Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Trojan: PSW.OnlineGames4.ALGT [Solved]

Started by RebelSnipe , Apr 24 2013 02:19 AM

  • This topic is locked This topic is locked

#31
RebelSnipe
Posted 03 May 2013 - 06:45 PM

RebelSnipe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Alright -

Files deleted - ok

Uninstall Java - unsure what to do here. You asked me to uninstall Java 6 Update 21 When I go into uninstall I see:

Java 7 Update 21
Java™ 6 Update 24
Java™ 6 Update 24 (64-bit)

Should I uninstall the two Java 6.24's or the one Java 7.21?

Update Firefox - ok fyi - I received a message box stating:

Firefox Update
Incompatible Add-ons

- TrueSuite Website Logon 5.0
- SmartPrintButton 1.0

It tried searching but neither could be found compatible.

I tried IE. When I open it I get a UAC window asking if I should allow Jave 7 Update 21 to run. Since we are working on uninstalling a Java I told it no. Then, IE did not work. Curious, I tried launching it as an administrator again and it still does work that way.

Let me know what's next. THANKS!!!!
  • 0

Advertisements

#32
godawgs
Posted 04 May 2013 - 07:22 AM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
I guess I'm dyslexic too. Java 7 Update 21 is the current Java. Java 6 Update 24 and Java 6 Update 24(64bit) should be uninstalled.

Firefox will automatically turn off the add-ons that are not compatible. At lease it is supposed to. To check that, open Firefox and click the Firefox tab in the upper left, then click Add-ons on the context menu. A page will open with all Extensions and Plug-ins. The two you listed above should be greyed out and say Enable to the right of them. That lets you know they have been disabled.

If you get the UAC window in IE again, let it run Java 7 Update 21 and see if that will resolve the issue with IE.
  • 0

#33
RebelSnipe
Posted 04 May 2013 - 09:06 AM

RebelSnipe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Good morning godawgs -

I unistalled the Java 6's
Rebooted the computer
Launched IE - still didn't work and no UAC this time. I checked and IE still works if I right mouse click / run as admin.

Idea's??
  • 0

#34
godawgs
Posted 04 May 2013 - 10:13 AM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Hi,

Add-ons are known to cause this problem. Let's start IE in the No Add-ons mode and see it it runs.

  • Close IE
  • Click the Start Orb, then click All Programs.
  • Click on Accessories, then click System Tools
  • Click on Internet Explorer (No Add-ons).
This will open the Internet Explorer in no add-ons mode.
If the problem stops, an add-on is causing the problem.

If that resolves the problem we want to start with the Adobe FlashPlayer add-on. It has been known to be the culprit.

  • Close IE
  • Click the Start Orb, then Control Panel. The Control Panel open.
  • Click Network and Internet
  • Click Intermet Options. The Internet Options page will open.
  • Click the Programs tab, then the Manage add-ons button. The Add-ons window will open.
  • Under Add-on Types, click Toolbars and Extenstions. It may take a few minutes for the right pane to populate.
  • Under Adobe Systems Incorporated, click Adobe FlashPlayer and then click the disable button at the bottom right of the window.
  • Click the Close button to close the window.
  • Click OK in the next window to accept the changes and close that window.
  • Close the Control Panel Window.
Now start IE and see if it runs normally.


Let me know what happened.
  • 0

#35
RebelSnipe
Posted 04 May 2013 - 10:20 AM

RebelSnipe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
I opened IE per instructions w/o add ons and it still did not work.
  • 0

#36
godawgs
Posted 04 May 2013 - 10:41 AM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
OK. Click here, then click the Run Now button in the Microsoft FixIt window to run the Fixit.
Then see if that resolved the issue.
  • 0

#37
RebelSnipe
Posted 04 May 2013 - 10:52 AM

RebelSnipe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Unfortunately it did not fix it. It did find one issue "Data Execution Prevention (DEP) disabled." I had it fix it but IE still does not work.
  • 0

#38
godawgs
Posted 04 May 2013 - 07:06 PM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Let's try another tool. Before we run it we want to create a new Restore Point.

The All-In-One tool will run the chkdsk program then the SFC program to check the hard disk and the critical system files. Once those are done the Repairs tab will perform repairs to the system. This could take a while so be patient.


Step-1.

Make a Fresh Restore Point

For Vista and Windows 7:
  • Click the Start Orb. Click Control Panel. Click System and Maintenance
  • Click System
  • In the left column under Tasks, click Advance System Settings and accept the warning if you get one
  • Click the System Protection Tab
  • In the Available Disks box put a check mark in the box next to OS (?:) (System). Your drive letter will be shown in place of the ?

    Note: It may take some time for the system to populate the Available Disks box, so be patient.
  • Click the Create button at the bottom
  • Type in a name fo the restore point, i.e: Before All IN One
  • Click Create
  • A small System Protection window will come up telling you a Restore Point is being created.
  • Another System Protection window will come up telling you the Restore Point has been created, click OK
  • Click OK again.
  • Close the Control Panel

Step-2.

Run Windows All-In-One

Download Windows Repair (all in one) from this site. Click one of the Download buttons under the Installer (5.30 MB) and save it to the desktop.

  • Close the browser and all open windows.
  • Right click the Tweaking.com_windows_repair_aio_setup.exe file and click Run as Administrator to install the program.
  • Right click the Windows All-In-One exe file and click Run as Administrator to run it. You will see the console below:

    Posted Image
  • Click the Step 2 tab, click the Do It button and allow it to run Disc check
    Posted Image
  • Once that is done click the Step 3 tab, click the Do It button and allow it to run SFC
    Posted Image
  • Click the Start Repairs tab, click the radio button beside Advanced Mode, clickStart
    Posted Image
  • Select the following items and in the lower right corner tick Restart system when finished. Then click the Start button.

    NOTE:In additions to the items checked below, please click the box next to the following item to check it:
    Repair Internet Explorer
    Posted Image

Step-3.

Now see if IE will work.
  • 0

#39
RebelSnipe
Posted 04 May 2013 - 09:37 PM

RebelSnipe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Hi godawgs - I ran Windows Repair and unfortunately IE still does not work.
  • 0

#40
godawgs
Posted 05 May 2013 - 05:36 AM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Please get me a fresh OTL scan. Are you having any other issues or is IE the last one?

To get the OTL scan, open OTL and click the Posted Image button. Paste the log it produces in your next reply.
  • 0

Advertisements

#41
RebelSnipe
Posted 05 May 2013 - 09:33 AM

RebelSnipe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Good morning godawgs - I know I probably sound like a broken record but I really appreciate all of the assistance you have been providing me!!

The IE problem is the only one that I'm aware of. I really haven't been using the laptop for anything other than the scans we have been running so something might be lurking out there but I haven't found it.

Here is the output file you requested:

OTL logfile created on: 5/5/2013 10:19:48 AM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Michael\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.48 Gb Total Physical Memory | 3.72 Gb Available Physical Memory | 67.82% Memory free
10.96 Gb Paging File | 8.82 Gb Available in Paging File | 80.50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.29 Gb Total Space | 398.99 Gb Free Space | 68.64% Space Free | Partition Type: NTFS
Drive D: | 14.59 Gb Total Space | 1.62 Gb Free Space | 11.11% Space Free | Partition Type: NTFS
Drive F: | 99.34 Mb Total Space | 89.20 Mb Free Space | 89.79% Space Free | Partition Type: FAT32

Computer Name: MICHAEL-HP | User Name: Michael | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/05/04 18:42:37 | 001,151,152 | ---- | M] () -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
PRC - [2013/05/03 19:31:02 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/04/24 02:50:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Michael\Desktop\OTL.exe
PRC - [2013/03/13 17:15:00 | 004,394,032 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2013/02/27 23:42:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2013/02/19 04:02:02 | 000,282,624 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2013/02/18 14:05:11 | 000,968,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
PRC - [2012/12/18 14:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/12/12 16:43:20 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2011/09/01 18:06:50 | 000,227,896 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/08/19 15:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2011/07/11 15:04:44 | 000,574,008 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2011/07/11 15:04:44 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/07/06 20:13:48 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/05/23 11:45:58 | 001,098,296 | ---- | M] (Hewlett-Packard Development Company L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
PRC - [2011/03/30 15:01:10 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2011/02/25 12:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/18 00:48:24 | 000,265,544 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2011/02/18 00:48:12 | 000,642,888 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2011/02/18 00:47:58 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2010/11/26 09:09:12 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
PRC - [2010/04/23 14:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/23 14:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe


========== Modules (No Company Name) ==========

MOD - [2013/05/04 18:42:37 | 001,151,152 | ---- | M] () -- C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
MOD - [2013/05/04 18:42:36 | 000,156,848 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\SiteSafety.dll
MOD - [2013/05/03 19:31:01 | 003,133,336 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll


========== Services (SafeList) ==========

SRV:64bit: - [2011/11/28 17:52:01 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011/11/28 17:52:00 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2011/05/27 12:20:12 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011/04/02 01:54:06 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/04/02 01:06:22 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010/10/11 04:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/05/03 19:31:01 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/03/12 22:24:46 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/27 23:42:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/02/19 04:02:02 | 000,282,624 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013/02/18 14:05:11 | 000,968,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe -- (vToolbarUpdater14.2.0)
SRV - [2012/12/18 14:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/09/01 18:06:50 | 000,227,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/07/11 15:04:44 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2011/05/23 11:45:58 | 001,098,296 | ---- | M] (Hewlett-Packard Development Company L.P.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2011/03/07 19:43:30 | 002,375,168 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/03/01 23:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 12:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/24 22:34:42 | 000,241,648 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56)
SRV - [2011/02/18 00:48:24 | 000,265,544 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2010/11/26 09:09:12 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 15:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/05/04 18:42:36 | 000,039,768 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/02/26 23:40:46 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/02/14 03:52:46 | 000,239,416 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2013/02/08 04:37:56 | 000,116,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013/02/08 04:37:54 | 000,311,096 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/02/08 04:37:50 | 000,071,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/02/08 04:37:42 | 000,206,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/02/08 04:37:40 | 000,045,880 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/09/12 15:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/28 17:52:01 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/07/19 10:19:16 | 001,492,992 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2011/05/27 12:20:12 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/05/27 12:20:12 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/04/02 04:42:30 | 009,256,960 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/04/02 01:16:22 | 000,300,544 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/24 19:20:36 | 000,337,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011/03/17 23:04:20 | 000,188,544 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdxhc.sys -- (amdxhc)
DRV:64bit: - [2011/03/17 23:04:18 | 000,087,168 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdhub30.sys -- (amdhub30)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/04 17:46:20 | 000,078,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/03/04 17:46:20 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011/02/16 20:11:08 | 000,428,136 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/12/16 21:28:38 | 001,403,440 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/12/16 02:06:46 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/17 11:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/07/28 09:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/06/15 23:58:22 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2010/04/29 06:55:42 | 000,032,768 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\androidusb.sys -- (androidusb)
DRV:64bit: - [2010/02/18 11:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 15:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{A22F7BA3-591A-4DDB-B9A3-C974A5B67BEB}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://mysearch.avg....fr&d=2013-05-02 15:39:25&v=14.2.0.1&pid=safeguard&sg=1&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/?ilc=1"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Michael\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Michael\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 15:27:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/05/03 19:31:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/03 19:30:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/04/06 18:49:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files (x86)\AVG\AVG2012\Thunderbird\
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/05/03 19:31:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/03 19:30:56 | 000,000,000 | ---D | M]

[2011/08/23 21:13:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael\AppData\Roaming\Mozilla\Extensions
[2012/11/01 00:15:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\8c5dcrl5.default\extensions
[2013/05/03 19:30:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/05/03 19:30:54 | 000,000,000 | ---D | M] (TrueSuite Website Logon) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2013/05/03 19:31:02 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/05/03 19:30:59 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/05/02 15:39:29 | 000,000,000 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\safeguard-secure-search.xml
[2013/05/03 19:30:59 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.yahoo.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Michael\AppData\Local\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Michael\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Michael\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Users\Michael\AppData\Local\Google\Chrome\Application\plugins\npMozCouponPrinter.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.210.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Website Logon = C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe\1.0_0\

O1 HOSTS File: ([2013/05/04 22:14:24 | 000,000,855 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll File not found
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll File not found
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\14.2.0.1\AVG SafeGuard toolbar_toolbar.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\14.2.0.1\AVG SafeGuard toolbar_toolbar.dll ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe ()
O4 - HKCU..\Run: [HP Photosmart 6510 series (NET)] C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll File not found
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5362F98F-F69B-4EA9-A142-537D8503BA14}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FC5CC95D-6A30-4329-9A56-642B1240DCD6}: DhcpNameServer = 75.75.76.76 75.75.75.75 192.168.1.1
O18:64bit: - Protocol\Handler\linkscanner - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (/sync /restart)
O34 - HKLM BootExecute: (/sync /restart)
O34 - HKLM BootExecute: (/sync /restart)
O34 - HKLM BootExecute: (/sync /restart)
O34 - HKLM BootExecute: (/sync /restart)
O34 - HKLM BootExecute: (/sync /restart)
O34 - HKLM BootExecute: (/sync /restart)
O34 - HKLM BootExecute: (/sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/05/04 22:25:04 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/05/04 22:19:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2
[2013/05/04 21:17:38 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/05/04 21:11:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2013/05/04 21:11:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com
[2013/05/03 19:30:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/05/03 17:57:18 | 000,354,299 | ---- | C] (Farbar) -- C:\Users\Michael\Desktop\FSS.exe
[2013/05/03 14:56:30 | 002,347,384 | ---- | C] (ESET) -- C:\Users\Michael\Desktop\esetsmartinstaller_enu(1).exe
[2013/05/03 12:44:13 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/05/03 12:42:56 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/05/03 10:11:11 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/05/03 08:34:02 | 000,000,000 | ---D | C] -- C:\Windows\PolicyDefinitions
[2013/05/03 08:26:04 | 005,064,153 | R--- | C] (Swearware) -- C:\Users\Michael\Desktop\ComboFix.exe
[2013/05/02 15:43:57 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\AVG2013
[2013/05/02 15:39:41 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\AVG SafeGuard toolbar
[2013/05/02 15:39:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/05/02 15:39:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar
[2013/05/02 15:37:45 | 000,000,000 | ---D | C] -- C:\$AVG
[2013/05/02 15:37:44 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2013/05/02 15:36:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2013/05/02 15:35:28 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\Avg2013
[2013/05/02 15:35:28 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2013/05/02 15:25:35 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/05/02 15:25:35 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/05/02 15:25:35 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/05/02 13:36:44 | 001,316,632 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Users\Michael\Desktop\avgremoverx64.exe
[2013/05/02 13:35:16 | 145,809,640 | ---- | C] (AVG Technologies) -- C:\Users\Michael\Desktop\avg_free_x64_all_2013_3272a6212.exe
[2013/04/29 17:01:50 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\Michael\Desktop\TFC.exe
[2013/04/27 12:37:47 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Michael\Desktop\aswMBR(1).exe
[2013/04/26 14:00:25 | 002,347,384 | ---- | C] (ESET) -- C:\Users\Michael\Desktop\esetsmartinstaller_enu.exe
[2013/04/25 22:14:18 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\RK_Quarantine
[2013/04/25 21:04:40 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Michael\Desktop\aswMBR - old.exe
[2013/04/25 18:01:14 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\tdsskiller
[2013/04/25 14:49:15 | 000,000,000 | ---D | C] -- C:\Rooter$
[2013/04/25 14:47:55 | 000,173,119 | ---- | C] (Eric_71) -- C:\Users\Michael\Desktop\Rooter.exe
[2013/04/25 14:44:08 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\ElevatedDiagnostics
[2013/04/24 19:05:42 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/04/24 19:05:28 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/04/24 18:53:13 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/04/24 18:52:48 | 000,000,000 | ---D | C] -- C:\JRT
[2013/04/24 18:46:31 | 000,535,764 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Michael\Desktop\JRT.exe
[2013/04/24 14:05:21 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\JavaRa
[2013/04/24 13:59:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/04/24 13:58:06 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2013/04/24 02:50:22 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Michael\Desktop\OTL.exe
[2013/04/23 23:39:29 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\Malwarebytes
[2013/04/23 23:39:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/04/23 23:39:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/04/23 23:39:02 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/04/23 23:39:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/04/23 23:38:43 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\Programs

========== Files - Modified Within 30 Days ==========

[2013/05/05 10:18:51 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-695660584-876410207-1421700361-1001UA.job
[2013/05/05 10:18:51 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/05 10:18:48 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/05 10:18:47 | 000,000,260 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Messager.job
[2013/05/05 10:18:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/04 22:26:40 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/04 22:26:40 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/04 22:26:02 | 000,779,266 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/05/04 22:26:02 | 000,660,530 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/05/04 22:26:02 | 000,121,426 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/05/04 22:20:42 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/04 22:18:48 | 000,343,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/05/04 22:18:33 | 117,624,831 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/04 22:17:02 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/05/04 22:14:24 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/05/04 22:12:59 | 000,779,266 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/05/04 21:43:56 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2013/05/04 21:15:38 | 005,546,413 | ---- | M] () -- C:\Users\Michael\Desktop\tweaking.com_windows_repair_aio_setup (1).exe
[2013/05/04 21:12:03 | 000,002,159 | ---- | M] () -- C:\Users\Michael\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2013/05/04 21:10:13 | 005,546,413 | ---- | M] () -- C:\Users\Michael\Desktop\tweaking.com_windows_repair_aio_setup.exe
[2013/05/04 18:42:36 | 000,039,768 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013/05/04 18:42:24 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-695660584-876410207-1421700361-1001Core.job
[2013/05/03 19:27:28 | 000,111,135 | ---- | M] () -- C:\Users\Michael\Desktop\Java uninstall screenshot.jpg
[2013/05/03 18:00:04 | 000,890,825 | ---- | M] () -- C:\Users\Michael\Desktop\SecurityCheck.exe
[2013/05/03 17:56:49 | 000,354,299 | ---- | M] (Farbar) -- C:\Users\Michael\Desktop\FSS.exe
[2013/05/03 14:55:40 | 002,347,384 | ---- | M] (ESET) -- C:\Users\Michael\Desktop\esetsmartinstaller_enu(1).exe
[2013/05/03 08:25:32 | 005,064,153 | R--- | M] (Swearware) -- C:\Users\Michael\Desktop\ComboFix.exe
[2013/05/02 15:39:30 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/05/02 15:28:46 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts_bak_223
[2013/05/02 13:59:02 | 000,094,172 | ---- | M] () -- C:\Users\Michael\Desktop\AVG files deleted manually 2.jpg
[2013/05/02 13:58:10 | 000,143,755 | ---- | M] () -- C:\Users\Michael\Desktop\AVG files deleted manually.jpg
[2013/05/02 13:36:10 | 001,316,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Users\Michael\Desktop\avgremoverx64.exe
[2013/05/02 13:34:34 | 145,809,640 | ---- | M] (AVG Technologies) -- C:\Users\Michael\Desktop\avg_free_x64_all_2013_3272a6212.exe
[2013/04/29 17:19:24 | 000,088,619 | ---- | M] () -- C:\Users\Michael\Desktop\Print screen of directory after TFC.jpg
[2013/04/29 17:01:26 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\Michael\Desktop\TFC.exe
[2013/04/27 13:01:35 | 000,000,512 | ---- | M] () -- C:\Users\Michael\Desktop\MBR.dat
[2013/04/27 12:37:19 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Michael\Desktop\aswMBR(1).exe
[2013/04/27 11:50:50 | 000,076,134 | ---- | M] () -- C:\Users\Michael\Desktop\folder access denied and security settings.jpg
[2013/04/26 19:57:50 | 000,032,539 | ---- | M] () -- C:\Users\Michael\Desktop\folder access denied.jpg
[2013/04/26 19:55:41 | 000,059,033 | ---- | M] () -- C:\Users\Michael\Desktop\directory properties in safe mode.jpg
[2013/04/26 13:59:26 | 002,347,384 | ---- | M] (ESET) -- C:\Users\Michael\Desktop\esetsmartinstaller_enu.exe
[2013/04/25 22:13:22 | 000,816,128 | ---- | M] () -- C:\Users\Michael\Desktop\RogueKiller.exe
[2013/04/25 21:54:43 | 000,154,640 | ---- | M] () -- C:\Users\Michael\Desktop\Untitled.jpg
[2013/04/25 21:53:36 | 000,000,512 | ---- | M] () -- C:\Users\Michael\Desktop\MBR - old.dat
[2013/04/25 21:03:58 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Michael\Desktop\aswMBR - old.exe
[2013/04/25 18:00:07 | 002,218,636 | ---- | M] () -- C:\Users\Michael\Desktop\tdsskiller.zip
[2013/04/25 14:47:21 | 000,173,119 | ---- | M] (Eric_71) -- C:\Users\Michael\Desktop\Rooter.exe
[2013/04/24 18:51:43 | 000,025,006 | ---- | M] () -- C:\Users\Michael\Desktop\RunDLL error screen shot.jpg
[2013/04/24 18:46:31 | 000,535,764 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Michael\Desktop\JRT.exe
[2013/04/24 14:47:25 | 000,106,593 | ---- | M] () -- C:\Users\Michael\Desktop\AVG screen captures.jpg
[2013/04/24 14:31:13 | 000,112,565 | ---- | M] () -- C:\Users\Michael\Desktop\AVG screen shots2.jpg
[2013/04/24 14:12:50 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013/04/24 14:05:06 | 000,160,350 | ---- | M] () -- C:\Users\Michael\Desktop\JavaRa.zip
[2013/04/24 02:50:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Michael\Desktop\OTL.exe
[2013/04/23 23:45:16 | 000,000,121 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013/04/23 23:39:04 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/04/22 22:37:17 | 649,954,062 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/04/22 21:17:07 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMichael.job
[2013/04/21 14:34:28 | 000,000,328 | ---- | M] () -- C:\Users\Michael\Desktop\HP Printer Diagnostic Tools.url
[2013/04/11 16:10:52 | 000,002,376 | ---- | M] () -- C:\Users\Michael\Desktop\Google Chrome.lnk
[2013/04/08 20:13:42 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_androidusb_01009.Wdf
[2013/04/06 18:49:54 | 000,002,110 | ---- | M] () -- C:\Users\Michael\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk

========== Files Created - No Company Name ==========

[2013/05/04 21:43:56 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2013/05/04 21:16:13 | 005,546,413 | ---- | C] () -- C:\Users\Michael\Desktop\tweaking.com_windows_repair_aio_setup (1).exe
[2013/05/04 21:12:03 | 000,002,159 | ---- | C] () -- C:\Users\Michael\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2013/05/04 21:10:58 | 005,546,413 | ---- | C] () -- C:\Users\Michael\Desktop\tweaking.com_windows_repair_aio_setup.exe
[2013/05/03 19:27:27 | 000,111,135 | ---- | C] () -- C:\Users\Michael\Desktop\Java uninstall screenshot.jpg
[2013/05/03 18:00:45 | 000,890,825 | ---- | C] () -- C:\Users\Michael\Desktop\SecurityCheck.exe
[2013/05/02 15:39:30 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/05/02 15:25:35 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/05/02 15:25:35 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/05/02 15:25:35 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/05/02 15:25:35 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/05/02 15:25:35 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/05/02 13:59:02 | 000,094,172 | ---- | C] () -- C:\Users\Michael\Desktop\AVG files deleted manually 2.jpg
[2013/05/02 13:58:10 | 000,143,755 | ---- | C] () -- C:\Users\Michael\Desktop\AVG files deleted manually.jpg
[2013/04/29 17:19:24 | 000,088,619 | ---- | C] () -- C:\Users\Michael\Desktop\Print screen of directory after TFC.jpg
[2013/04/27 13:01:35 | 000,000,512 | ---- | C] () -- C:\Users\Michael\Desktop\MBR.dat
[2013/04/27 11:50:50 | 000,076,134 | ---- | C] () -- C:\Users\Michael\Desktop\folder access denied and security settings.jpg
[2013/04/26 19:57:50 | 000,032,539 | ---- | C] () -- C:\Users\Michael\Desktop\folder access denied.jpg
[2013/04/26 19:55:41 | 000,059,033 | ---- | C] () -- C:\Users\Michael\Desktop\directory properties in safe mode.jpg
[2013/04/25 22:13:52 | 000,816,128 | ---- | C] () -- C:\Users\Michael\Desktop\RogueKiller.exe
[2013/04/25 21:54:43 | 000,154,640 | ---- | C] () -- C:\Users\Michael\Desktop\Untitled.jpg
[2013/04/25 21:47:05 | 000,000,512 | ---- | C] () -- C:\Users\Michael\Desktop\MBR - old.dat
[2013/04/25 18:00:48 | 002,218,636 | ---- | C] () -- C:\Users\Michael\Desktop\tdsskiller.zip
[2013/04/24 18:51:43 | 000,025,006 | ---- | C] () -- C:\Users\Michael\Desktop\RunDLL error screen shot.jpg
[2013/04/24 14:46:11 | 000,106,593 | ---- | C] () -- C:\Users\Michael\Desktop\AVG screen captures.jpg
[2013/04/24 14:31:13 | 000,112,565 | ---- | C] () -- C:\Users\Michael\Desktop\AVG screen shots2.jpg
[2013/04/24 14:12:50 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/04/24 14:12:50 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013/04/24 14:05:01 | 000,160,350 | ---- | C] () -- C:\Users\Michael\Desktop\JavaRa.zip
[2013/04/23 23:45:09 | 000,000,121 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013/04/23 23:39:04 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/04/21 14:34:28 | 000,000,328 | ---- | C] () -- C:\Users\Michael\Desktop\HP Printer Diagnostic Tools.url
[2013/04/08 20:13:42 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_androidusb_01009.Wdf
[2012/11/01 10:36:43 | 000,025,600 | ---- | C] () -- C:\Users\Michael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/10/31 23:55:46 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/09/23 23:13:11 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2011/10/03 14:59:54 | 000,014,119 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2011/08/23 20:31:05 | 000,007,599 | ---- | C] () -- C:\Users\Michael\AppData\Local\Resmon.ResmonCfg
[2011/07/21 12:44:19 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/07/21 12:36:43 | 000,779,266 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/07/21 12:24:37 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\Windows\sysWOW64\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/05/02 15:43:57 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\AVG2013
[2011/08/13 23:50:36 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Blio
[2011/09/20 15:41:29 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\funkitron
[2011/08/13 23:53:27 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\IDT
[2011/08/13 22:28:24 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Synaptics
[2011/08/23 21:13:43 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Thunderbird
[2012/09/30 20:23:23 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\TuneUp Software
[2011/12/31 13:36:45 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\WebApp

========== Purity Check ==========



< End of report >
  • 0

#42
RebelSnipe
Posted 05 May 2013 - 04:21 PM

RebelSnipe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Just tried running itunes and came up with a registry error. I tried itunes a couple steps ago and it worked just fine. Here is the screen shot i get.

Attached Thumbnails

  • Itunes registry.png

  • 0

#43
godawgs
Posted 06 May 2013 - 09:31 AM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
I have gone back and re-read the topic. I don't see anything that we have done that has targeted iTunes drivers. All of the entries in the OTL logs look identical. Was iTunes working before we ran Windows All-In-One?
  • 0

#44
RebelSnipe
Posted 06 May 2013 - 09:35 AM

RebelSnipe

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Yes - iTunes was working before Windows All-in-one. I don't remember if I tried it before or after we ran Microsoft fixit however.
  • 0

#45
godawgs
Posted 06 May 2013 - 09:57 AM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Well we ran the Microsoft FixIt and the All-In-One tool back to back. You can always go to the Before AllInOne System Restore point that we created before running Windows All-In-One and restore the computer back to that point and see if iTunes works, or we can keep working on IE and then you can uninstall and reinstall iTunes when we are finished. If the restore point doesn't return function to iTunes you are gonna have to reinstall it anyway.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP