I'm helping my girlfriend with her computer using Teamviewer. She's had terrible sluggishness, frequent freezing, Firefox with one tab open sucking 100% of CPU usage, and frequently having to restart Firefox.
OTL logfile created on: 06/06/2013 5:48:50 AM - Run 2
OTL by OldTimer - Version Folder = C:\Users\BooHoo\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: MM/dd/yyyy
3.22 Gb Total Physical Memory | 1.29 Gb Available Physical Memory | 40.16% Memory free
6.43 Gb Paging File | 3.22 Gb Available in Paging File | 50.09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 500.47 Gb Total Space | 21.30 Gb Free Space | 4.26% Space Free | Partition Type: NTFS
Drive G: | 9.77 Gb Total Space | 9.67 Gb Free Space | 99.00% Space Free | Partition Type: NTFS
Drive I: | 244.14 Gb Total Space | 0.66 Gb Free Space | 0.27% Space Free | Partition Type: NTFS
Drive L: | 85.18 Gb Total Space | 36.08 Gb Free Space | 42.35% Space Free | Partition Type: NTFS
Computer Name: BOOHOO-PC | User Name: BooHoo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/06/06 04:59:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\BooHoo\Desktop\OTL.exe
PRC - [2013/05/18 20:12:27 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/05/15 05:38:18 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
PRC - [2013/05/10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/23 08:48:17 | 010,244,448 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer.exe
PRC - [2013/04/23 08:48:17 | 004,171,104 | ---- | M] (TeamViewer GmbH) -- c:\Program Files\TeamViewer\Version8\TeamViewer_Desktop.exe
PRC - [2013/04/23 08:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013/04/23 08:40:59 | 000,193,888 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\tv_w32.exe
PRC - [2013/04/16 16:10:44 | 019,662,744 | ---- | M] (Google) -- C:\Program Files\Google\Drive\googledrivesync.exe
PRC - [2013/03/27 12:52:12 | 003,020,768 | ---- | M] () -- C:\Program Files\GfK Internet-Monitor\GfK-Reporting.exe
PRC - [2013/03/27 12:52:08 | 001,376,224 | ---- | M] () -- C:\Program Files\GfK Internet-Monitor\GfK-Updater.exe
PRC - [2013/03/27 12:18:37 | 003,300,320 | ---- | M] (GfK) -- C:\Program Files\GfKLSPService\GfKLspService.exe
PRC - [2013/03/27 12:18:35 | 000,058,848 | ---- | M] () -- C:\Program Files\GfKLSPService\GfK-WatchDog.exe
PRC - [2013/03/18 03:25:46 | 001,236,336 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
PRC - [2013/03/18 03:25:44 | 018,828,128 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Ad-Aware Antivirus\AdAware.exe
PRC - [2013/02/21 16:18:42 | 000,140,880 | ---- | M] (Ipsos) -- C:\Users\BooHoo\AppData\Local\Panel+\service\PanelPlusService.exe
PRC - [2013/02/21 16:18:42 | 000,064,592 | ---- | M] (Ipsos) -- C:\Users\BooHoo\AppData\Local\Panel+\service\PanelPlusNet.exe
PRC - [2013/02/15 01:18:52 | 000,109,784 | ---- | M] (Siber Systems) -- C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2013/02/13 03:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2013/01/31 16:11:58 | 000,542,632 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2012/12/18 15:28:26 | 000,825,560 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2012/12/16 12:25:20 | 000,545,552 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieCtrl.exe
PRC - [2012/12/16 12:25:18 | 000,085,776 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2012/11/23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/11/22 11:29:16 | 003,290,304 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/10/19 15:51:08 | 000,395,200 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
PRC - [2012/10/15 12:58:24 | 002,844,608 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
PRC - [2012/10/15 12:58:22 | 000,779,200 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
PRC - [2012/10/04 15:57:58 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012/09/20 05:39:12 | 003,677,000 | ---- | M] (GFI Software) -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
PRC - [2012/04/04 06:25:00 | 000,295,584 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2012/03/04 06:39:33 | 001,592,160 | ---- | M] () -- C:\Users\BooHoo\AppData\Roaming\Mikogo 4\M4-Capture.exe
PRC - [2012/02/29 17:30:43 | 000,815,104 | ---- | M] (Epitiro Ltd.) -- C:\Program Files\Broadband Test Application\BroadbandTestApp.exe
PRC - [2012/01/20 22:03:48 | 000,719,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
PRC - [2012/01/16 11:04:46 | 001,007,472 | ---- | M] () -- C:\Users\BooHoo\AppData\Roaming\Mikogo 4\M4-Service.exe
PRC - [2011/08/19 10:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/12/10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
PRC - [2009/12/10 03:37:16 | 003,690,496 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\8.3\bin\postgres.exe
PRC - [2009/07/14 02:14:41 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StikyNot.exe
PRC - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2006/12/11 13:12:06 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxcrcoms.exe
========== Modules (No Company Name) ==========
MOD - [2013/06/05 11:11:44 | 000,128,512 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\_elementtree.pyd
MOD - [2013/06/05 11:11:44 | 000,098,816 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\win32api.pyd
MOD - [2013/06/05 11:11:44 | 000,044,032 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\_socket.pyd
MOD - [2013/06/05 11:11:44 | 000,022,528 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\win32ts.pyd
MOD - [2013/06/05 11:11:43 | 000,557,056 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\pysqlite2._sqlite.pyd
MOD - [2013/06/05 11:11:43 | 000,320,512 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\win32com.shell.shell.pyd
MOD - [2013/06/05 11:11:43 | 000,026,624 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\_multiprocessing.pyd
MOD - [2013/06/05 11:11:42 | 001,175,040 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\wx._core_.pyd
MOD - [2013/06/05 11:11:42 | 001,153,024 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\_ssl.pyd
MOD - [2013/06/05 11:11:42 | 001,022,416 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\windows._cacheinvalidation.pyd
MOD - [2013/06/05 11:11:42 | 000,811,008 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\wx._windows_.pyd
MOD - [2013/06/05 11:11:42 | 000,805,888 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\wx._gdi_.pyd
MOD - [2013/06/05 11:11:42 | 000,735,232 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\wx._misc_.pyd
MOD - [2013/06/05 11:11:42 | 000,711,680 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\_hashlib.pyd
MOD - [2013/06/05 11:11:42 | 000,364,544 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\pythoncom27.dll
MOD - [2013/06/05 11:11:42 | 000,122,368 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\wx._wizard.pyd
MOD - [2013/06/05 11:11:42 | 000,119,808 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\win32file.pyd
MOD - [2013/06/05 11:11:42 | 000,110,080 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\PyWinTypes27.dll
MOD - [2013/06/05 11:11:42 | 000,108,544 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\win32security.pyd
MOD - [2013/06/05 11:11:42 | 000,087,040 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\_ctypes.pyd
MOD - [2013/06/05 11:11:42 | 000,070,656 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\wx._html2.pyd
MOD - [2013/06/05 11:11:42 | 000,038,912 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\win32inet.pyd
MOD - [2013/06/05 11:11:42 | 000,035,840 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\win32process.pyd
MOD - [2013/06/05 11:11:42 | 000,025,600 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\win32pdh.pyd
MOD - [2013/06/05 11:11:42 | 000,017,408 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\win32profile.pyd
MOD - [2013/06/05 11:11:42 | 000,011,264 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\win32crypt.pyd
MOD - [2013/06/05 11:11:41 | 001,062,400 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\wx._controls_.pyd
MOD - [2013/06/05 11:11:41 | 000,686,080 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\unicodedata.pyd
MOD - [2013/06/05 11:11:41 | 000,127,488 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\pyexpat.pyd
MOD - [2013/06/05 11:11:41 | 000,018,432 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\win32event.pyd
MOD - [2013/06/05 11:11:41 | 000,010,240 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\temp\_MEI52602\select.pyd
MOD - [2013/05/19 21:32:04 | 002,516,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\7a0945794677c70d5ec25b00493ece3f\System.Data.Linq.ni.dll
MOD - [2013/05/19 21:32:04 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\990123c5701a26f1d724150839811bce\System.Xml.Linq.ni.dll
MOD - [2013/05/19 21:31:34 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\f790ac5c52534a143d43ac48e25423ea\System.ComponentModel.DataAnnotations.ni.dll
MOD - [2013/05/19 21:19:29 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\3c2ed368e1f3889997dfb42a5ca77284\System.Core.ni.dll
MOD - [2013/05/19 20:58:29 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
MOD - [2013/05/19 20:58:09 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll
MOD - [2013/05/18 20:12:27 | 003,128,728 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/05/15 05:38:18 | 016,033,160 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_202.dll
MOD - [2013/04/26 08:44:41 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
MOD - [2013/04/26 08:44:08 | 000,628,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\01c6cb58745f397c9b7ccf3ab7bfc9cd\System.EnterpriseServices.ni.dll
MOD - [2013/04/26 08:44:08 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\536d704e93ffec9b54e4a0312fb5b996\System.Transactions.ni.dll
MOD - [2013/04/26 08:44:07 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll
MOD - [2013/04/26 08:43:42 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/04/26 08:43:40 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d908c91e24616e6b8d38c9da61038b25\Accessibility.ni.dll
MOD - [2013/04/26 08:43:26 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/04/26 08:43:22 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/04/26 08:43:11 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2013/03/27 12:18:35 | 000,058,848 | ---- | M] () -- C:\Program Files\GfKLSPService\GfK-WatchDog.exe
MOD - [2013/02/21 16:18:36 | 000,032,768 | ---- | M] () -- C:\Users\BooHoo\AppData\Local\Panel+\service\TrotiNet.dll
MOD - [2013/02/13 03:38:06 | 000,100,688 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2013/02/13 03:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2012/11/14 23:12:49 | 000,271,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Data.SqlServerCe\\System.Data.SqlServerCe.dll
MOD - [2011/03/24 15:31:58 | 000,233,472 | ---- | M] () -- C:\Program Files\Broadband Test Application\SpeedTestClient.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/11/20 22:29:11 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\\System.Data.dll
MOD - [2010/10/20 16:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/07/22 15:43:06 | 000,077,824 | ---- | M] () -- C:\Program Files\Broadband Test Application\CrashRpt.dll
MOD - [2009/06/10 22:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\\System.Transactions.dll
========== Services (SafeList) ==========
SRV - [2013/05/18 20:12:27 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/15 05:38:19 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/23 08:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/03/27 12:52:12 | 003,020,768 | ---- | M] () [Auto | Running] -- C:\Program Files\GfK Internet-Monitor\GfK-Reporting.exe -- (GfK-Reporting-Service)
SRV - [2013/03/27 12:52:08 | 001,376,224 | ---- | M] () [Auto | Running] -- C:\Program Files\GfK Internet-Monitor\GfK-Updater.exe -- (GfK-Update-Service)
SRV - [2013/03/27 12:18:37 | 003,300,320 | ---- | M] (GfK) [Auto | Running] -- C:\Program Files\GfKLSPService\GfKLspService.exe -- (GfKLSPService)
SRV - [2013/03/18 03:25:46 | 001,236,336 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service)
SRV - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/16 12:25:18 | 000,085,776 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2012/11/22 11:29:16 | 003,290,304 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/10/19 15:51:08 | 000,395,200 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)
SRV - [2012/10/15 12:58:22 | 000,779,200 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe -- (Kodak AiO Status Monitor Service)
SRV - [2012/09/20 14:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012/09/20 05:39:12 | 003,677,000 | ---- | M] (GFI Software) [Auto | Running] -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc)
SRV - [2012/02/29 17:30:43 | 000,815,104 | ---- | M] (Epitiro Ltd.) [Auto | Running] -- C:\Program Files\Broadband Test Application\BroadbandTestApp.exe -- (bbtest_svc)
SRV - [2012/01/16 11:04:46 | 001,007,472 | ---- | M] () [Auto | Running] -- C:\Users\BooHoo\AppData\Roaming\Mikogo 4\M4-Service.exe -- (M4-Service)
SRV - [2012/01/10 00:19:06 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/08/19 10:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2009/12/10 03:39:04 | 000,065,536 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe -- (pgsql-8.3)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2006/12/11 13:12:06 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxcrcoms.exe -- (lxcr_device)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nlndis.sys -- (NLNdisPT)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nlndis.sys -- (NLNdisMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\MsgPlusDriver.sys -- (MsgPlusDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\BooHoo\AppData\Local\Temp\mfe_rr.sys -- (MFE_RR)
DRV - [2013/05/09 18:06:06 | 000,013,560 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\gfibto.sys -- (gfibto)
DRV - [2013/04/11 11:06:45 | 000,041,584 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gfiark.sys -- (gfiark)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/12/16 12:25:16 | 000,157,776 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2012/09/12 20:19:38 | 000,066,344 | ---- | M] (GFI Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\sbapifs.sys -- (sbapifs)
DRV - [2012/09/12 08:44:47 | 000,027,424 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hitmanpro36.sys -- (hitmanpro36)
DRV - [2012/08/20 16:48:44 | 000,015,576 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\pwdrvio.sys -- (pwdrvio)
DRV - [2012/08/20 16:48:44 | 000,010,200 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\pwdspio.sys -- (pwdspio)
DRV - [2012/04/06 19:15:10 | 000,033,512 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2011/08/19 10:26:50 | 004,334,624 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2011/08/19 10:26:46 | 000,315,808 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2011/07/29 14:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv)
DRV - [2011/07/29 14:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2011/07/21 15:33:32 | 000,117,104 | ---- | M] (Privacyware/PWI, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\pwipf6.sys -- (pwipf6)
DRV - [2011/05/18 17:31:32 | 000,181,008 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ssidrv.sys -- (ssidrv)
DRV - [2011/05/18 17:31:30 | 000,024,496 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sshrmd.sys -- (sshrmd)
DRV - [2011/05/18 17:31:28 | 000,045,584 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [File_System | Auto | Running] -- C:\Windows\System32\drivers\ssfmonm.sys -- (ssfmonm)
DRV - [2010/11/20 22:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 22:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010/11/20 22:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010/11/20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010/11/20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010/11/20 22:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2010/11/20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/10/01 20:40:00 | 001,149,552 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2010/03/24 11:08:08 | 000,028,160 | ---- | M] (OPTO ELECTRONICS CO.,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\optovcm.sys -- (optovcm)
DRV - [2010/03/24 11:08:08 | 000,022,016 | ---- | M] (OPTO ELECTRONICS CO.,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\optousb.sys -- (optousb)
DRV - [2009/07/14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/07/13 23:02:53 | 000,657,408 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2009/07/13 23:02:47 | 000,050,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2009/04/29 16:37:26 | 000,025,088 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTERx86)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?r...opt=0&ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F2 54 DE 6D 5B 4F CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=localhost:44413
========== FireFox ==========
FF - prefs.js..browser.startup.homepage:
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version= C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@[email protected]: C:\Users\BooHoo\AppData\Local\Panel+\toolbar_ff\plugins\npIpsosCommPlugin.dll (IDM)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013/01/29 21:56:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\GfK Internet-Monitor [2013/06/06 05:13:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3DF533F5-FB3C-4c4c-A1D7-99717F8C3038}: C:\Program Files\Webroot\Security\current\plugins\browserextension\ff_ptc\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2013/02/15 01:19:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/04/11 21:36:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/18 20:12:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/06/06 04:16:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\BooHoo\AppData\Local\Panel+\toolbar_ff\ [2013/05/16 00:43:59 | 000,000,000 | ---D | M]
[2012/01/13 01:41:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BooHoo\AppData\Roaming\Mozilla\Extensions
[2012/09/11 23:28:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BooHoo\AppData\Roaming\Mozilla\Firefox\Profiles\i1h185fb.default\extensions
[2012/09/10 05:29:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BooHoo\AppData\Roaming\Mozilla\Firefox\Profiles\i1h185fb.default\extensions\userzoom_survey_tool@jetpack
[2013/05/09 18:08:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BooHoo\AppData\Roaming\Mozilla\Firefox\Profiles\v4mj4eoc.default-1347251320671\extensions
[2013/05/09 18:08:25 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\BooHoo\AppData\Roaming\Mozilla\Firefox\Profiles\v4mj4eoc.default-1347251320671\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2013/05/28 21:06:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BooHoo\AppData\Roaming\Mozilla\Firefox\Profiles\y2tjhgft.Default User\extensions
[2013/05/15 05:39:51 | 000,000,000 | ---D | M] (Swag Bucks) -- C:\Users\BooHoo\AppData\Roaming\Mozilla\Firefox\Profiles\y2tjhgft.Default User\extensions\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}
[2013/05/28 21:06:27 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\BooHoo\AppData\Roaming\Mozilla\Firefox\Profiles\y2tjhgft.Default User\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013/04/06 22:59:34 | 000,000,000 | ---D | M] (Advanced Cookie Manager) -- C:\Users\BooHoo\AppData\Roaming\Mozilla\Firefox\Profiles\y2tjhgft.Default User\extensions\[email protected]
[2013/05/09 18:08:26 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\BooHoo\AppData\Roaming\Mozilla\Firefox\Profiles\y2tjhgft.Default User\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2013/04/06 22:59:34 | 000,000,000 | ---D | M] (UserZoom Survey Tool) -- C:\Users\BooHoo\AppData\Roaming\Mozilla\Firefox\Profiles\y2tjhgft.Default User\extensions\userzoom_survey_tool@jetpack
[2013/03/02 23:45:54 | 000,243,287 | ---- | M] () (No name found) -- C:\Users\BooHoo\AppData\Roaming\Mozilla\Firefox\Profiles\y2tjhgft.Default User\extensions\[email protected]
[2013/01/13 21:36:10 | 000,223,719 | ---- | M] () (No name found) -- C:\Users\BooHoo\AppData\Roaming\Mozilla\Firefox\Profiles\y2tjhgft.Default User\extensions\[email protected]
[2013/01/29 20:03:31 | 000,015,751 | ---- | M] () (No name found) -- C:\Users\BooHoo\AppData\Roaming\Mozilla\Firefox\Profiles\y2tjhgft.Default User\extensions\[email protected]
[2012/11/24 01:46:50 | 000,042,512 | ---- | M] () (No name found) -- C:\Users\BooHoo\AppData\Roaming\Mozilla\Firefox\Profiles\y2tjhgft.Default User\extensions\[email protected]
[2013/03/07 06:40:06 | 000,555,767 | ---- | M] () (No name found) -- C:\Users\BooHoo\AppData\Roaming\Mozilla\Firefox\Profiles\y2tjhgft.Default User\extensions\{841468a1-d7f4-4bd3-84e6-bb0f13a06c64}.xpi
[2013/03/07 06:40:05 | 000,555,942 | ---- | M] () (No name found) -- C:\Users\BooHoo\AppData\Roaming\Mozilla\Firefox\Profiles\y2tjhgft.Default User\extensions\{c125f32a-0273-6b74-75a1-48f111c4977c}.xpi
[2013/04/20 14:42:43 | 000,765,412 | ---- | M] () (No name found) -- C:\Users\BooHoo\AppData\Roaming\Mozilla\Firefox\Profiles\y2tjhgft.Default User\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2013/04/11 11:22:32 | 000,001,292 | ---- | M] () -- C:\Users\BooHoo\AppData\Roaming\Mozilla\Firefox\Profiles\v4mj4eoc.default-1347251320671\searchplugins\visualbee.xml
[2013/05/18 20:12:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/04/11 20:17:25 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/04/11 20:17:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2013/05/18 20:12:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/05/18 20:12:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/06/20 17:54:54 | 000,091,584 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2012/06/20 17:54:56 | 000,091,584 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2012/06/28 16:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2013/04/11 11:24:00 | 000,002,297 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
========== Chrome ==========
CHR - default_search_provider: VisualBee Search (Enabled)
CHR - default_search_provider: search_url = http://visualbee.del...4998C89A5644F4F
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://visualbee.del...4998C89A5644F4F
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.94\pdf.dll
CHR - plugin: Gacela Plugin (Enabled) = C:\Users\BooHoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkejcihojcegdmifcnlkhmnelneogef\12.1.1136_0\plugin/npgacela.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\\npGoogleUpdate3.dll
CHR - plugin: Java Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll
CHR - Extension: Google Drive = C:\Users\BooHoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\BooHoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\BooHoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\\
CHR - Extension: GfK Internet-Monitor = C:\Users\BooHoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\igkejcihojcegdmifcnlkhmnelneogef\13.1.49_0\
CHR - Extension: Panel+ = C:\Users\BooHoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaomfkhlibpgkpmjjkfjpfjhebhbgcah\5.3.5_0\
CHR - Extension: Skype Click to Call = C:\Users\BooHoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\BooHoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\\
CHR - Extension: Gmail = C:\Users\BooHoo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2013/05/28 05:43:34 | 000,000,890 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: localhost
O1 - Hosts: activate.adobe.com
O1 - Hosts: practivate.adobe.com
O1 - Hosts: lmlicenses.wip4.adobe.com
O1 - Hosts: lm.licenses.adobe.com
O1 - Hosts: 8
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (GfK Internet-Monitor) - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files\GfK Internet-Monitor\Gacela2.dll (GfK)
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EKStatusMonitor] C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [GfK-WatchDog] C:\Program Files\GfKLSPService\GfK-WatchDog.exe ()
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [Panel+] C:\Users\BooHoo\AppData\Local\Panel+\service\PanelPlusService.exe (Ipsos)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
O4 - HKCU..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - Startup: C:\Users\BooHoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableLocalMachineRunOnce = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisableCurrentUserRunOnce = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFile = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDFSTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoEncryptOnMove = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRunasInstallPrompt = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoHardwareTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office15\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~4\Office15\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Show RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra 'Tools' menuitem : About GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files\GfK Internet-Monitor\Gacela2.dll (GfK)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\GfKLSPService.DLL (GfK)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\GfKLSPService.DLL (GfK)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\GfKLSPService.DLL (GfK)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\GfKLSPService.DLL (GfK)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\GfKLSPService.DLL (GfK)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {EBB176D2-AF75-4706-832F-4C8448F72757} http://www.shopandsc.../TNSClickrc.CAB (TNSClickerc.Clicker)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer =
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9EDB02A1-8E1E-4569-99B7-559BC23336B7}: DhcpNameServer =
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0AB72F7-81A8-42D1-8605-07F5329092E3}: DhcpNameServer =
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (ÄƝၐƝ) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29 - HKLM SecurityProviders - (digest.dll) - File not found
O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/06/06 04:59:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\BooHoo\Desktop\OTL.exe
[2013/05/28 05:46:45 | 000,000,000 | ---D | C] -- C:\Users\BooHoo\Documents\Adobe
[2013/05/28 05:41:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
[2013/05/19 22:05:23 | 000,000,000 | ---D | C] -- C:\Users\BooHoo\Desktop\Flumpy
[2013/05/19 21:00:44 | 000,000,000 | R--D | C] -- C:\Users\BooHoo\Saved Games
[2013/05/19 17:09:51 | 000,000,000 | ---D | C] -- C:\Users\BooHoo\Desktop\Dance With my Father
[2013/05/16 00:44:15 | 000,000,000 | ---D | C] -- C:\Users\BooHoo\AppData\Roaming\Panel+
[2013/05/16 00:43:55 | 000,000,000 | ---D | C] -- C:\Users\BooHoo\AppData\Local\Panel+
[2013/05/16 00:43:53 | 000,000,000 | ---D | C] -- C:\Users\BooHoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Panel+
[2013/05/15 21:26:48 | 000,000,000 | ---D | C] -- C:\Users\BooHoo\AppData\Local\Ancestry.com
[2013/05/09 19:21:50 | 000,041,584 | ---- | C] (ThreatTrack Security) -- C:\Windows\System32\drivers\gfiark.sys
[2013/05/09 18:20:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Antivirus
[2013/05/09 18:20:24 | 000,000,000 | ---D | C] -- C:\Users\BooHoo\AppData\Roaming\LavasoftStatistics
[2013/05/09 18:10:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2013/05/09 18:10:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2013/05/09 18:10:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\VDD
[2013/05/09 18:10:28 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus
[2013/05/09 18:08:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2013/05/09 18:08:48 | 000,000,000 | ---D | C] -- C:\ProgramData\blekko toolbars
[2013/05/09 18:08:45 | 000,000,000 | ---D | C] -- C:\Users\BooHoo\AppData\Local\adawarebp
[2013/05/09 18:08:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2013/05/09 18:08:32 | 000,000,000 | ---D | C] -- C:\Program Files\adawaretb
[2013/05/09 18:08:27 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Cleaner
[2013/05/09 18:06:07 | 000,013,560 | ---- | C] (GFI Software) -- C:\Windows\System32\drivers\gfibto.sys
[2013/05/09 01:30:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/05/09 00:49:04 | 000,000,000 | ---D | C] -- C:\Users\BooHoo\AppData\Local\Avg2013
[2013/05/08 21:41:27 | 000,000,000 | ---D | C] -- C:\Users\BooHoo\Desktop\Skype
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/06/06 05:49:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/06 05:11:33 | 000,026,112 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/06 05:11:33 | 000,026,112 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/06 05:04:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/06 04:59:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\BooHoo\Desktop\OTL.exe
[2013/06/06 04:39:40 | 1107,502,080 | ---- | M] () -- C:\Users\BooHoo\Documents\Outlook Backup - 12-09-12.pst
[2013/06/06 04:17:38 | 000,000,444 | ---- | M] () -- C:\Windows\tasks\IsposureAgent.job
[2013/06/05 17:27:00 | 000,001,798 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2013/06/05 11:13:25 | 000,001,262 | ---- | M] () -- C:\Users\BooHoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
[2013/06/05 11:11:58 | 000,001,826 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2013/06/05 11:11:43 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/05 11:11:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/05 11:10:16 | 2589,908,992 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/05 01:09:08 | 000,131,520 | ---- | M] () -- C:\Users\BooHoo\Desktop\Funeral - Order of Service.one
[2013/05/30 23:38:19 | 003,838,424 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/05/30 22:56:30 | 000,025,839 | ---- | M] () -- C:\Users\BooHoo\Desktop\Capture.JPG
[2013/05/25 23:07:48 | 000,034,622 | ---- | M] () -- C:\Users\BooHoo\Desktop\Holy Sh-t - Episode 1 first 10 - pass holyshit.pdf
[2013/05/19 21:09:14 | 000,025,185 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2013/05/19 20:44:11 | 000,662,920 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/05/19 20:44:11 | 000,121,788 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/05/19 20:33:02 | 000,000,134 | ---- | M] () -- C:\Users\BooHoo\Desktop\Internet Explorer Troubleshooting.url
[2013/05/09 18:06:06 | 000,013,560 | ---- | M] (GFI Software) -- C:\Windows\System32\drivers\gfibto.sys
[2013/05/08 23:58:22 | 023,230,591 | ---- | M] () -- C:\Users\BooHoo\Desktop\2013-05-01 21-38-00.771.wmv
[2013/05/08 23:57:46 | 017,054,291 | ---- | M] () -- C:\Users\BooHoo\Desktop\2013-05-07 23-40-23.352.wmv
[2013/05/08 05:03:17 | 000,000,569 | -H-- | M] () -- C:\Windows\System32\BTImages.dat
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/06/05 01:08:51 | 000,131,520 | ---- | C] () -- C:\Users\BooHoo\Desktop\Funeral - Order of Service.one
[2013/05/30 22:56:26 | 000,025,839 | ---- | C] () -- C:\Users\BooHoo\Desktop\Capture.JPG
[2013/05/25 23:07:41 | 000,034,622 | ---- | C] () -- C:\Users\BooHoo\Desktop\Holy Sh-t - Episode 1 first 10 - pass holyshit.pdf
[2013/05/19 21:09:14 | 000,025,185 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2013/05/19 20:33:02 | 000,000,134 | ---- | C] () -- C:\Users\BooHoo\Desktop\Internet Explorer Troubleshooting.url
[2013/05/09 18:10:46 | 000,001,826 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2013/05/08 23:56:02 | 023,230,591 | ---- | C] () -- C:\Users\BooHoo\Desktop\2013-05-01 21-38-00.771.wmv
[2013/05/08 23:56:02 | 017,054,291 | ---- | C] () -- C:\Users\BooHoo\Desktop\2013-05-07 23-40-23.352.wmv
[2013/05/07 17:44:15 | 000,000,569 | -H-- | C] () -- C:\Windows\System32\BTImages.dat
[2013/04/20 07:08:23 | 000,000,218 | ---- | C] () -- C:\Users\BooHoo\AppData\Local\recently-used.xbel
[2013/04/20 07:00:33 | 000,000,035 | ---- | C] () -- C:\Users\BooHoo\.gtk-bookmarks
[2013/04/12 04:31:13 | 000,004,994 | ---- | C] () -- C:\ProgramData\bltofzsb.qlf
[2013/04/11 21:39:28 | 000,001,798 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2013/03/27 18:20:25 | 000,003,848 | ---- | C] () -- C:\Windows\System32\GfKLSPService.ini
[2013/03/27 18:20:25 | 000,002,640 | ---- | C] () -- C:\Windows\System32\GacelaLSPServiceOff.ini
[2013/02/21 21:36:28 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2012/12/13 19:52:37 | 000,180,624 | ---- | C] () -- C:\Windows\System32\Primomonnt.dll
[2012/09/24 14:31:08 | 000,001,119 | ---- | C] () -- C:\Windows\System32\EKaio2WiaCoInst.ini
[2012/09/12 08:22:51 | 000,027,424 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro36.sys
[2012/09/08 01:35:06 | 000,030,424 | ---- | C] () -- C:\Windows\System32\wrLZMA.dll
[2012/08/29 19:51:35 | 000,000,000 | ---- | C] () -- C:\ProgramData\da0243f6188038df2394764a7c7ead90_c
[2012/08/28 17:41:58 | 000,000,051 | ---- | C] () -- C:\Users\BooHoo\AppData\Roaming\mbam.context.scan
[2012/08/13 23:53:58 | 000,032,768 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2012/08/12 07:07:39 | 000,053,248 | ---- | C] () -- C:\Windows\System32\zlib.dll
[2012/07/01 23:01:44 | 000,003,206 | ---- | C] () -- C:\Windows\wininit.ini
[2012/06/13 04:21:48 | 000,211,236 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2012/06/13 00:46:58 | 000,004,159 | ---- | C] () -- C:\ProgramData\gbianycz.qhq
[2012/02/29 17:25:40 | 000,000,296 | ---- | C] () -- C:\Windows\{FC0C329F-2851-4859-A2EC-4DCF4874E5D6}_WiseFW.ini
[2012/02/22 01:47:19 | 000,004,096 | -H-- | C] () -- C:\Users\BooHoo\AppData\Local\keyfile3.drm
[2012/02/07 21:11:50 | 000,123,392 | ---- | C] () -- C:\Windows\System32\UnCasino5.exe
[2012/01/29 02:56:30 | 002,469,760 | ---- | C] () -- C:\Windows\System32\BootMan.exe
[2012/01/29 02:56:30 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe
[2012/01/29 02:56:30 | 000,019,840 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll
[2012/01/29 02:56:30 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys
[2012/01/29 02:56:30 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys
[2012/01/29 02:25:47 | 002,872,000 | ---- | C] () -- C:\Windows\System32\pwNative.exe
[2012/01/29 02:25:46 | 000,015,576 | ---- | C] () -- C:\Windows\System32\pwdrvio.sys
[2012/01/29 02:25:40 | 000,010,200 | ---- | C] () -- C:\Windows\System32\pwdspio.sys
[2012/01/22 17:41:40 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxcrserv.dll
[2012/01/22 17:41:40 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxcrusb1.dll
[2012/01/22 17:41:40 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxcrpmui.dll
[2012/01/22 17:41:40 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxcrlmpm.dll
[2012/01/22 17:41:40 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxcrinpa.dll
[2012/01/22 17:41:40 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcriesc.dll
[2012/01/22 17:41:40 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxcrih.exe
[2012/01/22 17:41:40 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXCRhcp.dll
[2012/01/22 17:41:40 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXCRinst.dll
[2012/01/22 17:41:40 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxcrprox.dll
[2012/01/22 17:41:40 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxcrpplc.dll
[2012/01/22 17:41:39 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxcrcomc.dll
[2012/01/22 17:41:39 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxcrcoms.exe
[2012/01/22 17:41:39 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxcrcomm.dll
[2012/01/15 18:21:52 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012/01/13 01:46:43 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/01/10 01:00:03 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2012/01/10 00:52:56 | 000,134,592 | ---- | C] () -- C:\Windows\System32\igfcg500.bin
[2012/01/10 00:49:45 | 000,020,635 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2012/01/10 00:25:38 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012/01/10 00:25:34 | 000,015,378 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011/08/19 10:26:20 | 010,898,456 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2011/08/19 10:26:20 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2011/08/19 10:26:20 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2011/07/26 07:48:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
========== ZeroAccess Check ==========
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 05:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012/08/18 20:43:05 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\Ad-Aware Antivirus
[2012/05/15 04:06:14 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\Amazon
[2012/08/23 15:40:52 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\Anvisoft
[2012/12/13 20:06:10 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\Anvsoft
[2012/01/29 21:49:01 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\Audacity
[2013/04/03 06:10:08 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\AVG
[2013/06/05 11:29:04 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\Azureus
[2013/04/11 11:23:04 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\Babylon
[2012/02/11 01:05:20 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013/05/06 17:30:07 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\CheckPoint
[2012/03/05 04:57:25 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\DAZ 3D
[2013/01/27 11:39:08 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\Elluminate
[2013/05/15 22:01:22 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\FamilyTreeMaker
[2012/12/12 00:52:57 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\FLV Extract
[2013/04/22 01:52:34 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\fpdb
[2013/02/21 21:45:03 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\FriendsGamesNetwork
[2012/02/25 19:34:59 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\ID3-TagIT 3
[2012/08/12 07:24:42 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\IObit
[2012/04/04 15:36:19 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\Keynote Systems
[2012/08/11 00:45:09 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\Microgaming
[2012/03/04 06:44:01 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\Mikogo 4
[2012/04/27 23:25:47 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\Mobipocket
[2012/02/26 19:54:50 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\MusicBrainz
[2012/02/11 04:22:52 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\Nico Mak Computing
[2012/12/13 19:53:22 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\OpenCandy
[2012/09/30 16:56:04 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\OpenOffice.org
[2012/10/10 05:03:16 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\Opera
[2013/05/16 00:44:56 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\Panel+
[2013/02/26 00:08:53 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\PDAppFlex
[2012/12/13 20:00:05 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\PrimoPDF
[2012/01/13 02:33:04 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\RoboForm
[2012/03/12 02:49:30 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\Screenshot Sender
[2013/01/19 20:52:50 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\TeamViewer
[2013/04/20 03:46:53 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\TechSmith
[2012/10/07 20:31:56 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\Temp
[2013/01/16 23:21:13 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\TuneUp Software
[2012/08/13 23:45:09 | 000,000,000 | ---D | M] -- C:\Users\BooHoo\AppData\Roaming\WinPatrol
========== Purity Check ==========
< End of report >