCLMP)
DRV:64bit: - [2011/02/08 08:14:20 | 000,084,568 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV:64bit: - [2011/01/25 10:28:10 | 000,172,648 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/12/10 00:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/12/10 00:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/10/19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:26:13 | 000,189,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.yahoo....Terms}&ei=UTF-8
IE - HKCU\..\SearchScopes\{69E424E0-00A7-4947-B195-4F925730EB75}: "URL" = http://search.yahoo....f-8&fr=chr-yie9
IE - HKCU\..\SearchScopes\{964BC362-3977-442B-A8F4-B4A61C7006F2}: "URL" = http://delicious.com...?p={searchTerms}
IE - HKCU\..\SearchScopes\{F63DAAF5-4E9D-4721-9213-881154A5E12B}: "URL" = http://www.flickr.co...?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultEngine: "Yahoo"
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=380920"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-tyc9"
FF - prefs.js..browser.search.param.yahoo-type: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/?fr=fp-tyc9"


FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017300.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/10/31 19:15:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files (x86)\SPEEDbit Video Downloader\SPFireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/11/11 21:38:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/11/11 21:38:14 | 000,000,000 | ---D | M]

[2012/02/14 03:53:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Extensions
[2012/11/29 01:33:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions
[2012/10/28 22:22:41 | 000,000,000 | ---D | M] (Browser Backgrounds) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\{3e0c7f3a-3f50-4730-beb5-4a9a10e2831c}
[2012/10/28 22:22:40 | 000,000,000 | ---D | M] (EPUBReader) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
[2012/10/28 22:22:39 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/11/29 01:33:27 | 000,000,000 | ---D | M] (Toolbar - Big Fish Games) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\{6847DFAE-037A-400c-A524-27F0A281B692}
[2012/10/28 22:22:38 | 000,000,000 | ---D | M] (Personas Rotator) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\{6e73f6b7-b9ab-44b8-b744-6393e3c2e351}
[2012/11/04 18:22:13 | 000,000,000 | ---D | M] (Fire.fm) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\{6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}
[2012/10/28 22:22:37 | 000,000,000 | ---D | M] (Theme Font & Size Changer) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\{f69e22c7-bc50-414a-9269-0f5c344cd94c}
[2012/10/28 22:22:43 | 000,000,000 | ---D | M] ("Default Theme Engine - Personas Interactive") -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\[email protected]
[2012/10/28 22:22:42 | 000,000,000 | ---D | M] (Custom Buttons) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\[email protected]
[2012/10/28 22:22:42 | 000,000,000 | ---D | M] ("CyberSearch") -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\[email protected]
[2012/10/28 22:22:42 | 000,000,000 | ---D | M] (DoNotTrackPlus) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\[email protected]
[2012/10/28 22:22:42 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\[email protected]
[2012/10/28 22:22:41 | 000,000,000 | ---D | M] (MinimizeToTray revived (MinTrayR)) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\[email protected]
[2012/11/03 18:45:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/11/03 18:45:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2012/10/31 19:15:17 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/10/28 22:22:41 | 000,491,784 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\{15E67A59-BD3D-49AE-90DD-B3D3FD14C2ED}.XPI
[2012/11/16 17:58:57 | 000,342,379 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
[2012/10/28 22:22:40 | 000,269,659 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI
[2012/10/28 22:22:40 | 000,026,704 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\{4CC4A13B-94A6-7568-370D-5F9DE54A9C7F}.XPI
[2012/10/28 22:22:39 | 000,050,631 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\{54BB9F3F-07E5-486C-9B39-C7398B99391C}.XPI
[2012/10/28 22:22:37 | 000,008,283 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\{CD617372-6743-4EE4-BAC4-FBF60F35719E}.XPI
[2012/10/28 22:22:37 | 000,698,867 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
[2012/10/28 22:22:37 | 000,685,019 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\{EF4E370E-D9F0-4E00-B93E-A4F274CFDD5A}.XPI
[2012/10/28 22:22:43 | 000,065,631 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\[email protected]
[2012/10/28 22:22:43 | 000,047,822 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\[email protected]
[2012/10/28 22:22:42 | 000,363,041 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\[email protected]
[2012/10/28 22:22:43 | 000,073,806 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\[email protected]
[2012/10/28 22:22:42 | 000,059,702 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\[email protected]
[2012/10/28 22:22:42 | 000,052,174 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\[email protected]
[2012/10/28 22:22:42 | 000,637,327 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\[email protected]
[2012/10/28 22:22:41 | 000,174,405 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\[email protected]
[2012/10/28 22:22:41 | 000,101,213 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\[email protected]
[2012/10/28 22:22:41 | 000,113,112 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\[email protected]
[2012/10/28 23:12:42 | 000,330,316 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\[email protected]
[2012/10/28 22:22:41 | 000,621,521 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\[email protected]
[2012/11/03 18:45:05 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/05/02 12:24:56 | 000,064,512 | ---- | M] (Kaneva, LLC.) -- C:\Program Files (x86)\mozilla firefox\plugins\npkanevapatch.dll
[2012/10/28 09:06:59 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/10/28 09:06:59 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Application Manager (Enabled) = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll
CHR - plugin: Chrome SVD extension (Enabled) = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcpfkccckpeeghiklnhienllljccglb\2.0.7_0\lib/npdownloaderchrome.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.1.0.10441_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Kaneva WOK Patch Plugin for Mozilla 3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npkanevapatch.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: AmazonMP3DownloaderPlugin (Enabled) = C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017300.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Google Translate = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\
CHR - Extension: Magic Actions for YouTube\u2122 = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif\5.6_0\
CHR - Extension: Radio = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\agljkoinmcdnopnlbhhjibjiablccgoh\1.0.56_0\
CHR - Extension: BIODIGITAL HUMAN = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak\0.9.5_0\
CHR - Extension: Ancient History Encyclopedia = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahggffalhoajbhlaogbplamaaghnncle\3_0\
CHR - Extension: IconSmash - Free Icons = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahphhkpleajnegckhjiogcpojdjimcob\1.0.2.1_0\
CHR - Extension: Theme Creator = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc\2.5_0\
CHR - Extension: TooManyTabs for Chrome = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp\1.9.4_0\
CHR - Extension: Lucidchart: Diagramming = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn\16_0\
CHR - Extension: Shortcuts for Google\u2122 = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\baohinapilmkigilbbbcccncoljkdpnd\1.6.4.2_0\
CHR - Extension: Sexy Undo Close Tab = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcennaiejdjpomgmmohhpgnjlmpcjmbg\7.2.3_0\
CHR - Extension: MindMeister = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdehgigffdnkjpaindemkaniebfaepjm\2.1.1_0\
CHR - Extension: Atari - Haunted House = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\befllnbglkekdmilmjehkplpgeikeibh\1.0_0\
CHR - Extension: TV = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh\1.0.11_0\
CHR - Extension: YouTube = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Bible = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\boljbeanmjklkbfnppfedajbgeongccb\1.8.7.2_0\
CHR - Extension: Delicous Emily's True Love HD = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbkdfjbbfbbepebmplhjeokaekmfokhn\1.0_0\
CHR - Extension: Radio Paradise HD = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfipoepojmpflbibfkabgamkgcppgao\2.0.1_0\
CHR - Extension: Add to Amazon Wish List = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.9_0\
CHR - Extension: Webpage & WebCam Screenshot = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki\5.7.3_0\
CHR - Extension: BookSliced = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbmmmggneafjbjafolahmjlniibamgm\1.1_0\
CHR - Extension: The Game Effect = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnmilalfobndenadgejhchfcpijninel\1.0.0.1_0\
CHR - Extension: Read Later Fast = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji\1.5.4_0\
CHR - Extension: Speed Dial = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi\2.5.2_0\
CHR - Extension: Millionaire City = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnfooibgchoaehnljhfhcbabjkhhbmhd\1_0\
CHR - Extension: Word Search = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnjkggjhcbohgnikmegjkodmakmimlkj\1.0.0.1_0\
CHR - Extension: Word Search = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnjkggjhcbohgnikmegjkodmakmimlkj\1.0.0.1_0\~
CHR - Extension: Free Online Games = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eciikokclglkbdhbmecaodaanacocdda\1.7_0\
CHR - Extension: NYTimes = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmphppfkcfflgglcokcbdkofpfegoel\1.2.4_0\
CHR - Extension: Search All = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eekjldapjblgadclklmgolijbagmdnfk\2.1.2_0\
CHR - Extension: Top Games = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\emcpcjoaklifiibimmjnkgcjecaocpnm\1.2.1_0\
CHR - Extension: Feltipen = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocigfodbakglnhcfokapbcgbmnjnnna\0.0.5_0\
CHR - Extension: Pandora = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl\1.0_0\
CHR - Extension: Causality Games = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\femoooemgmjaebeodbbikbkmhlafenpl\10_0\
CHR - Extension: Goodgame Disco Online = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbnbfnljfkkgnpbecdiinmdefkbnicj\1.0.1_0\
CHR - Extension: Stylish = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\1.0_0\
CHR - Extension: Sherwood Dungeon = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gchmabiifbainacfbjdnphikecbelkoo\0.0.0.4_0\
CHR - Extension: Digital Clock = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo\1.11_0\
CHR - Extension: Book of Love = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfmbikijideomibgfdepbdalhaapnbil\1.0_0\
CHR - Extension: MagicScroll eBook Reader = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble\3.0_0\
CHR - Extension: Baeblemusic = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdmgicikldcgknkaigdengedddmmoaak\4_0\
CHR - Extension: LastPass = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.14_0\
CHR - Extension: Creatures & Castles = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfpeacgpdnhofhebmincihdelcemhagd\2.0_0\
CHR - Extension: Music = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgakehlldcacnfhjampnkihibmkgclhk\1.1_0\
CHR - Extension: Flixster = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgbpjlnkjhllfgfdmieompodgaefjcfh\1.0.6_0\
CHR - Extension: Ravenwood Fair = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhajfjlfdpmjfnedhkohdicohafiffca\1.1_0\
CHR - Extension: NPR Infinite Player = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkpcelemhneoooapbbopolpjhmbfmnbf\2.1_0\
CHR - Extension: Rdio Enhancer = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmaalfaappddkggilhahaebfhdmmmngf\2.4.1_0\
CHR - Extension: Mystery Case Files: Madame Fate \u00AE = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjhpnaodhjkfpbhmjjakbngblomampb\1.3_0\
CHR - Extension: The Treasures Of Mystery Island = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpfeolpjfpphdekpgpjmaldmhekpklma\2.0.0_0\
CHR - Extension: Crackle = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic\7.1.3_0\
CHR - Extension: avast! WebRep = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Mind42 = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icodbndgedclejcmgnjfigcclgafddhh\2.0_0\
CHR - Extension: Who wants to be a Millionaire = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifihhnflimpkeflpbndflkopddiilnfh\2.3.1_0\
CHR - Extension: Escape the Mansion = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\igidehinggodbiknfganhbghapfcmgkg\1.0_0\
CHR - Extension: Game Free = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihbconfmkcefonlifkclkgmnhfpegghl\2.0.0_0\
CHR - Extension: The VW Beetle club = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihlacjigajombjbafklhimhglgnnmoaf\1_0\
CHR - Extension: 60 Minutes = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\imjhdahelgojehmfmkmdfjcpfbglbfmj\0.60_0\
CHR - Extension: Like.fm = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaofpdcblhcphmliigaphljgfibghldn\5_0\
CHR - Extension: Free & Powerful Website Builder - Breezi = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcddmlaijhcifebdodoofgaojgnahlhk\1.6.3_0\
CHR - Extension: Lord of Ultima = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced\1.0.12_0\
CHR - Extension: mydeco 3D planner = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfnniehafojoidolddmhfnpnbiolbppi\2.3_0\
CHR - Extension: Typing Test - KeyHero = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcieoaeooeidmpaopkpjpjfakidlabm\1.4.0_0\
CHR - Extension: Kobo Instant Reader = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jknhjclcchfapglhbceedkoldnkmmhcc\0.9.5_0\
CHR - Extension: Zombie Track Meat = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfhnfnjfdoplkgbkmibfkdjolnemfdk\1.0.1578.0_0\
CHR - Extension: Speed Dial 2 = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik\1.6.1.3_0\
CHR - Extension: The Raven = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kffogcmhohbenlbliifpbbcnnokgoaao\1.0.7_0\
CHR - Extension: Alarm Clock Radio = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kipdhcpepbpjaoggihaloebfjfafagmi\1.6_0\
CHR - Extension: Radio Paradise Now Playing = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjkilieinibghgmehadakcmdonfljmod\1.4_0\
CHR - Extension: Little Alchemy = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd\0.0.15.7_0\
CHR - Extension: LIFEYO = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lclfjapeleajldloiflhdagnfkmijmea\1.0.1_0\
CHR - Extension: TubeSnack - Online Video Player = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lepfcadhgpghgblgpffcmabpfckadmbd\1.3_0\
CHR - Extension: ourWorld = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lepkjinjcnnhflmcfgofdnmahpdeaeoh\1.2_0\
CHR - Extension: World Digital Library - UNESCO = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lganibdddhhoohdchmljgclacnfnkfgb\1.2.1_0\
CHR - Extension: TV for Google Chrome\u2122 = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe\2.0.1_0\
CHR - Extension: Moonlit Walks = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndjmafaijekcjbiffdpggipjbfjgdgk\1.2_0\
CHR - Extension: Google Maps = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Plink = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\loeiekheegipnnbcfbfkanbbegkhjjcm\1.0_0\
CHR - Extension: Lazarus: Form Recovery = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\loljledaigphbcpfhfmgopdkppkifgno\3.0.5_0\
CHR - Extension: Readable Colors = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\macccnigegaaklkmimficcofikbblncb\0.2_0\
CHR - Extension: Google Dictionary (by Google) = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.15_0\
CHR - Extension: Quick Note = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.2_0\
CHR - Extension: Halloween Match = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjlhdoefkldfpkoeknacliidcncfebac\1.4.2.27_0\
CHR - Extension: Mixify = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkjlbfglfefcmkmglakdocbgnggeieno\0.0.0.6_0\
CHR - Extension: Ghostery = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\4.1.0_0\
CHR - Extension: FastestChrome - Browse Faster = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\6.9.9_0\
CHR - Extension: Google Play Books = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb\1.1.8_0\
CHR - Extension: Princess Match = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnclclbcpgdlfbdacfgfolncclkbjcge\1.4.2.16_0\
CHR - Extension: My Time Organizer = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbgjpoemniodpkigbjkleiaoifclhfdm\1.0.3_0\
CHR - Extension: Incredible StartPage - Productive Start Page for Chrome! = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdfeghkpohnalmpblddmnppfooljekh\1.6.2_0\
CHR - Extension: Pirates Glory = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhbbhdhkbdhdnegpeadgangnbomcegca\0.5_0\
CHR - Extension: Pocket (formerly Read It Later) = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj\1.1.3_0\
CHR - Extension: Late Brew Arcade = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbiifknneldgebafkhdmimldbhnndgd\1.1_0\
CHR - Extension: Vilanoise TV = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlpooomomkhnelcnlomcoffaaofhfmmf\1.2.0.2_0\
CHR - Extension: Free Games = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nndbdckmkellfcokfnndfmgbcajkpffi\1.4_0\
CHR - Extension: TypingClub = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\obdbgibnhfcjmmpfijkpcihjieedpfah\4.0_0\
CHR - Extension: Picky Wallpapers = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\odklcfojpedohplkimfdpcamkjnhanaj\1.0.0_0\
CHR - Extension: Free Games = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\odnlkojnclefkippkkijniiobhpappnm\1.0_0\
CHR - Extension: My Chrome Theme = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic\1.1.0_0\
CHR - Extension: Print Friendly & PDF = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlencieiipommannpdfcmfdpjjmeolj\2.2_0\
CHR - Extension: Type Fu = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\okboeogmnhjpgbeaokfogelclpblaemo\2.0.0_0\
CHR - Extension: My Empire Online = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ophdpgigffhilllbappafifipjlobgoh\1.1_0\
CHR - Extension: Thesaurus = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pddaeeclcbikcegjhhgocgkakehngcem\1.4_0\
CHR - Extension: Psykopaint = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0\
CHR - Extension: Psykopaint = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0\.bak
CHR - Extension: The Key for YouTube\u2122 = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmnfpmhdanicbahccgohnanecaphfmb\0.6.7_0\
CHR - Extension: Google Reader = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm\4.4_0\
CHR - Extension: TuneYou Radio = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\plaapjbgohfgkalmmjpakodbpomahebn\2.5_0\

O1 HOSTS File: ([2012/11/01 21:34:59 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2:64bit: - BHO: (no name) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - No CLSID value found.
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - No CLSID value found.
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (no name) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No CLSID value found.
O2:64bit: - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2:64bit: - BHO: (no name) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - No CLSID value found.
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - No CLSID value found.
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Toolbar - Big Fish Games) - {C7C9FC25-88B0-4682-9C9F-2608E9117647} - C:\Program Files (x86)\bfgbartb\BfgBarDx.dll ()
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Toolbar - Big Fish Games) - {C7C9FC25-88B0-4682-9C9F-2608E9117647} - C:\Program Files (x86)\bfgbartb\BfgBarDx.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (Copernic Agent) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Copernic Agent) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O4:64bit: - HKLM..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [[email protected]] C:\Program Files (x86)\AddLyrics\YTLUpdater.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_0A5F8865FCC28F04CD315B29B2948A97] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [InstallIQUpdater] C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe (W3i, LLC)
O4 - HKCU..\Run: [SkyDrive] C:\Users\Betsy\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Betsy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\Program Files (x86)\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.)
O9 - Extra Button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\Program Files (x86)\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)
O15 - HKCU\..Trusted Domains: netflix.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: secondlife.com ([www] https in Trusted sites)
O16:64bit: - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Reg Error: Key error.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2DA3C4AB-E6B6-47A6-B0F3-1BD81524B51B} http://www.activewor...ldsDownload.cab (ActiveWorldsDownload Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5E9B35FA-AE15-4EA9-9A05-2769738C5599}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5E9B35FA-AE15-4EA9-9A05-2769738C5599}: NameServer = 8.8.8.8,4.2.2.1
O18:64bit: - Protocol\Handler\copernicagent - No CLSID value found
O18:64bit: - Protocol\Handler\copernicagentcache - No CLSID value found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O18 - Protocol\Handler\copernicagent {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O18 - Protocol\Handler\copernicagentcache {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/11/29 01:33:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\bfgbartb
[2012/11/29 01:24:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/11/29 01:24:13 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/11/29 01:24:13 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/11/29 01:23:53 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/11/29 01:23:53 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/11/29 01:23:53 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/11/29 01:22:53 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/11/22 16:22:13 | 000,000,000 | ---D | C] -- C:\Users\Betsy\Documents\My Kindle Content
[2012/11/22 16:21:55 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
[2012/11/22 16:21:43 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Local\Amazon
[2012/11/20 08:13:43 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Roaming\ParetoLogic
[2012/11/20 08:11:48 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2012/11/20 06:35:33 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2012/11/20 06:30:52 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2012/11/20 06:30:52 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2012/11/20 06:30:52 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2012/11/20 06:30:52 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2012/11/20 06:30:52 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2012/11/20 06:30:52 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2012/11/20 06:30:52 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2012/11/20 06:30:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2012/11/20 06:30:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2012/11/20 06:30:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2012/11/20 06:30:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2012/11/20 06:30:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2012/11/20 06:30:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2012/11/20 06:30:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2012/11/20 06:30:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2012/11/20 06:30:52 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2012/11/20 06:30:52 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2012/11/20 06:30:49 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012/11/20 06:30:49 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2012/11/20 06:30:49 | 002,434,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2012/11/20 06:30:49 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2012/11/20 06:30:49 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/11/20 06:30:49 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2012/11/20 06:30:49 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/11/20 06:30:49 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012/11/20 06:30:49 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2012/11/20 06:30:49 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2012/11/20 06:30:49 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012/11/20 06:30:49 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2012/11/20 06:30:49 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2012/11/20 06:30:48 | 001,643,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/11/20 06:30:47 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2012/11/20 06:30:47 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2012/11/20 06:30:47 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2012/11/20 06:30:47 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012/11/20 06:30:47 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2012/11/20 06:30:47 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2012/11/20 06:30:47 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2012/11/20 06:30:47 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012/11/20 06:30:46 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2012/11/20 06:30:46 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2012/11/18 03:10:37 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012/11/18 03:10:37 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012/11/18 03:04:25 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/11/18 03:04:25 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/11/18 03:04:24 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/11/18 03:04:24 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/11/18 03:04:24 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/11/18 03:04:24 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/11/18 03:04:24 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/11/18 03:04:24 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/11/18 03:04:23 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/11/18 03:04:23 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/11/18 03:04:23 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/11/18 03:04:23 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/11/18 03:04:22 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/11/18 03:04:22 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/11/18 03:04:22 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/11/18 03:01:26 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012/11/18 03:01:25 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012/11/18 03:01:25 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012/11/18 03:01:25 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012/11/17 21:02:18 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012/11/17 21:02:18 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012/11/17 21:02:18 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012/11/17 21:02:10 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iisRtl.dll
[2012/11/17 21:02:09 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iisRtl.dll
[2012/11/17 21:02:09 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admwprox.dll
[2012/11/17 21:02:08 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admwprox.dll
[2012/11/17 21:02:07 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iisreset.exe
[2012/11/17 21:02:07 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iisreset.exe
[2012/11/17 21:02:06 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ahadmin.dll
[2012/11/17 21:02:05 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ahadmin.dll
[2012/11/17 21:02:05 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wamregps.dll
[2012/11/17 21:02:05 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wamregps.dll
[2012/11/17 21:02:04 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iisrstap.dll
[2012/11/17 21:02:04 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iisrstap.dll
[2012/11/17 21:01:59 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012/11/17 21:01:59 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012/11/17 21:01:59 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012/11/17 21:01:59 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012/11/17 21:01:57 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012/11/17 21:01:57 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012/11/17 21:01:36 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012/11/17 21:01:36 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012/11/12 07:12:59 | 000,000,000 | ---D | C] -- C:\Program Files\WOT
[2012/11/12 07:12:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WOT
[2012/11/12 06:56:26 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Roaming\WinPatrol
[2012/11/12 06:56:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
[2012/11/12 06:56:13 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2012/11/12 06:56:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BillP Studios
[2012/11/11 21:38:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/11/11 21:38:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012/11/04 15:52:27 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012/11/04 15:52:00 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012/11/04 15:52:00 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012/11/04 15:52:00 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012/11/03 18:45:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/11/03 15:24:29 | 000,000,000 | ---D | C] -- C:\Users\Betsy\Documents\Windows 8 Upgrade Assistant_files
[2012/11/03 12:38:48 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

========== Files - Modified Within 30 Days ==========

[2012/12/01 23:36:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/01 23:03:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/01 21:19:17 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/01 21:19:17 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/01 21:10:19 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/01 21:10:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/01 21:09:56 | 3206,475,776 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/30 14:37:49 | 000,002,302 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/11/29 01:32:48 | 000,000,059 | ---- | M] () -- C:\ProgramData\user.ini
[2012/11/29 01:23:48 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/11/29 01:23:47 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/11/29 01:23:47 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/11/29 01:23:46 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/11/29 01:23:45 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/11/28 18:52:59 | 000,794,642 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/11/28 18:52:59 | 000,674,532 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/11/28 18:52:59 | 000,122,020 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/11/27 21:31:59 | 000,023,399 | ---- | M] () -- C:\Users\Betsy\Documents\Download-16-Starting-Your-Novel-Right.pdf
[2012/11/22 22:43:04 | 000,384,112 | ---- | M] () -- C:\Users\Betsy\Documents\The Trust Factor.pdf
[2012/11/22 16:22:00 | 000,002,193 | ---- | M] () -- C:\Users\Betsy\Desktop\Kindle.lnk
[2012/11/20 11:43:59 | 000,001,441 | ---- | M] () -- C:\Users\Betsy\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/11/20 06:30:52 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2012/11/20 06:30:52 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2012/11/20 06:30:52 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2012/11/20 06:30:52 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2012/11/20 06:30:52 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2012/11/20 06:30:52 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2012/11/20 06:30:52 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2012/11/20 06:30:52 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2012/11/20 06:30:52 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2012/11/20 06:30:52 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2012/11/20 06:30:52 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2012/11/20 06:30:52 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2012/11/20 06:30:52 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2012/11/20 06:30:52 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2012/11/20 06:30:52 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2012/11/20 06:30:52 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2012/11/20 06:30:52 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2012/11/20 06:30:52 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2012/11/20 06:30:49 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012/11/20 06:30:49 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2012/11/20 06:30:49 | 002,434,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2012/11/20 06:30:49 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2012/11/20 06:30:49 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/11/20 06:30:49 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2012/11/20 06:30:49 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/11/20 06:30:49 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012/11/20 06:30:49 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2012/11/20 06:30:49 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2012/11/20 06:30:49 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012/11/20 06:30:49 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2012/11/20 06:30:48 | 001,643,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/11/20 06:30:47 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2012/11/20 06:30:47 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2012/11/20 06:30:47 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2012/11/20 06:30:47 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012/11/20 06:30:47 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2012/11/20 06:30:47 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2012/11/20 06:30:47 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2012/11/20 06:30:47 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012/11/20 06:30:47 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2012/11/20 06:30:46 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2012/11/18 03:37:53 | 000,412,624 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/11/17 20:44:05 | 000,001,958 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/11/17 20:44:02 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/11/11 21:38:08 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/11/09 14:49:16 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/11/09 14:49:16 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/11/09 00:46:10 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2012/11/04 15:51:56 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2012/11/04 15:51:54 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012/11/04 15:51:54 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012/11/04 15:51:54 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012/11/04 15:51:54 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012/11/03 15:32:01 | 000,009,334 | ---- | M] () -- C:\Users\Betsy\Desktop\SysRestorePoint_v13.zip
[2012/11/03 15:24:29 | 000,030,260 | ---- | M] () -- C:\Users\Betsy\Documents\Windows 8 Upgrade Assistant.html

========== Files Created - No Company Name ==========

[2012/11/29 01:32:48 | 000,000,059 | ---- | C] () -- C:\ProgramData\user.ini
[2012/11/27 21:31:59 | 000,023,399 | ---- | C] () -- C:\Users\Betsy\Documents\Download-16-Starting-Your-Novel-Right.pdf
[2012/11/22 16:22:00 | 000,002,193 | ---- | C] () -- C:\Users\Betsy\Desktop\Kindle.lnk
[2012/11/20 11:43:58 | 000,001,413 | ---- | C] () -- C:\Users\Betsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/11/18 03:10:41 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/18 03:01:25 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/11/03 15:32:01 | 000,009,334 | ---- | C] () -- C:\Users\Betsy\Desktop\SysRestorePoint_v13.zip
[2012/11/03 15:24:28 | 000,030,260 | ---- | C] () -- C:\Users\Betsy\Documents\Windows 8 Upgrade Assistant.html
[2012/09/27 19:50:58 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2012/09/08 08:50:21 | 000,109,256 | ---- | C] () -- C:\Windows\SysWow64\EasyHook64.dll
[2012/09/08 08:50:21 | 000,090,824 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll
[2012/08/29 03:26:47 | 000,552,290 | ---- | C] () -- C:\Windows\hpoins28.dat
[2012/07/26 13:26:41 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\SBRC.dat
[2012/07/19 07:14:02 | 000,000,000 | ---- | C] () -- C:\Users\Betsy\defogger_reenable
[2012/05/06 23:50:55 | 000,165,380 | ---- | C] () -- C:\Windows\hpoins28.dat.temp
[2012/05/06 23:50:55 | 000,000,442 | ---- | C] () -- C:\Windows\hpomdl28.dat.temp
[2012/03/29 21:45:37 | 000,142,456 | ---- | C] () -- C:\Windows\hpwins10.dat
[2012/03/29 21:45:37 | 000,000,372 | ---- | C] () -- C:\Windows\hpwmdl10.dat
[2012/02/18 20:13:59 | 000,007,600 | ---- | C] () -- C:\Users\Betsy\AppData\Local\resmon.resmoncfg
[2012/02/14 01:45:40 | 000,109,782 | ---- | C] () -- C:\Windows\CopernicAgentUninstall.exe
[2012/02/08 01:42:30 | 000,187,432 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/02/07 23:48:42 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar36.dll
[2012/02/07 23:48:42 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\ztvunace26.dll
[2012/02/07 23:48:42 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\unacev2.dll
[2012/02/07 23:48:41 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\unrar3.dll
[2012/02/02 22:15:12 | 000,000,110 | ---- | C] () -- C:\Users\Betsy\webct_upload_applet.properties
[2012/02/01 21:34:08 | 000,759,634 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/31 15:52:02 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/01/31 15:52:02 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012/01/31 15:52:02 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/01/31 15:52:02 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/01/31 14:46:58 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012/01/31 14:46:51 | 000,023,898 | ---- | C] () -- C:\Windows\Ascd_tmp.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 233 bytes -> C:\ProgramData\TEMP:6E2D80C8
@Alternate Data Stream - 210 bytes -> C:\ProgramData\TEMP:CB0AACC9
@Alternate Data Stream - 208 bytes -> C:\ProgramData\TEMP:F8780B24
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:862BDB1A
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:56E2E879

< End of report >
I'm not sure about what problems I'm still having but I will know by the time you are back on the computer. When I had downloaded the release version of IE 10, I started having issues right away so I took it off. I had thought about upgrading to Windows 8 but my computer man, the guy who custom-built my computer at Circuitboard computers, discouraged me from doing so, at least until it had been out a while and had gotten all the "bugs" worked out. he said it was mostly for "Touch Screen" computers. Let me ask you, is it better to back-up computer files to a paid-subscription "cloud" space or better to buy a $100 1 Terabyte external hardrive? Avast has such a thing. I got their Computer Rescue disc in cash my computer ever crashes and the computer won't start. You're supposed to be able to put the rescue disc in and start it from that. they also have "the cloud" for, I think, $50 a year or something, but I was just wondering if it's safe? Isn't there a chance that somebody could hack into somebody else's "cloud space"?Either way, I want to make backing my computer up a regular thing.


  • 0

#95
Essexboy
Posted 05 December 2012 - 08:13 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
You have a multitude of toolbars and addons it would speed your system up if you uninstall the ones you do not really need

I would also go for a hard drive backup, as it is faster than using the cloud. Plus if you have no network connection you will be unable to restore

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:OTL
O2:64bit: - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2:64bit: - BHO: (no name) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - No CLSID value found.
O2:64bit: - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - No CLSID value found.
O2:64bit: - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O2:64bit: - BHO: (no name) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No CLSID value found.
O2:64bit: - BHO: (no name) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - No CLSID value found.
O2:64bit: - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - No CLSID value found.
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O4 - HKCU..\Run: [InstallIQUpdater] C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe (W3i, LLC)

:Files
 C:\Program Files (x86)\W3i

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#96
betsym
Posted 07 December 2012 - 01:58 AM

betsym

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 153 posts
OTL logfile created on: 12/7/2012 2:20:42 AM - Run 7
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Betsy\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.98 Gb Total Physical Memory | 2.73 Gb Available Physical Memory | 68.58% Memory free
7.96 Gb Paging File | 6.53 Gb Available in Paging File | 81.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 701.64 Gb Free Space | 75.33% Space Free | Partition Type: NTFS

Computer Name: BETSY-PC | User Name: Betsy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/30 17:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/10/30 17:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/10/10 20:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/10/02 12:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/09/19 23:02:24 | 000,363,752 | ---- | M] (BillP Studios) -- C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2012/09/08 09:05:08 | 000,277,744 | ---- | M] (SpeedBit Ltd.) -- C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe
PRC - [2012/08/10 12:51:32 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Betsy\Desktop\OTL.exe
PRC - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/18 23:54:46 | 001,192,664 | ---- | M] () -- C:\Users\Betsy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012/07/09 02:16:02 | 001,240,848 | ---- | M] (Simply Super Software) -- C:\Program Files (x86)\Trojan Remover\Trjscan.exe
PRC - [2012/07/05 17:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2011/04/01 11:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
PRC - [2011/03/28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/12/20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/18 23:54:46 | 001,192,664 | ---- | M] () -- C:\Users\Betsy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MOD - [2012/06/20 16:23:00 | 000,599,419 | ---- | M] () -- C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/10/30 17:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012/09/22 02:22:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2011/08/05 12:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:64bit: - [2011/08/05 12:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:64bit: - [2011/08/05 12:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2010/11/20 22:24:51 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\snmp.exe -- (SNMP)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:41:10 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iprip.dll -- (iprip)
SRV:64bit: - [2009/07/13 20:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)
SRV:64bit: - [2009/07/13 20:39:20 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
SRV:64bit: - [2009/07/13 20:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV - [2012/11/09 14:49:17 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/11/03 18:45:05 | 000,115,168 | ---- | M] (Mozilla Foundation) [Auto | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/10 20:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/10/02 12:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/09/08 09:05:08 | 000,277,744 | ---- | M] (SpeedBit Ltd.) [Auto | Running] -- C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/05 17:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/06/29 13:56:24 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) [Auto | Running] -- C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe -- (cbVSCService11)
SRV - [2011/04/01 11:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/03/28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/12/20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/12/20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/11/20 22:25:10 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP)
SRV - [2010/11/20 22:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/11/20 22:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010/11/20 22:24:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/07/13 20:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/10/30 17:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/10/30 17:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/10/30 17:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/10/30 17:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/10/30 17:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/10/15 11:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/08/23 09:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 09:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 09:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/28 01:15:28 | 000,057,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/06/21 15:04:52 | 000,549,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SRS_AE_amd64.sys -- (SRS_AE_Service)
DRV:64bit: - [2012/05/25 12:14:24 | 000,057,976 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SBREDrv.sys -- (SBRE)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/07/22 11:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 16:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/05 16:35:20 | 000,253,528 | ---- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SbFw.sys -- (SbFw)
DRV:64bit: - [2011/04/05 16:35:20 | 000,094,296 | ---- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\sbtis.sys -- (SbTis)
DRV:64bit: - [2011/04/05 16:35:20 | 000,060,504 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbhips.sys -- (sbhips)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/08 08:14:20 | 000,084,568 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCLMP)
DRV:64bit: - [2011/02/08 08:14:20 | 000,084,568 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV:64bit: - [2011/01/25 10:28:10 | 000,172,648 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/12/10 00:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/12/10 00:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/10/19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:26:13 | 000,189,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://search.yahoo....Terms}&ei=UTF-8
IE - HKCU\..\SearchScopes\{69E424E0-00A7-4947-B195-4F925730EB75}: "URL" = http://search.yahoo....f-8&fr=chr-yie9
IE - HKCU\..\SearchScopes\{964BC362-3977-442B-A8F4-B4A61C7006F2}: "URL" = http://delicious.com...?p={searchTerms}
IE - HKCU\..\SearchScopes\{F63DAAF5-4E9D-4721-9213-881154A5E12B}: "URL" = http://www.flickr.co...?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultEngine: "Yahoo"
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=380920"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-tyc9"
FF - prefs.js..browser.search.param.yahoo-type: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/?fr=fp-tyc9"


FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017300.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/10/31 19:15:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files (x86)\SPEEDbit Video Downloader\SPFireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/11/11 21:38:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/11/11 21:38:14 | 000,000,000 | ---D | M]

[2012/02/14 03:53:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Extensions
[2012/11/29 01:33:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions
[2012/10/28 22:22:41 | 000,000,000 | ---D | M] (Browser Backgrounds) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\{3e0c7f3a-3f50-4730-beb5-4a9a10e2831c}
[2012/10/28 22:22:40 | 000,000,000 | ---D | M] (EPUBReader) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
[2012/10/28 22:22:39 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/11/29 01:33:27 | 000,000,000 | ---D | M] (Toolbar - Big Fish Games) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\{6847DFAE-037A-400c-A524-27F0A281B692}
[2012/10/28 22:22:38 | 000,000,000 | ---D | M] (Personas Rotator) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\{6e73f6b7-b9ab-44b8-b744-6393e3c2e351}
[2012/11/04 18:22:13 | 000,000,000 | ---D | M] (Fire.fm) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\{6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}
[2012/10/28 22:22:37 | 000,000,000 | ---D | M] (Theme Font &amp; Size Changer) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\{f69e22c7-bc50-414a-9269-0f5c344cd94c}
[2012/10/28 22:22:43 | 000,000,000 | ---D | M] ("Default Theme Engine - Personas Interactive") -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\[email protected]
[2012/10/28 22:22:42 | 000,000,000 | ---D | M] (Custom Buttons) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\[email protected]
[2012/10/28 22:22:42 | 000,000,000 | ---D | M] ("CyberSearch") -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\[email protected]
[2012/10/28 22:22:42 | 000,000,000 | ---D | M] (DoNotTrackPlus) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\[email protected]
[2012/10/28 22:22:42 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\[email protected]
[2012/10/28 22:22:41 | 000,000,000 | ---D | M] (MinimizeToTray revived (MinTrayR)) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\[email protected]
[2012/11/03 18:45:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/11/03 18:45:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2012/10/31 19:15:17 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/10/28 22:22:41 | 000,491,784 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\{15E67A59-BD3D-49AE-90DD-B3D3FD14C2ED}.XPI
[2012/11/16 17:58:57 | 000,342,379 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
[2012/10/28 22:22:40 | 000,269,659 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI
[2012/10/28 22:22:40 | 000,026,704 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\{4CC4A13B-94A6-7568-370D-5F9DE54A9C7F}.XPI
[2012/10/28 22:22:39 | 000,050,631 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\{54BB9F3F-07E5-486C-9B39-C7398B99391C}.XPI
[2012/10/28 22:22:37 | 000,008,283 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\{CD617372-6743-4EE4-BAC4-FBF60F35719E}.XPI
[2012/10/28 22:22:37 | 000,698,867 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
[2012/10/28 22:22:37 | 000,685,019 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\{EF4E370E-D9F0-4E00-B93E-A4F274CFDD5A}.XPI
[2012/10/28 22:22:43 | 000,065,631 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\[email protected]
[2012/10/28 22:22:43 | 000,047,822 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\[email protected]
[2012/10/28 22:22:42 | 000,363,041 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\[email protected]
[2012/10/28 22:22:43 | 000,073,806 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\[email protected]
[2012/10/28 22:22:42 | 000,059,702 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\[email protected]
[2012/10/28 22:22:42 | 000,052,174 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\[email protected]
[2012/10/28 22:22:42 | 000,637,327 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\[email protected]
[2012/10/28 22:22:41 | 000,174,405 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\[email protected]
[2012/10/28 22:22:41 | 000,101,213 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\[email protected]
[2012/10/28 22:22:41 | 000,113,112 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\[email protected]
[2012/10/28 23:12:42 | 000,330,316 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\[email protected]
[2012/10/28 22:22:41 | 000,621,521 | ---- | M] () (No name found) -- C:\USERS\BETSY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QJ012UU8.DEFAULT\EXTENSIONS\[email protected]
[2012/11/03 18:45:05 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/05/02 12:24:56 | 000,064,512 | ---- | M] (Kaneva, LLC.) -- C:\Program Files (x86)\mozilla firefox\plugins\npkanevapatch.dll
[2012/10/28 09:06:59 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/10/28 09:06:59 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Application Manager (Enabled) = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll
CHR - plugin: Chrome SVD extension (Enabled) = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcpfkccckpeeghiklnhienllljccglb\2.0.7_0\lib/npdownloaderchrome.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.1.0.10441_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Kaneva WOK Patch Plugin for Mozilla 3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npkanevapatch.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: AmazonMP3DownloaderPlugin (Enabled) = C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017300.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Google Translate = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\
CHR - Extension: Magic Actions for YouTube\u2122 = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif\5.6_0\
CHR - Extension: Radio = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\agljkoinmcdnopnlbhhjibjiablccgoh\1.0.56_0\
CHR - Extension: BIODIGITAL HUMAN = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak\0.9.5_0\
CHR - Extension: Ancient History Encyclopedia = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahggffalhoajbhlaogbplamaaghnncle\3_0\
CHR - Extension: IconSmash - Free Icons = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahphhkpleajnegckhjiogcpojdjimcob\1.0.2.1_0\
CHR - Extension: Theme Creator = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc\2.5_0\
CHR - Extension: TooManyTabs for Chrome = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp\1.9.5_0\
CHR - Extension: Lucidchart: Diagramming = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn\16_0\
CHR - Extension: Shortcuts for Google\u2122 = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\baohinapilmkigilbbbcccncoljkdpnd\1.6.4.2_0\
CHR - Extension: Sexy Undo Close Tab = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcennaiejdjpomgmmohhpgnjlmpcjmbg\7.2.3_0\
CHR - Extension: MindMeister = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdehgigffdnkjpaindemkaniebfaepjm\2.1.1_0\
CHR - Extension: Atari - Haunted House = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\befllnbglkekdmilmjehkplpgeikeibh\1.0_0\
CHR - Extension: TV = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh\1.0.11_0\
CHR - Extension: YouTube = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Bible = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\boljbeanmjklkbfnppfedajbgeongccb\1.8.7.2_0\
CHR - Extension: Delicous Emily's True Love HD = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbkdfjbbfbbepebmplhjeokaekmfokhn\1.0_0\
CHR - Extension: Radio Paradise HD = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfipoepojmpflbibfkabgamkgcppgao\2.0.1_0\
CHR - Extension: Add to Amazon Wish List = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.9_0\
CHR - Extension: Webpage & WebCam Screenshot = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki\5.7.3_0\
CHR - Extension: BookSliced = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbmmmggneafjbjafolahmjlniibamgm\1.1_0\
CHR - Extension: The Game Effect = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnmilalfobndenadgejhchfcpijninel\1.0.0.1_0\
CHR - Extension: Read Later Fast = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji\1.5.4_0\
CHR - Extension: Speed Dial = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi\2.5.2_0\
CHR - Extension: Millionaire City = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnfooibgchoaehnljhfhcbabjkhhbmhd\1_0\
CHR - Extension: Word Search = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnjkggjhcbohgnikmegjkodmakmimlkj\1.0.0.1_0\
CHR - Extension: Word Search = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnjkggjhcbohgnikmegjkodmakmimlkj\1.0.0.1_0\~
CHR - Extension: Free Online Games = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eciikokclglkbdhbmecaodaanacocdda\1.7_0\
CHR - Extension: NYTimes = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmphppfkcfflgglcokcbdkofpfegoel\1.2.4_0\
CHR - Extension: Search All = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eekjldapjblgadclklmgolijbagmdnfk\2.1.2_0\
CHR - Extension: Top Games = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\emcpcjoaklifiibimmjnkgcjecaocpnm\1.2.1_0\
CHR - Extension: Feltipen = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocigfodbakglnhcfokapbcgbmnjnnna\0.0.5_0\
CHR - Extension: Pandora = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl\1.0_0\
CHR - Extension: Causality Games = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\femoooemgmjaebeodbbikbkmhlafenpl\10_0\
CHR - Extension: Goodgame Disco Online = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbnbfnljfkkgnpbecdiinmdefkbnicj\1.0.1_0\
CHR - Extension: Stylish = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\1.0_0\
CHR - Extension: Sherwood Dungeon = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gchmabiifbainacfbjdnphikecbelkoo\0.0.0.4_0\
CHR - Extension: Digital Clock = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo\1.11_0\
CHR - Extension: Book of Love = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfmbikijideomibgfdepbdalhaapnbil\1.0_0\
CHR - Extension: MagicScroll eBook Reader = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble\3.0_0\
CHR - Extension: Baeblemusic = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdmgicikldcgknkaigdengedddmmoaak\4_0\
CHR - Extension: LastPass = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.14_0\
CHR - Extension: Creatures & Castles = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfpeacgpdnhofhebmincihdelcemhagd\2.0_0\
CHR - Extension: Music = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgakehlldcacnfhjampnkihibmkgclhk\1.1_0\
CHR - Extension: Flixster = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgbpjlnkjhllfgfdmieompodgaefjcfh\1.0.6_0\
CHR - Extension: Ravenwood Fair = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhajfjlfdpmjfnedhkohdicohafiffca\1.1_0\
CHR - Extension: NPR Infinite Player = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkpcelemhneoooapbbopolpjhmbfmnbf\2.1_0\
CHR - Extension: Rdio Enhancer = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmaalfaappddkggilhahaebfhdmmmngf\2.4.1_0\
CHR - Extension: Mystery Case Files: Madame Fate \u00AE = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjhpnaodhjkfpbhmjjakbngblomampb\1.3_0\
CHR - Extension: The Treasures Of Mystery Island = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpfeolpjfpphdekpgpjmaldmhekpklma\2.0.0_0\
CHR - Extension: Crackle = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic\7.1.3_0\
CHR - Extension: avast! WebRep = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Mind42 = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icodbndgedclejcmgnjfigcclgafddhh\2.0_0\
CHR - Extension: Who wants to be a Millionaire = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifihhnflimpkeflpbndflkopddiilnfh\2.3.1_0\
CHR - Extension: Escape the Mansion = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\igidehinggodbiknfganhbghapfcmgkg\1.0_0\
CHR - Extension: Game Free = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihbconfmkcefonlifkclkgmnhfpegghl\2.0.0_0\
CHR - Extension: The VW Beetle club = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihlacjigajombjbafklhimhglgnnmoaf\1_0\
CHR - Extension: 60 Minutes = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\imjhdahelgojehmfmkmdfjcpfbglbfmj\0.60_0\
CHR - Extension: Like.fm = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaofpdcblhcphmliigaphljgfibghldn\5_0\
CHR - Extension: Free & Powerful Website Builder - Breezi = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcddmlaijhcifebdodoofgaojgnahlhk\1.6.3_0\
CHR - Extension: Lord of Ultima = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced\1.0.12_0\
CHR - Extension: mydeco 3D planner = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfnniehafojoidolddmhfnpnbiolbppi\2.3_0\
CHR - Extension: Typing Test - KeyHero = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcieoaeooeidmpaopkpjpjfakidlabm\1.4.0_0\
CHR - Extension: Kobo Instant Reader = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jknhjclcchfapglhbceedkoldnkmmhcc\0.9.5_0\
CHR - Extension: Zombie Track Meat = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfhnfnjfdoplkgbkmibfkdjolnemfdk\1.0.1578.0_0\
CHR - Extension: Speed Dial 2 = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik\1.6.1.3_0\
CHR - Extension: The Raven = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kffogcmhohbenlbliifpbbcnnokgoaao\1.0.7_0\
CHR - Extension: Alarm Clock Radio = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kipdhcpepbpjaoggihaloebfjfafagmi\1.6_0\
CHR - Extension: Radio Paradise Now Playing = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjkilieinibghgmehadakcmdonfljmod\1.4_0\
CHR - Extension: Little Alchemy = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd\0.0.15.7_0\
CHR - Extension: LIFEYO = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lclfjapeleajldloiflhdagnfkmijmea\1.0.1_0\
CHR - Extension: TubeSnack - Online Video Player = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lepfcadhgpghgblgpffcmabpfckadmbd\1.3_0\
CHR - Extension: ourWorld = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lepkjinjcnnhflmcfgofdnmahpdeaeoh\1.2_0\
CHR - Extension: World Digital Library - UNESCO = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lganibdddhhoohdchmljgclacnfnkfgb\1.2.1_0\
CHR - Extension: TV for Google Chrome\u2122 = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe\2.0.1_0\
CHR - Extension: Moonlit Walks = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndjmafaijekcjbiffdpggipjbfjgdgk\1.2_0\
CHR - Extension: Google Maps = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Plink = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\loeiekheegipnnbcfbfkanbbegkhjjcm\1.0_0\
CHR - Extension: Lazarus: Form Recovery = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\loljledaigphbcpfhfmgopdkppkifgno\3.0.5_0\
CHR - Extension: Readable Colors = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\macccnigegaaklkmimficcofikbblncb\0.2_0\
CHR - Extension: Google Dictionary (by Google) = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.15_0\
CHR - Extension: Quick Note = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.2_0\
CHR - Extension: Halloween Match = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjlhdoefkldfpkoeknacliidcncfebac\1.4.2.27_0\
CHR - Extension: Mixify = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkjlbfglfefcmkmglakdocbgnggeieno\0.0.0.6_0\
CHR - Extension: Ghostery = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\4.1.0_0\
CHR - Extension: FastestChrome - Browse Faster = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\7.0.0_0\
CHR - Extension: Google Play Books = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb\1.1.8_0\
CHR - Extension: Princess Match = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnclclbcpgdlfbdacfgfolncclkbjcge\1.4.2.16_0\
CHR - Extension: My Time Organizer = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbgjpoemniodpkigbjkleiaoifclhfdm\1.0.3_0\
CHR - Extension: Incredible StartPage - Productive Start Page for Chrome! = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdfeghkpohnalmpblddmnppfooljekh\1.6.2_0\
CHR - Extension: Pirates Glory = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhbbhdhkbdhdnegpeadgangnbomcegca\0.5_0\
CHR - Extension: Pocket (formerly Read It Later) = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj\1.1.3_0\
CHR - Extension: Late Brew Arcade = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbiifknneldgebafkhdmimldbhnndgd\1.1_0\
CHR - Extension: Vilanoise TV = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlpooomomkhnelcnlomcoffaaofhfmmf\1.2.0.2_0\
CHR - Extension: Free Games = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nndbdckmkellfcokfnndfmgbcajkpffi\1.4_0\
CHR - Extension: TypingClub = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\obdbgibnhfcjmmpfijkpcihjieedpfah\4.0_0\
CHR - Extension: Picky Wallpapers = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\odklcfojpedohplkimfdpcamkjnhanaj\1.0.0_0\
CHR - Extension: Free Games = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\odnlkojnclefkippkkijniiobhpappnm\1.0_0\
CHR - Extension: My Chrome Theme = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic\1.1.0_0\
CHR - Extension: Print Friendly & PDF = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlencieiipommannpdfcmfdpjjmeolj\2.2_0\
CHR - Extension: Type Fu = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\okboeogmnhjpgbeaokfogelclpblaemo\2.0.0_0\
CHR - Extension: My Empire Online = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ophdpgigffhilllbappafifipjlobgoh\1.1_0\
CHR - Extension: Thesaurus = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pddaeeclcbikcegjhhgocgkakehngcem\1.4_0\
CHR - Extension: Psykopaint = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0\
CHR - Extension: Psykopaint = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0\.bak
CHR - Extension: The Key for YouTube\u2122 = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmnfpmhdanicbahccgohnanecaphfmb\0.6.7_0\
CHR - Extension: Google Reader = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm\4.4_0\
CHR - Extension: TuneYou Radio = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\plaapjbgohfgkalmmjpakodbpomahebn\2.5_0\

O1 HOSTS File: ([2012/12/07 02:04:48 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Toolbar - Big Fish Games) - {C7C9FC25-88B0-4682-9C9F-2608E9117647} - C:\Program Files (x86)\bfgbartb\BfgBarDx.dll ()
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files (x86)\IObit Toolbar\IE\6.3\iobitToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Toolbar - Big Fish Games) - {C7C9FC25-88B0-4682-9C9F-2608E9117647} - C:\Program Files (x86)\bfgbartb\BfgBarDx.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (Copernic Agent) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Copernic Agent) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O4:64bit: - HKLM..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKCU..\Run: [SkyDrive] C:\Users\Betsy\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Betsy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\Program Files (x86)\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.)
O9 - Extra Button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\Program Files (x86)\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)
O15 - HKCU\..Trusted Domains: netflix.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: secondlife.com ([www] https in Trusted sites)
O16:64bit: - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Reg Error: Key error.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2DA3C4AB-E6B6-47A6-B0F3-1BD81524B51B} http://www.activewor...ldsDownload.cab (ActiveWorldsDownload Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5E9B35FA-AE15-4EA9-9A05-2769738C5599}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5E9B35FA-AE15-4EA9-9A05-2769738C5599}: NameServer = 8.8.8.8,4.2.2.1
O18:64bit: - Protocol\Handler\copernicagent - No CLSID value found
O18:64bit: - Protocol\Handler\copernicagentcache - No CLSID value found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O18 - Protocol\Handler\copernicagent {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O18 - Protocol\Handler\copernicagentcache {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/06 06:07:11 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Roaming\TuneUp Software
[2012/12/06 06:07:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013
[2012/12/06 06:06:35 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012/12/06 06:05:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2012/12/02 21:14:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/12/02 21:13:30 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/12/02 21:13:30 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/12/02 21:13:30 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012/11/29 01:33:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\bfgbartb
[2012/11/29 01:24:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/11/29 01:22:53 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/11/22 16:22:13 | 000,000,000 | ---D | C] -- C:\Users\Betsy\Documents\My Kindle Content
[2012/11/22 16:21:55 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
[2012/11/22 16:21:43 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Local\Amazon
[2012/11/20 08:13:43 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Roaming\ParetoLogic
[2012/11/20 08:11:48 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2012/11/12 07:12:59 | 000,000,000 | ---D | C] -- C:\Program Files\WOT
[2012/11/12 07:12:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WOT
[2012/11/12 06:56:26 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Roaming\WinPatrol
[2012/11/12 06:56:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
[2012/11/12 06:56:13 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2012/11/12 06:56:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BillP Studios
[2012/11/11 21:38:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/11/11 21:38:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime

========== Files - Modified Within 30 Days ==========

[2012/12/07 02:25:43 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/07 02:25:43 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/07 02:18:19 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/07 02:18:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/07 02:17:57 | 3206,475,776 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/07 02:04:48 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/12/07 02:03:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/07 01:36:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/06 04:28:23 | 000,157,668 | ---- | M] () -- C:\Users\Betsy\Documents\sfpp_pac_authorization-signed.pdf
[2012/12/02 21:14:00 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/11/30 14:37:49 | 000,002,302 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/11/29 01:32:48 | 000,000,059 | ---- | M] () -- C:\ProgramData\user.ini
[2012/11/28 18:52:59 | 000,794,642 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/11/28 18:52:59 | 000,674,532 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/11/28 18:52:59 | 000,122,020 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/11/27 21:31:59 | 000,023,399 | ---- | M] () -- C:\Users\Betsy\Documents\Download-16-Starting-Your-Novel-Right.pdf
[2012/11/22 22:43:04 | 000,384,112 | ---- | M] () -- C:\Users\Betsy\Documents\The Trust Factor.pdf
[2012/11/22 16:22:00 | 000,002,193 | ---- | M] () -- C:\Users\Betsy\Desktop\Kindle.lnk
[2012/11/20 11:43:59 | 000,001,441 | ---- | M] () -- C:\Users\Betsy\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/11/18 03:37:53 | 000,412,624 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/11/17 20:44:05 | 000,001,958 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/11/17 20:44:02 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/11/11 21:38:08 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

========== Files Created - No Company Name ==========

[2012/12/06 04:28:23 | 000,157,668 | ---- | C] () -- C:\Users\Betsy\Documents\sfpp_pac_authorization-signed.pdf
[2012/11/29 01:32:48 | 000,000,059 | ---- | C] () -- C:\ProgramData\user.ini
[2012/11/27 21:31:59 | 000,023,399 | ---- | C] () -- C:\Users\Betsy\Documents\Download-16-Starting-Your-Novel-Right.pdf
[2012/11/22 16:22:00 | 000,002,193 | ---- | C] () -- C:\Users\Betsy\Desktop\Kindle.lnk
[2012/11/20 11:43:58 | 000,001,413 | ---- | C] () -- C:\Users\Betsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/11/18 03:10:41 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/18 03:01:25 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/09/27 19:50:58 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2012/09/08 08:50:21 | 000,109,256 | ---- | C] () -- C:\Windows\SysWow64\EasyHook64.dll
[2012/09/08 08:50:21 | 000,090,824 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll
[2012/08/29 03:26:47 | 000,552,290 | ---- | C] () -- C:\Windows\hpoins28.dat
[2012/07/26 13:26:41 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\SBRC.dat
[2012/07/19 07:14:02 | 000,000,000 | ---- | C] () -- C:\Users\Betsy\defogger_reenable
[2012/05/06 23:50:55 | 000,165,380 | ---- | C] () -- C:\Windows\hpoins28.dat.temp
[2012/05/06 23:50:55 | 000,000,442 | ---- | C] () -- C:\Windows\hpomdl28.dat.temp
[2012/03/29 21:45:37 | 000,142,456 | ---- | C] () -- C:\Windows\hpwins10.dat
[2012/03/29 21:45:37 | 000,000,372 | ---- | C] () -- C:\Windows\hpwmdl10.dat
[2012/02/18 20:13:59 | 000,007,600 | ---- | C] () -- C:\Users\Betsy\AppData\Local\resmon.resmoncfg
[2012/02/14 01:45:40 | 000,109,782 | ---- | C] () -- C:\Windows\CopernicAgentUninstall.exe
[2012/02/08 01:42:30 | 000,187,432 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/02/07 23:48:42 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar36.dll
[2012/02/07 23:48:42 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\ztvunace26.dll
[2012/02/07 23:48:42 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\unacev2.dll
[2012/02/07 23:48:41 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\unrar3.dll
[2012/02/02 22:15:12 | 000,000,110 | ---- | C] () -- C:\Users\Betsy\webct_upload_applet.properties
[2012/02/01 21:34:08 | 000,759,634 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/31 15:52:02 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/01/31 15:52:02 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012/01/31 15:52:02 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/01/31 15:52:02 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/01/31 14:46:58 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012/01/31 14:46:51 | 000,023,898 | ---- | C] () -- C:\Windows\Ascd_tmp.ini

========== LOP Check ==========

[2012/03/09 18:13:08 | 000,000,000 | ---D | M] -- C:\Users\Betsy\AppData\Roaming\Amazon
[2012/02/01 08:42:42 | 000,000,000 | ---D | M] -- C:\Users\Betsy\AppData\Roaming\Auslogics
[2012/02/14 03:22:45 | 000,000,000 | ---D | M] -- C:\Users\Betsy\AppData\Roaming\Copernic
[2012/05/04 20:06:39 | 000,000,000 | ---D | M] -- C:\Users\Betsy\AppData\Roaming\DarkRitualGuide
[2012/07/08 07:11:30 | 000,000,000 | ---D | M] -- C:\Users\Betsy\AppData\Roaming\DMCache
[2012/07/20 00:20:31 | 000,000,000 | ---D | M] -- C:\Users\Betsy\AppData\Roaming\DriverCure
[2012/07/08 12:11:09 | 000,000,000 | ---D | M] -- C:\Users\Betsy\AppData\Roaming\IDM
[2012/09/29 23:51:29 | 000,000,000 | ---D | M] -- C:\Users\Betsy\AppData\Roaming\IObit
[2012/09/12 03:06:32 | 000,000,000 | ---D | M] -- C:\Users\Betsy\AppData\Roaming\Kaneva
[2012/05/08 22:29:19 | 000,000,000 | ---D | M] -- C:\Users\Betsy\AppData\Roaming\Opera
[2012/11/20 08:13:43 | 000,000,000 | ---D | M] -- C:\Users\Betsy\AppData\Roaming\ParetoLogic
[2012/02/18 20:52:37 | 000,000,000 | ---D | M] -- C:\Users\Betsy\AppData\Roaming\SecondLife
[2012/02/07 23:59:50 | 000,000,000 | ---D | M] -- C:\Users\Betsy\AppData\Roaming\Simply Super Software
[2012/04/06 03:26:34 | 000,000,000 | ---D | M] -- C:\Users\Betsy\AppData\Roaming\SoundSpectrum
[2012/07/20 00:20:31 | 000,000,000 | ---D | M] -- C:\Users\Betsy\AppData\Roaming\SpeedyPC Software
[2012/07/19 03:35:05 | 000,000,000 | ---D | M] -- C:\Users\Betsy\AppData\Roaming\Spotify
[2012/12/06 06:07:11 | 000,000,000 | ---D | M] -- C:\Users\Betsy\AppData\Roaming\TuneUp Software
[2012/05/03 03:38:32 | 000,000,000 | ---D | M] -- C:\Users\Betsy\AppData\Roaming\TuneUpMedia
[2012/02/05 01:28:09 | 000,000,000 | ---D | M] -- C:\Users\Betsy\AppData\Roaming\Windows Live Writer
[2012/11/13 19:18:30 | 000,000,000 | ---D | M] -- C:\Users\Betsy\AppData\Roaming\WinPatrol
[2012/07/17 08:36:51 | 000,000,000 | ---D | M] -- C:\Users\Betsy\AppData\Roaming\YourFileDownloader
[2012/02/14 03:23:36 | 000,000,423 | -H-- | M] () -- C:\Windows\Tasks\1 Copernic Intra-Daily ~Betsy-PC Betsy.job
[2012/02/14 03:23:36 | 000,000,399 | -H-- | M] () -- C:\Windows\Tasks\2 Copernic Daily ~Betsy-PC Betsy.job
[2012/02/14 03:23:36 | 000,000,404 | -H-- | M] () -- C:\Windows\Tasks\3 Copernic Weekly ~Betsy-PC Betsy.job
[2012/02/14 03:23:36 | 000,000,409 | -H-- | M] () -- C:\Windows\Tasks\4 Copernic Monthly ~Betsy-PC Betsy.job
[2012/12/05 22:18:38 | 000,032,630 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/07/20 00:20:19 | 000,000,420 | ---- | M] () -- C:\Windows\Tasks\SpeedyPC Pro.job
[2012/07/20 00:20:35 | 000,000,444 | ---- | M] () -- C:\Windows\Tasks\SpeedyPC Registration3.job
[2012/07/20 00:20:19 | 000,000,464 | ---- | M] () -- C:\Windows\Tasks\SpeedyPC Update Version3.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 233 bytes -> C:\ProgramData\TEMP:6E2D80C8
@Alternate Data Stream - 210 bytes -> C:\ProgramData\TEMP:CB0AACC9
@Alternate Data Stream - 208 bytes -> C:\ProgramData\TEMP:F8780B24
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:862BDB1A
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:56E2E879

< End of report >



  • 0

#97
betsym
Posted 07 December 2012 - 02:26 AM

betsym

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 153 posts
Would I benefit from a program like Tune-Up Utilities 2013?
  • 0

#98
Essexboy
Posted 07 December 2012 - 03:41 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
There is no malware apparent, what are your current problems

Reference tune up utilities then I would use that with caution as changing the wrong setting could cause problems
  • 0

#99
betsym
Posted 11 December 2012 - 12:00 AM

betsym

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 153 posts
I only used the trial vervion of Tune-up utilities for a few days and then deleted it because I was afraid it might mess up my settings, like you said. I'm not having any problems at the moment. I know you said that I have a lot of tool-bar add ons but when I go to manage add-ons, I only see the Yahoo tool bar activated. I had deactivated the Bing tool bar and I thought I had deleted the Babylon tool bar but not sure, since it's not listed. Would the tool-bars possibly be in with all those add-ons I have in Google Chrome?I think I deactivated the Google Chrome tool-bar also. Is there any program you'd recomment that would manage all my add-ons and start-up programs without changing any important settings?

Edited by betsym, 11 December 2012 - 12:01 AM.

  • 0

#100
Essexboy
Posted 11 December 2012 - 08:55 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
For startup managers there are several listed here of the two I would recommend either soluto or autoruns

For IE I would recommend that you upgrade to IE10

Tips on how to disable addons/.extensions can be found here

To remove any bad toolbars then run the following programme

CLEAR THE BAD TOOLBARS

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that
  • 0

Advertisements

#101
Essexboy
Posted 20 December 2012 - 09:28 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#102
Essexboy
Posted 04 March 2013 - 08:53 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
User returned
  • 0

#103
betsym
Posted 04 March 2013 - 12:34 PM

betsym

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 153 posts
OTL logfile created on: 3/4/2013 1:27:40 PM - Run 8OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Betsy\Desktop64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstationInternet Explorer (Version = 9.0.8112.16421)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.98 Gb Total Physical Memory | 2.77 Gb Available Physical Memory | 69.68% Memory free7.96 Gb Paging File | 6.50 Gb Available in Paging File | 81.65% Paging File freePaging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 931.41 Gb Total Space | 687.85 Gb Free Space | 73.85% Space Free | Partition Type: NTFS Computer Name: BETSY-PC | User Name: Betsy | Logged in as Administrator.Boot Mode: Normal | Scan Mode: Current user | Include 64bit ScansCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/03/03 20:03:50 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exePRC - [2013/03/03 20:01:47 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exePRC - [2013/03/03 20:01:28 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exePRC - [2013/03/03 20:01:26 | 000,385,248 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exePRC - [2013/02/15 08:47:47 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Betsy\Desktop\OTL.exePRC - [2013/02/08 15:10:08 | 001,644,680 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exePRC - [2012/12/31 07:39:10 | 001,199,576 | ---- | M] (Spotify Ltd) -- C:\Users\Betsy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exePRC - [2012/12/19 10:22:28 | 000,295,072 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exePRC - [2012/12/16 12:04:54 | 029,379,032 | ---- | M] (SlimWare Utilities, Inc.) -- C:\Program Files (x86)\SlimDrivers\SlimDrivers.exePRC - [2012/10/15 15:37:42 | 000,525,240 | ---- | M] (NDS Technologies) -- C:\Users\Betsy\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exePRC - [2012/10/15 15:37:38 | 006,442,920 | ---- | M] () -- C:\Users\Betsy\AppData\Local\DIRECTV Player\NDSPCShowServer.exePRC - [2012/09/19 23:02:24 | 000,363,752 | ---- | M] (BillP Studios) -- C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe ========== Modules (No Company Name) ========== MOD - [2012/10/15 15:39:00 | 000,091,536 | ---- | M] () -- C:\Users\Betsy\AppData\Local\DIRECTV Player\z.dllMOD - [2012/10/15 15:38:54 | 000,273,824 | ---- | M] () -- C:\Users\Betsy\AppData\Local\DIRECTV Player\ndsLogStore.dllMOD - [2012/10/15 15:38:52 | 001,402,784 | ---- | M] () -- C:\Users\Betsy\AppData\Local\DIRECTV Player\libxml2-2.dllMOD - [2012/10/15 15:38:34 | 000,688,560 | ---- | M] () -- C:\Users\Betsy\AppData\Local\DIRECTV Player\libgstreamer-0.10.dllMOD - [2012/10/15 15:37:54 | 007,123,880 | ---- | M] () -- C:\Users\Betsy\AppData\Local\DIRECTV Player\gsttspplugin.dllMOD - [2012/10/15 15:37:38 | 006,442,920 | ---- | M] () -- C:\Users\Betsy\AppData\Local\DIRECTV Player\NDSPCShowServer.exeMOD - [2012/10/15 15:37:32 | 002,203,048 | ---- | M] () -- C:\Users\Betsy\AppData\Local\DIRECTV Player\DrmSingleton.dllMOD - [2012/06/20 16:23:00 | 000,599,419 | ---- | M] () -- C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dllMOD - [2011/11/01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dllMOD - [2011/11/01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - File not found [Disabled | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)SRV:64bit: - [2012/06/19 19:10:34 | 000,634,632 | ---- | M] (Intel® Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®SRV:64bit: - [2011/08/05 12:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)SRV:64bit: - [2011/08/05 12:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)SRV:64bit: - [2011/08/05 12:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)SRV:64bit: - [2010/11/20 22:24:51 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\snmp.exe -- (SNMP)SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)SRV:64bit: - [2009/07/13 20:41:10 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iprip.dll -- (iprip)SRV:64bit: - [2009/07/13 20:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)SRV:64bit: - [2009/07/13 20:39:20 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)SRV:64bit: - [2009/07/13 20:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)SRV - [2013/03/03 20:03:50 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)SRV - [2013/03/03 20:01:47 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)SRV - [2013/03/03 20:01:28 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)SRV - [2013/03/01 20:31:25 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)SRV - [2013/02/05 00:12:49 | 000,115,608 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)SRV - [2013/01/10 14:33:08 | 001,503,856 | ---- | M] (Tific AB) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Tific\Tific Client G1\Tific System Service.exe -- (Tific System Service)SRV - [2012/12/29 02:53:20 | 000,383,416 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)SRV - [2012/12/18 09:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)SRV - [2012/11/29 20:31:04 | 000,038,608 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)SRV - [2012/09/08 09:05:08 | 000,277,744 | ---- | M] (SpeedBit Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)SRV - [2012/07/05 17:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)SRV - [2012/06/29 13:56:24 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) [Disabled | Stopped] -- C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe -- (cbVSCService11)SRV - [2010/11/20 22:25:10 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP)SRV - [2010/11/20 22:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)SRV - [2010/11/20 22:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)SRV - [2010/11/20 22:24:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)SRV - [2009/07/13 20:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)SRV - [1999/12/31 19:00:00 | 001,260,472 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)SRV - [1999/12/31 19:00:00 | 000,365,376 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)SRV - [1999/12/31 19:00:00 | 000,277,824 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) ========== Driver Services (SafeList) ========== DRV:64bit: - File not found [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS -- (SASKUTIL)DRV:64bit: - File not found [Kernel | System | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS -- (SASDIFSV)DRV:64bit: - [2013/03/04 13:11:02 | 000,015,712 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)DRV:64bit: - [2013/03/03 20:05:10 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)DRV:64bit: - [2013/03/03 20:05:10 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)DRV:64bit: - [2013/03/03 20:05:08 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)DRV:64bit: - [2012/08/23 09:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)DRV:64bit: - [2012/08/23 09:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)DRV:64bit: - [2012/08/23 09:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)DRV:64bit: - [2012/07/28 01:15:28 | 000,057,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)DRV:64bit: - [2012/06/21 15:04:52 | 000,549,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SRS_AE_amd64.sys -- (SRS_AE_Service)DRV:64bit: - [2012/05/25 12:14:24 | 000,057,976 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SBREDrv.sys -- (SBRE)DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)DRV:64bit: - [2011/04/05 16:35:20 | 000,253,528 | ---- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SbFw.sys -- (SbFw)DRV:64bit: - [2011/04/05 16:35:20 | 000,094,296 | ---- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\sbtis.sys -- (SbTis)DRV:64bit: - [2011/04/05 16:35:20 | 000,060,504 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbhips.sys -- (sbhips)DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)DRV:64bit: - [2011/02/08 08:14:20 | 000,084,568 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCLMP)DRV:64bit: - [2011/02/08 08:14:20 | 000,084,568 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCL)DRV:64bit: - [2010/12/10 00:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)DRV:64bit: - [2010/12/10 00:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)DRV:64bit: - [2009/12/30 10:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)DRV:64bit: - [2009/07/13 19:26:13 | 000,189,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)DRV:64bit: - [1999/12/31 19:00:00 | 000,553,576 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)DRV:64bit: - [1999/12/31 19:00:00 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)DRV:64bit: - [1999/12/31 19:00:00 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)DRV - [2012/08/02 14:57:30 | 000,056,136 | ---- | M] (Exent Technologies Ltd.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Free Ride Games\X5XSEx_Pr143.sys -- (X5XSEx_Pr143)DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htmIE - HKLM\..\SearchScopes,DefaultScope = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-usIE - HKCU\..\URLSearchHook: - No CLSID value foundIE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value foundIE - HKCU\..\SearchScopes,DefaultScope = {69E424E0-00A7-4947-B195-4F925730EB75}IE - HKCU\..\SearchScopes\{69E424E0-00A7-4947-B195-4F925730EB75}: "URL" = http://search.yahoo....8&fr=chr-yie9IE - HKCU\..\SearchScopes\{964BC362-3977-442B-A8F4-B4A61C7006F2}: "URL" = http://delicious.com...{searchTerms}IE - HKCU\..\SearchScopes\{E2136C65-D1AE-40F0-85D1-105170CACECC}: "URL" = http://search.condui...8470825136270IE - HKCU\..\SearchScopes\{F63DAAF5-4E9D-4721-9213-881154A5E12B}: "URL" = http://www.flickr.co...{searchTerms}IE - HKCU\..\SearchScopes\{FE59D570-2F30-419F-9AF5-C95A52720E4B}: "URL" = http://websearch.ask...-11120C34AAD6IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultEngine: "Yahoo"FF - prefs.js..browser.search.order.1: "Ask.com"FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=380920"FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-tyc9"FF - prefs.js..browser.search.param.yahoo-type: ""FF - prefs.js..browser.startup.homepage: "http://search.avira....locale=en_US"FF - prefs.js..browser.search.defaulturl: "http://search.condui...searchTerms}"FF - prefs.js..browser.search.defaultthis.engineName: "WhiteSmoke B Customized Web Search"FF - prefs.js..browser.search.selectedEngine: "Ask.com"FF - prefs.js..CT3279141.browser.search.defaultthis.engineName: "true"FF - prefs.js..browser.search.defaultengine: "Ask.com"FF - prefs.js..browser.search.defaultenginename: "Ask.com"FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not foundFF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF - HKLM\Software\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0: C:\Program Files (x86)\Free Ride Games\npExentCtl.dll (Exent Technologies Ltd.)FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF - HKLM\Software\MozillaPlugins\www.exent.com/GameTreatWidget: C:\Program Files (x86)\Free Ride Games\NPGameTreatPlugin.dll File not foundFF - HKCU\Software\MozillaPlugins\@nds.com/PCShowPlugin: C:\Users\Betsy\AppData\Local\DIRECTV Player\npPCShowPlugin.dll File not foundFF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Users\Betsy\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Users\Betsy\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files (x86)\SPEEDbit Video Downloader\SPFireFoxFF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2012/12/19 10:22:54 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/02 23:49:06 | 000,000,000 | ---D | M]FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/03/01 20:02:20 | 000,000,000 | ---D | M] [2012/02/14 03:53:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Extensions[2013/03/02 17:47:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions[2013/02/05 00:09:53 | 000,000,000 | ---D | M] (Browser Backgrounds) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\{3e0c7f3a-3f50-4730-beb5-4a9a10e2831c}[2012/10/28 22:22:40 | 000,000,000 | ---D | M] (EPUBReader) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}[2012/10/28 22:22:39 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}[2012/11/29 01:33:27 | 000,000,000 | ---D | M] (Toolbar - Big Fish Games) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\{6847DFAE-037A-400c-A524-27F0A281B692}[2013/02/05 00:09:34 | 000,000,000 | ---D | M] (Personas Rotator) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\{6e73f6b7-b9ab-44b8-b744-6393e3c2e351}[2012/11/04 18:22:13 | 000,000,000 | ---D | M] (Fire.fm) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\{6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}[2013/03/02 17:47:37 | 000,000,000 | ---D | M] (WhiteSmoke B) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\{f0e59437-6148-4a98-b0a6-60d557ef57f4}[2012/12/23 05:40:53 | 000,000,000 | ---D | M] (Theme Font & Size Changer) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\{f69e22c7-bc50-414a-9269-0f5c344cd94c}[2013/02/05 00:10:27 | 000,000,000 | ---D | M] ("Default Theme Engine - Personas Interactive") -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\[email protected][2012/10/28 22:22:42 | 000,000,000 | ---D | M] (Custom Buttons) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\[email protected][2012/10/28 22:22:42 | 000,000,000 | ---D | M] ("CyberSearch") -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\[email protected][2012/12/20 20:01:06 | 000,000,000 | ---D | M] (DoNotTrackMe) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\[email protected][2013/02/05 00:10:08 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\[email protected][2013/03/02 17:47:17 | 000,000,000 | ---D | M] (GetSavin) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\getsavin@jetpack[2012/12/20 20:01:01 | 000,000,000 | ---D | M] (MinimizeToTray revived (MinTrayR)) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\[email protected][2013/02/05 01:51:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\staged[2013/03/01 12:49:08 | 000,000,000 | ---D | M] (Tidy Network) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\tidynetwork@tidynetwork[2013/03/03 20:41:51 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\extensions\[email protected][2013/03/03 20:41:51 | 000,002,344 | ---- | M] () -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\searchplugins\askcom.xml[2013/03/02 17:47:44 | 000,001,001 | ---- | M] () -- C:\Users\Betsy\AppData\Roaming\Mozilla\Firefox\Profiles\qj012uu8.default\searchplugins\conduit.xml[2012/12/20 20:21:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions[2013/02/05 00:12:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions[2013/02/05 01:07:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions[2013/02/05 01:07:49 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}[2013/02/05 01:07:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\distribution\extensions[2013/02/05 00:12:50 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll[2012/10/19 18:18:49 | 000,248,192 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll[2012/05/02 12:24:56 | 000,064,512 | ---- | M] (Kaneva, LLC.) -- C:\Program Files (x86)\mozilla firefox\plugins\npkanevapatch.dll[2012/10/19 18:18:57 | 000,248,192 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll[2013/02/05 00:12:46 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml[2013/02/05 00:12:46 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - default_search_provider: Conduit (Enabled)CHR - default_search_provider: search_url = http://search.condui...3279141&UM=2CHR - default_search_provider: suggest_url = http://suggest.searc...Suggest.ashx?q=[{searchTerms}]CHR - homepage: http://search.avira....locale=en_USCHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dllCHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewerCHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dllCHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\pdf.dllCHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dllCHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\plugins\npMozCouponPrinter.dllCHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dllCHR - plugin: Kaneva WOK Patch Plugin for Mozilla 3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npkanevapatch.dllCHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dllCHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dllCHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dllCHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dllCHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dllCHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dllCHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dllCHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLLCHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLLCHR - plugin: AmazonMP3DownloaderPlugin (Enabled) = C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dllCHR - plugin: Exent\u00AE AOD Gecko Plugin (Enabled) = C:\Program Files (x86)\Free Ride Games\npExentCtl.dllCHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dllCHR - plugin: Java™ Platform SE 7 U15 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllCHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dllCHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dllCHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dllCHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dllCHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dllCHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllCHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dllCHR - plugin: RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dllCHR - plugin: RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dllCHR - plugin: RealNetworks™ RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dllCHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dllCHR - plugin: PCShow Player Plugin (Enabled) = C:\Users\Betsy\AppData\Local\DIRECTV Player\npPlayerPlugin.dllCHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dllCHR - plugin: Java Deployment Toolkit 7.0.150.3 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dllCHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dllCHR - Extension: SpeedBit Video Downloader = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcpfkccckpeeghiklnhienllljccglb\2.0.7_0\CHR - Extension: RealDownloader = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0\CHR - Extension: Skype Click to Call = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.1.0.10441_0\CHR - Extension: WhiteSmoke B = C:\Users\Betsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelbclnhkbhlhikfmpmbakbgeonbjjnp\10.14.251.3_0\ O1 HOSTS File: ([2013/03/01 23:14:14 | 000,000,019 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hostsO1 - Hosts: 127.0.0.1 localhostO2:64bit: - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)O2 - BHO: (Toolbar - Big Fish Games) - {C7C9FC25-88B0-4682-9C9F-2608E9117647} - C:\Program Files (x86)\bfgbartb\BfgBarDx.dll ()O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll ()O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)O2 - BHO: (GetSavin 5.0) - {F1550CF4-9742-4EF9-99BA-EC178AD78F9B} - C:\Users\Betsy\AppData\Local\getsavin\ie\getsavin_1362264002.dll ()O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)O3:64bit: - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()O3 - HKLM\..\Toolbar: (Toolbar - Big Fish Games) - {C7C9FC25-88B0-4682-9C9F-2608E9117647} - C:\Program Files (x86)\bfgbartb\BfgBarDx.dll ()O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)O3 - HKLM\..\Toolbar: (Copernic Agent) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.O3:64bit: - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)O3 - HKCU\..\Toolbar\WebBrowser: (Copernic Agent) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)O4:64bit: - HKLM..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)O4 - HKLM..\Run: [] File not foundO4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)O4 - HKCU..\Run: [GoogleChromeAutoLaunch_0A5F8865FCC28F04CD315B29B2948A97] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)O4 - HKCU..\Run: [PCShowServer] C:\Users\Betsy\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe (NDS Technologies)O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Betsy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions presentO6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145O9 - Extra 'Tools' menuitem : Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\Program Files (x86)\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.)O9 - Extra Button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\Program Files (x86)\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.)O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - %SystemRoot%\System32\nwprovau.dll File not foundO10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll (SPEEDbit)O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)O15 - HKCU\..Trusted Domains: netflix.com ([]* in Trusted sites)O15 - HKCU\..Trusted Domains: secondlife.com ([www] https in Trusted sites)O16:64bit: - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (Reg Error: Key error.)O16:64bit: - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Reg Error: Key error.)O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)O16 - DPF: {2DA3C4AB-E6B6-47A6-B0F3-1BD81524B51B} http://www.activewor...ldsDownload.cab (ActiveWorldsDownload Control)O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 97.64.209.36 97.64.168.13O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5E9B35FA-AE15-4EA9-9A05-2769738C5599}: DhcpNameServer = 97.64.209.36 97.64.168.13O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5E9B35FA-AE15-4EA9-9A05-2769738C5599}: NameServer = 8.8.8.8,4.2.2.1O18:64bit: - Protocol\Handler\copernicagent - No CLSID value foundO18:64bit: - Protocol\Handler\copernicagentcache - No CLSID value foundO18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value foundO18:64bit: - Protocol\Handler\livecall - No CLSID value foundO18:64bit: - Protocol\Handler\ms-help - No CLSID value foundO18:64bit: - Protocol\Handler\msnim - No CLSID value foundO18:64bit: - Protocol\Handler\skype4com - No CLSID value foundO18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value foundO18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value foundO18:64bit: - Protocol\Handler\wlpg - No CLSID value foundO18:64bit: - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()O18 - Protocol\Handler\copernicagent {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)O18 - Protocol\Handler\copernicagentcache {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not foundO20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not foundO32 - HKLM CDRom: AutoRun - 1O34 - HKLM BootExecute: (autocheck autochk *)O35:64bit: - HKLM\..comfile [open] -- "%1" %*O35:64bit: - HKLM\..exefile [open] -- "%1" %*O35 - HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1" %*O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*O37 - HKLM\...com [@ = comfile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1" %*O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/03/04 05:13:22 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Roaming\MusicOasis[2013/03/04 05:13:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MusicOasis[2013/03/04 05:13:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR[2013/03/04 05:09:56 | 000,000,000 | ---D | C] -- C:\ProgramData\APN[2013/03/03 21:04:58 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Local\DoNotTrackPlus[2013/03/03 20:42:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira[2013/03/03 20:41:35 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Local\AskToolbar[2013/03/03 20:39:36 | 000,129,216 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys[2013/03/03 20:39:36 | 000,099,912 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys[2013/03/03 20:39:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira[2013/03/03 02:32:44 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Roaming\Avira[2013/03/03 02:32:05 | 000,114,608 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avfwim.sys[2013/03/03 02:32:05 | 000,027,800 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys[2013/03/03 02:32:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira[2013/03/03 02:27:19 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Local\AviraSpeedup[2013/03/02 22:49:32 | 000,000,000 | ---D | C] -- C:\ProgramData\bomgar-scc-000000005132C84C[2013/03/02 22:44:21 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft[2013/03/02 18:38:55 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Local\VS Revo Group[2013/03/02 18:38:51 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys[2013/03/02 18:38:51 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group[2013/03/02 18:38:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro[2013/03/02 18:38:50 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group[2013/03/02 18:38:28 | 009,918,712 | ---- | C] (VS Revo Group ) -- C:\Users\Betsy\Desktop\RevoUninProSetup.exe[2013/03/02 17:48:50 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Local\SwvUpdater[2013/03/02 17:48:35 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Local\Conduit[2013/03/02 17:48:22 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Local\CRE[2013/03/02 17:47:49 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller[2013/03/02 17:47:16 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Local\getsavin[2013/03/02 17:43:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Tific[2013/03/02 16:46:38 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Roaming\Tific[2013/03/02 16:46:38 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Local\Tific[2013/03/02 16:46:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tific[2013/03/01 23:02:19 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro[2013/03/01 21:21:12 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Ride Games[2013/03/01 21:16:45 | 000,058,264 | ---- | C] (Exent Technologies Ltd.) -- C:\Windows\ExentInfo.exe[2013/03/01 08:34:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PogoDGC[2013/03/01 07:54:45 | 000,000,000 | ---D | C] -- C:\Games[2013/03/01 07:51:46 | 000,000,000 | ---D | C] -- C:\ProgramData\PogoDGC[2013/03/01 07:51:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pogo Games[2013/03/01 06:05:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia[2013/03/01 05:40:55 | 000,000,000 | ---D | C] -- C:\Zylom Games[2013/03/01 05:40:06 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Roaming\WinRAR[2013/03/01 05:40:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealArcade[2013/03/01 05:07:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PremierOpinion[2013/03/01 05:07:38 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Local\TidyNetwork.com[2013/03/01 05:07:09 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Local\Strongvault Online Backup[2013/03/01 05:07:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Strongvault Online Backup[2013/03/01 05:07:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Strongvault Online Backup[2013/03/01 05:07:03 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Local\Strongvault[2013/03/01 05:06:55 | 000,000,000 | -HSD | C] -- C:\AI_RecycleBin[2013/03/01 05:06:47 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Local\TNT2[2013/03/01 02:32:00 | 000,000,000 | ---D | C] -- C:\Remote Programs[2013/03/01 02:31:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Free Ride Games[2013/03/01 02:31:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Ride Games[2013/03/01 00:55:00 | 000,000,000 | ---D | C] -- C:\Users\Betsy\Documents\2013-03-01 Cook County Family medicine[2013/02/25 06:19:43 | 000,235,080 | ---- | C] (Big Fish Games) -- C:\Users\Betsy\Desktop\shadows-price-for-our-sins_s1_l1_gF8048T1L1_d2009734110.exe[2013/02/23 00:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes[2013/02/22 23:59:30 | 000,000,000 | ---D | C] -- C:\Program Files\iPod[2013/02/22 23:59:29 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes[2013/02/22 23:59:29 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69[2013/02/22 15:50:00 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe[2013/02/22 15:49:53 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe[2013/02/22 15:49:53 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll[2013/02/22 15:49:52 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe[2013/02/15 17:48:45 | 000,691,568 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe[2013/02/15 17:48:45 | 000,071,024 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl[2013/02/13 15:33:01 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe[2013/02/13 15:33:00 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe[2013/02/13 15:32:51 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe[2013/02/13 15:32:30 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS[2013/02/13 15:31:50 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe[2013/02/13 15:31:50 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll[2013/02/13 15:31:50 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe[2013/02/13 15:31:50 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll[2013/02/13 15:31:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe[2013/02/13 15:31:49 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll[2013/02/13 12:29:52 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Local\LogMeIn Rescue Applet[2013/02/13 05:14:29 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll[2013/02/13 05:14:29 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll[2013/02/13 05:14:28 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll[2013/02/13 05:14:28 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll[2013/02/13 05:14:28 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe[2013/02/13 05:14:28 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe[2013/02/13 05:14:27 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll[2013/02/13 05:14:27 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll[2013/02/13 05:14:26 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl[2013/02/13 05:14:26 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl[2013/02/13 05:14:25 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll[2013/02/13 05:14:25 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll[2013/02/13 05:14:24 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll[2013/02/13 05:14:24 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll[2013/02/13 05:14:24 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll[2013/02/12 22:04:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Oberon Media[2013/02/11 09:28:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyGames[2013/02/10 16:12:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Drawn - The Painted Tower Deluxe Strategy Guide[2013/02/10 16:11:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Drawn - The Painted Tower[2013/02/10 16:10:33 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\I Spy Spooky Mansion Deluxe[2013/02/10 16:10:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\I Spy Spooky Mansion Deluxe[2013/02/08 22:02:18 | 000,000,000 | ---D | C] -- C:\Users\Betsy\AppData\Local\APN[2013/02/08 22:02:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com[2013/02/08 21:52:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask[2013/02/08 02:03:03 | 015,846,768 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe[2013/02/04 11:15:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ][4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/03/04 13:31:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job[2013/03/04 13:19:24 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0[2013/03/04 13:19:24 | 000,022,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0[2013/03/04 13:12:32 | 000,000,410 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job[2013/03/04 13:11:38 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\AmiUpdXp.job[2013/03/04 13:11:02 | 000,015,712 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys[2013/03/04 13:10:47 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job[2013/03/04 13:10:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat[2013/03/04 13:10:15 | 3206,475,776 | -HS- | M] () -- C:\hiberfil.sys[2013/03/04 11:51:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job[2013/03/04 05:13:18 | 000,000,891 | ---- | M] () -- C:\Users\Public\Desktop\MusicOasis.lnk[2013/03/03 20:42:02 | 000,002,070 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk[2013/03/03 20:05:10 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys[2013/03/03 20:05:10 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys[2013/03/03 20:05:08 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys[2013/03/03 19:30:22 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt[2013/03/03 02:21:34 | 000,114,608 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avfwim.sys[2013/03/02 23:46:08 | 000,000,866 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog[2013/03/02 18:38:52 | 000,001,101 | ---- | M] () -- C:\Users\Betsy\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk[2013/03/02 18:38:52 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk[2013/03/02 18:38:23 | 009,918,712 | ---- | M] (VS Revo Group ) -- C:\Users\Betsy\Desktop\RevoUninProSetup.exe[2013/03/02 17:48:45 | 000,000,009 | ---- | M] () -- C:\end[2013/03/02 17:47:51 | 000,001,268 | ---- | M] () -- C:\Users\Betsy\Desktop\Revo Uninstaller.lnk[2013/03/02 17:44:20 | 000,583,576 | ---- | M] () -- C:\Users\Betsy\Desktop\cbsidlm-tr1_11-Revo_Uninstaller-ORG-10687648.exe[2013/03/01 23:14:14 | 000,000,019 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts[2013/03/01 23:00:24 | 021,215,937 | ---- | M] () -- C:\Users\Betsy\Desktop\Tools.zip[2013/03/01 22:36:00 | 000,001,637 | ---- | M] () -- C:\Users\Betsy\Desktop\License.avastlic[2013/03/01 21:16:49 | 000,002,074 | ---- | M] () -- C:\Users\Public\Desktop\Play Free Games.lnk[2013/03/01 21:16:49 | 000,001,164 | ---- | M] () -- C:\Users\Public\Desktop\More FREE games.lnk[2013/03/01 21:16:49 | 000,000,064 | ---- | M] () -- C:\Windows\GPlrLanc.dat[2013/03/01 20:31:25 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe[2013/03/01 20:31:25 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl[2013/03/01 20:31:19 | 015,846,768 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe[2013/02/25 06:19:44 | 000,235,080 | ---- | M] (Big Fish Games) -- C:\Users\Betsy\Desktop\shadows-price-for-our-sins_s1_l1_gF8048T1L1_d2009734110.exe[2013/02/23 11:52:24 | 000,002,102 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk[2013/02/23 00:00:38 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk[2013/02/22 15:49:34 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll[2013/02/22 15:49:31 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe[2013/02/22 15:49:31 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe[2013/02/22 15:49:30 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe[2013/02/22 15:49:29 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll[2013/02/22 15:49:29 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll[2013/02/15 16:27:10 | 009,958,918 | ---- | M] () -- C:\Users\Betsy\Desktop\danosongs.com-magicghost.mp3[2013/02/15 15:32:24 | 003,935,520 | ---- | M] () -- C:\Users\Betsy\Desktop\danosongs.com-chimera-derivation-3.mp3[2013/02/15 15:31:43 | 006,095,833 | ---- | M] () -- C:\Users\Betsy\Desktop\danosongs.com-coppermountain.mp3[2013/02/15 15:30:31 | 003,221,295 | ---- | M] () -- C:\Users\Betsy\Desktop\danosongs.com-cellular-faith.mp3[2013/02/15 14:59:58 | 003,150,542 | ---- | M] () -- C:\Users\Betsy\Desktop\danosongs.com-riding-the-banshee.mp3[2013/02/15 14:56:07 | 007,913,098 | ---- | M] () -- C:\Users\Betsy\Desktop\danosongs.com-kingoranalien.mp3[2013/02/15 14:55:26 | 003,839,381 | ---- | M] () -- C:\Users\Betsy\Desktop\danosongs.com-whatyouthink.mp3[2013/02/15 14:53:56 | 006,099,176 | ---- | M] () -- C:\Users\Betsy\Desktop\danosongs.com-nightbirds.mp3[2013/02/15 14:51:29 | 003,739,942 | ---- | M] () -- C:\Users\Betsy\Desktop\danosongs.com-everythingdies.mp3[2013/02/15 13:54:58 | 001,925,165 | ---- | M] () -- C:\Users\Betsy\Desktop\danosongs.com-antarcticmoon-solo.mp3[2013/02/15 08:47:47 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Betsy\Desktop\OTL.exe[2013/02/14 03:18:19 | 000,412,624 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT[2013/02/13 05:21:45 | 000,808,520 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI[2013/02/13 05:21:45 | 000,674,532 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat[2013/02/13 05:21:45 | 000,122,020 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat[2013/02/12 22:41:31 | 000,045,885 | ---- | M] () -- C:\Users\Betsy\Desktop\Sacred-Love-Free-Download.htm[2013/02/12 22:41:10 | 000,064,811 | ---- | M] () -- C:\Users\Betsy\Desktop\Layers.htm[2013/02/08 03:04:26 | 000,001,441 | ---- | M] () -- C:\Users\Betsy\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ][4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/03/04 05:13:18 | 000,000,891 | ---- | C] () -- C:\Users\Public\Desktop\MusicOasis.lnk[2013/03/03 02:32:38 | 000,002,070 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk[2013/03/02 18:38:52 | 000,001,101 | ---- | C] () -- C:\Users\Betsy\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk[2013/03/02 18:38:52 | 000,001,077 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk[2013/03/02 17:48:50 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\AmiUpdXp.job[2013/03/02 17:47:51 | 000,001,268 | ---- | C] () -- C:\Users\Betsy\Desktop\Revo Uninstaller.lnk[2013/03/02 17:47:39 | 000,000,866 | ---- | C] () -- C:\Windows\SysWow64\InstallUtil.InstallLog[2013/03/02 17:47:11 | 000,000,009 | ---- | C] () -- C:\end[2013/03/02 17:44:12 | 000,583,576 | ---- | C] () -- C:\Users\Betsy\Desktop\cbsidlm-tr1_11-Revo_Uninstaller-ORG-10687648.exe[2013/03/01 23:01:12 | 021,215,937 | ---- | C] () -- C:\Users\Betsy\Desktop\Tools.zip[2013/03/01 22:36:00 | 000,001,637 | ---- | C] () -- C:\Users\Betsy\Desktop\License.avastlic[2013/03/01 21:16:49 | 000,002,074 | ---- | C] () -- C:\Users\Public\Desktop\Play Free Games.lnk[2013/03/01 21:16:49 | 000,001,164 | ---- | C] () -- C:\Users\Public\Desktop\More FREE games.lnk[2013/03/01 21:16:49 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat[2013/02/15 17:48:47 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job[2013/02/15 16:27:01 | 009,958,918 | ---- | C] () -- C:\Users\Betsy\Desktop\danosongs.com-magicghost.mp3[2013/02/15 15:32:23 | 003,935,520 | ---- | C] () -- C:\Users\Betsy\Desktop\danosongs.com-chimera-derivation-3.mp3[2013/02/15 15:31:43 | 006,095,833 | ---- | C] () -- C:\Users\Betsy\Desktop\danosongs.com-coppermountain.mp3[2013/02/15 15:30:31 | 003,221,295 | ---- | C] () -- C:\Users\Betsy\Desktop\danosongs.com-cellular-faith.mp3[2013/02/15 14:59:58 | 003,150,542 | ---- | C] () -- C:\Users\Betsy\Desktop\danosongs.com-riding-the-banshee.mp3[2013/02/15 14:55:50 | 007,913,098 | ---- | C] () -- C:\Users\Betsy\Desktop\danosongs.com-kingoranalien.mp3[2013/02/15 14:55:24 | 003,839,381 | ---- | C] () -- C:\Users\Betsy\Desktop\danosongs.com-whatyouthink.mp3[2013/02/15 14:53:56 | 006,099,176 | ---- | C] () -- C:\Users\Betsy\Desktop\danosongs.com-nightbirds.mp3[2013/02/15 14:51:17 | 003,739,942 | ---- | C] () -- C:\Users\Betsy\Desktop\danosongs.com-everythingdies.mp3[2013/02/15 13:54:58 | 001,925,165 | ---- | C] () -- C:\Users\Betsy\Desktop\danosongs.com-antarcticmoon-solo.mp3[2013/02/12 22:41:31 | 000,045,885 | ---- | C] () -- C:\Users\Betsy\Desktop\Sacred-Love-Free-Download.htm[2013/02/12 22:41:10 | 000,064,811 | ---- | C] () -- C:\Users\Betsy\Desktop\Layers.htm[2013/02/08 03:04:26 | 000,001,413 | ---- | C] () -- C:\Users\Betsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk[2012/11/29 01:32:48 | 000,000,059 | ---- | C] () -- C:\ProgramData\user.ini[2012/09/27 19:50:58 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE[2012/09/08 08:50:21 | 000,109,256 | ---- | C] () -- C:\Windows\SysWow64\EasyHook64.dll[2012/09/08 08:50:21 | 000,090,824 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll[2012/08/29 03:26:47 | 000,552,290 | ---- | C] () -- C:\Windows\hpoins28.dat[2012/07/26 13:26:41 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\SBRC.dat[2012/07/19 07:14:02 | 000,000,000 | ---- | C] () -- C:\Users\Betsy\defogger_reenable[2012/06/19 18:52:42 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll[2012/05/06 23:50:55 | 000,552,290 | ---- | C] () -- C:\Windows\hpoins28.dat.temp[2012/05/06 23:50:55 | 000,000,796 | ---- | C] () -- C:\Windows\hpomdl28.dat.temp[2012/03/29 21:45:37 | 000,142,456 | ---- | C] () -- C:\Windows\hpwins10.dat[2012/03/29 21:45:37 | 000,000,372 | ---- | C] () -- C:\Windows\hpwmdl10.dat[2012/02/18 20:13:59 | 000,007,600 | ---- | C] () -- C:\Users\Betsy\AppData\Local\resmon.resmoncfg[2012/02/14 01:45:40 | 000,109,782 | ---- | C] () -- C:\Windows\CopernicAgentUninstall.exe[2012/02/08 01:42:30 | 000,187,432 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat[2012/02/07 23:48:42 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar36.dll[2012/02/07 23:48:42 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\ztvunace26.dll[2012/02/07 23:48:42 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\unacev2.dll[2012/02/07 23:48:41 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\unrar3.dll[2012/02/02 22:15:12 | 000,000,110 | ---- | C] () -- C:\Users\Betsy\webct_upload_applet.properties[2012/02/01 21:34:08 | 000,759,634 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI[2012/01/31 15:52:02 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll[2012/01/31 15:52:02 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll[2012/01/31 15:52:02 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll[2012/01/31 15:52:02 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll[2012/01/31 14:46:58 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini[2012/01/31 14:46:51 | 000,023,898 | ---- | C] () -- C:\Windows\Ascd_tmp.ini ========== Files - Unicode (All) ==========[2013/01/28 15:53:50 | 000,000,266 | ---- | M] ()(C:\Users\Betsy\Desktop\? All fall down - Sample of track from Rock-Elect Album - 2012 on Distinctive details to follow by QUIVVER.url) -- C:\Users\Betsy\Desktop\▶ All fall down - Sample of track from Rock-Elect Album - 2012 on Distinctive details to follow by QUIVVER.url[2013/01/28 15:53:50 | 000,000,266 | ---- | C] ()(C:\Users\Betsy\Desktop\? All fall down - Sample of track from Rock-Elect Album - 2012 on Distinctive details to follow by QUIVVER.url) -- C:\Users\Betsy\Desktop\▶ All fall down - Sample of track from Rock-Elect Album - 2012 on Distinctive details to follow by QUIVVER.url ========== Alternate Data Streams ========== @Alternate Data Stream - 233 bytes -> C:\ProgramData\TEMP:6E2D80C8@Alternate Data Stream - 221 bytes -> C:\ProgramData\TEMP:CC30FDA5@Alternate Data Stream - 210 bytes -> C:\ProgramData\TEMP:CB0AACC9@Alternate Data Stream - 208 bytes -> C:\ProgramData\TEMP:F8780B24@Alternate Data Stream - 208 bytes -> C:\ProgramData\TEMP:68EF6203@Alternate Data Stream - 207 bytes -> C:\ProgramData\TEMP:F84B8DB5@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:862BDB1A@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:56E2E879< End of report >
  • 0

#104
Essexboy
Posted 04 March 2013 - 12:41 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi Betsy that is all over the place could you attach the file please and ensure that wordwrap is not selected in notepad


  • 0

#105
betsym
Posted 04 March 2013 - 03:25 PM

betsym

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 153 posts
Wordwrap wasn't on when I copied it. I don't know what happened!

Edited by betsym, 04 March 2013 - 03:31 PM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP