Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

The Specified Path Does Not Exist


  • Please log in to reply

#1
JIm Andersen

JIm Andersen

    Member

  • Member
  • PipPip
  • 34 posts
Your help to rectify this error would be greatly appreciated:

When clicking shortcuts to Applications I had been successfully running—or clicking even the Application file itself—I now repeatedly receive error messages that say, “The specified path does not exist.” The Application will not open. It is the same for all three User profiles on this computer.

I cannot associate this problem with a specific, computer action, but have done a lot with the computer recently, as follows:

In hopes of capturing several large videos I had been unable to download, I downloaded and installed the following software:

● Snagit 11
● Movavi Screen Capture Studio 4
● Apowersoft (has since been uninstalled)
● Screen2Exe (has since been uninstalled)
● Freemake Video Downloader
● Stuffit 11

I also uninstalled, downloaded and then reinstalled these programs:

● Freemake
● Total Recorder

None of the above worked as my project required, so I looked further and then downloaded and installed the following two programs that seemed to work flawlessly, but then required me to baby-sit much of their operation until the videos I wanted were finished downloading:

● Free Download Manager
● Download Accelerator Plus (DAP); first v9.3, then updated to v10, which was later uninstalled then reinstalled.

In the interim, to make room for the approximate 15 GB of video downloads (all professionally produced and certifiably clean), I deleted perhaps 20 GB of data (many old small and large files) while bypassing the Trash bucket.

Somewhere in the above process, it seems, is where I started consistently receiving the above stated error messages—but it does not happen for all shortcuts and their associated Application files.

In addition, after recently downloading a self-expanding file from Sony Corporation (a naturally clean file), the resulting files—then in a separate folder—were equally inaccessible. I received the same “The specified path does not exist” error message on even this new Sony Application file.

Finally, I think it was Download Accelerator Plus (DAP) that required I also install Microsoft .NET Framework 4, and it appeared to do that on its own, but now five (5) updates for Microsoft .NET Framework 4, automatically since downloaded, will not install.

Meanwhile, Revo Uninstaller, which I typically use to uninstall software, lists the following installation dates for Microsoft .NET Framework 4:

● Client Profile, 05 September, 2011
● Extended, 02 October, 2013

AVG Free found no errors when performing both Whole Computer and Rootkit scans just prior to my writing this post.

OTL then scanned the computer, with the “Scan All Users” box remaining not-checked, and logged the data shown below.

Again I appreciate any help you might provide in rectifying this problem, and I look forward to your reply. The OTL data follows:

===========

OTL logfile created on: 10/24/2013 2:38:14 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Jim\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.50 Gb Total Physical Memory | 0.69 Gb Available Physical Memory | 46.20% Memory free
4.36 Gb Paging File | 3.26 Gb Available in Paging File | 74.95% Paging File free
Paging file location(s): C:\pagefile.sys 3072 4095 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127.99 Gb Total Space | 20.16 Gb Free Space | 15.75% Space Free | Partition Type: NTFS
Drive S: | 21.06 Gb Total Space | 20.97 Gb Free Space | 99.59% Space Free | Partition Type: NTFS

Computer Name: 700S | User Name: Jim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/10/24 12:14:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jim\My Documents\Downloads\OTL.exe
PRC - [2013/10/07 19:54:20 | 004,908,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe
PRC - [2013/10/07 08:55:24 | 003,865,232 | ---- | M] (Speedbit Ltd.) -- C:\Program Files\DAP\DAP.exe
PRC - [2013/10/06 02:39:44 | 001,687,672 | ---- | M] (Speedbit Ltd.) -- C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe
PRC - [2013/10/03 22:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe
PRC - [2013/10/01 16:56:56 | 002,404,376 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2013/10/01 16:56:54 | 001,734,680 | ---- | M] (AVG Secure Search) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
PRC - [2013/10/01 16:56:53 | 000,159,768 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe
PRC - [2013/09/30 20:59:39 | 000,274,840 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/09/25 21:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe
PRC - [2013/09/15 23:08:30 | 000,895,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe
PRC - [2013/09/03 22:22:16 | 000,588,336 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe
PRC - [2013/09/02 11:19:00 | 000,669,232 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgemcx.exe
PRC - [2013/08/26 04:13:08 | 000,009,216 | ---- | M] (Ellora Assets Corp.) -- C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
PRC - [2013/08/20 23:03:42 | 000,728,624 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgrsx.exe
PRC - [2013/07/08 12:41:44 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/06/27 02:25:06 | 001,326,176 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2012/06/27 02:25:04 | 000,681,056 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2012/06/27 02:25:04 | 000,572,000 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2011/12/05 21:41:32 | 004,426,384 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
PRC - [2011/12/05 21:41:32 | 001,059,472 | R--- | M] (Carbonite, Inc.) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
PRC - [2011/03/30 02:58:46 | 000,021,320 | ---- | M] () -- C:\Program Files\AVG\AVG Family Safety\BSecAMX.exe
PRC - [2011/03/30 02:58:33 | 000,078,664 | ---- | M] (Bsecure Technologies, Inc.) -- C:\Program Files\AVG\AVG Family Safety\InetCtrl.exe
PRC - [2010/08/16 16:28:34 | 010,737,496 | R--- | M] (Microsoft Corporation) -- C:\MSOffice\Office10\WINWORD.EXE
PRC - [2010/07/13 01:34:46 | 000,906,648 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe
PRC - [2008/04/13 19:12:30 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntvdm.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/08 08:52:36 | 000,157,000 | ---- | M] (Smith Micro Software, Inc.) -- C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe
PRC - [2003/12/17 09:50:00 | 000,019,968 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\LOGI_MWX.EXE
PRC - [2002/07/10 01:04:26 | 000,094,276 | ---- | M] (Microsoft® Corporation) -- C:\Program Files\Microsoft Works\msworks.exe


========== Modules (No Company Name) ==========

MOD - [2013/10/23 16:53:38 | 000,010,752 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\zsharenet.dll
MOD - [2013/10/23 16:53:29 | 000,012,800 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\XSevenTo.dll
MOD - [2013/10/23 16:53:07 | 000,012,800 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\SpdFileCom.dll
MOD - [2013/10/23 16:52:30 | 000,010,240 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\MegaUploadCom.dll
MOD - [2013/10/23 16:52:10 | 000,011,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\fivegiganet.dll
MOD - [2013/10/11 15:15:41 | 017,403,392 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\c5e68e15ca94f18f85d08eb540813e7e\System.ServiceModel.ni.dll
MOD - [2013/10/11 14:21:49 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\02257c6b67db33c194fa3beccf977afb\System.Windows.Forms.ni.dll
MOD - [2013/10/11 14:09:20 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\1b7600e7fe5e152f21ba6d79f3c0c3b6\System.Configuration.ni.dll
MOD - [2013/10/08 22:19:51 | 016,233,864 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
MOD - [2013/10/07 08:59:53 | 000,009,216 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\AddonsCondition.dll
MOD - [2013/10/06 02:39:40 | 000,513,656 | ---- | M] () -- C:\Program Files\Common Files\SpeedBit\SBUpdate\sbfi32.dll
MOD - [2013/10/01 16:56:58 | 000,519,704 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\log4cplusU.dll
MOD - [2013/10/01 16:56:58 | 000,142,360 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\SiteSafety.dll
MOD - [2013/10/01 16:56:56 | 002,404,376 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2013/10/01 16:56:53 | 000,159,768 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe
MOD - [2013/09/30 20:59:29 | 003,279,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/08/19 14:51:07 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7bf3e4deef4483205017aa7b13194845\System.ServiceProcess.ni.dll
MOD - [2013/08/19 14:50:35 | 018,101,760 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\918ce68a67ddb5558994e20dc3a74c8a\System.ServiceModel.ni.dll
MOD - [2013/08/19 14:49:15 | 001,078,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\6e0e5467e23a80c5c7d34f65dc7f87f2\System.IdentityModel.ni.dll
MOD - [2013/08/19 14:46:48 | 000,148,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\f5243e7f1da3d5e891826778dafc4fbc\System.Configuration.Install.ni.dll
MOD - [2013/08/19 14:45:21 | 001,021,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\b12cbfa020af0c619d8f58c6b665efc1\System.Runtime.DurableInstancing.ni.dll
MOD - [2013/08/19 14:45:17 | 000,143,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\d083ee23a4c0d8cf76ae9e95e52d0388\SMDiagnostics.ni.dll
MOD - [2013/08/19 14:45:15 | 002,646,528 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\332407a3f224f388f70120d33cb872d5\System.Runtime.Serialization.ni.dll
MOD - [2013/08/19 13:13:43 | 000,256,000 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\5610aec044605e6848086b4454ee2e15\SMDiagnostics.ni.dll
MOD - [2013/08/14 09:53:30 | 011,816,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\972dcf9830a64e9802aaca3a83cae24b\System.Web.ni.dll
MOD - [2013/08/14 09:42:08 | 002,345,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\ba6670610621b25b1608e457ba0ef305\System.Runtime.Serialization.ni.dll
MOD - [2013/08/14 09:33:45 | 005,628,928 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll
MOD - [2013/08/14 09:33:34 | 001,014,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\df40dab689e9d8febfb943599ba79f8d\System.Configuration.ni.dll
MOD - [2013/08/14 09:33:31 | 001,616,384 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\112c6ea532e67d4e67a921c7ab5ca3ca\Microsoft.CSharp.ni.dll
MOD - [2013/08/14 09:31:35 | 007,053,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\608aa2db27d45e63a4863f1f1d06897a\System.Core.ni.dll
MOD - [2013/08/14 09:30:20 | 009,099,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll
MOD - [2013/08/14 09:14:59 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b34cb206ab0cec687c3730b14cdff57\System.Drawing.ni.dll
MOD - [2013/08/14 09:14:02 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\f93600ac836b9140e1df13bb0f6bfccf\System.Xml.ni.dll
MOD - [2013/08/14 09:12:27 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\10df39542df7d48462451fc39bce8418\System.ni.dll
MOD - [2013/07/10 18:59:10 | 014,416,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
MOD - [2013/07/10 18:38:45 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll
MOD - [2011/03/30 02:58:46 | 000,021,320 | ---- | M] () -- C:\Program Files\AVG\AVG Family Safety\BSecAMX.exe
MOD - [2011/03/30 02:58:29 | 000,055,624 | ---- | M] () -- C:\Program Files\AVG\AVG Family Safety\BsecZlib.dll
MOD - [2010/07/13 01:29:42 | 000,143,360 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\connectionDetector.dll
MOD - [2010/07/13 01:28:42 | 000,856,064 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\fsk.dll
MOD - [2010/07/13 01:26:12 | 000,018,432 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\FskNetInterface.dll
MOD - [2010/07/13 01:25:56 | 000,008,704 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\FskTimeHardware.dll
MOD - [2010/07/13 01:25:50 | 000,028,160 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\ticket.dll
MOD - [2010/07/13 01:25:42 | 000,011,776 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\ebookDeviceNotifier.dll
MOD - [2010/07/13 01:22:36 | 000,020,480 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\FskinLocalize.dll
MOD - [2010/07/13 01:22:02 | 000,009,728 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\FskPower.dll
MOD - [2010/07/13 01:16:16 | 000,118,784 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\FskDocumentViewer.dll
MOD - [2010/07/13 01:15:58 | 000,010,240 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\FskMobileMediaDevice.dll
MOD - [2010/07/13 01:15:52 | 000,233,472 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\Fskin.dll
MOD - [2010/07/13 01:13:42 | 000,033,792 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\FskMediaPlayers.dll
MOD - [2010/07/13 01:10:56 | 000,172,032 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\USBDetector.dll
MOD - [2010/04/02 21:23:36 | 000,815,104 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\FskSecurity.dll
MOD - [2010/04/02 20:44:16 | 000,086,016 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\ebookUsb.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2013/10/08 22:19:56 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/06 02:39:44 | 001,687,672 | ---- | M] (Speedbit Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe -- (SBUpd)
SRV - [2013/10/03 22:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/10/01 16:56:54 | 001,734,680 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe -- (vToolbarUpdater17.0.12)
SRV - [2013/09/30 20:59:34 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/09/25 21:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2013/08/26 04:13:08 | 000,009,216 | ---- | M] (Ellora Assets Corp.) [Auto | Running] -- C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe -- (FreemakeVideoCapture)
SRV - [2013/07/17 00:01:38 | 000,101,888 | ---- | M] (Freemake) [Auto | Stopped] -- C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2013/07/08 12:41:44 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/08/23 11:31:22 | 000,029,560 | ---- | M] (AVG) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2012/06/27 02:25:06 | 001,326,176 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2012/06/27 02:25:04 | 000,681,056 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011/12/05 21:41:32 | 004,426,384 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [Auto | Running] -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe -- (CarboniteService)
SRV - [2011/03/30 02:58:33 | 000,078,664 | ---- | M] (Bsecure Technologies, Inc.) [Auto | Running] -- C:\Program Files\AVG\AVG Family Safety\InetCtrl.exe -- (Bsecure)
SRV - [2010/04/02 21:34:12 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe -- (Sony SCSI Helper Service)
SRV - [2008/10/29 09:50:23 | 000,077,824 | ---- | M] (Extensoft) [Disabled | Stopped] -- C:\Program Files\Extensions for Windows\Extensions\Updater\ExtensionsUpdatesService.exe -- (Extensions Updates Service)
SRV - [2007/10/08 08:52:36 | 000,157,000 | ---- | M] (Smith Micro Software, Inc.) [Auto | Running] -- C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe -- (Stuffit Archive Name Service)
SRV - [2006/01/05 00:06:02 | 000,163,840 | ---- | M] (Alex Feinman) [Disabled | Stopped] -- C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe -- (Imapi Helper)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\hap17v2k.sys -- (hap17v2k)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\hap16v2k.sys -- (hap16v2k)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv10710.sys -- (EraserUtilDrv10710)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\CTEXFIFX.DLL -- (CTEXFIFX.DLL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\CTERFXFX.DLL -- (CTERFXFX.DLL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\CTEAPSFX.DLL -- (CTEAPSFX.DLL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\CTAUDFX.DLL -- (CTAUDFX.DLL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\CT20XUT.DLL -- (CT20XUT.DLL)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | System | Stopped] -- -- (cdrbsvsd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NSDriver.sys -- (Ad-Watch Connect Filter)
DRV - [2013/10/06 02:39:38 | 000,031,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\SpeedBit\SBUpdate\sbw.sys -- (SBUpdd)
DRV - [2013/10/01 16:56:58 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/09/25 20:57:14 | 000,120,632 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2013/09/10 22:11:44 | 000,022,840 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013/09/08 22:12:16 | 000,027,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2013/09/02 10:39:32 | 000,176,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013/09/02 10:28:06 | 000,145,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013/09/02 10:28:04 | 000,209,208 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013/09/02 10:28:00 | 000,223,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013/08/20 22:54:04 | 000,102,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013/08/01 16:08:52 | 000,193,848 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2013/06/02 04:56:40 | 000,026,032 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice)
DRV - [2011/12/16 09:19:54 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2011/07/08 17:17:20 | 000,091,728 | ---- | M] (High Criteria inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TotRec8.sys -- (TotRec8)
DRV - [2011/07/08 17:17:14 | 000,131,152 | ---- | M] (High Criteria inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TotRec7.sys -- (TotRec7)
DRV - [2011/02/11 16:23:34 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2010/02/05 12:40:12 | 000,021,624 | ---- | M] () [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BSecACFltr.sys -- (BSecACFltr)
DRV - [2008/11/11 14:42:00 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008/11/11 14:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008/11/11 14:41:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2008/04/13 13:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 13:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2006/10/17 08:55:58 | 000,028,276 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2006/09/13 13:53:20 | 000,213,888 | R--- | M] (Mediafour Corporation) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\MDFSYSNT.SYS.rmv -- (MDFSYSNT)
DRV - [2006/04/30 09:57:06 | 000,016,640 | R--- | M] (Mediafour Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\MDPMGRNT.sys.rmv -- (MDPMGRNT)
DRV - [2005/07/23 00:41:46 | 000,026,112 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKE)
DRV - [2005/07/23 00:41:42 | 000,068,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2005/07/22 23:41:18 | 000,036,608 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidUsbK.sys -- (LHidUsbK)
DRV - [2005/07/22 23:41:08 | 000,055,040 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2005/05/11 00:33:12 | 000,032,256 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdrbsdrv.sys -- (cdrbsdrv)
DRV - [2003/12/17 09:50:00 | 000,070,801 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys -- (LMouFlt2)
DRV - [2003/12/17 09:50:00 | 000,051,729 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042pr2.Sys -- (L8042pr2)
DRV - [2003/12/17 09:50:00 | 000,025,505 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFlt2.Sys -- (LHidFlt2)
DRV - [2003/03/19 15:39:02 | 001,136,384 | ---- | M] (GTW) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GWMDM.sys -- (GTWModem)
DRV - [2002/12/17 05:41:10 | 000,076,288 | ---- | M] (Rainbow Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\sentinel.sys -- (Sentinel)
DRV - [2002/12/17 05:41:10 | 000,026,120 | ---- | M] (Rainbow Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SNTNLUSB.SYS -- (SNTNLUSB)
DRV - [2002/10/15 23:41:06 | 000,102,220 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sonypvs1.sys -- (sonypvs1)
DRV - [2002/07/24 14:52:24 | 000,998,004 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2002/07/19 11:55:42 | 000,643,072 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ctsblfx.dll -- (CTSBLFX.DLL)
DRV - [2002/07/19 11:54:08 | 000,110,592 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\commonfx.dll -- (COMMONFX.DLL)
DRV - [2002/07/19 11:48:30 | 000,156,604 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2002/07/19 11:48:20 | 000,213,860 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2002/07/19 11:48:06 | 000,011,068 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2002/07/19 11:48:02 | 000,195,432 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2002/07/19 11:47:50 | 000,837,548 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k)
DRV - [2002/07/19 11:46:26 | 000,127,948 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2001/08/30 05:30:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001/08/30 05:30:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2001/08/17 08:28:00 | 000,871,388 | ---- | M] (BCM) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMDM.sys -- (BCMModem)
DRV - [2000/10/23 07:43:48 | 000,053,344 | ---- | M] (Warp Nine Engineering) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PAR1284.SYS -- (PAR1284)
DRV - [2000/06/06 10:29:58 | 000,006,736 | ---- | M] (RioPort.com) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\RioPnP.sys -- (RioPNP)
DRV - [1999/12/17 01:00:00 | 000,006,752 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\PFMODNT.SYS -- (PfModNT)
DRV - [1998/03/20 12:49:00 | 000,006,912 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\edgestat.sys -- (EdgeStat)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {7F4EFF06-7032-458e-AE16-1C1D8255C28A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://go.speedbit.c...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.speedbit.com/?s=DA7aya1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 16 1C 4C 81 B8 D3 CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {7F4EFF06-7032-458e-AE16-1C1D8255C28A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{6DAE86F6-022E-4DF4-8C7F-7FBCC485D138}: "URL" = http://www.google.co...startPage}&rlz=
IE - HKCU\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://go.speedbit.c...q={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...pr&d=2012-09-19 09:32:53&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2260173
IE - HKCU\..\SearchScopes\{f1b5f790-bdce-11dd-ad8b-0800200c9a66}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:12080

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "PhotoJoy US Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://go.speedbit.c...x?s=DA7aya1&q="
FF - prefs.js..browser.search.order.1: "Speedbit Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://go.speedbit.c...com/?s=DA7aya1"
FF - prefs.js..extensions.enabledAddons: amznUWL2%40amazon.com:1.10
FF - prefs.js..extensions.enabledAddons: DeviceDetection%40logitech.com:1.24.0.9
FF - prefs.js..extensions.enabledAddons: optout%40google.com:1.5
FF - prefs.js..extensions.enabledAddons: %7B77b819fa-95ad-4f2c-ac7c-486b356188a9%7D:4.0.20130422
FF - prefs.js..extensions.enabledAddons: %7B6005d9b1-d115-485a-a92a-3f6453ca3fe2%7D:2.4
FF - prefs.js..extensions.enabledAddons: readability%40readability.com:2.4
FF - prefs.js..extensions.enabledAddons: %7BF17C1572-C9EC-4e5c-A542-D05CBB5C5A08%7D:10.0.5.1
FF - prefs.js..extensions.enabledAddons: daplinkchecker%40speedbit.com:1.0.1.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:2.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.2
FF - prefs.js..extensions.enabledItems: {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}:2.12.21.1
FF - prefs.js..extensions.enabledItems: {3e0e7d2a-070f-4a47-b019-91fe5385ba79}:3.1.1
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.8
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:1.95.20100933
FF - prefs.js..keyword.URL: "http://go.speedbit.c...x?s=DA7aya1&q="
FF - prefs.js..network.proxy.ftp: "localhost"
FF - prefs.js..network.proxy.ftp_port: 12080
FF - prefs.js..network.proxy.gopher: "localhost"
FF - prefs.js..network.proxy.gopher_port: 12080
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 12080
FF - prefs.js..network.proxy.socks: "localhost"
FF - prefs.js..network.proxy.socks_port: 12080
FF - prefs.js..network.proxy.ssl: "localhost"
FF - prefs.js..network.proxy.ssl_port: 12080


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: File not found
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Jim\Application Data\Move Networks\plugins\npqmp071500000347.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@nbc.com/DirectPlayer: File not found
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@sony.com/eBookLibrary: C:\Program Files\Sony\Reader\Data\bin\npebldetectmoz.dll (Sony Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Jim\Application Data\Move Networks\plugins\npqmp071500000347.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2013/05/04 16:25:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\FireFoxExt\17.0.1.12 [2013/10/01 16:58:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\[email protected]\ [2013/10/02 00:28:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\[email protected]\ [2013/10/02 00:28:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\DAP\daplinkchecker [2013/10/07 08:56:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\SearchPredict\PRFireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files\SpeedBit Video Downloader\SPFireFox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/09/30 20:57:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/10/11 12:21:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\EXTENSIONS\\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}: C:\Documents and Settings\Jim\Local Settings\Application Data\GreatArcadeHits\gahff.xpi [2013/10/02 18:25:25 | 000,010,541 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\EXTENSIONS\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Program Files\DAP\DAPFireFox [2013/10/07 08:55:50 | 000,000,000 | ---D | M]

[2009/09/21 14:38:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Extensions
[2009/09/21 14:38:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Extensions\[email protected]
[2013/10/24 13:06:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions
[2010/05/05 10:40:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}-trash
[2012/08/31 12:19:58 | 000,000,000 | ---D | M] (AddThis) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79}
[2013/05/04 16:14:45 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2007/07/20 12:16:08 | 000,000,000 | ---D | M] ("IE Tab") -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}(2)
[2012/01/15 17:50:41 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2013/10/01 20:27:59 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013/10/10 13:52:24 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2010/05/25 12:42:10 | 000,000,000 | ---D | M] (BarTab) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
[2012/06/06 15:50:25 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
[2012/09/18 18:28:21 | 000,243,287 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
[2013/10/20 12:00:10 | 000,335,971 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
[2013/09/06 09:18:39 | 000,014,574 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
[2011/07/31 13:31:20 | 000,008,363 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
[2012/02/15 10:31:58 | 000,006,162 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
[2013/09/10 08:32:22 | 000,260,810 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
[2013/10/03 08:13:25 | 000,298,379 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
[2013/10/10 13:52:11 | 000,071,142 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
[2013/10/01 23:35:56 | 000,035,532 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{0C07EECD-53B6-4748-BB2B-4395BF51DD8B}.xpi
[2013/09/10 08:05:39 | 000,260,260 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{6005d9b1-d115-485a-a92a-3f6453ca3fe2}.xpi
[2013/10/24 13:06:36 | 000,535,018 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/01/10 12:36:09 | 000,554,753 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{861d02ef-6fd9-4ce1-954a-90ee3a4de31c}.xpi
[2013/10/04 21:31:59 | 000,150,994 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2013/10/10 13:52:32 | 000,915,554 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011/08/11 14:11:30 | 000,000,925 | ---- | M] () -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\searchplugins\conduit.xml
[2013/10/07 08:51:03 | 000,002,530 | ---- | M] () -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\searchplugins\speedbit.xml
[2013/09/30 20:57:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/09/30 20:57:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/09/30 20:57:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013/09/30 20:57:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/09/30 20:56:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/09/30 20:59:43 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/10/07 08:55:50 | 000,000,000 | ---D | M] (Download Accelerator Plus (DAP) extension) -- C:\PROGRAM FILES\DAP\DAPFIREFOX
[2013/10/07 08:56:13 | 000,000,000 | ---D | M] (DAP Link Checker) -- C:\PROGRAM FILES\DAP\DAPLINKCHECKER
[2009/03/31 22:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\mozilla firefox\components\coFFPlgn.dll
[2011/05/20 00:09:27 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2011/05/20 00:09:28 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol500.dll
[2007/01/19 08:32:43 | 000,114,688 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npmozax.dll
[2013/06/28 13:11:40 | 000,003,716 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml

========== Chrome ==========

CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp\1.9.1_0\
CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg\1.0_0\
CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde\2.9.6_0\
CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\
CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\
CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji\1.3.7_1\
CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.20_0\
CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\2.11.30.1_0\
CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic\1.3.1.5_0\
CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd\1.0.0.0_0\
CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\2.6.4_0\
CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\
CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\
CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\

O1 HOSTS File: ([2008/05/09 10:19:52 | 000,000,686 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll (AVG Secure Search)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
O2 - BHO: (GreatArcadeHits Add-on) - {D0C21091-FF8E-432C-9006-0540E81BA9D7} - C:\Documents and Settings\Jim\Local Settings\Application Data\GreatArcadeHits\GreatArcadeHitsIE.dll (GreatArcadeHits)
O2 - BHO: (SpeedBit Link Verification Helper) - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files\DAP\LinkVerifier.dll (Speedbit Ltd.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (GigaSize Toolbar) - {EB4324A0-336F-4595-A117-B41304CC70C1} - C:\Program Files\gigasizetb\dtx.dll ()
O2 - BHO: (Download Accelerator Plus Integration) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (GigaSize Toolbar) - {EB4324A0-336F-4595-A117-B41304CC70C1} - C:\Program Files\gigasizetb\dtx.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG Family Safety] C:\Program Files\AVG\AVG Family Safety\BsecTray.exe (Bsecure Technologies, Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [KeePass 2 PreLoad] C:\Program Files\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [Reader Library Launcher] C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe (Sony Corporation)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [DownloadAccelerator] C:\Program Files\DAP\DAP.EXE (Speedbit Ltd.)
O4 - HKCU..\Run: [Google Update] "C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c File not found
O4 - HKCU..\Run: [NvMediaCenter] C:\WINDOWS\System32\NVMCTRAY.DLL (NVIDIA Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe (Sony Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
O4 - Startup: C:\Documents and Settings\Jim\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\Jim\Start Menu\Programs\Startup\PMB Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\Jim\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk = C:\Program Files\Quicken 2005\bagent.exe (Intuit Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: &Verify with DAP - C:\Program Files\DAP\dapverify.htm ()
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech....Detection32.cab (Device Detection)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Reg Error: Key error.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Reg Error: Key error.)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://support.gatew...r/PCPitStop.CAB (Reg Error: Key error.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1254835153609 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} http://support.micro...gWebControl.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: vzTCPConfig http://my.verizon.co...vzTCPConfig.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A72CF2E0-6574-4842-8828-E75323F43E66}: DhcpNameServer = 192.168.254.254
O18 - Protocol\Handler\g7ps {9EACF0FB-4FC7-436E-989B-3197142AD979} - C:\Program Files\Common Files\G7PS\Shared Files\G7PSDLL\G7PS.dll (G7 Productivity Systems, Inc.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll (AVG Secure Search)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - File not found
O24 - Desktop Components:1 () - http://www.google.co...s/posts/default
O24 - Desktop WallPaper: C:\Documents and Settings\Jim\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jim\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\askforcd.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\autoslide.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\autovideo.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\bagent.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\billmind.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\capturingtool.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\cdbackup.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\chrome.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\cmdline.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\convert.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\googleupdater.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\javaw.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\javaws.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\keepass.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\memmiximagetool.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\presentationhost.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\qblaunch.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\qbserverutilitymgr.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\qbw32.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\qbw32pro.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\qw.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\residence.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\safari.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\scheduler.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\seabuilder.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\setup.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\softwareupdate.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\sonydir.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\sonypotl.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\sonytray.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\spuannounce.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\spubrowser.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\spuimporterlauncher.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\spuinit.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\spulocalesetting.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\spumapview.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\spupmblauncher.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\spuvolumewatcher.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\stuffit11.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\unins000.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\usbstrtool.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\vcdmaker.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\viewerapp.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\viewerregistfile.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\wizard.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/12/21 19:48:56 | 000,000,140 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/08/19 12:55:44 | 000,000,090 | ---- | M] () - S:\AUTORUN.INF -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/10/22 14:13:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\My Documents\images
[2013/10/10 18:45:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2013/10/08 16:03:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\StuffIt 11
[2013/10/08 14:52:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\ItsDeductible
[2013/10/08 14:51:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\My Documents\Q03Files
[2013/10/08 14:51:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\My Documents\Q02FILES
[2013/10/08 14:50:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\My Documents\______BACKUP
[2013/10/07 21:30:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\My Documents\My Personal Documents
[2013/10/07 11:07:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2013/10/05 12:35:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\Application Data\Toolbar4
[2013/10/05 11:28:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\Application Data\EQATEC Analytics
[2013/10/05 11:23:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\My Documents\My DAP Downloads
[2013/10/05 11:23:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Download Accelerator Plus (DAP)
[2013/10/05 11:23:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\Local Settings\Application Data\SpeedBIT
[2013/10/05 11:22:55 | 000,000,000 | ---D | C] -- C:\Program Files\DAP
[2013/10/05 11:22:21 | 000,172,032 | ---- | C] (Jin Hui E-mail: [email protected] Web: http://www.jcomsoft.com) -- C:\WINDOWS\System32\AniGIF.ocx
[2013/10/05 11:14:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeedBit
[2013/10/04 23:11:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\Application Data\Free Download Manager
[2013/10/04 23:10:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Free Download Manager
[2013/10/03 13:06:25 | 000,000,000 | ---D | C] -- C:\Program Files\Free Download Manager
[2013/10/02 19:46:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SCREEN2EXE
[2013/10/02 19:46:02 | 000,000,000 | ---D | C] -- C:\Program Files\SCREEN2EXE
[2013/10/02 18:25:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\Local Settings\Application Data\GreatArcadeHits
[2013/10/02 16:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\My Documents\Apowersoft Screen Recorder Pro
[2013/10/02 16:39:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Apowersoft
[2013/10/02 16:39:24 | 000,181,424 | -H-- | C] (Bytescout) -- C:\WINDOWS\System32\ApowersoftVideoMixerFilter.dll
[2013/10/02 16:39:23 | 000,271,536 | -H-- | C] (Bytescout) -- C:\WINDOWS\System32\ApowersoftScreenCapturingFilter.dll
[2013/10/02 16:39:22 | 000,443,568 | -H-- | C] (Bytescout) -- C:\WINDOWS\System32\ApowersoftScreenCapturing.dll
[2013/10/02 16:39:17 | 000,026,032 | ---- | C] (Wondershare) -- C:\WINDOWS\System32\drivers\Apowersoft_AudioDevice.sys
[2013/10/02 16:39:16 | 000,000,000 | ---D | C] -- C:\Program Files\Apowersoft
[2013/10/02 16:39:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\Application Data\Apowersoft
[2013/10/02 00:30:12 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2013/09/30 20:56:52 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/09/25 21:39:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\My Documents\Tragedy and Hope
[2013/09/25 18:05:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\Application Data\AVG2014
[2013/09/25 17:39:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2014
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[25 C:\Documents and Settings\Jim\My Documents\*.tmp files -> C:\Documents and Settings\Jim\My Documents\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/10/24 14:16:10 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/10/24 14:12:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/10/24 14:07:34 | 000,040,116 | ---- | M] () -- C:\WINDOWS\$CCW_D02.CC$
[2013/10/24 14:07:34 | 000,003,498 | ---- | M] () -- C:\WINDOWS\POWERUP.INI
[2013/10/24 14:01:00 | 000,000,954 | ---- | M] () -- C:\WINDOWS\tasks\SBW_UpdateTask_Time_313738393639313337302d3437415a556c2a3223346c41.job
[2013/10/24 11:13:40 | 000,002,335 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2013/10/24 11:11:56 | 000,000,954 | ---- | M] () -- C:\WINDOWS\tasks\SBW_UpdateTask_Logon_313738393639313337302d3437415a556c2a3223346c41.job
[2013/10/24 11:11:51 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2013/10/24 11:11:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/10/24 11:11:15 | 1609,945,088 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/24 02:01:34 | 000,023,304 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000002-00000000-0000000D-00001102-00000004-00581102}.rfx
[2013/10/24 02:01:34 | 000,023,304 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000002-00000000-0000000D-00001102-00000004-00581102}.rfx
[2013/10/24 02:01:34 | 000,018,648 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000002-00000000-0000000D-00001102-00000004-00581102}.rfx
[2013/10/24 02:01:34 | 000,018,648 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000002-00000000-0000000D-00001102-00000004-00581102}.rfx
[2013/10/24 02:01:34 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2013/10/24 02:01:34 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2013/10/24 02:01:34 | 000,000,024 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000002-00000000-0000000D-00001102-00000004-00581102}.dat
[2013/10/24 02:01:34 | 000,000,024 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-0000000D-00001102-00000004-00581102}.dat
[2013/10/23 20:56:33 | 000,030,707 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\1379442_10201680850417474_1929028677_n.jpg
[2013/10/23 00:36:07 | 000,231,945 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\cafe press delete.pdf
[2013/10/22 14:51:25 | 002,442,532 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\Title 34, Code of Federal Regulations.htm
[2013/10/22 14:33:00 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Jim\My Documents\~$tle 34, Code of Federal Regulations.htm
[2013/10/19 18:29:41 | 000,058,582 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\MLA Formatting and Style, General Guidelines .pdf
[2013/10/18 12:02:00 | 000,051,903 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\REDACTED SIU Neuropsychological Evaluation, 12-09-11 .pdf
[2013/10/18 11:31:25 | 000,051,828 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\David's REDACTED SIU Neuropsychological Evaluation, 12-09-11 .pdf
[2013/10/17 11:10:49 | 000,388,792 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/10/16 13:01:08 | 000,223,765 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\David's SIU Neuropsychological Evaluation, 12-09-11 .pdf
[2013/10/11 13:58:41 | 000,524,178 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/10/11 13:58:41 | 000,095,520 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/10/11 13:32:30 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/10/10 19:43:06 | 001,269,719 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\Title 34, Code of Federal Regulations.pdf
[2013/10/10 18:45:50 | 000,000,712 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
[2013/10/09 12:26:41 | 000,075,894 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\Draft - Letter to school requesting LD Testing, October, 2….pdf
[2013/10/08 14:00:58 | 000,000,566 | ---- | M] () -- C:\Documents and Settings\Jim\Desktop\Shortcut to MG6300 series (UPnP)_DD04E25A2A07.lnk
[2013/10/08 13:31:11 | 000,001,841 | ---- | M] () -- C:\Documents and Settings\Jim\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/10/08 13:31:09 | 000,001,823 | ---- | M] () -- C:\Documents and Settings\Jim\Desktop\Google Chrome.lnk
[2013/10/07 11:51:30 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/07 11:51:30 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/07 11:34:55 | 000,019,585 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\INDIVIDUAL ACCOMMODATION PLAN David Andersen.pdf
[2013/10/07 11:07:14 | 000,001,925 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2013/10/07 08:56:59 | 000,001,289 | ---- | M] () -- C:\Documents and Settings\Jim\Desktop\My DAP Downloads.lnk
[2013/10/07 08:56:59 | 000,000,620 | ---- | M] () -- C:\Documents and Settings\Jim\Desktop\Download Accelerator Plus (DAP).lnk
[2013/10/07 07:58:49 | 000,000,556 | ---- | M] () -- C:\WINDOWS\tasks\SBWUpdateTask_Time_f0d903de-0007E9C55523.job
[2013/10/07 07:58:49 | 000,000,556 | ---- | M] () -- C:\WINDOWS\tasks\SBWUpdateTask_Logon_f0d903de-0007E9C55523.job
[2013/10/05 16:38:01 | 000,028,253 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\Your TrialPay order is complete.pdf
[2013/10/05 16:25:52 | 000,019,587 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\David's 2013-2014 504 Plan.pdf
[2013/10/05 15:26:06 | 000,063,454 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\Dad's Daily Language QUIZ.pdf
[2013/10/05 12:15:41 | 000,201,998 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\angie's list trial-pay memebr data.pdf
[2013/10/05 11:22:21 | 000,172,032 | ---- | M] (Jin Hui E-mail: [email protected] Web: http://www.jcomsoft.com) -- C:\WINDOWS\System32\AniGIF.ocx
[2013/10/04 23:10:56 | 000,000,770 | ---- | M] () -- C:\Documents and Settings\Jim\Application Data\Microsoft\Internet Explorer\Quick Launch\Free Download Manager.lnk
[2013/10/04 22:49:35 | 000,301,200 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\dlm schedule.pdf
[2013/10/03 15:32:59 | 000,036,769 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\David's Detention History through 09-30-13 .pdf
[2013/10/03 00:24:08 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/10/03 00:00:53 | 000,094,412 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2013/10/02 23:55:53 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\Jim\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2013/10/01 16:59:20 | 000,003,726 | ---- | M] () -- C:\Program Files\Mozilla Firefoxavg-secure-search.xml
[2013/10/01 16:56:58 | 000,037,664 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2013/09/29 03:10:18 | 001,699,836 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\Shariah-The-Threat-to-America-Team-B-Report-Web-09292010.pdf
[2013/09/29 00:44:34 | 002,489,803 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\TO OUR GREAT DETRIMENT - Jihad.pdf
[2013/09/29 00:00:06 | 002,528,981 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\Obamcare Bill .pdf
[2013/09/25 20:57:14 | 000,120,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgdiskx.sys
[2013/09/25 20:57:09 | 000,141,365 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\Diazepam (Valium) Psychiatric Side Effects Search Engine _ CCHR International.pdf
[2013/09/25 12:18:56 | 000,090,658 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\SFBB 9.25.pdf
[2013/09/25 11:15:15 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[25 C:\Documents and Settings\Jim\My Documents\*.tmp files -> C:\Documents and Settings\Jim\My Documents\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/10/24 14:07:34 | 000,040,116 | ---- | C] () -- C:\WINDOWS\$CCW_D02.CC$
[2013/10/23 20:56:27 | 000,030,707 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\1379442_10201680850417474_1929028677_n.jpg
[2013/10/23 00:36:06 | 000,231,945 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\cafe press delete.pdf
[2013/10/22 14:33:00 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Jim\My Documents\~$tle 34, Code of Federal Regulations.htm
[2013/10/22 14:11:47 | 002,442,532 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\Title 34, Code of Federal Regulations.htm
[2013/10/19 18:29:41 | 000,058,582 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\MLA Formatting and Style, General Guidelines .pdf
[2013/10/18 12:02:00 | 000,051,903 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\REDACTED SIU Neuropsychological Evaluation, 12-09-11 .pdf
[2013/10/18 11:31:25 | 000,051,828 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\David's REDACTED SIU Neuropsychological Evaluation, 12-09-11 .pdf
[2013/10/16 13:01:07 | 000,223,765 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\David's SIU Neuropsychological Evaluation, 12-09-11 .pdf
[2013/10/09 12:16:11 | 000,075,894 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\Draft - Letter to school requesting LD Testing, October, 2….pdf
[2013/10/08 16:18:52 | 001,269,719 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\Title 34, Code of Federal Regulations.pdf
[2013/10/08 14:00:58 | 000,000,566 | ---- | C] () -- C:\Documents and Settings\Jim\Desktop\Shortcut to MG6300 series (UPnP)_DD04E25A2A07.lnk
[2013/10/07 11:07:14 | 000,001,925 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2013/10/07 08:56:59 | 000,001,289 | ---- | C] () -- C:\Documents and Settings\Jim\Desktop\My DAP Downloads.lnk
[2013/10/07 08:56:59 | 000,000,620 | ---- | C] () -- C:\Documents and Settings\Jim\Desktop\Download Accelerator Plus (DAP).lnk
[2013/10/07 08:55:11 | 000,000,954 | ---- | C] () -- C:\WINDOWS\tasks\SBW_UpdateTask_Time_313738393639313337302d3437415a556c2a3223346c41.job
[2013/10/07 08:55:07 | 000,000,954 | ---- | C] () -- C:\WINDOWS\tasks\SBW_UpdateTask_Logon_313738393639313337302d3437415a556c2a3223346c41.job
[2013/10/07 07:58:49 | 000,000,556 | ---- | C] () -- C:\WINDOWS\tasks\SBWUpdateTask_Time_f0d903de-0007E9C55523.job
[2013/10/07 07:58:48 | 000,000,556 | ---- | C] () -- C:\WINDOWS\tasks\SBWUpdateTask_Logon_f0d903de-0007E9C55523.job
[2013/10/05 16:37:24 | 000,028,253 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\Your TrialPay order is complete.pdf
[2013/10/05 16:25:52 | 000,019,587 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\David's 2013-2014 504 Plan.pdf
[2013/10/05 16:25:12 | 000,019,585 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\INDIVIDUAL ACCOMMODATION PLAN David Andersen.pdf
[2013/10/05 15:26:06 | 000,063,454 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\Dad's Daily Language QUIZ.pdf
[2013/10/05 12:15:41 | 000,201,998 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\angie's list trial-pay memebr data.pdf
[2013/10/04 23:10:56 | 000,000,770 | ---- | C] () -- C:\Documents and Settings\Jim\Application Data\Microsoft\Internet Explorer\Quick Launch\Free Download Manager.lnk
[2013/10/04 22:49:35 | 000,301,200 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\dlm schedule.pdf
[2013/10/03 15:32:59 | 000,036,769 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\David's Detention History through 09-30-13 .pdf
[2013/09/29 03:10:08 | 001,699,836 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\Shariah-The-Threat-to-America-Team-B-Report-Web-09292010.pdf
[2013/09/29 00:44:24 | 002,489,803 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\TO OUR GREAT DETRIMENT - Jihad.pdf
[2013/09/28 23:03:24 | 002,528,981 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\Obamcare Bill .pdf
[2013/09/25 20:57:09 | 000,141,365 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\Diazepam (Valium) Psychiatric Side Effects Search Engine _ CCHR International.pdf
[2013/09/25 17:51:31 | 000,000,712 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
[2013/09/25 12:15:32 | 000,090,658 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\SFBB 9.25.pdf
[2013/09/07 09:02:24 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/09/07 08:22:21 | 000,004,970 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\xgneqrwu.hrx
[2013/08/06 14:21:59 | 000,003,726 | ---- | C] () -- C:\Program Files\Mozilla Firefoxavg-secure-search.xml
[2013/07/26 14:47:18 | 000,356,290 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-18-0.dat
[2013/07/08 02:18:34 | 000,109,696 | ---- | C] () -- C:\WINDOWS\System32\EasyHook64.dll
[2013/07/08 02:18:34 | 000,091,264 | ---- | C] () -- C:\WINDOWS\System32\EasyHook32.dll
[2013/07/02 10:39:13 | 000,007,201 | ---- | C] () -- C:\Documents and Settings\Jim\r
[2012/04/25 16:43:51 | 000,537,103 | ---- | C] () -- C:\Documents and Settings\Jim\sign invoices
[2012/02/15 10:52:46 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/26 10:33:28 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Jim\Local Settings\Application Data\C9FDFF7E6BA824AA08958A9C209DB4B7.dll
[2011/09/15 22:06:08 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\Jim\WINWORD.box
[2011/09/05 21:46:32 | 001,680,747 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1645522239-1035525444-839522115-1004-0.dat
[2011/09/05 21:46:21 | 000,345,650 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/05/20 11:21:12 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\Jim\usb002
[2011/05/19 22:06:28 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\Jim\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/05/18 15:44:04 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/01/26 19:11:47 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\fusioncache.dat
[2009/06/24 14:59:23 | 000,060,744 | ---- | C] () -- C:\Documents and Settings\Jim\g2mdlhlpx.exe
[2009/01/02 15:58:06 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jim\LOG
[2008/07/31 17:27:22 | 000,000,560 | ---- | C] () -- C:\Documents and Settings\Jim\Application Data\ViewerApp.dat
[2008/03/08 15:43:24 | 000,000,545 | ---- | C] () -- C:\Documents and Settings\Jim\Shortcut to Desktop.lnk
[2007/06/27 19:15:14 | 005,353,472 | ---- | C] () -- C:\Documents and Settings\Jim\s-1-5-21-1645522239-1035525444-839522115-1004.rrr
[2007/02/21 17:13:54 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jim\delete
[2006/12/09 21:50:22 | 000,047,187 | ---- | C] () -- C:\Documents and Settings\Jim\prn file.PRN
[2006/11/30 23:20:26 | 000,066,048 | ---- | C] () -- C:\Documents and Settings\Jim\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/30 23:02:59 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Jim\Local Settings\Application Data\fusioncache.dat
[2006/11/20 12:58:51 | 000,001,356 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/10/18 02:45:14 | 000,002,048 | ---- | C] () -- C:\Documents and Settings\Jim\check.db

========== ZeroAccess Check ==========

[2006/11/30 20:50:41 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\System32\shdocvw.dll -- [2008/04/13 19:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2009/10/08 10:39:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems
[2011/09/05 13:12:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applian
[2012/09/20 15:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG
[2013/06/28 13:10:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2013/09/25 17:54:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2014
[2011/06/24 02:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BSecure
[2011/05/17 20:45:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/12/22 06:31:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Carbonite
[2011/06/22 10:41:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2012/01/18 12:34:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ContentWatch
[2009/01/17 19:15:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DiskAnalyzer
[2010/02/12 11:42:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DonationCoder
[2012/01/02 09:43:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2009/08/08 01:23:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2010/02/18 12:22:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EstiMate
[2011/09/05 15:32:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Extensions
[2013/10/02 00:30:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Freemake
[2009/01/20 14:24:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\G7PS
[2009/03/30 14:05:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GigaSize
[2012/02/25 21:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2009/08/01 09:29:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo OLD
[2011/07/02 11:33:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\kinoma
[2013/10/23 17:11:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009/05/25 23:40:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NBC Direct
[2009/06/09 13:29:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OpenDNS Updater
[2009/06/22 22:36:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2013/07/08 11:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\r2 Studios
[2013/09/06 10:17:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1995-08.com.techsmith
[2009/01/18 01:04:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScreenCapture
[2007/11/29 22:02:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SMSI
[2013/10/22 12:53:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Speedbit
[2012/01/02 02:13:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERSetup
[2011/10/08 09:36:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2009/01/17 19:03:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TaskManager
[2013/09/06 10:17:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2013/10/24 13:56:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/09/21 14:39:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2009/01/18 01:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VideoConverter
[2008/10/06 20:37:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2009/07/27 22:16:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}
[2009/08/18 18:41:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2012/09/19 17:54:39 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2009/10/08 10:45:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\ACD Systems
[2006/10/18 21:40:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Aladdin Systems
[2009/12/07 10:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Amazon
[2013/10/02 16:39:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Apowersoft
[2012/09/20 15:47:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\AVG
[2011/12/24 22:34:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\AVG Secure Search
[2013/09/25 18:05:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\AVG2014
[2007/08/24 09:02:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Beehive
[2011/05/20 00:09:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Catalina Marketing Corp
[2013/02/11 17:14:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\com.amazon.music.uploader
[2012/02/26 03:12:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\driveridentifier
[2006/10/18 00:32:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\EarthLink Toolbar
[2010/02/08 10:48:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\ElevatedDiagnostics
[2013/10/24 11:14:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\EQATEC Analytics
[2010/02/17 09:32:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Foxit
[2013/10/11 12:02:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Free Download Manager
[2009/01/20 14:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\G7PS
[2009/12/21 14:07:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\GetRightToGo
[2009/04/15 16:52:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\gigasizetb
[2009/03/30 18:08:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Gigauper
[2009/05/24 22:01:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\IDM
[2010/01/28 13:54:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\iolo
[2009/08/06 21:00:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\iolo OLD
[2012/06/29 02:11:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\KeePass
[2013/09/07 08:22:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\MOVAVI
[2009/05/25 23:40:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\NBC Direct
[2006/12/07 15:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Opera
[2012/08/31 13:27:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\PandoraRecovery
[2011/08/31 10:41:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\pdftoepub
[2009/08/07 21:12:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\QuickenPicks_Toolbar
[2006/10/17 08:31:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Simple Star
[2006/10/19 22:41:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Snapfish
[2010/06/29 10:11:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Tific
[2009/09/21 14:38:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\TomTom
[2013/10/07 08:38:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Toolbar4
[2011/08/15 13:00:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\TotalRecorder
[2012/09/18 20:14:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\TuneUp Software
[2009/07/27 22:16:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Uniblue
[2009/10/06 09:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Windows Desktop Search
[2009/10/06 10:47:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Windows Search
[2012/03/06 15:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\YouSendIt
[2006/12/09 16:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Z-Firm LLC
[2012/07/19 15:53:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Zbang.it

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 269 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:56E2E879
@Alternate Data Stream - 259 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:553CA6CA
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

< End of report >

Edited by JIm Andersen, 24 October 2013 - 05:18 PM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
I think it's the O27 entries that are causing the trouble.

Copy the text in the code box by highlighting and Ctrl + c


:OTL
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\hap17v2k.sys -- (hap17v2k)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\hap16v2k.sys -- (hap16v2k)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv10710.sys -- (EraserUtilDrv10710)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\CTEXFIFX.DLL -- (CTEXFIFX.DLL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\CTERFXFX.DLL -- (CTERFXFX.DLL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\CTEAPSFX.DLL -- (CTEAPSFX.DLL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\CTAUDFX.DLL -- (CTAUDFX.DLL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\CT20XUT.DLL -- (CT20XUT.DLL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NSDriver.sys -- (Ad-Watch Connect Filter)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:12080
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..network.proxy.ftp: "localhost"
FF - prefs.js..network.proxy.ftp_port: 12080
FF - prefs.js..network.proxy.gopher: "localhost"
FF - prefs.js..network.proxy.gopher_port: 12080
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 12080
FF - prefs.js..network.proxy.socks: "localhost"
FF - prefs.js..network.proxy.socks_port: 12080
FF - prefs.js..network.proxy.ssl: "localhost"
FF - prefs.js..network.proxy.ssl_port: 12080
FF - HKLM\Software\MozillaPlugins\@nbc.com/DirectPlayer: File not found
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\EXTENSIONS\\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}: C:\Documents and Settings\Jim\Local Settings\Application Data\GreatArcadeHits\gahff.xpi [2013/10/02 18:25:25 | 000,010,541 | ---- | M] ()
[2011/08/11 14:11:30 | 000,000,925 | ---- | M] () -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\searchplugins\conduit.xml
[2013/09/30 20:57:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/09/30 20:57:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013/09/30 20:57:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - No CLSID value found.
O2 - BHO: (GigaSize Toolbar) - {EB4324A0-336F-4595-A117-B41304CC70C1} - C:\Program Files\gigasizetb\dtx.dll ()
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (GigaSize Toolbar) - {EB4324A0-336F-4595-A117-B41304CC70C1} - C:\Program Files\gigasizetb\dtx.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll (AVG Secure Search)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [Google Update] "C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Reg Error: Key error.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Reg Error: Key error.)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://support.gatew...r/PCPitStop.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} http://support.micro...gWebControl.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: vzTCPConfig http://my.verizon.co...vzTCPConfig.CAB (Reg Error: Key error.)
O27 - HKLM IFEO\askforcd.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\autoslide.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\autovideo.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\bagent.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\billmind.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\capturingtool.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\cdbackup.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\chrome.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\cmdline.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\convert.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\googleupdater.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\javaw.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\javaws.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\keepass.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\memmiximagetool.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\presentationhost.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\qblaunch.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\qbserverutilitymgr.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\qbw32.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\qbw32pro.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\qw.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\residence.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\safari.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\scheduler.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\seabuilder.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\setup.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\softwareupdate.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\sonydir.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\sonypotl.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\sonytray.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\spuannounce.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\spubrowser.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\spuimporterlauncher.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\spuinit.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\spulocalesetting.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\spumapview.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\spupmblauncher.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\spuvolumewatcher.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\stuffit11.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\unins000.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\usbstrtool.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\vcdmaker.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\viewerapp.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\viewerregistfile.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found
O27 - HKLM IFEO\wizard.exe: Debugger - "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" File not found

:Commands
[EMPTYFLASH]
[EMPTYJAVA]
[purity]
[Reboot]


then Double on OTL to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done. Save the log and copy and paste it into a reply.


Download : ADWCleaner to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).

Posted Image

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder.



Junkware-Removal-Tool

Please download Junkware Removal Tool to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
  • Pause your anti-virus. Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

ComboFix

:!: It must be saved to your desktop, do not run it from your browser:!:

:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well. See: http://www.bleepingc...opic114351.html


Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Double click on ComboFix to start the program.



* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.


* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.

Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

A file will be created. I'll need to see that in your reply.



Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:
http://www.malwareby...lwarebytes_free

SAVE Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe to start the program.
* follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.

* Be sure that everything is checked, and click Remove Selected.

* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.




Run OTL, Quickscan and post the log.

You might want to try WebVideoCap from NirSoft for video capture.
http://www.nirsoft.n...eo_capture.html It seems to work very well on my Win 7 once I figured out how to get it set up and doesn't have any foistware.
  • 0

#3
JIm Andersen

JIm Andersen

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Mr. Kinner,

Thank you for your quick response, and its detail. I really appreciate it!

In following the first step of your instructions, line-by-line, I assumed OTL would restart after the computer rebooted, and it was then I would “Save the log…” but OTL did not restart. I had no chance to save the log, unless I was to interject a file-save before giving the okay to reboot the computer.

On searching for a log I hoped OTL had automatically saved, though, I did find a newly created C:\_OTL\MovedFiles folder in which a log entitled, 10252013_114324.log held the data shown below.

Is this the right data? Is it safe to move forward with the process, to run ADWCleaner?

The data follows:

========== OTL ==========
Service AVG Security Toolbar Service stopped successfully!
Service AVG Security Toolbar Service deleted successfully!
File C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe not found.
Service Lbd stopped successfully!
Service Lbd deleted successfully!
File system32\DRIVERS\Lbd.sys not found.
Service hap17v2k stopped successfully!
Service hap17v2k deleted successfully!
File system32\drivers\hap17v2k.sys not found.
Service hap16v2k stopped successfully!
Service hap16v2k deleted successfully!
File system32\drivers\hap16v2k.sys not found.
Service EraserUtilDrv10710 stopped successfully!
Service EraserUtilDrv10710 deleted successfully!
File C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv10710.sys not found.
Service CTHWIUT.DLL stopped successfully!
Service CTHWIUT.DLL deleted successfully!
File system32\CTHWIUT.DLL not found.
Service CTEXFIFX.DLL stopped successfully!
Service CTEXFIFX.DLL deleted successfully!
File system32\CTEXFIFX.DLL not found.
Service CTERFXFX.DLL stopped successfully!
Service CTERFXFX.DLL deleted successfully!
File system32\CTERFXFX.DLL not found.
Service CTEDSPSY.DLL stopped successfully!
Service CTEDSPSY.DLL deleted successfully!
File system32\CTEDSPSY.DLL not found.
Service CTEDSPIO.DLL stopped successfully!
Service CTEDSPIO.DLL deleted successfully!
File system32\CTEDSPIO.DLL not found.
Service CTEDSPFX.DLL stopped successfully!
Service CTEDSPFX.DLL deleted successfully!
File system32\CTEDSPFX.DLL not found.
Service CTEAPSFX.DLL stopped successfully!
Service CTEAPSFX.DLL deleted successfully!
File system32\CTEAPSFX.DLL not found.
Service ctdvda2k stopped successfully!
Service ctdvda2k deleted successfully!
File system32\drivers\ctdvda2k.sys not found.
Service CTAUDFX.DLL stopped successfully!
Service CTAUDFX.DLL deleted successfully!
File system32\CTAUDFX.DLL not found.
Service CT20XUT.DLL stopped successfully!
Service CT20XUT.DLL deleted successfully!
File system32\CT20XUT.DLL not found.
Service Ad-Watch Connect Filter stopped successfully!
Service Ad-Watch Connect Filter deleted successfully!
File C:\WINDOWS\system32\drivers\NSDriver.sys not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 removed from extensions.enabledItems
Prefs.js: "localhost" removed from network.proxy.ftp
Prefs.js: 12080 removed from network.proxy.ftp_port
Prefs.js: "localhost" removed from network.proxy.gopher
Prefs.js: 12080 removed from network.proxy.gopher_port
Prefs.js: "localhost" removed from network.proxy.http
Prefs.js: 12080 removed from network.proxy.http_port
Prefs.js: "localhost" removed from network.proxy.socks
Prefs.js: 12080 removed from network.proxy.socks_port
Prefs.js: "localhost" removed from network.proxy.ssl
Prefs.js: 12080 removed from network.proxy.ssl_port
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@nbc.com/DirectPlayer\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\EXTENSIONS\\{B21F5E31-B8E8-41CD-B74C-168A71A10E49} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\ not found.
File C:\Documents and Settings\Jim\Local Settings\Application Data\GreatArcadeHits\gahff.xpi [2013/10/02 18:25:25 | 000,010,541 | ---- | M] not found.
C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\searchplugins\conduit.xml moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB4324A0-336F-4595-A117-B41304CC70C1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EB4324A0-336F-4595-A117-B41304CC70C1}\ deleted successfully.
C:\Program Files\gigasizetb\dtx.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
C:\Program Files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EB4324A0-336F-4595-A117-B41304CC70C1} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EB4324A0-336F-4595-A117-B41304CC70C1}\ not found.
File C:\Program Files\gigasizetb\dtx.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
File C:\Program Files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\vProt deleted successfully.
C:\Program Files\AVG Secure Search\vprot.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ deleted successfully.
Starting removal of ActiveX control {02BCC737-B171-4746-94C9-0D8A0B2C0089}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{02BCC737-B171-4746-94C9-0D8A0B2C0089}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{02BCC737-B171-4746-94C9-0D8A0B2C0089}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02BCC737-B171-4746-94C9-0D8A0B2C0089}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{02BCC737-B171-4746-94C9-0D8A0B2C0089}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02BCC737-B171-4746-94C9-0D8A0B2C0089}\ not found.
Starting removal of ActiveX control {0CCA191D-13A6-4E29-B746-314DEE697D83}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{0CCA191D-13A6-4E29-B746-314DEE697D83}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Starting removal of ActiveX control {0E5F0222-96B9-11D3-8997-00104BD12D94}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{0E5F0222-96B9-11D3-8997-00104BD12D94}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{0E5F0222-96B9-11D3-8997-00104BD12D94}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E5F0222-96B9-11D3-8997-00104BD12D94}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{0E5F0222-96B9-11D3-8997-00104BD12D94}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E5F0222-96B9-11D3-8997-00104BD12D94}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {A3256902-51FA-45A0-8A97-FC1143C169D9}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{A3256902-51FA-45A0-8A97-FC1143C169D9}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{A3256902-51FA-45A0-8A97-FC1143C169D9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3256902-51FA-45A0-8A97-FC1143C169D9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A3256902-51FA-45A0-8A97-FC1143C169D9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3256902-51FA-45A0-8A97-FC1143C169D9}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {D27CDB6E-AE6D-11CF-96B8-444553540000}
C:\WINDOWS\Downloaded Program Files\swflash.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Starting removal of ActiveX control vzTCPConfig
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\vzTCPConfig\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\vzTCPConfig\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\vzTCPConfig\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\askforcd.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autoslide.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autovideo.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bagent.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\billmind.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\capturingtool.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cdbackup.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chrome.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmdline.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\convert.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\googleupdater.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\javaw.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\javaws.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\keepass.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\memmiximagetool.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\presentationhost.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qblaunch.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qbserverutilitymgr.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qbw32.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qbw32pro.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qw.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\residence.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safari.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scheduler.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\seabuilder.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\softwareupdate.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sonydir.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sonypotl.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sonytray.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spuannounce.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spubrowser.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spuimporterlauncher.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spuinit.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spulocalesetting.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spumapview.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spupmblauncher.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spuvolumewatcher.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stuffit11.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\usbstrtool.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vcdmaker.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\viewerapp.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\viewerregistfile.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wizard.exe\ deleted successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 539 bytes

User: All Users

User: Children
->Flash cache emptied: 69700 bytes

User: Default User
->Flash cache emptied: 58305 bytes

User: Jim
->Flash cache emptied: 102368 bytes

User: LocalService

User: NetworkService
->Flash cache emptied: 343 bytes

User: QBDataServiceUser17
->Flash cache emptied: 83 bytes

User: QBDataServiceUser17.JANDERSEN

User: Rhonda
->Flash cache emptied: 113341 bytes

User: TEMP

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: Administrator

User: All Users

User: Children
->Java cache emptied: 11815369 bytes

User: Default User

User: Jim
->Java cache emptied: 518843 bytes

User: LocalService

User: NetworkService

User: QBDataServiceUser17

User: QBDataServiceUser17.JANDERSEN

User: Rhonda
->Java cache emptied: 2740420 bytes

User: TEMP

Total Java Files Cleaned = 14.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 10252013_114324
  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
The 10252013_114324.log is the log I was looking for. Did that correct the problem?
  • 0

#5
JIm Andersen

JIm Andersen

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Yes, on quick examination in the running of just two Applications, it does appear to have corrected the problem, so I presume the remaining steps of the instruction you first provided would then clean my computer further. Is that right?

Edited by JIm Andersen, 25 October 2013 - 06:08 PM.

  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,701 posts
  • MVP
Yes. They scan for different kinds of malware.
  • 0

#7
JIm Andersen

JIm Andersen

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
That sounds great, Mr. Kinner!

It sounds like we're set, but I will proceed as first instructed and post replies as indicated, probably tomorrow. I really do appreciate your help. What a blessing it is!

Jim
  • 0

#8
JIm Andersen

JIm Andersen

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Mr. Kinner:
The remaining scans are complete, with the logs of each scan posted as a separate reply, starting with this one. How does it all look?


========== ADWCLEANER LOG: ==========

# AdwCleaner v3.010 - Report created 26/10/2013 at 10:01:15
# Updated 20/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Jim - 700S
# Running from : C:\Documents and Settings\Jim\My Documents\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : vToolbarUpdater17.0.12

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\registry mechanic
Folder Deleted : C:\Program Files\Uniblue\DriverScanner
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Documents and Settings\NetworkService\Local Settings\Application Data\Swag_Bucks
Folder Deleted : C:\Documents and Settings\Jim\Local Settings\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\Jim\Local Settings\Application Data\AVG Security Toolbar
Folder Deleted : C:\Documents and Settings\Jim\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\Jim\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\Jim\Application Data\Toolbar4
Folder Deleted : C:\Documents and Settings\Jim\Application Data\Uniblue\DriverScanner
[!] Folder Deleted : C:\Documents and Settings\Rhonda\Local Settings\Application Data\AVG Security Toolbar
Folder Deleted : C:\Documents and Settings\Children\Local Settings\Application Data\AVG Security Toolbar
Folder Deleted : C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\FCTB
[!] Folder Deleted : C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
File Deleted : C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\invalidprefs.js
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\searchplugins\speedbit.xml
File Deleted : C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\user.js
File Deleted : C:\Documents and Settings\QBDataServiceUser17.JANDERSEN\Application Data\Mozilla\Firefox\Profiles\oubuw3zu.default\user.js
File Deleted : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\o588jkqk.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3074349
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3BCF582D-CA87-4C6F-AF3D-B3548A976AB3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{603C4CC9-5DC6-4C44-873F-8281509DF953}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458E-AE16-1C1D8255C28A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458E-AE16-1C1D8255C28A}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Uniblue\DriverScanner
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\ImInstaller
Key Deleted : HKLM\Software\Uniblue\DriverScanner
Key Deleted : HKLM\Software\Uniblue\SpeedUpMyPC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v24.0 (en-US)

[ File : C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\prefs.js ]

Line Deleted : user_pref("avg.install.installDirPath", "C:\\Documents and Settings\\All Users\\Application Data\\AVG Secure Search\\12.2.5.34");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "PhotoJoy US Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://go.speedbit.com/search.aspx?s=DA7aya1&q=");
Line Deleted : user_pref("browser.search.order.1", "Speedbit Search");
Line Deleted : user_pref("browser.startup.homepage_override_url", "hxxp://go.speedbit.com/?s=DA7aya1");
Line Deleted : user_pref("extensions.enabledAddons", "amznUWL2%40amazon.com:1.10,DeviceDetection%40logitech.com:1.24.0.9,optout%40google.com:1.5,%7B77b819fa-95ad-4f2c-ac7c-486b356188a9%7D:4.0.20130422,%7B6005d9b1-d1[...]

[ File : C:\Documents and Settings\QBDataServiceUser17.JANDERSEN\Application Data\Mozilla\Firefox\Profiles\oubuw3zu.default\prefs.js ]


[ File : C:\Documents and Settings\Rhonda\Application Data\Mozilla\Firefox\Profiles\5ewgnld3.default\prefs.js ]


[ File : C:\Documents and Settings\Children\Application Data\Mozilla\Firefox\Profiles\mm1x2ge9.default\prefs.js ]


[ File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\o588jkqk.default\prefs.js ]


-\\ Google Chrome v30.0.1599.69

[ File : C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [10897 octets] - [26/10/2013 09:33:20]
AdwCleaner[S0].txt - [11009 octets] - [26/10/2013 10:01:15]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11070 octets] ##########
  • 0

#9
JIm Andersen

JIm Andersen

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
========== JUNKWARE REMOVAL TOOL LOG: ==========

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Microsoft Windows XP x86
Ran by Jim on Sat 10/26/2013 at 10:48:38.54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files\free video converter"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\start menu\programs\uniblue"



~~~ FireFox

Emptied folder: C:\Documents and Settings\Jim\Application Data\mozilla\firefox\profiles\fsshkt1d.default\minidumps [19 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 10/26/2013 at 11:07:34.68
End of JRT log
  • 0

#10
JIm Andersen

JIm Andersen

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
========== FARBER RECOVERY SCAN TOOL, Frst.txt LOG: ==========

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-10-2013
Ran by Jim (administrator) on 700S on 26-10-2013 11:38:47
Running from C:\Documents and Settings\Jim\My Documents\Downloads
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Bsecure Technologies, Inc.) C:\Program Files\AVG\AVG Family Safety\InetCtrl.exe
(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
(Freemake) C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Ellora Assets Corp.) C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Microsoft Corporation) c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\WINDOWS\System32\locator.exe
(Secunia) C:\Program Files\Secunia\PSI\PSIA.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(Smith Micro Software, Inc.) C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
() C:\Program Files\AVG\AVG Family Safety\BSecAMX.exe
(Speedbit Ltd.) C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Logitech Inc.) C:\WINDOWS\Logi_MwX.Exe
(Bsecure Technologies, Inc.) C:\Program Files\AVG\AVG Family Safety\BsecTray.exe
(Sony Corporation) C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe
(Carbonite, Inc.) C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Speedbit Ltd.) C:\Program Files\DAP\DAP.EXE
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Logitech Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [28160 2005-07-23] (Logitech Inc.)
HKLM\...\Run: [Logitech Utility] - C:\Windows\Logi_MwX.Exe [19968 2003-12-17] (Logitech Inc.)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] - nwiz.exe /install
HKLM\...\Run: [AVG Family Safety] - C:\Program Files\AVG\AVG Family Safety\BsecTray.exe [106824 2011-03-30] (Bsecure Technologies, Inc.)
HKLM\...\Run: [KeePass 2 PreLoad] - C:\Program Files\KeePass Password Safe 2\KeePass.exe [1655296 2010-09-05] (Dominik Reichl)
HKLM\...\Run: [Reader Library Launcher] - C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe [906648 2010-07-13] (Sony Corporation)
HKLM\...\Run: [Carbonite Backup] - C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe [1059472 2011-12-05] (Carbonite, Inc.)
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [X]
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKCU\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit
HKCU\...\Run: [DownloadAccelerator] - C:\Program Files\DAP\DAP.EXE [3865232 2013-10-07] (Speedbit Ltd.)
HKCU\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Policies\Explorer: [NoFolderOptions] 0
HKU\Administrator\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - "C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB
HKU\QBDataServiceUser17\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - "C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB
HKU\Rhonda\...\Run: [msnmsgr] - C:\Program Files\Windows Live\Messenger\msnmsgr.exe [ 2010-04-16] (Microsoft Corporation)
Lsa: [Notification Packages] scecli scecli
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe ()
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Picture Package Menu.lnk
ShortcutTarget: Picture Package Menu.lnk -> C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe (Sony Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Picture Package VCD Maker.lnk
ShortcutTarget: Picture Package VCD Maker.lnk -> C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe (Sony Corporation.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
ShortcutTarget: Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
Startup: C:\Documents and Settings\Jim\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Documents and Settings\Jim\Start Menu\Programs\Startup\PMB Media Check Tool.lnk
ShortcutTarget: PMB Media Check Tool.lnk -> C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
Startup: C:\Documents and Settings\Jim\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk
ShortcutTarget: Quicken Scheduled Updates.lnk -> C:\Program Files\Quicken 2005\bagent.exe (Intuit Inc.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x161C4C81B8D3CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - {f1b5f790-bdce-11dd-ad8b-0800200c9a66} URL = http://search.yahoo....p={searchTerms}
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO: GreatArcadeHits Add-on - {D0C21091-FF8E-432C-9006-0540E81BA9D7} - C:\Documents and Settings\Jim\Local Settings\Application Data\GreatArcadeHits\GreatArcadeHitsIE.dll (GreatArcadeHits)
BHO: SpeedBit Link Verification Helper - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files\DAP\LinkVerifier.dll (Speedbit Ltd.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: Download Accelerator Plus Integration - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\DAP\DAPIEL~1.DLL (SpeedBit Ltd.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\System32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech....Detection32.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab
Handler: g7ps - {9EACF0FB-4FC7-436E-989B-3197142AD979} - C:\Program Files\Common Files\G7PS\Shared Files\G7PSDLL\G7PS.dll (G7 Productivity Systems, Inc.)
Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
ShellExecuteHooks: - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File [ ]
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Winsock: Catalog9 02 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Winsock: Catalog9 03 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Winsock: Catalog9 04 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Winsock: Catalog9 05 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Winsock: Catalog9 06 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Winsock: Catalog9 07 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Winsock: Catalog9 08 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Winsock: Catalog9 09 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Winsock: Catalog9 10 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Winsock: Catalog9 11 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Winsock: Catalog9 12 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Winsock: Catalog9 13 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Winsock: Catalog9 14 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Winsock: Catalog9 15 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Winsock: Catalog9 16 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Winsock: Catalog9 17 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Winsock: Catalog9 18 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Winsock: Catalog9 19 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Winsock: Catalog9 20 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Winsock: Catalog9 21 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Winsock: Catalog9 22 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Winsock: Catalog9 23 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Winsock: Catalog9 24 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Winsock: Catalog9 25 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Winsock: Catalog9 26 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Winsock: Catalog9 53 %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll [305440] (Bsecure Technologies, Inc.)
Hosts: 127.0.0.1 localhost

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @movenetworks.com/Quantum Media Player - C:\Documents and Settings\Jim\Application Data\Move Networks\plugins\npqmp071500000347.dll (Move Networks)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @real.com/RhapsodyPlayerEngine,version=1.0 - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF Plugin: @sony.com/eBookLibrary - C:\Program Files\Sony\Reader\Data\bin\npebldetectmoz.dll (Sony Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @movenetworks.com/Quantum Media Player - C:\Documents and Settings\Jim\Application Data\Move Networks\plugins\npqmp071500000347.dll (Move Networks)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF Extension: BarTab - C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\Extensions\[email protected]
FF Extension: Виявлення пристроїв Logitech - C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\Extensions\[email protected]
FF Extension: No Name - C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}-trash
FF Extension: AddThis - C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\Extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79}
FF Extension: IE Tab - C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\Extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
FF Extension: IE Tab - C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\Extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}(2)
FF Extension: Просмотр HTTP заголовков - C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
FF Extension: DownloadHelper - C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: Flash and Video Download - C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
FF Extension: amznUWL2 - C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\Extensions\[email protected]
FF Extension: artur.dubovoy - C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\Extensions\[email protected]
FF Extension: fdm_ffext - C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\Extensions\[email protected]
FF Extension: firefox - C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\Extensions\[email protected]
FF Extension: optout - C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\Extensions\[email protected]
FF Extension: pinterest - C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\Extensions\[email protected]
FF Extension: places-maintenance - C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\Extensions\[email protected]
FF Extension: readability - C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\Extensions\[email protected]
FF Extension: No Name - C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\Extensions\sfStatistics.xml
FF Extension: stealer - C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\Extensions\[email protected]
FF Extension: YoutubeDownloader - C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\Extensions\[email protected]
FF Extension: myxa - C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\Extensions\{0C07EECD-53B6-4748-BB2B-4395BF51DD8B}.xpi
FF Extension: defaults - C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\Extensions\{6005d9b1-d115-485a-a92a-3f6453ca3fe2}.xpi
FF Extension: noscript - C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\Extensions\{861d02ef-6fd9-4ce1-954a-90ee3a4de31c}.xpi
FF Extension: No Name - C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
FF Extension: No Name - C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\[email protected]\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\[email protected]\
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\[email protected]\
FF Extension: Freemake Youtube Download Button - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\[email protected]\
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\DAP\daplinkchecker
FF Extension: DAP Link Checker - C:\Program Files\DAP\daplinkchecker
FF HKCU\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files\DAP\DAPFireFox
FF Extension: Download Accelerator Plus (DAP) extension - C:\Program Files\DAP\DAPFireFox

Chrome:
=======
CHR Extension: (Sort by Name) - C:\DOCUME~1\Jim\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp\1.9.1_0
CHR Extension: () - C:\DOCUME~1\Jim\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg\1.0_0
CHR Extension: (AddThis - Share & Bookmark (new)) - C:\DOCUME~1\Jim\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde\2.9.6_0
CHR Extension: (Add to Amazon Wish List) - C:\DOCUME~1\Jim\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0
CHR Extension: (Screen Capture (by Google)) - C:\DOCUME~1\Jim\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0
CHR Extension: (Read Later Fast) - C:\DOCUME~1\Jim\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji\1.3.7_1
CHR Extension: (AdBlock) - C:\DOCUME~1\Jim\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.20_0
CHR Extension: (IE Tab) - C:\DOCUME~1\Jim\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\2.11.30.1_0
CHR Extension: (bitly | a simple URL shortener) - C:\DOCUME~1\Jim\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic\1.3.1.5_0
CHR Extension: (Cloud Reader) - C:\DOCUME~1\Jim\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd\1.0.0.0_0
CHR Extension: (Send to Kindle) - C:\DOCUME~1\Jim\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\2.6.4_0
CHR Extension: (Freemake Video Converter) - C:\DOCUME~1\Jim\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0
CHR Extension: (GreatArcadeHits Add-on) - C:\DOCUME~1\Jim\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0
CHR HKLM\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
CHR HKLM\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx
CHR HKLM\...\Chrome\Extension: [ffdcfjdljhbehggjdkdioajnknjcpbjb] - C:\Program Files\DAP\DAPChrome\DAPChrome6.crx
CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx
CHR HKLM\...\Chrome\Extension: [palpbfjgianahgbbeodmcohjdmaelbeo] - C:\Program Files\Common Files\SpeedBit\SBUpdate\SpeedbitNewTab.crx

========================== Services (Whitelisted) =================

S4 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144672 2009-08-28] (Apple Inc.)
S2 AppMgmt; C:\Windows\system32\svchost.exe [14336 2008-04-13] (Microsoft Corporation)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.)
R2 Bsecure; C:\Program Files\AVG\AVG Family Safety\InetCtrl.exe [78664 2011-03-30] (Bsecure Technologies, Inc.)
R2 CarboniteService; C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe [4426384 2011-12-05] (Carbonite, Inc. (www.carbonite.com))
S4 Extensions Updates Service; C:\Program Files\Extensions for Windows\Extensions\Updater\ExtensionsUpdatesService.exe [77824 2008-10-29] (Extensoft)
R2 Freemake Improver; C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-07-17] (Freemake)
R2 FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-08-26] (Ellora Assets Corp.)
S2 HidServ; C:\Windows\System32\svchost.exe [14336 2008-04-13] (Microsoft Corporation)
S4 Imapi Helper; C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe [163840 2006-01-05] (Alex Feinman)
R3 SBUpd; C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe [1687672 2013-10-06] (Speedbit Ltd.)
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1326176 2012-06-27] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [681056 2012-06-27] (Secunia)
R2 Stuffit Archive Name Service; C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe [157000 2007-10-08] (Smith Micro Software, Inc.)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [29560 2012-08-23] (AVG)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"

==================== Drivers (Whitelisted) ====================

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [26032 2013-06-02] (Wondershare)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120632 2013-09-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [209208 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [145720 2013-09-02] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22840 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [223032 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102200 2013-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-10-01] (AVG Technologies)
S3 BCMModem; C:\Windows\System32\DRIVERS\BCMDM.sys [871388 2001-08-17] (BCM)
R3 BSecACFltr; C:\Windows\System32\DRIVERS\BSecACFltr.sys [21624 2010-02-05] ()
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 cdrbsdrv; C:\Windows\System32\Drivers\cdrbsdrv.sys [32256 2005-05-11] (B.H.A Corporation)
S3 COMMONFX.DLL; C:\Windows\System32\COMMONFX.DLL [110592 2002-07-19] (Creative Technology Ltd)
S3 CTSBLFX.DLL; C:\Windows\System32\CTSBLFX.DLL [643072 2002-07-19] (Creative Technology Ltd)
R2 EdgeStat; C:\WINDOWS\system32\drivers\edgestat.sys [6912 1998-03-20] ()
R3 GTWModem; C:\Windows\System32\DRIVERS\GWMDM.sys [1136384 2003-03-19] (GTW)
R3 ha10kx2k; C:\Windows\System32\drivers\ha10kx2k.sys [998004 2002-07-24] (Creative Technology Ltd)
R3 L8042pr2; C:\Windows\System32\DRIVERS\L8042pr2.Sys [51729 2003-12-17] (Logitech, Inc.)
S3 LHidUsbK; C:\Windows\System32\Drivers\LHidUsbK.Sys [36608 2005-07-22] (Logitech, Inc.)
R3 MxlW2k; C:\Windows\System32\Drivers\MxlW2k.sys [28276 2006-10-17] (MusicMatch, Inc.)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 nm; C:\Windows\System32\DRIVERS\NMnt.sys [40320 2008-04-13] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R2 NwlnkIpx; C:\Windows\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-13] (Microsoft Corporation)
R2 NwlnkNb; C:\Windows\System32\DRIVERS\nwlnknb.sys [63232 2001-08-30] (Microsoft Corporation)
R2 NwlnkSpx; C:\Windows\System32\DRIVERS\nwlnkspx.sys [55936 2001-08-30] (Microsoft Corporation)
R2 PAR1284; C:\WINDOWS\system32\drivers\PAR1284.sys [53344 2000-10-23] (Warp Nine Engineering)
R2 PfModNT; C:\WINDOWS\system32\PfModNT.sys [6752 1999-12-17] (Creative Technology Ltd.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf.sys [15544 2011-12-16] (Secunia)
R2 RioPNP; C:\Windows\System32\Drivers\RioPNP.sys [6736 2000-06-06] (RioPort.com)
R3 SBUpdd; C:\Program Files\Common Files\SpeedBit\SBUpdate\sbw.sys [31640 2013-10-06] ()
R2 Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [76288 2002-12-17] (Rainbow Technologies, Inc.)
R3 SNTNLUSB; C:\Windows\System32\DRIVERS\SNTNLUSB.SYS [26120 2002-12-17] (Rainbow Technologies Inc.)
S3 sonypvs1; C:\Windows\System32\DRIVERS\sonypvs1.sys [102220 2002-10-15] (Sony Corporation)
R3 TotRec7; C:\Windows\System32\drivers\TotRec7.sys [131152 2011-07-08] (High Criteria inc.)
R3 TotRec8; C:\WINDOWS\system32\drivers\TotRec8.sys [91728 2011-07-08] (High Criteria inc.)
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13056 2008-11-11] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [19968 2008-11-11] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [24832 2008-11-11] (LG Electronics Inc.)
S1 cdrbsvsd; No ImagePath
S4 hpt3xx; No ImagePath
S1 MDFSYSNT; No ImagePath
S0 MDPMGRNT; No ImagePath
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-26 11:21 - 2013-10-26 11:21 - 00000000 ____D C:\FRST
2013-10-26 11:07 - 2013-10-26 11:07 - 00001223 _____ C:\Documents and Settings\Jim\Desktop\JRT.txt
2013-10-26 10:41 - 2013-10-26 10:41 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-26 09:32 - 2013-10-26 10:04 - 00000000 ____D C:\AdwCleaner
2013-10-25 11:43 - 2013-10-25 11:43 - 00000000 ____D C:\_OTL
2013-10-24 14:07 - 2013-10-24 14:07 - 00040116 _____ C:\WINDOWS\$CCW_D02.CC$
2013-10-24 13:36 - 2013-10-24 13:36 - 00001823 _____ C:\Documents and Settings\Children\Desktop\Google Chrome.lnk
2013-10-24 13:33 - 2013-10-24 13:34 - 00001823 _____ C:\Documents and Settings\Rhonda\Desktop\Google Chrome.lnk
2013-10-24 13:32 - 2013-10-24 13:32 - 00207182 _____ C:\Documents and Settings\Jim\My Documents\OTL.Txt
2013-10-24 01:58 - 2013-10-24 01:58 - 00000140 _____ C:\Documents and Settings\Jim\My Documents\emergency drill at lincoln school.txt
2013-10-22 14:33 - 2013-10-22 14:33 - 00000162 ____H C:\Documents and Settings\Jim\My Documents\~$tle 34, Code of Federal Regulations.htm
2013-10-22 14:13 - 2013-10-22 14:32 - 00000000 ____D C:\Documents and Settings\Jim\My Documents\images
2013-10-22 14:11 - 2013-10-22 14:51 - 02442532 _____ C:\Documents and Settings\Jim\My Documents\Title 34, Code of Federal Regulations.htm
2013-10-22 14:04 - 2013-10-22 14:10 - 00535343 _____ C:\Documents and Settings\Jim\My Documents\Title 34, Code of Federal Regulations.txt
2013-10-21 13:08 - 2013-10-21 14:06 - 00006805 _____ C:\Documents and Settings\Jim\My Documents\REMEMBER THAT MAN.txt
2013-10-21 13:08 - 2013-10-21 13:08 - 00000162 ____H C:\Documents and Settings\Jim\My Documents\~$MEMBER THAT MAN.txt
2013-10-20 15:27 - 2013-10-20 15:27 - 00002689 _____ C:\Documents and Settings\Jim\My Documents\Ro .txt
2013-10-11 13:34 - 2013-10-11 13:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-11 13:32 - 2013-10-11 13:32 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-11 13:30 - 2013-10-11 13:32 - 00132844 _____ C:\WINDOWS\KB2862335.log
2013-10-11 12:49 - 2013-10-11 12:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$
2013-10-11 12:47 - 2013-10-11 12:49 - 00011279 _____ C:\WINDOWS\KB2868038.log
2013-10-11 12:39 - 2013-10-11 12:42 - 00012241 _____ C:\WINDOWS\KB2879017-IE8.log
2013-10-11 12:38 - 2013-10-11 12:38 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-11 12:37 - 2013-10-11 12:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2013-10-10 18:45 - 2013-10-10 18:45 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2013-10-10 16:25 - 2013-10-11 12:16 - 00046592 ____H C:\Documents and Settings\Jim\My Documents\~WRL0781.tmp
2013-10-10 00:50 - 2013-10-11 13:34 - 00135263 _____ C:\WINDOWS\KB2847311.log
2013-10-10 00:45 - 2013-07-02 21:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2013-10-10 00:45 - 2013-07-02 20:59 - 00014976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbscan.sys
2013-10-10 00:35 - 2013-07-16 19:58 - 00123008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys
2013-10-10 00:35 - 2013-07-16 19:58 - 00060160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys
2013-10-10 00:27 - 2013-08-08 19:55 - 00144128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2013-10-10 00:27 - 2013-08-08 19:55 - 00032384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys
2013-10-10 00:27 - 2013-08-08 19:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2013-10-10 00:27 - 2009-03-18 06:02 - 00030336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2013-10-08 16:05 - 2013-10-08 16:05 - 00000021 _____ C:\Documents and Settings\Jim\My Documents\stuffit key.txt
2013-10-08 16:03 - 2013-10-08 16:03 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\StuffIt 11
2013-10-08 14:52 - 2013-10-08 14:52 - 00000000 ____D C:\WINDOWS\ItsDeductible
2013-10-08 14:51 - 2013-10-08 14:51 - 00000000 ____D C:\Documents and Settings\Jim\My Documents\Q03Files
2013-10-08 14:51 - 2013-10-08 14:51 - 00000000 ____D C:\Documents and Settings\Jim\My Documents\Q02FILES
2013-10-08 14:50 - 2013-10-08 14:51 - 00000000 ____D C:\Documents and Settings\Jim\My Documents\______BACKUP
2013-10-08 14:00 - 2013-10-08 14:00 - 00000566 _____ C:\Documents and Settings\Jim\Desktop\Shortcut to MG6300 series (UPnP)_DD04E25A2A07.lnk
2013-10-07 11:07 - 2013-10-07 11:07 - 00001925 _____ C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
2013-10-07 11:07 - 2013-10-07 11:07 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
2013-10-07 08:56 - 2013-10-07 08:56 - 00001289 _____ C:\Documents and Settings\Jim\Desktop\My DAP Downloads.lnk
2013-10-07 08:56 - 2013-10-07 08:56 - 00000620 _____ C:\Documents and Settings\Jim\Desktop\Download Accelerator Plus (DAP).lnk
2013-10-07 08:55 - 2013-10-26 11:01 - 00000954 _____ C:\WINDOWS\Tasks\SBW_UpdateTask_Time_313738393639313337302d3437415a556c2a3223346c41.job
2013-10-07 08:55 - 2013-10-26 10:27 - 00000954 _____ C:\WINDOWS\Tasks\SBW_UpdateTask_Logon_313738393639313337302d3437415a556c2a3223346c41.job
2013-10-07 07:58 - 2013-10-07 07:58 - 00000556 _____ C:\WINDOWS\Tasks\SBWUpdateTask_Time_f0d903de-0007E9C55523.job
2013-10-07 07:58 - 2013-10-07 07:58 - 00000556 _____ C:\WINDOWS\Tasks\SBWUpdateTask_Logon_f0d903de-0007E9C55523.job
2013-10-05 12:18 - 2013-10-05 12:18 - 00001929 _____ C:\Documents and Settings\Jim\My Documents\dap data.txt
2013-10-05 11:28 - 2013-10-26 10:28 - 00000000 ____D C:\Documents and Settings\Jim\Application Data\EQATEC Analytics
2013-10-05 11:23 - 2013-10-07 08:56 - 00000694 _____ C:\Documents and Settings\All Users\Start Menu\Download Accelerator Plus (DAP).lnk
2013-10-05 11:23 - 2013-10-07 08:56 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Download Accelerator Plus (DAP)
2013-10-05 11:23 - 2013-10-05 11:23 - 00000000 ____D C:\Documents and Settings\Jim\Local Settings\Application Data\SpeedBIT
2013-10-05 11:22 - 2013-10-07 08:56 - 00000000 ____D C:\Program Files\DAP
2013-10-05 11:22 - 2013-10-05 11:22 - 00172032 _____ (Jin Hui E-mail: [email protected] Web: http://www.jcomsoft.com) C:\WINDOWS\system32\AniGIF.ocx
2013-10-05 11:14 - 2013-10-05 11:14 - 00000000 ____D C:\Program Files\Common Files\SpeedBit
2013-10-04 23:11 - 2013-10-11 12:02 - 00000000 ____D C:\Documents and Settings\Jim\Application Data\Free Download Manager
2013-10-04 23:10 - 2013-10-04 23:10 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Free Download Manager
2013-10-03 13:06 - 2013-10-04 23:10 - 00000000 ____D C:\Program Files\Free Download Manager
2013-10-03 13:03 - 2013-10-03 13:03 - 00024576 ____H C:\Documents and Settings\Jim\My Documents\~WRL3874.tmp
2013-10-02 19:46 - 2013-10-02 19:46 - 00000000 ____D C:\Program Files\SCREEN2EXE
2013-10-02 19:46 - 2013-10-02 19:46 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\SCREEN2EXE
2013-10-02 18:25 - 2013-10-02 18:25 - 00000000 ____D C:\Documents and Settings\Jim\Local Settings\Application Data\GreatArcadeHits
2013-10-02 16:43 - 2013-10-02 16:43 - 00000000 ____D C:\Documents and Settings\Jim\My Documents\Apowersoft Screen Recorder Pro
2013-10-02 16:39 - 2013-10-24 01:13 - 00000000 ____D C:\Program Files\Apowersoft
2013-10-02 16:39 - 2013-10-24 01:13 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Apowersoft
2013-10-02 16:39 - 2013-10-02 16:39 - 00000000 ____D C:\Documents and Settings\Jim\Application Data\Apowersoft
2013-10-02 16:39 - 2013-06-02 04:56 - 00026032 _____ (Wondershare) C:\WINDOWS\system32\Drivers\Apowersoft_AudioDevice.sys
2013-10-02 16:39 - 2013-06-01 20:07 - 00443568 ____H (Bytescout) C:\WINDOWS\system32\ApowersoftScreenCapturing.dll
2013-10-02 16:39 - 2013-06-01 20:07 - 00271536 ____H (Bytescout) C:\WINDOWS\system32\ApowersoftScreenCapturingFilter.dll
2013-10-02 16:39 - 2013-06-01 20:07 - 00181424 ____H (Bytescout) C:\WINDOWS\system32\ApowersoftVideoMixerFilter.dll
2013-10-02 00:31 - 2013-10-26 10:06 - 00065536 _____ C:\WINDOWS\system32\config\CaptureL.evt
2013-10-02 00:30 - 2013-10-02 00:30 - 00000000 ____D C:\Program Files\WinPcap
2013-09-30 20:56 - 2013-10-01 14:01 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-30 10:48 - 2013-10-01 10:23 - 00005317 _____ C:\Documents and Settings\Jim\My Documents\Big Pharma Exec Turned Whistleblower .txt

==================== One Month Modified Files and Folders =======

2013-10-26 11:21 - 2013-10-26 11:21 - 00000000 ____D C:\FRST
2013-10-26 11:15 - 2010-01-28 13:01 - 00002355 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Word.lnk
2013-10-26 11:12 - 2012-03-29 19:42 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-10-26 11:07 - 2013-10-26 11:07 - 00001223 _____ C:\Documents and Settings\Jim\Desktop\JRT.txt
2013-10-26 11:01 - 2013-10-07 08:55 - 00000954 _____ C:\WINDOWS\Tasks\SBW_UpdateTask_Time_313738393639313337302d3437415a556c2a3223346c41.job
2013-10-26 10:41 - 2013-10-26 10:41 - 00000000 ____D C:\WINDOWS\ERUNT
2013-10-26 10:28 - 2013-10-05 11:28 - 00000000 ____D C:\Documents and Settings\Jim\Application Data\EQATEC Analytics
2013-10-26 10:27 - 2013-10-07 08:55 - 00000954 _____ C:\WINDOWS\Tasks\SBW_UpdateTask_Logon_313738393639313337302d3437415a556c2a3223346c41.job
2013-10-26 10:27 - 2013-05-31 10:41 - 00000350 _____ C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2013-10-26 10:27 - 2006-10-16 15:37 - 01831491 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-26 10:16 - 2013-09-07 09:02 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2013-10-26 10:11 - 2006-10-16 10:13 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-10-26 10:11 - 2006-10-16 10:13 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-10-26 10:09 - 2006-10-16 15:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-10-26 10:06 - 2013-10-02 00:31 - 00065536 _____ C:\WINDOWS\system32\config\CaptureL.evt
2013-10-26 10:06 - 2006-10-16 16:28 - 00001080 _____ C:\WINDOWS\system32\settingsbkup.sfm
2013-10-26 10:06 - 2006-10-16 16:28 - 00001080 _____ C:\WINDOWS\system32\settings.sfm
2013-10-26 10:06 - 2006-10-16 16:28 - 00000024 _____ C:\WINDOWS\system32\DVCStateBkp-{00000002-00000000-0000000D-00001102-00000004-00581102}.dat
2013-10-26 10:06 - 2006-10-16 16:28 - 00000024 _____ C:\WINDOWS\system32\DVCState-{00000002-00000000-0000000D-00001102-00000004-00581102}.dat
2013-10-26 10:06 - 2006-10-16 15:24 - 00032654 _____ C:\WINDOWS\SchedLgU.Txt
2013-10-26 10:04 - 2013-10-26 09:32 - 00000000 ____D C:\AdwCleaner
2013-10-26 10:04 - 2009-07-27 22:16 - 00000000 ____D C:\Documents and Settings\Jim\Application Data\Uniblue
2013-10-26 10:02 - 2009-07-27 22:16 - 00000000 ____D C:\Program Files\Uniblue
2013-10-26 09:31 - 2012-09-26 17:57 - 00321320 _____ C:\WINDOWS\setupapi.log
2013-10-25 18:56 - 2013-08-31 16:39 - 00002315 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2013-10-25 17:19 - 2011-06-22 10:40 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2013-10-25 12:15 - 2006-10-16 15:17 - 00000000 ____D C:\WINDOWS\Registration
2013-10-25 11:45 - 2006-10-16 15:25 - 00000178 ___SH C:\Documents and Settings\Jim\ntuser.ini
2013-10-25 11:44 - 2009-03-30 14:05 - 00000000 ____D C:\Program Files\gigasizetb
2013-10-25 11:43 - 2013-10-25 11:43 - 00000000 ____D C:\_OTL
2013-10-24 17:56 - 2011-05-14 10:08 - 00000178 ___SH C:\Documents and Settings\Rhonda\ntuser.ini
2013-10-24 17:53 - 2001-08-30 05:30 - 00001576 _____ C:\WINDOWS\win.ini
2013-10-24 14:07 - 2013-10-24 14:07 - 00040116 _____ C:\WINDOWS\$CCW_D02.CC$
2013-10-24 14:07 - 2006-10-28 10:50 - 00003498 _____ C:\WINDOWS\POWERUP.INI
2013-10-24 13:38 - 2011-05-21 16:09 - 00000178 ___SH C:\Documents and Settings\Children\ntuser.ini
2013-10-24 13:36 - 2013-10-24 13:36 - 00001823 _____ C:\Documents and Settings\Children\Desktop\Google Chrome.lnk
2013-10-24 13:34 - 2013-10-24 13:33 - 00001823 _____ C:\Documents and Settings\Rhonda\Desktop\Google Chrome.lnk
2013-10-24 13:34 - 2011-06-20 15:17 - 00000000 ____D C:\Documents and Settings\Rhonda\Tracing
2013-10-24 13:32 - 2013-10-24 13:32 - 00207182 _____ C:\Documents and Settings\Jim\My Documents\OTL.Txt
2013-10-24 11:12 - 2012-01-15 14:06 - 00000000 ____D C:\Documents and Settings\Jim\Local Settings\Application Data\LogMeIn Rescue Applet
2013-10-24 01:58 - 2013-10-24 01:58 - 00000140 _____ C:\Documents and Settings\Jim\My Documents\emergency drill at lincoln school.txt
2013-10-24 01:13 - 2013-10-02 16:39 - 00000000 ____D C:\Program Files\Apowersoft
2013-10-24 01:13 - 2013-10-02 16:39 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Apowersoft
2013-10-23 19:14 - 2007-08-19 16:21 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2013-10-23 16:47 - 2009-08-03 14:54 - 00002315 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Acrobat 7.0 Professional.lnk
2013-10-22 14:51 - 2013-10-22 14:11 - 02442532 _____ C:\Documents and Settings\Jim\My Documents\Title 34, Code of Federal Regulations.htm
2013-10-22 14:33 - 2013-10-22 14:33 - 00000162 ____H C:\Documents and Settings\Jim\My Documents\~$tle 34, Code of Federal Regulations.htm
2013-10-22 14:32 - 2013-10-22 14:13 - 00000000 ____D C:\Documents and Settings\Jim\My Documents\images
2013-10-22 14:10 - 2013-10-22 14:04 - 00535343 _____ C:\Documents and Settings\Jim\My Documents\Title 34, Code of Federal Regulations.txt
2013-10-22 12:53 - 2012-01-13 15:56 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Speedbit
2013-10-21 14:06 - 2013-10-21 13:08 - 00006805 _____ C:\Documents and Settings\Jim\My Documents\REMEMBER THAT MAN.txt
2013-10-21 13:08 - 2013-10-21 13:08 - 00000162 ____H C:\Documents and Settings\Jim\My Documents\~$MEMBER THAT MAN.txt
2013-10-20 15:27 - 2013-10-20 15:27 - 00002689 _____ C:\Documents and Settings\Jim\My Documents\Ro .txt
2013-10-19 18:28 - 2006-12-06 20:55 - 00134208 _____ C:\Documents and Settings\Jim\Application Data\GDIPFONTCACHEV1.DAT
2013-10-17 11:10 - 2008-01-25 15:53 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-17 11:10 - 2006-10-16 10:11 - 00388792 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-16 12:01 - 2011-08-29 15:33 - 00000000 ____D C:\Documents and Settings\Jim\My Documents\_Present
2013-10-16 12:01 - 2009-12-06 21:28 - 00000000 ____D C:\Documents and Settings\Jim\My Documents\__Job Search
2013-10-16 12:01 - 2008-11-25 12:09 - 00000000 ____D C:\Documents and Settings\Jim\My Documents\_Andersen SIGNS Receipts
2013-10-16 12:01 - 2006-10-19 20:12 - 00000000 ____D C:\Documents and Settings\Jim\My Documents\Jobs
2013-10-11 15:22 - 2006-11-30 20:49 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-10-11 13:58 - 2006-10-16 10:12 - 00612524 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-10-11 13:34 - 2013-10-11 13:34 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-11 13:34 - 2013-10-10 00:50 - 00135263 _____ C:\WINDOWS\KB2847311.log
2013-10-11 13:34 - 2012-10-20 17:18 - 00127386 _____ C:\WINDOWS\tsoc.log
2013-10-11 13:34 - 2012-10-20 17:18 - 00067242 _____ C:\WINDOWS\ntdtcsetup.log
2013-10-11 13:34 - 2012-10-20 17:18 - 00018468 _____ C:\WINDOWS\ocmsn.log
2013-10-11 13:34 - 2012-10-20 17:18 - 00016686 _____ C:\WINDOWS\msgsocm.log
2013-10-11 13:34 - 2012-10-20 17:18 - 00001393 _____ C:\WINDOWS\imsins.log
2013-10-11 13:34 - 2012-10-20 17:17 - 00333883 _____ C:\WINDOWS\FaxSetup.log
2013-10-11 13:34 - 2012-10-20 17:17 - 00159624 _____ C:\WINDOWS\ocgen.log
2013-10-11 13:34 - 2012-10-20 17:17 - 00110833 _____ C:\WINDOWS\comsetup.log
2013-10-11 13:34 - 2012-10-20 17:17 - 00058863 _____ C:\WINDOWS\iis6.log
2013-10-11 13:34 - 2012-10-20 17:17 - 00034127 _____ C:\WINDOWS\updspapi.log
2013-10-11 13:32 - 2013-10-11 13:32 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-11 13:32 - 2013-10-11 13:30 - 00132844 _____ C:\WINDOWS\KB2862335.log
2013-10-11 13:32 - 2012-10-20 17:18 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-10-11 13:29 - 2013-08-14 09:40 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-10-11 13:08 - 2006-10-17 08:22 - 78106760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-10-11 13:06 - 2010-06-05 10:22 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
2013-10-11 12:49 - 2013-10-11 12:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$
2013-10-11 12:49 - 2013-10-11 12:47 - 00011279 _____ C:\WINDOWS\KB2868038.log
2013-10-11 12:42 - 2013-10-11 12:39 - 00012241 _____ C:\WINDOWS\KB2879017-IE8.log
2013-10-11 12:40 - 2009-05-31 21:58 - 00000000 ____D C:\WINDOWS\ie8updates
2013-10-11 12:38 - 2013-10-11 12:38 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-11 12:37 - 2013-10-11 12:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2013-10-11 12:16 - 2013-10-10 16:25 - 00046592 ____H C:\Documents and Settings\Jim\My Documents\~WRL0781.tmp
2013-10-11 12:02 - 2013-10-04 23:11 - 00000000 ____D C:\Documents and Settings\Jim\Application Data\Free Download Manager
2013-10-10 18:45 - 2013-10-10 18:45 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2013-10-10 18:45 - 2013-09-25 17:51 - 00000712 _____ C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
2013-10-10 12:31 - 2013-05-04 12:47 - 00001612 _____ C:\WINDOWS\wmsetup.log
2013-10-09 12:20 - 2006-10-16 15:39 - 00134208 _____ C:\Documents and Settings\Jim\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2013-10-08 22:19 - 2012-03-29 19:42 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-10-08 22:19 - 2011-05-31 13:10 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-10-08 16:05 - 2013-10-08 16:05 - 00000021 _____ C:\Documents and Settings\Jim\My Documents\stuffit key.txt
2013-10-08 16:03 - 2013-10-08 16:03 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\StuffIt 11
2013-10-08 15:49 - 2011-09-05 21:46 - 00345650 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2013-10-08 15:49 - 2006-10-16 15:25 - 00000000 ____D C:\Documents and Settings\Jim
2013-10-08 15:21 - 2006-10-17 21:42 - 00000000 ____D C:\Documents and Settings\Jim\Application Data\Adobe
2013-10-08 14:52 - 2013-10-08 14:52 - 00000000 ____D C:\WINDOWS\ItsDeductible
2013-10-08 14:51 - 2013-10-08 14:51 - 00000000 ____D C:\Documents and Settings\Jim\My Documents\Q03Files
2013-10-08 14:51 - 2013-10-08 14:51 - 00000000 ____D C:\Documents and Settings\Jim\My Documents\Q02FILES
2013-10-08 14:51 - 2013-10-08 14:50 - 00000000 ____D C:\Documents and Settings\Jim\My Documents\______BACKUP
2013-10-08 14:39 - 2006-12-02 16:17 - 00000000 ____D C:\Program Files\TurboTax
2013-10-08 14:00 - 2013-10-08 14:00 - 00000566 _____ C:\Documents and Settings\Jim\Desktop\Shortcut to MG6300 series (UPnP)_DD04E25A2A07.lnk
2013-10-08 13:31 - 2011-11-04 15:14 - 00001823 _____ C:\Documents and Settings\Jim\Desktop\Google Chrome.lnk
2013-10-08 13:23 - 2012-09-20 15:48 - 00065536 _____ C:\WINDOWS\system32\config\TuneUp.evt
2013-10-08 13:16 - 2011-06-22 11:14 - 00000000 ____D C:\Program Files\AVG
2013-10-08 13:08 - 2009-10-05 13:13 - 00000000 ____D C:\Program Files\Java
2013-10-08 12:55 - 2008-10-14 00:22 - 00000000 ____D C:\Program Files\Intuit
2013-10-08 12:48 - 2006-11-30 21:09 - 00000000 ____D C:\Program Files\Common Files\AnswerWorks 4.0
2013-10-07 21:28 - 2012-01-09 16:13 - 00000000 ____D C:\Documents and Settings\Jim\My Documents\math correction
2013-10-07 11:51 - 2009-12-21 17:18 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-07 11:51 - 2009-12-21 17:18 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-07 11:07 - 2013-10-07 11:07 - 00001925 _____ C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
2013-10-07 11:07 - 2013-10-07 11:07 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
2013-10-07 11:05 - 2006-11-30 21:16 - 00000000 ____D C:\Program Files\Google
2013-10-07 08:56 - 2013-10-07 08:56 - 00001289 _____ C:\Documents and Settings\Jim\Desktop\My DAP Downloads.lnk
2013-10-07 08:56 - 2013-10-07 08:56 - 00000620 _____ C:\Documents and Settings\Jim\Desktop\Download Accelerator Plus (DAP).lnk
2013-10-07 08:56 - 2013-10-05 11:23 - 00000694 _____ C:\Documents and Settings\All Users\Start Menu\Download Accelerator Plus (DAP).lnk
2013-10-07 08:56 - 2013-10-05 11:23 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Download Accelerator Plus (DAP)
2013-10-07 08:56 - 2013-10-05 11:22 - 00000000 ____D C:\Program Files\DAP
2013-10-07 07:58 - 2013-10-07 07:58 - 00000556 _____ C:\WINDOWS\Tasks\SBWUpdateTask_Time_f0d903de-0007E9C55523.job
2013-10-07 07:58 - 2013-10-07 07:58 - 00000556 _____ C:\WINDOWS\Tasks\SBWUpdateTask_Logon_f0d903de-0007E9C55523.job
2013-10-05 12:18 - 2013-10-05 12:18 - 00001929 _____ C:\Documents and Settings\Jim\My Documents\dap data.txt
2013-10-05 11:23 - 2013-10-05 11:23 - 00000000 ____D C:\Documents and Settings\Jim\Local Settings\Application Data\SpeedBIT
2013-10-05 11:22 - 2013-10-05 11:22 - 00172032 _____ (Jin Hui E-mail: [email protected] Web: http://www.jcomsoft.com) C:\WINDOWS\system32\AniGIF.ocx
2013-10-05 11:14 - 2013-10-05 11:14 - 00000000 ____D C:\Program Files\Common Files\SpeedBit
2013-10-04 23:10 - 2013-10-04 23:10 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Free Download Manager
2013-10-04 23:10 - 2013-10-03 13:06 - 00000000 ____D C:\Program Files\Free Download Manager
2013-10-04 23:01 - 2012-10-20 17:11 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-10-04 22:58 - 2011-09-05 21:46 - 01680747 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1645522239-1035525444-839522115-1004-0.dat
2013-10-03 13:03 - 2013-10-03 13:03 - 00024576 ____H C:\Documents and Settings\Jim\My Documents\~WRL3874.tmp
2013-10-03 07:16 - 2013-09-06 10:17 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\TechSmith
2013-10-03 00:24 - 2011-07-18 13:25 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-10-03 00:00 - 2010-03-08 12:50 - 00094412 ____H C:\WINDOWS\system32\mlfcache.dat
2013-10-02 19:46 - 2013-10-02 19:46 - 00000000 ____D C:\Program Files\SCREEN2EXE
2013-10-02 19:46 - 2013-10-02 19:46 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\SCREEN2EXE
2013-10-02 18:41 - 2013-09-06 10:16 - 00000000 ____D C:\Documents and Settings\Jim\Local Settings\Application Data\TechSmith
2013-10-02 18:40 - 2013-09-06 10:16 - 00000000 ____D C:\Program Files\TechSmith
2013-10-02 18:25 - 2013-10-02 18:25 - 00000000 ____D C:\Documents and Settings\Jim\Local Settings\Application Data\GreatArcadeHits
2013-10-02 17:55 - 2006-10-16 10:07 - 00000000 ____D C:\WINDOWS\Resources
2013-10-02 16:43 - 2013-10-02 16:43 - 00000000 ____D C:\Documents and Settings\Jim\My Documents\Apowersoft Screen Recorder Pro
2013-10-02 16:39 - 2013-10-02 16:39 - 00000000 ____D C:\Documents and Settings\Jim\Application Data\Apowersoft
2013-10-02 00:37 - 2011-09-05 18:10 - 00000000 ____D C:\Documents and Settings\Jim\My Documents\Freemake
2013-10-02 00:30 - 2013-10-02 00:30 - 00000000 ____D C:\Program Files\WinPcap
2013-10-02 00:30 - 2011-09-05 18:10 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Freemake
2013-10-02 00:29 - 2011-09-05 18:10 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Freemake
2013-10-02 00:28 - 2011-09-05 18:09 - 00000000 ____D C:\Program Files\Freemake
2013-10-01 16:59 - 2013-08-06 14:21 - 00003726 _____ C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2013-10-01 16:58 - 2011-12-15 08:13 - 00000000 ____D C:\WINDOWS\system32\cache
2013-10-01 16:56 - 2012-09-18 20:10 - 00037664 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx86.sys
2013-10-01 14:01 - 2013-09-30 20:56 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-01 10:23 - 2013-09-30 10:48 - 00005317 _____ C:\Documents and Settings\Jim\My Documents\Big Pharma Exec Turned Whistleblower .txt
2013-09-27 11:41 - 2013-09-22 17:24 - 00000000 ____D C:\Documents and Settings\Jim\Local Settings\Application Data\Avg2014
2013-09-26 18:38 - 2011-06-22 13:04 - 00000000 ___HD C:\$AVG

Some content of TEMP:
====================
C:\Documents and Settings\Jim\Local Settings\Temp\BrowserSet.dll
C:\Documents and Settings\Jim\Local Settings\Temp\cabex.dll
C:\Documents and Settings\Jim\Local Settings\Temp\FreemakeAudioConverter_1.1.0.48.exe
C:\Documents and Settings\Jim\Local Settings\Temp\FreemakeVideoConverter_4.0.1.1.exe
C:\Documents and Settings\Jim\Local Settings\Temp\FreemakeVideoDownloader_3.5.4.0.exe
C:\Documents and Settings\Jim\Local Settings\Temp\GRRemove.exe
C:\Documents and Settings\Jim\Local Settings\Temp\install_reader11_en_mssd_aih.exe
C:\Documents and Settings\Jim\Local Settings\Temp\install_reader11_en_mssd_aih_1.exe
C:\Documents and Settings\Jim\Local Settings\Temp\Intuit.Spc.Map.EntitlementClient.Install.dll
C:\Documents and Settings\Jim\Local Settings\Temp\JingSetup.exe
C:\Documents and Settings\Jim\Local Settings\Temp\jre-6u37-windows-i586-iftw.exe
C:\Documents and Settings\Jim\Local Settings\Temp\jre-7u13-windows-i586-iftw.exe
C:\Documents and Settings\Jim\Local Settings\Temp\jre-7u17-windows-i586-iftw.exe
C:\Documents and Settings\Jim\Local Settings\Temp\jre-7u21-windows-i586-iftw.exe
C:\Documents and Settings\Jim\Local Settings\Temp\jre-7u25-windows-i586-iftw.exe
C:\Documents and Settings\Jim\Local Settings\Temp\qbinstal.dll
C:\Documents and Settings\Jim\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Jim\Local Settings\Temp\RunWizards.exe
C:\Documents and Settings\Jim\Local Settings\Temp\SCC.dll
C:\Documents and Settings\Jim\Local Settings\Temp\stlport_r50.dll
C:\Documents and Settings\Jim\Local Settings\Temp\svd_dap.exe
C:\Documents and Settings\Jim\Local Settings\Temp\vcredist_x86.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
  • 0

Advertisements


#11
JIm Andersen

JIm Andersen

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
========== FARBER RECOVERY SCAN TOOL, Addition.txt LOG: ==========

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-10-2013
Ran by Jim at 2013-10-26 11:44:22
Running from C:\Documents and Settings\Jim\My Documents\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
Could not list Security Center items. Check WMI.


==================== Installed Programs ======================

ACDSee Photo Manager 2009 (Version: 11.0.113)
Adobe Acrobat 7.0 Professional (Version: 7.1.4)
Adobe Acrobat 7.1.4 Professional (Version: 7.1.4)
Adobe AIR (Version: 3.5.0.1060)
Adobe Bridge 1.0 (Version: 001.000.004)
Adobe Common File Installer (Version: 1.00.0000)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Help Center 1.0 (Version: 001.000.000)
Adobe Illustrator CS2 (Version: 12.000.000)
Adobe Photoshop CS2 (Version: 9.0)
Adobe Reader XI (11.0.05) (Version: 11.0.05)
Adobe Shockwave Player 12.0 (Version: 12.0.0.112)
Adobe Stock Photos 1.0 (Version: 001.000.000)
Adobe Stock Photos 1.0 (Version: 1.0.8)
Adobe SVG Viewer 3.0 (Version: 3.0)
Amazon Music Importer (Version: 2.0.1)
AnswerWorks 5.0 English Runtime (Version: 5.0.7)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 2.6.0.32)
Apple Software Update (Version: 2.0.2.92)
Apple Software Update (Version: 2.1.3.127)
Autodesk WHIP! (Release 4.0-102)
AVG 2014 (Version: 14.0.3615)
AVG 2014 (Version: 14.0.4142)
AVG 2014 (Version: 14.0.4158)
AVG 2014 (Version: 2014.0.4158)
AVG Family Safety (Version: 10.1.7)
AviSynth 2.5
Bonjour (Version: 1.0.102)
Bonjour (Version: 3.0.0.10)
Carbonite (Version: 5.1.0 build 925 (Dec-05-2011))
CCScore (Version: 5.03.0000.0003)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Creative Jukebox Driver
Creative NOMAD II Driver
Download Accelerator Plus (DAP) (Version: 10053 (Build 2558))
ESSBrwr (Version: 5.03.0000.0101)
ESSCDBK (Version: 5.03.0000.0001)
ESScore (Version: 5.03.0000.0301)
ESSgui (Version: 5.03.0000.0101)
ESShelp (Version: 5.03.0000.0003)
ESSini (Version: 5.03.0000.0201)
ESSPCD (Version: 5.03.0000.0001)
ESSPDock (Version: 5.03.0000.0008)
ESSSONIC (Version: 5.3.0000.0001)
ESSTOOLS (Version: 5.00.0000.0004)
essvatgt (Version: 5.03.0000.0001)
essvcpt (Version: 5.03.0000.0001)
EstiMate 2.0
EstiMate Visual Pricing System1.99
Extensions for Windows (Version: 1.0.4.10)
ffdshow [rev 1443] [2007-08-29] (Version: 1.0)
First Step Guide (Version: 1.00.000)
Free Disk Analyzer (Version: 1.0.1.15)
Free Download Manager 3.9.3
Free Extended Task Manager (Version: 1.0.0.46)
Free Video Converter (Version: 1.0.0.34)
Freemake Audio Converter version 1.1.0 (Version: 1.1.0)
Freemake Video Converter version 4.0.1 (Version: 4.0.1)
Freemake Video Downloader (Version: 3.5.4)
Gateway Drivers and Applications Recovery
Gateway IE Customizations
GearDrvs (Version: 1.00.0000)
GearDrvs (Version: 5.0.0.2)
GigaSize Toolbar 1.0
Google Chrome (HKCU Version: 21.0.1180.89)
Google Chrome (Version: 65.61.49249)
Google Earth (Version: 7.1.1.1888)
Google SketchUp 6 (Version: 6.0.515)
Google SketchUp 6 Exporters (Version: 6.0.515)
Google SketchUp LayOut 6 (Version: 1.0.617)
Google SketchUp Pro 6 (Version: 6.0.00408)
Google Update Helper (Version: 1.3.21.153)
Google Updater (Version: 2.4.2432.1652)
GreatArcadeHits (HKCU Version: 1.0)
GSP OMEGA
GTW Modem
GTW V.92 Voicemodem
HLPPDOCK (Version: 5.03.0000.0001)
HP Precisionscan Pro 3.1 (Version: 3.1.0.0000)
HVAC-Calc (Vista Compatible)
ImageMixer VCD2 (Version: 2.01.002.3)
Intel® PRO Network Adapters and Drivers
Ioline SmarTrac Software
ISO Recorder (Version: 2.0.0)
ItsDeductible Express (Version: 1.00.0000)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.0)
Jing (Version: 2.7.12205.4)
Junk Mail filter update (Version: 14.0.8117.416)
KeePass Password Safe 2.13
kgcbase (Version: 5.03.0000.0004)
KODAK Camera Connection Software Help
Kodak EasyShare software
KODAK Memory Albums
KODAK Picture Software
KSU (Version: 632.62.0003.0003)
LG USB Modem driver
Logitech MouseWare 9.79.1
MacDrive 6 (Version: 6.1.5)
MFC RunTime files (Version: 1.0.0)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - ITA (Version: 2.1.21022)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - ITA (Version: 3.1.21022)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 - Language Pack (italiano)
Microsoft .NET Framework 3.5 Language Pack - ita (Version: 3.5.21022)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel Viewer 2003 (Version: 11.0.8173.0)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional
Microsoft Picture It! Photo 7.0 (Version: 7.0.0.0000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Word 2002 (Version: 10.0.6626.0)
Microsoft Works 2003 Setup Launcher
Microsoft Works 7.0 (Version: 07.02.0710.1)
Microsoft Works Suite Add-in for Microsoft Word (Version: 2.0.0.0000)
Movavi Screen Capture Studio 4 (Version: 4.3.3)
Move Media Player
Mozilla Firefox 24.0 (x86 en-US) (Version: 24.0)
Mozilla Maintenance Service (Version: 24.0)
MPEG4E VFW - H.264/MPEG-4 AVC codec (remove only)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 6.0 Parser (KB925673) (Version: 6.00.3888.0)
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)
MUSICMATCH Jukebox
Nero PhotoShow Express (Version: 3.0)
Nero Suite
NOMAD Jukebox 3 Driver
Notifier (Version: 5.03.0000.0001)
NVIDIA Drivers
NVIDIA Windows 2000/XP Display Drivers
Octoshape add-in for Adobe Flash Player
OfotoXMI (Version: 5.03.0000.0302)
OpenDNS Updater 1.3.0.187
OTtBP (Version: 5.03.0000.0001)
OTtBPSDK (Version: 4.00.0000.0000)
PandoraRecovery (Remove Only)
Pauker
PDFtoEPUB (Version: 1.5.0)
PhoneTools (Version: 3.06)
Picture Package (Version: 1.05.000)
PRS-500 USB driver (Version: 1.0.00.08110)
QBXMLRP2 (Version: 4.0.00168.0)
QuickBooks Product Listing Service (Version: 2.0.126)
Quicken 2005 (Version: 14.00.0000)
Quicken 2008 (Version: 17.1.3.7)
QuickTime (Version: 7.2.0.240)
QuickTime (Version: 7.72.80.56)
Reader Library by Sony (Version: 3.3.00.07130)
Revo Uninstaller 1.92 (Version: 1.92)
Rhapsody Player Engine (Version: 1.0.604)
Runtime (Version: 1.00.0000)
Safari (Version: 5.34.57.2)
SCREEN2EXE 3.4 (build:2577)
Secunia PSI (3.0.0.2004) (Version: 3.0.0.2004)
Segoe UI (Version: 14.0.4327.805)
Sentinel System Driver 5.41.1 (32-bit) (Version: 5.41.1)
SFR (Version: 5.00.0000.0005)
SHASTA (Version: 5.03.0000.0002)
SKIN0001 (Version: 5.03.0000.0101)
SKINXSDK (Version: 5.03.0000.0101)
Snagit 11 (Version: 11.2.1)
Sony MHS Camera Driver
Sony Picture Utility (Version: 4.3.03.07070)
Sony USB Driver
Sound Blaster Audigy
Spybot - Search & Destroy (Version: 1.6.2)
staticcr (Version: 5.03.0000.0001)
StuffIt 11 (Version: 11.2.0)
StuffIt Plugins for Microsoft Office (Version: 1.0.0)
SupportSoft Assisted Service (Version: 15)
swMSM (Version: 12.0.0.1)
TaxACT 2008
Total Recorder 8.3 Professional Edition
Uniblue DriverScanner 2009
Uniblue DriverScanner 2009 (Version: 2.0.0.1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB971180) (Version: 1)
Update for Windows Internet Explorer 8 (KB973874) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB978506) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
URGE (Version: 1.1.8115.0)
VersaCheck 2005 Silver (Version: 9.0.1.1)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
VPRINTOL (Version: 5.03.0000.0101)
WebFldrs XP (Version: 9.50.7523)
WexTech AnswerWorks (Version: 1.00.000)
Windows Driver Package - Sony Corporation (PRSUSB) USB (08/08/2006 1.0.03.08080) (Version: 08/08/2006 1.0.03.08080)
Windows Imaging Component (Version: 3.0.0.0)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Internet Explorer 7 (Version: 20061107.210142)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live ID Sign-in Assistant (Version: 6.500.3146.0)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8117.0416)
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Presentation Foundation (Version: 3.0.6920.0)
Windows Vista Upgrade Advisor (Version: 1.0.0.657)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WIRELESS (Version: 5.03.0000.0003)
Works Suite OS Pack (Version: 3.0.0.0000)
XML Paper Specification Shared Components Language Pack 1.0
XML Paper Specification Shared Components Pack 1.0
YouSendIt Express (Version: 1.5.1)

==================== Restore Points =========================

20-08-2013 03:54:54 System Checkpoint
21-08-2013 04:50:03 System Checkpoint
22-08-2013 05:02:17 System Checkpoint
27-08-2013 19:10:56 System Checkpoint
27-08-2013 23:43:36 Software Distribution Service 3.0
01-09-2013 02:28:24 System Checkpoint
05-09-2013 04:56:00 System Checkpoint
06-09-2013 12:17:30 System Checkpoint
06-09-2013 15:16:37 Installed Snagit 11
11-09-2013 04:25:36 System Checkpoint
12-09-2013 04:30:34 System Checkpoint
12-09-2013 21:53:55 Software Distribution Service 3.0
14-09-2013 19:25:33 Software Distribution Service 3.0
16-09-2013 04:36:03 System Checkpoint
17-09-2013 05:34:26 System Checkpoint
19-09-2013 20:53:19 System Checkpoint
20-09-2013 21:25:52 System Checkpoint
21-09-2013 21:32:04 System Checkpoint
23-09-2013 00:32:15 System Checkpoint
25-09-2013 00:43:18 System Checkpoint
25-09-2013 22:34:35 Installed AVG 2014
25-09-2013 22:44:44 Installed AVG 2014
27-09-2013 00:53:27 System Checkpoint
28-09-2013 01:30:32 System Checkpoint
29-09-2013 01:39:59 System Checkpoint
02-10-2013 23:40:38 Installed Jing
03-10-2013 12:18:30 Printer Driver Snagit 11 Printer Installed
05-10-2013 03:52:12 Revo Uninstaller's restore point - Free Download Manager 3.9.3
07-10-2013 11:20:04 System Checkpoint
08-10-2013 17:38:14 Revo Uninstaller's restore point - QuickBooks Pro 2007
08-10-2013 17:56:55 Revo Uninstaller's restore point - AVG PC TuneUp
08-10-2013 18:06:08 Revo Uninstaller's restore point - Java™ 6 Update 37
08-10-2013 18:16:44 Removed AVG PC TuneUp
08-10-2013 18:17:44 Removed AVG PC TuneUp Language Pack (en-US)
08-10-2013 18:20:46 Software Distribution Service 3.0
08-10-2013 19:23:19 Installed StuffIt 11.
08-10-2013 19:28:21 Revo Uninstaller's restore point - StuffIt 11
08-10-2013 19:29:21 Removed StuffIt 11.
08-10-2013 19:35:48 Revo Uninstaller's restore point - TurboTax Deluxe 2004
08-10-2013 19:38:53 Revo Uninstaller's restore point - TurboTax Deluxe 2004
08-10-2013 21:03:13 Installed StuffIt 11.
09-10-2013 05:41:29 Software Distribution Service 3.0
09-10-2013 14:41:06 Revo Uninstaller's restore point - Apowersoft Screen Recorder Pro V1.1.7
11-10-2013 16:11:08 System Checkpoint
11-10-2013 17:05:00 Software Distribution Service 3.0
13-10-2013 06:36:14 System Checkpoint
14-10-2013 16:47:04 System Checkpoint
17-10-2013 16:20:21 Software Distribution Service 3.0
22-10-2013 17:52:40 Revo Uninstaller's restore point - SpeedBit Video Downloader
24-10-2013 02:03:39 Revo Uninstaller's restore point - Microsoft .NET Framework 4 Extended
24-10-2013 06:11:49 Revo Uninstaller's restore point - Apowersoft Screen Recorder Pro V1.1.7
24-10-2013 07:00:06 Software Distribution Service 3.0
24-10-2013 21:43:09 Software Distribution Service 3.0
25-10-2013 21:44:47 System Checkpoint

==================== Hosts content: ==========================

2001-08-30 05:30 - 2008-05-09 10:19 - 00000686 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\WINDOWS\TEMP\{7851C9C8-0482-49F1-B739-E202AD804FEC}.exe
Task: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1035525444-839522115-1004Core.job => C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1645522239-1035525444-839522115-1004UA.job => C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SBWUpdateTask_Logon_f0d903de-0007E9C55523.job => ?
Task: C:\WINDOWS\Tasks\SBWUpdateTask_Time_f0d903de-0007E9C55523.job => ?
Task: C:\WINDOWS\Tasks\SBW_UpdateTask_Logon_313738393639313337302d3437415a556c2a3223346c41.job => C:\Documents and Settings\All Users\Application Data\SpeedBit\sbhe.js" sbu.exe
Task: C:\WINDOWS\Tasks\SBW_UpdateTask_Time_313738393639313337302d3437415a556c2a3223346c41.job => C:\Documents and Settings\All Users\Application Data\SpeedBit\sbhe.js" sbu.exe
Task: C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job => C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe

==================== Loaded Modules (whitelisted) =============

2011-06-22 11:42 - 2011-03-30 02:58 - 00055624 _____ () C:\Program Files\AVG\AVG Family Safety\BsecZlib.dll
2010-07-13 01:28 - 2010-07-13 01:28 - 00856064 _____ () C:\Program Files\Sony\Reader\Data\bin\launcher\fsk.dll
2010-07-13 01:13 - 2010-07-13 01:13 - 00033792 _____ () C:\Program Files\Sony\Reader\Data\bin\FskMediaPlayers.dll
2010-07-13 01:15 - 2010-07-13 01:15 - 00233472 _____ () C:\Program Files\Sony\Reader\Data\bin\Fskin.dll
2010-07-13 01:22 - 2010-07-13 01:22 - 00020480 _____ () C:\Program Files\Sony\Reader\Data\bin\FskinLocalize.dll
2010-04-02 21:23 - 2010-04-02 21:23 - 00815104 _____ () C:\Program Files\Sony\Reader\Data\bin\FskSecurity.dll
2010-07-13 01:16 - 2010-07-13 01:16 - 00118784 _____ () C:\Program Files\Sony\Reader\Data\bin\FskDocumentViewer.dll
2010-07-13 01:22 - 2010-07-13 01:22 - 00009728 _____ () C:\Program Files\Sony\Reader\Data\bin\FskPower.dll
2010-07-13 01:26 - 2010-07-13 01:26 - 00018432 _____ () C:\Program Files\Sony\Reader\Data\bin\launcher\FskNetInterface.dll
2010-07-13 01:15 - 2010-07-13 01:15 - 00010240 _____ () C:\Program Files\Sony\Reader\Data\bin\FskMobileMediaDevice.dll
2010-07-13 01:25 - 2010-07-13 01:25 - 00008704 _____ () C:\Program Files\Sony\Reader\Data\bin\launcher\FskTimeHardware.dll
2010-07-13 01:25 - 2010-07-13 01:25 - 00028160 _____ () C:\Program Files\Sony\Reader\Data\bin\launcher\ticket.dll
2010-07-13 01:25 - 2010-07-13 01:25 - 00011776 _____ () C:\Program Files\Sony\Reader\Data\bin\launcher\ebookDeviceNotifier.dll
2010-04-02 20:44 - 2010-04-02 20:44 - 00086016 _____ () C:\Program Files\Sony\Reader\Data\bin\launcher\ebookUsb.dll
2010-07-13 01:29 - 2010-07-13 01:29 - 00143360 _____ () C:\Program Files\Sony\Reader\Data\bin\launcher\connectionDetector.dll
2010-07-13 01:10 - 2010-07-13 01:10 - 00172032 _____ () C:\Program Files\Sony\Reader\Data\bin\launcher\USBDetector.dll
2013-10-07 09:01 - 2013-10-23 16:52 - 00011776 _____ () C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\fivegiganet.dll
2013-10-07 09:01 - 2013-10-23 16:52 - 00010240 _____ () C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\MegaUploadCom.dll
2013-10-07 09:01 - 2013-10-23 16:53 - 00012800 _____ () C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\SpdFileCom.dll
2013-10-07 09:01 - 2013-10-23 16:53 - 00012800 _____ () C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\XSevenTo.dll
2013-10-07 09:01 - 2013-10-23 16:53 - 00010752 _____ () C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\zsharenet.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:553CA6CA
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:56E2E879

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Bsecure => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr => ""="Service"

==================== Faulty Device Manager Devices =============

Name: Intel® PRO/100 Network Connection
Description: Intel® PRO/100 Network Connection
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: E100B
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Logitech-compatible Mouse PS/2
Description: Logitech-compatible Mouse PS/2
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Logitech
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/25/2013 00:00:20 PM) (Source: Application Error) (User: )
Description: Faulting application sbu.exe, version 2.1.0.22, faulting module msvcr90.dll, version 9.0.30729.6161, fault address 0x0003734d.
Processing media-specific event for [sbu.exe!ws!]

Error: (10/24/2013 00:00:20 PM) (Source: Application Error) (User: )
Description: Faulting application sbu.exe, version 2.1.0.22, faulting module msvcr90.dll, version 9.0.30729.6161, fault address 0x0003734d.
Processing media-specific event for [sbu.exe!ws!]

Error: (10/24/2013 11:13:29 AM) (Source: Freemake Improver) (User: )
Description: Service cannot be started. The service process could not connect to the service controller

Error: (10/23/2013 04:48:10 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x8007041d].

Error: (10/23/2013 00:00:39 PM) (Source: Application Error) (User: )
Description: Faulting application sbu.exe, version 2.1.0.22, faulting module msvcr90.dll, version 9.0.30729.6161, fault address 0x0003734d.
Processing media-specific event for [sbu.exe!ws!]

Error: (10/22/2013 00:00:32 PM) (Source: Application Error) (User: )
Description: Faulting application sbu.exe, version 2.1.0.22, faulting module msvcr90.dll, version 9.0.30729.6161, fault address 0x0003734d.
Processing media-specific event for [sbu.exe!ws!]

Error: (10/21/2013 00:01:39 PM) (Source: Application Error) (User: )
Description: Faulting application sbu.exe, version 2.1.0.22, faulting module msvcr90.dll, version 9.0.30729.6161, fault address 0x0003734d.
Processing media-specific event for [sbu.exe!ws!]

Error: (10/20/2013 00:00:33 PM) (Source: Application Error) (User: )
Description: Faulting application sbu.exe, version 2.1.0.22, faulting module msvcr90.dll, version 9.0.30729.6161, fault address 0x0003734d.
Processing media-specific event for [sbu.exe!ws!]

Error: (10/19/2013 00:00:25 PM) (Source: Application Error) (User: )
Description: Faulting application sbu.exe, version 2.1.0.22, faulting module msvcr90.dll, version 9.0.30729.6161, fault address 0x0003734d.
Processing media-specific event for [sbu.exe!ws!]

Error: (10/18/2013 00:00:23 PM) (Source: Application Error) (User: )
Description: Faulting application sbu.exe, version 2.1.0.22, faulting module msvcr90.dll, version 9.0.30729.6161, fault address 0x0003734d.
Processing media-specific event for [sbu.exe!ws!]


System errors:
=============
Error: (10/26/2013 11:37:42 AM) (Source: DCOM) (User: 700S)
Description: DCOM got error "%%1058" attempting to start the service MDM with arguments ""
in order to run the server:
{0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error: (10/26/2013 11:37:41 AM) (Source: DCOM) (User: 700S)
Description: DCOM got error "%%1058" attempting to start the service MDM with arguments ""
in order to run the server:
{0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error: (10/26/2013 11:37:41 AM) (Source: DCOM) (User: 700S)
Description: DCOM got error "%%1058" attempting to start the service MDM with arguments ""
in order to run the server:
{0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error: (10/26/2013 11:37:41 AM) (Source: DCOM) (User: 700S)
Description: DCOM got error "%%1058" attempting to start the service MDM with arguments ""
in order to run the server:
{0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error: (10/26/2013 11:37:37 AM) (Source: DCOM) (User: 700S)
Description: DCOM got error "%%1058" attempting to start the service MDM with arguments ""
in order to run the server:
{0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error: (10/26/2013 11:37:36 AM) (Source: DCOM) (User: 700S)
Description: DCOM got error "%%1058" attempting to start the service MDM with arguments ""
in order to run the server:
{0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error: (10/26/2013 10:46:11 AM) (Source: DCOM) (User: 700S)
Description: DCOM got error "%%1058" attempting to start the service MDM with arguments ""
in order to run the server:
{0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error: (10/26/2013 10:28:32 AM) (Source: DCOM) (User: 700S)
Description: DCOM got error "%%1058" attempting to start the service MDM with arguments ""
in order to run the server:
{0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error: (10/26/2013 10:27:43 AM) (Source: DCOM) (User: 700S)
Description: DCOM got error "%%1058" attempting to start the service MDM with arguments ""
in order to run the server:
{0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error: (10/26/2013 10:13:11 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
MDFSYSNT
MDPMGRNT


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 42%
Total physical RAM: 1535.3 MB
Available physical RAM: 885.78 MB
Total Pagefile: 4460.43 MB
Available Pagefile: 3853.77 MB
Total Virtual: 2047.88 MB
Available Virtual: 1952.74 MB

==================== Drives ================================

Drive c: (Local Disk) (Fixed) (Total:127.99 GB) (Free:21.51 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive s: (BACKUP) (Fixed) (Total:21.06 GB) (Free:20.97 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: B8F1B8F1)
Partition 1: (Active) - (Size=128 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=21 GB) - (Type=07 NTFS)

==================== End Of Log ============================
  • 0

#12
JIm Andersen

JIm Andersen

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
========== COMBOFIX LOG: ==========

ComboFix 13-10-26.01 - Jim 10/26/2013 17:24:59.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1535.955 [GMT -5:00]
Running from: c:\documents and settings\Jim\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Internet Security 2013 *Enabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Jim\Favorites\Thumbs.db
c:\documents and settings\Jim\Local Settings\Application Data\C9FDFF7E6BA824AA08958A9C209DB4B7.dll
C:\install.exe
c:\windows\system32\SETB7.tmp
S:\AUTORUN.INF
.
.
((((((((((((((((((((((((( Files Created from 2013-09-26 to 2013-10-26 )))))))))))))))))))))))))))))))
.
.
2013-10-26 16:21 . 2013-10-26 16:21 -------- d-----w- C:\FRST
2013-10-26 15:41 . 2013-10-26 15:41 -------- d-----w- c:\windows\ERUNT
2013-10-26 14:32 . 2013-10-26 15:04 -------- d-----w- C:\AdwCleaner
2013-10-25 16:43 . 2013-10-25 16:43 -------- d-----w- C:\_OTL
2013-10-10 05:45 . 2013-07-03 02:12 25088 -c----w- c:\windows\system32\dllcache\hidparse.sys
2013-10-08 19:52 . 2013-10-08 19:52 -------- d-----w- c:\windows\ItsDeductible
2013-10-05 16:28 . 2013-10-26 23:05 -------- d-----w- c:\documents and settings\Jim\Application Data\EQATEC Analytics
2013-10-05 16:23 . 2013-10-05 16:23 -------- d-----w- c:\documents and settings\Jim\Local Settings\Application Data\SpeedBIT
2013-10-05 16:22 . 2013-10-07 13:56 -------- d-----w- c:\program files\DAP
2013-10-05 16:22 . 2013-10-05 16:22 172032 ----a-w- c:\windows\system32\AniGIF.ocx
2013-10-05 16:14 . 2013-10-05 16:14 -------- d-----w- c:\program files\Common Files\SpeedBit
2013-10-05 04:11 . 2013-10-11 17:02 -------- d-----w- c:\documents and settings\Jim\Application Data\Free Download Manager
2013-10-03 18:06 . 2013-10-05 04:10 -------- d-----w- c:\program files\Free Download Manager
2013-10-03 00:46 . 2013-10-03 00:46 -------- d-----w- c:\program files\SCREEN2EXE
2013-10-02 23:25 . 2013-10-02 23:25 -------- d-----w- c:\documents and settings\Jim\Local Settings\Application Data\GreatArcadeHits
2013-10-02 21:39 . 2013-06-02 01:07 181424 ---ha-w- c:\windows\system32\ApowersoftVideoMixerFilter.dll
2013-10-02 21:39 . 2013-06-02 01:07 271536 ---ha-w- c:\windows\system32\ApowersoftScreenCapturingFilter.dll
2013-10-02 21:39 . 2013-06-02 01:07 443568 ---ha-w- c:\windows\system32\ApowersoftScreenCapturing.dll
2013-10-02 21:39 . 2013-06-02 09:56 26032 ----a-w- c:\windows\system32\drivers\Apowersoft_AudioDevice.sys
2013-10-02 21:39 . 2013-10-24 06:13 -------- d-----w- c:\program files\Apowersoft
2013-10-02 21:39 . 2013-10-02 21:39 -------- d-----w- c:\documents and settings\Jim\Application Data\Apowersoft
2013-10-02 05:30 . 2013-10-02 05:30 -------- d-----w- c:\program files\WinPcap
2013-10-02 05:28 . 2013-08-26 09:22 8013376 ----a-w- c:\program files\Internet Explorer\Microsoft.mshtml.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-09 03:19 . 2012-03-30 00:42 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-09 03:19 . 2011-05-31 18:10 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-01 21:56 . 2012-09-19 01:10 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-09-26 01:57 . 2013-08-01 21:06 120632 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
2013-09-23 18:33 . 2001-08-30 10:30 920064 ----a-w- c:\windows\system32\wininet.dll
2013-09-23 18:33 . 2001-08-30 10:30 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-09-23 18:33 . 2001-08-30 10:30 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-09-23 18:33 . 2001-08-30 10:30 18944 ----a-w- c:\windows\system32\corpol.dll
2013-09-23 18:06 . 2006-10-16 20:32 385024 ----a-w- c:\windows\system32\html.iec
2013-09-11 03:11 . 2012-09-21 09:45 22840 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2013-09-09 03:12 . 2012-08-10 09:52 27448 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2013-09-02 15:39 . 2012-08-09 18:56 176952 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2013-09-02 15:28 . 2012-09-17 23:58 145720 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2013-09-02 15:28 . 2012-10-22 19:02 209208 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-09-02 15:28 . 2012-08-09 18:56 223032 ----a-w- c:\windows\system32\drivers\avglogx.sys
2013-08-29 01:31 . 2008-08-26 15:59 1878656 ----a-w- c:\windows\system32\win32k.sys
2013-08-21 03:54 . 2012-08-10 09:52 102200 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2013-08-09 01:56 . 2001-08-30 10:30 386560 ----a-w- c:\windows\system32\themeui.dll
2013-08-09 00:55 . 2008-08-26 15:59 144128 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-08-09 00:55 . 2008-08-26 15:59 32384 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-08-09 00:55 . 2001-08-30 10:30 5376 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-08-05 13:30 . 2001-08-30 10:30 1289728 ----a-w- c:\windows\system32\ole32.dll
2013-08-03 19:18 . 2006-10-19 03:47 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-08-01 21:08 . 2012-08-10 09:52 193848 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-04-01 03:47 . 2013-10-01 01:57 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{D5974A72-C81C-4DC3-BE77-A8A7BBC8864E}]
2013-10-05 16:22 432232 ----a-w- c:\program files\DAP\LinkVerifier.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{e9e8eb35-ff77-455d-b677-91e5e4fc06c2}]
2009-11-07 06:07 297808 ----a-w- c:\windows\system32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green]
@="{95A27763-F62A-4114-9072-E81D87DE3B68}"
[HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}]
2011-12-06 02:41 1005712 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial]
@="{E300CD91-100F-4E67-9AF3-1384A6124015}"
[HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}]
2011-12-06 02:41 1005712 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow]
@="{5E529433-B50E-4bef-A63B-16A6B71B071A}"
[HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}]
2011-12-06 02:41 1005712 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\windows\system32\NVMCTRAY.DLL" [2003-07-28 49152]
"DownloadAccelerator"="c:\program files\DAP\DAP.EXE" [2013-10-07 3865232]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-07-23 28160]
"Logitech Utility"="Logi_MwX.Exe" [2003-12-17 19968]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-07-28 4841472]
"nwiz"="nwiz.exe" [2003-07-28 323584]
"AVG Family Safety"="c:\program files\AVG\AVG Family Safety\BsecTray.exe" [2011-03-30 106824]
"KeePass 2 PreLoad"="c:\program files\KeePass Password Safe 2\KeePass.exe" [2010-09-05 1655296]
"Reader Library Launcher"="c:\program files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe" [2010-07-13 906648]
"Carbonite Backup"="c:\program files\Carbonite\Carbonite Backup\CarboniteUI.exe" [2011-12-06 1059472]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2003-07-28 49152]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2013-10-08 4908592]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2012-04-19 421888]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
.
c:\documents and settings\Jim\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
PMB Media Check Tool.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe /noballoononstart [2009-12-22 333088]
Quicken Scheduled Updates.lnk - c:\program files\Quicken 2005\bagent.exe [2004-7-16 57344]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2006-12-9 25214]
Picture Package Menu.lnk - c:\program files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe [2009-12-21 151552]
Picture Package VCD Maker.lnk - c:\program files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe -h [2009-12-21 106496]
Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2012-6-27 572000]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe /startup [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=DrvTrNTm.dll
"wave"=DrvTrNTm.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2014\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^KODAK Software Updater.lnk]
backup=c:\windows\pss\KODAK Software Updater.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Jim^Start Menu^Programs^Startup^Shortcut to GspTray.lnk]
backup=c:\windows\pss\Shortcut to GspTray.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KODAK Software Updater
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
2008-04-23 07:08 483328 ----a-w- c:\program files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
2002-07-02 23:56 24576 ----a-w- c:\windows\system32\cthelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GWMDMpi]
2002-08-06 20:24 53248 ----a-w- c:\windows\GWMDMpi.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
2005-07-23 05:25 28160 ----a-w- c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2003-07-28 20:19 4841472 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2003-07-28 20:19 323584 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-01-26 20:31 2144088 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"bgsvcgen"=2 (0x2)
"ose"=3 (0x3)
"Lavasoft Ad-Aware Service"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\KODAK\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\KODAK\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\AVG\\AVG Family Safety\\InetCtrl.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Amazon\\Utilities\\Amazon Music Importer\\Amazon Music Importer.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgmfapx.exe"=
"c:\\Program Files\\DAP\\DAP.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgemcx.exe"=
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [9/17/2012 6:58 PM 145720]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [8/9/2012 1:56 PM 223032]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [8/10/2012 4:52 AM 27448]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [8/1/2013 4:06 PM 120632]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [10/22/2012 2:02 PM 209208]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [9/21/2012 4:45 AM 22840]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [8/9/2012 1:56 PM 176952]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [8/10/2012 4:52 AM 193848]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [9/18/2012 8:10 PM 37664]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2014\avgidsagent.exe [10/3/2013 10:00 PM 3538480]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2014\avgwdsvc.exe [9/25/2013 9:47 PM 301152]
R2 Bsecure;AVG Family Safety;c:\program files\AVG\AVG Family Safety\InetCtrl.exe [6/22/2011 11:42 AM 78664]
R2 EdgeStat;EdgeStat;c:\windows\system32\drivers\edgestat.sys [10/19/2006 4:05 PM 6912]
R2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files\Freemake\CaptureLib\CaptureLibService.exe [10/2/2013 12:28 AM 9216]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2/11/2011 4:23 PM 35088]
R2 RioPNP;RioPNP;c:\windows\system32\drivers\RioPnP.sys [10/17/2006 8:55 AM 6736]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [6/27/2012 2:25 AM 1326176]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [6/27/2012 2:25 AM 681056]
R3 BSecACFltr;BSecACFltr;c:\windows\system32\drivers\BSecACFltr.sys [6/22/2011 11:42 AM 21624]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [12/16/2011 9:19 AM 15544]
R3 SBUpd;SpeedBit Update;c:\program files\Common Files\SpeedBit\SBUpdate\sbu.exe [10/6/2013 2:39 AM 1687672]
R3 SBUpdd;SpeedBit UpdateD;c:\program files\Common Files\SpeedBit\SBUpdate\sbw.sys [10/6/2013 2:39 AM 31640]
R3 TotRec7;Total Recorder WDM audio driver;c:\windows\system32\drivers\TotRec7.sys [3/24/2009 6:01 PM 131152]
R3 TotRec8;Total Recorder WDM audio filter driver;c:\windows\system32\drivers\TotRec8.sys [7/21/2011 8:45 AM 91728]
S0 MDPMGRNT;MDPMGRNT; [x]
S1 MDFSYSNT;MDFSYSNT; [x]
S2 Freemake Improver;Freemake Improver;c:\documents and settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [5/4/2013 11:04 AM 101888]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [10/2/2013 4:39 PM 26032]
S4 Extensions Updates Service;Extensions Updates Service;c:\program files\Extensions for Windows\Extensions\Updater\ExtensionsUpdatesService.exe [10/29/2008 9:50 AM 77824]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-07 15:45 1185744 ----a-w- c:\program files\Google\Chrome\Application\30.0.1599.69\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-10-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 03:19]
.
2013-10-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
.
2012-09-22 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-05-14 20:33]
.
2013-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-21 22:17]
.
2013-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-21 22:17]
.
2013-10-26 c:\windows\Tasks\SBW_UpdateTask_Logon_313738393639313337302d3437415a556c2a3223346c41.job
- c:\windows\system32\wscript.exe [2001-08-30 11:24]
.
2013-10-26 c:\windows\Tasks\SBW_UpdateTask_Time_313738393639313337302d3437415a556c2a3223346c41.job
- c:\windows\system32\wscript.exe [2001-08-30 11:24]
.
2009-08-08 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job
- c:\program files\Spybot - Search & Destroy\SpybotSD.exe [2009-08-08 20:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: &Verify with DAP - c:\program files\DAP\dapverify.htm
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: Download all with Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
LSP: %ProgramFiles%\AVG\AVG Family Safety\InetCtrl52.dll
TCP: DhcpNameServer = 192.168.254.254
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program files\DAP\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program files\DAP\dapie.dll
FF - ProfilePath - c:\documents and settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - ExtSQL: 2013-09-06 09:18; [email protected]; c:\documents and settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
FF - ExtSQL: 2013-09-10 08:05; {6005d9b1-d115-485a-a92a-3f6453ca3fe2}; c:\documents and settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{6005d9b1-d115-485a-a92a-3f6453ca3fe2}.xpi
FF - ExtSQL: 2013-09-10 08:32; [email protected]; c:\documents and settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
FF - ExtSQL: 2013-10-01 19:33; [email protected]; c:\documents and settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
FF - ExtSQL: 2013-10-01 20:27; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\documents and settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - ExtSQL: 2013-10-01 23:35; {0C07EECD-53B6-4748-BB2B-4395BF51DD8B}; c:\documents and settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{0C07EECD-53B6-4748-BB2B-4395BF51DD8B}.xpi
FF - ExtSQL: 2013-10-01 23:46; {bee6eb20-01e0-ebd1-da83-080329fb9a3a}; c:\documents and settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
FF - ExtSQL: 2013-10-02 00:28; [email protected]; c:\program files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\[email protected]
FF - ExtSQL: 2013-10-02 00:28; [email protected]; c:\program files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\[email protected]
FF - ExtSQL: 2013-10-03 07:53; [email protected]; c:\documents and settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
FF - ExtSQL: 2013-10-03 08:13; [email protected]; c:\documents and settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
FF - ExtSQL: 2013-10-03 13:06; [email protected]; c:\program files\Free Download Manager\Firefox\Extension
FF - ExtSQL: 2013-10-05 11:23; {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}; c:\program files\DAP\DAPFireFox
FF - ExtSQL: 2013-10-05 11:23; [email protected]; c:\program files\DAP\daplinkchecker
FF - ExtSQL: 2013-10-25 12:11; [email protected]; c:\documents and settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-Mediafour Mac Volume Icons - (no file)
ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file)
Notify-!SASWinLogon - c:\program files\SUPERAntiSpyware\SASWINLO.DLL
MSConfigStartUp-SUPERAntiSpyware - c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
AddRemove-Free Video Converter - c:\program files\Free Video Converter\Video Converter Uninstaller.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-10-26 18:03
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\Toolbar\QuickComplete]
@DACL=(02 0000)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(820)
c:\program files\AVG\AVG Family Safety\InetCtrl52.dll
.
- - - - - - - > 'explorer.exe'(2300)
c:\windows\system32\WININET.dll
c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
c:\windows\system32\msi.dll
c:\program files\Common Files\Mediafour\MACVICON.DLL
c:\progra~1\WINDOW~3\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\IME\SPGRMR.DLL
c:\program files\Common Files\Microsoft Shared\Ink\SKCHUI.DLL
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\AVG\AVG Family Safety\InetCtrl52.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
c:\program files\Carbonite\Carbonite Backup\carboniteservice.exe
c:\program files\AVG\AVG Family Safety\BSecAMX.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
c:\windows\System32\locator.exe
c:\program files\Smith Micro\StuffIt11\ArcNameService.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\Logi_MwX.Exe
c:\program files\Windows Desktop Search\WindowsSearch.exe
.
**************************************************************************
.
Completion time: 2013-10-26 18:21:23 - machine was rebooted
ComboFix-quarantined-files.txt 2013-10-26 23:21
.
Pre-Run: 22,910,930,944 bytes free
Post-Run: 25,944,428,544 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
.
- - End Of File - - E84A092D88C9223D43DFC6A725FBF206
8F558EB6672622401DA993E1E865C861
  • 0

#13
JIm Andersen

JIm Andersen

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
========== MALWAREBYTES ANTI-MALWARE LOG: ==========

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.10.27.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Jim :: 700S [administrator]

10/26/2013 7:44:23 PM
mbam-log-2013-10-26 (19-44-23).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 337894
Time elapsed: 34 minute(s), 19 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C68AE9C0-0909-4DDC-B661-C1AFB9F5AE53} (Trojan.Agent.IE) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{856AD396-519D-4C7A-BED6-6785F64924BC} (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Documents and Settings\Jim\Local Settings\Application Data\GreatArcadeHits (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.

Files Detected: 12
C:\Documents and Settings\Jim\My Documents\Downloads\cbsidlm-tr1_15-Jing-SEO-10744274.exe (PUP.Optional.InstallBrain.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\My Documents\Downloads\FreemakeVideoConverterSetup(1).exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Local Settings\TempDIR\BetterInstaller.exe (PUP.BundleInstaller.Somoto) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Local Settings\Application Data\GreatArcadeHits\application.ico (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Local Settings\Application Data\GreatArcadeHits\cookies.js (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Local Settings\Application Data\GreatArcadeHits\gahff.xpi (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Local Settings\Application Data\GreatArcadeHits\GAHUninstaller.exe (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Local Settings\Application Data\GreatArcadeHits\GAHUpdate.exe (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Local Settings\Application Data\GreatArcadeHits\GreatArcadeHitsIE.dll (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Local Settings\Application Data\GreatArcadeHits\Play Games online on GreatArcadeHits.com.url (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Local Settings\Application Data\GreatArcadeHits\premium.pem (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Local Settings\Application Data\GreatArcadeHits\static.js (PUP.Optional.GreatArcadeHits.A) -> Quarantined and deleted successfully.

(end)
  • 0

#14
JIm Andersen

JIm Andersen

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
========== OTL LOG: ==========

OTL logfile created on: 10/26/2013 9:37:22 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Jim\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.50 Gb Total Physical Memory | 0.88 Gb Available Physical Memory | 58.69% Memory free
4.36 Gb Paging File | 3.75 Gb Available in Paging File | 86.05% Paging File free
Paging file location(s): C:\pagefile.sys 3072 4095 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127.99 Gb Total Space | 24.20 Gb Free Space | 18.90% Space Free | Partition Type: NTFS
Drive S: | 21.06 Gb Total Space | 20.97 Gb Free Space | 99.59% Space Free | Partition Type: NTFS

Computer Name: 700S | User Name: Jim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/10/24 12:14:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jim\My Documents\Downloads\OTL.exe
PRC - [2013/10/07 19:54:20 | 004,908,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe
PRC - [2013/10/07 08:55:24 | 003,865,232 | ---- | M] (Speedbit Ltd.) -- C:\Program Files\DAP\DAP.exe
PRC - [2013/10/06 02:39:44 | 001,687,672 | ---- | M] (Speedbit Ltd.) -- C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe
PRC - [2013/10/03 22:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe
PRC - [2013/09/25 21:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe
PRC - [2013/09/15 23:08:30 | 000,895,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe
PRC - [2013/09/03 22:22:16 | 000,588,336 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe
PRC - [2013/09/02 11:19:00 | 000,669,232 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgemcx.exe
PRC - [2013/08/26 04:13:08 | 000,009,216 | ---- | M] (Ellora Assets Corp.) -- C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
PRC - [2013/08/20 23:03:42 | 000,728,624 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgrsx.exe
PRC - [2013/07/08 12:41:44 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/06/27 02:25:06 | 001,326,176 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2012/06/27 02:25:04 | 000,681,056 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2012/06/27 02:25:04 | 000,572,000 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2011/12/05 21:41:32 | 004,426,384 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
PRC - [2011/12/05 21:41:32 | 001,059,472 | R--- | M] (Carbonite, Inc.) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
PRC - [2011/03/30 02:58:46 | 000,021,320 | ---- | M] () -- C:\Program Files\AVG\AVG Family Safety\BSecAMX.exe
PRC - [2011/03/30 02:58:33 | 000,078,664 | ---- | M] (Bsecure Technologies, Inc.) -- C:\Program Files\AVG\AVG Family Safety\InetCtrl.exe
PRC - [2011/03/30 02:58:24 | 000,106,824 | ---- | M] (Bsecure Technologies, Inc.) -- C:\Program Files\AVG\AVG Family Safety\BsecTray.exe
PRC - [2010/07/13 01:34:46 | 000,906,648 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/08 08:52:36 | 000,157,000 | ---- | M] (Smith Micro Software, Inc.) -- C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe
PRC - [2003/12/17 09:50:00 | 000,019,968 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\LOGI_MWX.EXE


========== Modules (No Company Name) ==========

MOD - [2013/10/26 21:28:01 | 000,010,752 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\zsharenet.dll
MOD - [2013/10/26 21:27:56 | 000,011,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\ZShareMa.dll
MOD - [2013/10/26 21:27:52 | 000,012,800 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\XSevenTo.dll
MOD - [2013/10/26 21:27:49 | 000,016,384 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\wuploadCom.dll
MOD - [2013/10/26 21:27:44 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\weupcoil.dll
MOD - [2013/10/26 21:27:40 | 000,032,768 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\UploadStationCom.dll
MOD - [2013/10/26 21:27:35 | 000,010,752 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\UploadingCom.dll
MOD - [2013/10/26 21:27:30 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\UniBytesCom.dll
MOD - [2013/10/26 21:27:24 | 000,012,800 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\SpdFileCom.dll
MOD - [2013/10/26 21:27:20 | 000,010,752 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\ShareFlareNet.dll
MOD - [2013/10/26 21:27:16 | 000,009,216 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\SendSpaceCom.dll
MOD - [2013/10/26 21:27:05 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\rapidsharecom.dll
MOD - [2013/10/26 21:27:00 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\OronCom.dll
MOD - [2013/10/26 21:26:56 | 000,015,360 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\NetLoadIn.dll
MOD - [2013/10/26 21:26:52 | 000,016,896 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\MetaCafeCom.dll
MOD - [2013/10/26 21:26:48 | 000,010,240 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\MegaUploadCom.dll
MOD - [2013/10/26 21:26:45 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\mediafirecom.dll
MOD - [2013/10/26 21:26:41 | 000,013,312 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\LetItBitNet.dll
MOD - [2013/10/26 21:26:37 | 000,011,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\fivegiganet.dll
MOD - [2013/10/26 21:26:32 | 000,028,672 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\filesoniccom.dll
MOD - [2013/10/26 21:26:28 | 000,013,824 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\FilePostCom.dll
MOD - [2013/10/26 21:26:24 | 000,011,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\FileFlyerCom.dll
MOD - [2013/10/26 21:26:10 | 000,012,288 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\FileFactoryCom.dll
MOD - [2013/10/26 21:26:00 | 000,012,800 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\ExtaBitCom.dll
MOD - [2013/10/26 21:25:56 | 000,016,896 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\DepositFilesCom.dll
MOD - [2013/10/26 21:25:47 | 000,009,728 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\DataFileHostCom.dll
MOD - [2013/10/26 21:25:18 | 000,013,312 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Speedbit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\DailyMotionCom.dll
MOD - [2013/10/11 15:15:41 | 017,403,392 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\c5e68e15ca94f18f85d08eb540813e7e\System.ServiceModel.ni.dll
MOD - [2013/10/11 14:21:49 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\02257c6b67db33c194fa3beccf977afb\System.Windows.Forms.ni.dll
MOD - [2013/10/11 14:09:20 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\1b7600e7fe5e152f21ba6d79f3c0c3b6\System.Configuration.ni.dll
MOD - [2013/08/19 14:51:07 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7bf3e4deef4483205017aa7b13194845\System.ServiceProcess.ni.dll
MOD - [2013/08/19 14:50:35 | 018,101,760 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\918ce68a67ddb5558994e20dc3a74c8a\System.ServiceModel.ni.dll
MOD - [2013/08/19 14:46:48 | 000,148,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\f5243e7f1da3d5e891826778dafc4fbc\System.Configuration.Install.ni.dll
MOD - [2013/08/19 13:13:43 | 000,256,000 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\5610aec044605e6848086b4454ee2e15\SMDiagnostics.ni.dll
MOD - [2013/08/14 09:53:30 | 011,816,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\972dcf9830a64e9802aaca3a83cae24b\System.Web.ni.dll
MOD - [2013/08/14 09:42:08 | 002,345,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\ba6670610621b25b1608e457ba0ef305\System.Runtime.Serialization.ni.dll
MOD - [2013/08/14 09:33:31 | 001,616,384 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\112c6ea532e67d4e67a921c7ab5ca3ca\Microsoft.CSharp.ni.dll
MOD - [2013/08/14 09:31:35 | 007,053,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\608aa2db27d45e63a4863f1f1d06897a\System.Core.ni.dll
MOD - [2013/08/14 09:30:20 | 009,099,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll
MOD - [2013/08/14 09:14:59 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b34cb206ab0cec687c3730b14cdff57\System.Drawing.ni.dll
MOD - [2013/08/14 09:14:02 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\f93600ac836b9140e1df13bb0f6bfccf\System.Xml.ni.dll
MOD - [2013/08/14 09:12:27 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\10df39542df7d48462451fc39bce8418\System.ni.dll
MOD - [2013/07/10 18:59:10 | 014,416,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
MOD - [2013/07/10 18:38:45 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll
MOD - [2011/03/30 02:58:46 | 000,021,320 | ---- | M] () -- C:\Program Files\AVG\AVG Family Safety\BSecAMX.exe
MOD - [2011/03/30 02:58:29 | 000,055,624 | ---- | M] () -- C:\Program Files\AVG\AVG Family Safety\BsecZlib.dll
MOD - [2010/07/13 01:29:42 | 000,143,360 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\connectionDetector.dll
MOD - [2010/07/13 01:28:42 | 000,856,064 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\fsk.dll
MOD - [2010/07/13 01:26:12 | 000,018,432 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\FskNetInterface.dll
MOD - [2010/07/13 01:25:56 | 000,008,704 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\FskTimeHardware.dll
MOD - [2010/07/13 01:25:50 | 000,028,160 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\ticket.dll
MOD - [2010/07/13 01:25:42 | 000,011,776 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\ebookDeviceNotifier.dll
MOD - [2010/07/13 01:22:36 | 000,020,480 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\FskinLocalize.dll
MOD - [2010/07/13 01:22:02 | 000,009,728 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\FskPower.dll
MOD - [2010/07/13 01:16:16 | 000,118,784 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\FskDocumentViewer.dll
MOD - [2010/07/13 01:15:58 | 000,010,240 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\FskMobileMediaDevice.dll
MOD - [2010/07/13 01:15:52 | 000,233,472 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\Fskin.dll
MOD - [2010/07/13 01:13:42 | 000,033,792 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\FskMediaPlayers.dll
MOD - [2010/07/13 01:10:56 | 000,172,032 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\USBDetector.dll
MOD - [2010/04/02 21:23:36 | 000,815,104 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\FskSecurity.dll
MOD - [2010/04/02 20:44:16 | 000,086,016 | ---- | M] () -- C:\Program Files\Sony\Reader\Data\bin\launcher\ebookUsb.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/10/08 22:19:56 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/06 02:39:44 | 001,687,672 | ---- | M] (Speedbit Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe -- (SBUpd)
SRV - [2013/10/03 22:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/09/30 20:59:34 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/09/25 21:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2013/08/26 04:13:08 | 000,009,216 | ---- | M] (Ellora Assets Corp.) [Auto | Running] -- C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe -- (FreemakeVideoCapture)
SRV - [2013/07/17 00:01:38 | 000,101,888 | ---- | M] (Freemake) [Auto | Stopped] -- C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2013/07/08 12:41:44 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/08/23 11:31:22 | 000,029,560 | ---- | M] (AVG) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2012/06/27 02:25:06 | 001,326,176 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2012/06/27 02:25:04 | 000,681,056 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011/12/05 21:41:32 | 004,426,384 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [Auto | Running] -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe -- (CarboniteService)
SRV - [2011/03/30 02:58:33 | 000,078,664 | ---- | M] (Bsecure Technologies, Inc.) [Auto | Running] -- C:\Program Files\AVG\AVG Family Safety\InetCtrl.exe -- (Bsecure)
SRV - [2010/04/02 21:34:12 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe -- (Sony SCSI Helper Service)
SRV - [2008/10/29 09:50:23 | 000,077,824 | ---- | M] (Extensoft) [Disabled | Stopped] -- C:\Program Files\Extensions for Windows\Extensions\Updater\ExtensionsUpdatesService.exe -- (Extensions Updates Service)
SRV - [2007/10/08 08:52:36 | 000,157,000 | ---- | M] (Smith Micro Software, Inc.) [Auto | Running] -- C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe -- (Stuffit Archive Name Service)
SRV - [2006/01/05 00:06:02 | 000,163,840 | ---- | M] (Alex Feinman) [Disabled | Stopped] -- C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe -- (Imapi Helper)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | System | Stopped] -- -- (cdrbsvsd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2013/10/06 02:39:38 | 000,031,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\SpeedBit\SBUpdate\sbw.sys -- (SBUpdd)
DRV - [2013/10/01 16:56:58 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/09/25 20:57:14 | 000,120,632 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2013/09/10 22:11:44 | 000,022,840 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013/09/08 22:12:16 | 000,027,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2013/09/02 10:39:32 | 000,176,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013/09/02 10:28:06 | 000,145,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013/09/02 10:28:04 | 000,209,208 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013/09/02 10:28:00 | 000,223,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013/08/20 22:54:04 | 000,102,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013/08/01 16:08:52 | 000,193,848 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2013/06/02 04:56:40 | 000,026,032 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice)
DRV - [2011/12/16 09:19:54 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2011/07/08 17:17:20 | 000,091,728 | ---- | M] (High Criteria inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TotRec8.sys -- (TotRec8)
DRV - [2011/07/08 17:17:14 | 000,131,152 | ---- | M] (High Criteria inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TotRec7.sys -- (TotRec7)
DRV - [2011/02/11 16:23:34 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2010/02/05 12:40:12 | 000,021,624 | ---- | M] () [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BSecACFltr.sys -- (BSecACFltr)
DRV - [2008/11/11 14:42:00 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008/11/11 14:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008/11/11 14:41:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2008/04/13 13:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 13:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2006/10/17 08:55:58 | 000,028,276 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2006/09/13 13:53:20 | 000,213,888 | R--- | M] (Mediafour Corporation) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\MDFSYSNT.SYS.rmv -- (MDFSYSNT)
DRV - [2006/04/30 09:57:06 | 000,016,640 | R--- | M] (Mediafour Corporation) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\MDPMGRNT.sys.rmv -- (MDPMGRNT)
DRV - [2005/07/23 00:41:46 | 000,026,112 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKE)
DRV - [2005/07/23 00:41:42 | 000,068,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2005/07/22 23:41:18 | 000,036,608 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidUsbK.sys -- (LHidUsbK)
DRV - [2005/07/22 23:41:08 | 000,055,040 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2005/05/11 00:33:12 | 000,032,256 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdrbsdrv.sys -- (cdrbsdrv)
DRV - [2003/12/17 09:50:00 | 000,070,801 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys -- (LMouFlt2)
DRV - [2003/12/17 09:50:00 | 000,051,729 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042pr2.Sys -- (L8042pr2)
DRV - [2003/12/17 09:50:00 | 000,025,505 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFlt2.Sys -- (LHidFlt2)
DRV - [2003/03/19 15:39:02 | 001,136,384 | ---- | M] (GTW) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GWMDM.sys -- (GTWModem)
DRV - [2002/12/17 05:41:10 | 000,076,288 | ---- | M] (Rainbow Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\sentinel.sys -- (Sentinel)
DRV - [2002/12/17 05:41:10 | 000,026,120 | ---- | M] (Rainbow Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SNTNLUSB.SYS -- (SNTNLUSB)
DRV - [2002/10/15 23:41:06 | 000,102,220 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sonypvs1.sys -- (sonypvs1)
DRV - [2002/07/24 14:52:24 | 000,998,004 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2002/07/19 11:55:42 | 000,643,072 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\ctsblfx.dll -- (CTSBLFX.DLL)
DRV - [2002/07/19 11:54:08 | 000,110,592 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\commonfx.dll -- (COMMONFX.DLL)
DRV - [2002/07/19 11:48:30 | 000,156,604 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2002/07/19 11:48:20 | 000,213,860 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2002/07/19 11:48:06 | 000,011,068 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2002/07/19 11:48:02 | 000,195,432 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2002/07/19 11:47:50 | 000,837,548 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k)
DRV - [2002/07/19 11:46:26 | 000,127,948 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2001/08/30 05:30:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001/08/30 05:30:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2001/08/17 08:28:00 | 000,871,388 | ---- | M] (BCM) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMDM.sys -- (BCMModem)
DRV - [2000/10/23 07:43:48 | 000,053,344 | ---- | M] (Warp Nine Engineering) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PAR1284.SYS -- (PAR1284)
DRV - [2000/06/06 10:29:58 | 000,006,736 | ---- | M] (RioPort.com) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\RioPnP.sys -- (RioPNP)
DRV - [1999/12/17 01:00:00 | 000,006,752 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\PFMODNT.SYS -- (PfModNT)
DRV - [1998/03/20 12:49:00 | 000,006,912 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\edgestat.sys -- (EdgeStat)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 16 1C 4C 81 B8 D3 CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKCU\..\SearchScopes\{6DAE86F6-022E-4DF4-8C7F-7FBCC485D138}: "URL" = http://www.google.co...startPage}&rlz=
IE - HKCU\..\SearchScopes\{f1b5f790-bdce-11dd-ad8b-0800200c9a66}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Jim\Application Data\Move Networks\plugins\npqmp071500000347.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@sony.com/eBookLibrary: C:\Program Files\Sony\Reader\Data\bin\npebldetectmoz.dll (Sony Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Jim\Application Data\Move Networks\plugins\npqmp071500000347.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2013/05/04 16:25:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\[email protected]\ [2013/10/02 00:28:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\[email protected]\ [2013/10/02 00:28:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\DAP\daplinkchecker [2013/10/07 08:56:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/09/30 20:57:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/10/11 12:21:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\EXTENSIONS\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Program Files\DAP\DAPFireFox [2013/10/07 08:55:50 | 000,000,000 | ---D | M]

[2009/09/21 14:38:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Extensions
[2009/09/21 14:38:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Extensions\[email protected]
[2013/10/25 12:11:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions
[2010/05/05 10:40:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}-trash
[2012/08/31 12:19:58 | 000,000,000 | ---D | M] (AddThis) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79}
[2013/05/04 16:14:45 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2007/07/20 12:16:08 | 000,000,000 | ---D | M] ("IE Tab") -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}(2)
[2012/01/15 17:50:41 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2013/10/01 20:27:59 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013/10/10 13:52:24 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2010/05/25 12:42:10 | 000,000,000 | ---D | M] (BarTab) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
[2012/06/06 15:50:25 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
[2012/09/18 18:28:21 | 000,243,287 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
[2013/10/20 12:00:10 | 000,335,971 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
[2013/09/06 09:18:39 | 000,014,574 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
[2011/07/31 13:31:20 | 000,008,363 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
[2013/10/25 12:11:32 | 000,018,590 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
[2012/02/15 10:31:58 | 000,006,162 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
[2013/09/10 08:32:22 | 000,260,810 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
[2013/10/03 08:13:25 | 000,298,379 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
[2013/10/10 13:52:11 | 000,071,142 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\[email protected]
[2013/10/01 23:35:56 | 000,035,532 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{0C07EECD-53B6-4748-BB2B-4395BF51DD8B}.xpi
[2013/09/10 08:05:39 | 000,260,260 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{6005d9b1-d115-485a-a92a-3f6453ca3fe2}.xpi
[2013/10/24 13:06:36 | 000,535,018 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/01/10 12:36:09 | 000,554,753 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{861d02ef-6fd9-4ce1-954a-90ee3a4de31c}.xpi
[2013/10/04 21:31:59 | 000,150,994 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2013/10/10 13:52:32 | 000,915,554 | ---- | M] () (No name found) -- C:\Documents and Settings\Jim\Application Data\Mozilla\Firefox\Profiles\fsshkt1d.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/10/25 11:44:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/09/30 20:56:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/09/30 20:59:43 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/10/07 08:55:50 | 000,000,000 | ---D | M] (Download Accelerator Plus (DAP) extension) -- C:\PROGRAM FILES\DAP\DAPFIREFOX
[2013/10/07 08:56:13 | 000,000,000 | ---D | M] (DAP Link Checker) -- C:\PROGRAM FILES\DAP\DAPLINKCHECKER
[2009/03/31 22:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\mozilla firefox\components\coFFPlgn.dll
[2011/05/20 00:09:27 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2011/05/20 00:09:28 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol500.dll
[2007/01/19 08:32:43 | 000,114,688 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npmozax.dll

========== Chrome ==========

CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp\1.9.1_0\
CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg\1.0_0\
CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde\2.9.6_0\
CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\
CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg\5.0.4_0\
CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji\1.3.7_1\
CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.20_0\
CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\2.11.30.1_0\
CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic\1.3.1.5_0\
CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd\1.0.0.0_0\
CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan\2.6.4_0\
CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\
CHR - Extension: No name found = C:\Documents and Settings\Jim\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\

O1 HOSTS File: ([2013/10/26 18:01:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
O2 - BHO: (SpeedBit Link Verification Helper) - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files\DAP\LinkVerifier.dll (Speedbit Ltd.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Download Accelerator Plus Integration) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG Family Safety] C:\Program Files\AVG\AVG Family Safety\BsecTray.exe (Bsecure Technologies, Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [KeePass 2 PreLoad] C:\Program Files\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [Reader Library Launcher] C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe (Sony Corporation)
O4 - HKCU..\Run: [DownloadAccelerator] C:\Program Files\DAP\DAP.EXE (Speedbit Ltd.)
O4 - HKCU..\Run: [NvMediaCenter] C:\WINDOWS\System32\NVMCTRAY.DLL (NVIDIA Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Picture Package Menu.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Picture Package VCD Maker.lnk = C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe (Sony Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
O4 - Startup: C:\Documents and Settings\Jim\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\Jim\Start Menu\Programs\Startup\PMB Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\Jim\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk = C:\Program Files\Quicken 2005\bagent.exe (Intuit Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: &Verify with DAP - C:\Program Files\DAP\dapverify.htm ()
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files\Free Download Manager\dllink.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000053 - C:\Program Files\AVG\AVG Family Safety\InetCtrl52.dll (Bsecure Technologies, Inc.)
O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech....Detection32.cab (Device Detection)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1254835153609 (MUWebControl Class)
O18 - Protocol\Handler\g7ps {9EACF0FB-4FC7-436E-989B-3197142AD979} - C:\Program Files\Common Files\G7PS\Shared Files\G7PSDLL\G7PS.dll (G7 Productivity Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:1 () - http://www.google.co...s/posts/default
O24 - Desktop WallPaper: C:\Documents and Settings\Jim\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jim\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/12/21 19:48:56 | 000,000,140 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/10/26 19:37:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\Application Data\Malwarebytes
[2013/10/26 19:36:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/10/26 19:36:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/10/26 19:36:35 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/10/26 19:36:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/10/26 17:19:29 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/10/26 17:08:39 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/10/26 17:08:39 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/10/26 17:08:39 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/10/26 17:08:39 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/10/26 17:04:03 | 005,136,694 | R--- | C] (Swearware) -- C:\Documents and Settings\Jim\Desktop\ComboFix.exe
[2013/10/26 13:30:27 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/10/26 13:29:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/10/26 11:21:09 | 000,000,000 | ---D | C] -- C:\FRST
[2013/10/26 10:41:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/10/26 09:32:16 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/25 11:43:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/10/22 14:13:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\My Documents\images
[2013/10/10 18:45:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2013/10/08 16:03:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\StuffIt 11
[2013/10/08 14:52:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\ItsDeductible
[2013/10/08 14:51:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\My Documents\Q03Files
[2013/10/08 14:51:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\My Documents\Q02FILES
[2013/10/08 14:50:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\My Documents\______BACKUP
[2013/10/07 21:30:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\My Documents\My Personal Documents
[2013/10/07 11:07:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2013/10/05 11:28:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\Application Data\EQATEC Analytics
[2013/10/05 11:23:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\My Documents\My DAP Downloads
[2013/10/05 11:23:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Download Accelerator Plus (DAP)
[2013/10/05 11:23:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\Local Settings\Application Data\SpeedBIT
[2013/10/05 11:22:55 | 000,000,000 | ---D | C] -- C:\Program Files\DAP
[2013/10/05 11:22:21 | 000,172,032 | ---- | C] (Jin Hui E-mail: [email protected] Web: http://www.jcomsoft.com) -- C:\WINDOWS\System32\AniGIF.ocx
[2013/10/05 11:14:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeedBit
[2013/10/04 23:11:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\Application Data\Free Download Manager
[2013/10/04 23:10:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Free Download Manager
[2013/10/03 13:06:25 | 000,000,000 | ---D | C] -- C:\Program Files\Free Download Manager
[2013/10/02 19:46:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SCREEN2EXE
[2013/10/02 19:46:02 | 000,000,000 | ---D | C] -- C:\Program Files\SCREEN2EXE
[2013/10/02 16:43:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\My Documents\Apowersoft Screen Recorder Pro
[2013/10/02 16:39:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Apowersoft
[2013/10/02 16:39:24 | 000,181,424 | -H-- | C] (Bytescout) -- C:\WINDOWS\System32\ApowersoftVideoMixerFilter.dll
[2013/10/02 16:39:23 | 000,271,536 | -H-- | C] (Bytescout) -- C:\WINDOWS\System32\ApowersoftScreenCapturingFilter.dll
[2013/10/02 16:39:22 | 000,443,568 | -H-- | C] (Bytescout) -- C:\WINDOWS\System32\ApowersoftScreenCapturing.dll
[2013/10/02 16:39:17 | 000,026,032 | ---- | C] (Wondershare) -- C:\WINDOWS\System32\drivers\Apowersoft_AudioDevice.sys
[2013/10/02 16:39:16 | 000,000,000 | ---D | C] -- C:\Program Files\Apowersoft
[2013/10/02 16:39:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jim\Application Data\Apowersoft
[2013/10/02 00:30:12 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2013/09/30 20:56:52 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[25 C:\Documents and Settings\Jim\My Documents\*.tmp files -> C:\Documents and Settings\Jim\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/10/26 21:22:09 | 000,002,335 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2013/10/26 21:20:08 | 000,000,954 | ---- | M] () -- C:\WINDOWS\tasks\SBW_UpdateTask_Logon_313738393639313337302d3437415a556c2a3223346c41.job
[2013/10/26 21:19:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/10/26 21:19:11 | 1609,945,088 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/26 21:16:35 | 000,023,304 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000002-00000000-0000000D-00001102-00000004-00581102}.rfx
[2013/10/26 21:16:35 | 000,023,304 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000002-00000000-0000000D-00001102-00000004-00581102}.rfx
[2013/10/26 21:16:35 | 000,018,648 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000002-00000000-0000000D-00001102-00000004-00581102}.rfx
[2013/10/26 21:16:35 | 000,018,648 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000002-00000000-0000000D-00001102-00000004-00581102}.rfx
[2013/10/26 21:16:35 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2013/10/26 21:16:35 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2013/10/26 21:16:35 | 000,000,024 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000002-00000000-0000000D-00001102-00000004-00581102}.dat
[2013/10/26 21:16:35 | 000,000,024 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-0000000D-00001102-00000004-00581102}.dat
[2013/10/26 21:12:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/10/26 21:01:02 | 000,000,954 | ---- | M] () -- C:\WINDOWS\tasks\SBW_UpdateTask_Time_313738393639313337302d3437415a556c2a3223346c41.job
[2013/10/26 18:01:53 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/10/26 17:19:38 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2013/10/26 17:04:58 | 005,136,694 | R--- | M] (Swearware) -- C:\Documents and Settings\Jim\Desktop\ComboFix.exe
[2013/10/26 10:16:34 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/10/25 15:25:17 | 000,013,135 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\Payment Verification, to Kimila Gray Thompson .pdf
[2013/10/25 01:30:46 | 000,617,159 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\lunatik pricing.pdf
[2013/10/25 01:30:11 | 000,215,760 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\delete 2.pdf
[2013/10/25 01:29:58 | 000,211,265 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\delete 1.pdf
[2013/10/25 01:02:20 | 000,192,241 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\lunatik discounted.pdf
[2013/10/24 14:07:34 | 000,040,116 | ---- | M] () -- C:\WINDOWS\$CCW_D02.CC$
[2013/10/24 14:07:34 | 000,003,498 | ---- | M] () -- C:\WINDOWS\POWERUP.INI
[2013/10/23 20:56:33 | 000,030,707 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\1379442_10201680850417474_1929028677_n.jpg
[2013/10/23 00:36:07 | 000,231,945 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\cafe press delete.pdf
[2013/10/22 14:51:25 | 002,442,532 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\Title 34, Code of Federal Regulations.htm
[2013/10/22 14:33:00 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Jim\My Documents\~$tle 34, Code of Federal Regulations.htm
[2013/10/19 18:29:41 | 000,058,582 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\MLA Formatting and Style, General Guidelines .pdf
[2013/10/18 12:02:00 | 000,051,903 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\REDACTED SIU Neuropsychological Evaluation, 12-09-11 .pdf
[2013/10/18 11:31:25 | 000,051,828 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\David's REDACTED SIU Neuropsychological Evaluation, 12-09-11 .pdf
[2013/10/17 11:10:49 | 000,388,792 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/10/16 13:01:08 | 000,223,765 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\David's SIU Neuropsychological Evaluation, 12-09-11 .pdf
[2013/10/11 13:58:41 | 000,524,178 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/10/11 13:58:41 | 000,095,520 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/10/11 13:32:30 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/10/10 19:43:06 | 001,269,719 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\Title 34, Code of Federal Regulations.pdf
[2013/10/10 18:45:50 | 000,000,712 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
[2013/10/09 12:26:41 | 000,075,894 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\Draft - Letter to school requesting LD Testing, October, 2….pdf
[2013/10/08 14:00:58 | 000,000,566 | ---- | M] () -- C:\Documents and Settings\Jim\Desktop\Shortcut to MG6300 series (UPnP)_DD04E25A2A07.lnk
[2013/10/08 13:31:11 | 000,001,841 | ---- | M] () -- C:\Documents and Settings\Jim\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/10/08 13:31:09 | 000,001,823 | ---- | M] () -- C:\Documents and Settings\Jim\Desktop\Google Chrome.lnk
[2013/10/07 11:51:30 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/07 11:51:30 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/07 11:34:55 | 000,019,585 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\INDIVIDUAL ACCOMMODATION PLAN David Andersen.pdf
[2013/10/07 11:07:14 | 000,001,925 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2013/10/07 08:56:59 | 000,001,289 | ---- | M] () -- C:\Documents and Settings\Jim\Desktop\My DAP Downloads.lnk
[2013/10/07 08:56:59 | 000,000,620 | ---- | M] () -- C:\Documents and Settings\Jim\Desktop\Download Accelerator Plus (DAP).lnk
[2013/10/05 16:38:01 | 000,028,253 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\Your TrialPay order is complete.pdf
[2013/10/05 16:25:52 | 000,019,587 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\David's 2013-2014 504 Plan.pdf
[2013/10/05 15:26:06 | 000,063,454 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\Dad's Daily Language QUIZ.pdf
[2013/10/05 12:15:41 | 000,201,998 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\angie's list trial-pay memebr data.pdf
[2013/10/05 11:22:21 | 000,172,032 | ---- | M] (Jin Hui E-mail: [email protected] Web: http://www.jcomsoft.com) -- C:\WINDOWS\System32\AniGIF.ocx
[2013/10/04 23:10:56 | 000,000,770 | ---- | M] () -- C:\Documents and Settings\Jim\Application Data\Microsoft\Internet Explorer\Quick Launch\Free Download Manager.lnk
[2013/10/04 22:49:35 | 000,301,200 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\dlm schedule.pdf
[2013/10/03 15:32:59 | 000,036,769 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\David's Detention History through 09-30-13 .pdf
[2013/10/03 00:24:08 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/10/03 00:00:53 | 000,094,412 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2013/10/02 23:55:53 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\Jim\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2013/10/01 16:59:20 | 000,003,726 | ---- | M] () -- C:\Program Files\Mozilla Firefoxavg-secure-search.xml
[2013/10/01 16:56:58 | 000,037,664 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2013/09/29 03:10:18 | 001,699,836 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\Shariah-The-Threat-to-America-Team-B-Report-Web-09292010.pdf
[2013/09/29 00:44:34 | 002,489,803 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\TO OUR GREAT DETRIMENT - Jihad.pdf
[2013/09/29 00:00:06 | 002,528,981 | ---- | M] () -- C:\Documents and Settings\Jim\My Documents\Obamcare Bill .pdf
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[25 C:\Documents and Settings\Jim\My Documents\*.tmp files -> C:\Documents and Settings\Jim\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/10/26 17:19:38 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2013/10/26 17:19:34 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2013/10/26 17:08:39 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/10/26 17:08:39 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/10/26 17:08:39 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/10/26 17:08:39 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/10/26 17:08:39 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/10/25 15:25:17 | 000,013,135 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\Payment Verification, to Kimila Gray Thompson .pdf
[2013/10/25 01:30:46 | 000,617,159 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\lunatik pricing.pdf
[2013/10/25 01:30:11 | 000,215,760 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\delete 2.pdf
[2013/10/25 01:29:58 | 000,211,265 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\delete 1.pdf
[2013/10/25 01:02:20 | 000,192,241 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\lunatik discounted.pdf
[2013/10/24 14:07:34 | 000,040,116 | ---- | C] () -- C:\WINDOWS\$CCW_D02.CC$
[2013/10/23 20:56:27 | 000,030,707 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\1379442_10201680850417474_1929028677_n.jpg
[2013/10/23 00:36:06 | 000,231,945 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\cafe press delete.pdf
[2013/10/22 14:33:00 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Jim\My Documents\~$tle 34, Code of Federal Regulations.htm
[2013/10/22 14:11:47 | 002,442,532 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\Title 34, Code of Federal Regulations.htm
[2013/10/19 18:29:41 | 000,058,582 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\MLA Formatting and Style, General Guidelines .pdf
[2013/10/18 12:02:00 | 000,051,903 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\REDACTED SIU Neuropsychological Evaluation, 12-09-11 .pdf
[2013/10/18 11:31:25 | 000,051,828 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\David's REDACTED SIU Neuropsychological Evaluation, 12-09-11 .pdf
[2013/10/16 13:01:07 | 000,223,765 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\David's SIU Neuropsychological Evaluation, 12-09-11 .pdf
[2013/10/09 12:16:11 | 000,075,894 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\Draft - Letter to school requesting LD Testing, October, 2….pdf
[2013/10/08 16:18:52 | 001,269,719 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\Title 34, Code of Federal Regulations.pdf
[2013/10/08 14:00:58 | 000,000,566 | ---- | C] () -- C:\Documents and Settings\Jim\Desktop\Shortcut to MG6300 series (UPnP)_DD04E25A2A07.lnk
[2013/10/07 11:07:14 | 000,001,925 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2013/10/07 08:56:59 | 000,001,289 | ---- | C] () -- C:\Documents and Settings\Jim\Desktop\My DAP Downloads.lnk
[2013/10/07 08:56:59 | 000,000,620 | ---- | C] () -- C:\Documents and Settings\Jim\Desktop\Download Accelerator Plus (DAP).lnk
[2013/10/07 08:55:11 | 000,000,954 | ---- | C] () -- C:\WINDOWS\tasks\SBW_UpdateTask_Time_313738393639313337302d3437415a556c2a3223346c41.job
[2013/10/07 08:55:07 | 000,000,954 | ---- | C] () -- C:\WINDOWS\tasks\SBW_UpdateTask_Logon_313738393639313337302d3437415a556c2a3223346c41.job
[2013/10/05 16:37:24 | 000,028,253 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\Your TrialPay order is complete.pdf
[2013/10/05 16:25:52 | 000,019,587 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\David's 2013-2014 504 Plan.pdf
[2013/10/05 16:25:12 | 000,019,585 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\INDIVIDUAL ACCOMMODATION PLAN David Andersen.pdf
[2013/10/05 15:26:06 | 000,063,454 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\Dad's Daily Language QUIZ.pdf
[2013/10/05 12:15:41 | 000,201,998 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\angie's list trial-pay memebr data.pdf
[2013/10/04 23:10:56 | 000,000,770 | ---- | C] () -- C:\Documents and Settings\Jim\Application Data\Microsoft\Internet Explorer\Quick Launch\Free Download Manager.lnk
[2013/10/04 22:49:35 | 000,301,200 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\dlm schedule.pdf
[2013/10/03 15:32:59 | 000,036,769 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\David's Detention History through 09-30-13 .pdf
[2013/09/29 03:10:08 | 001,699,836 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\Shariah-The-Threat-to-America-Team-B-Report-Web-09292010.pdf
[2013/09/29 00:44:24 | 002,489,803 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\TO OUR GREAT DETRIMENT - Jihad.pdf
[2013/09/28 23:03:24 | 002,528,981 | ---- | C] () -- C:\Documents and Settings\Jim\My Documents\Obamcare Bill .pdf
[2013/09/07 09:02:24 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/09/07 08:22:21 | 000,004,970 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\xgneqrwu.hrx
[2013/08/06 14:21:59 | 000,003,726 | ---- | C] () -- C:\Program Files\Mozilla Firefoxavg-secure-search.xml
[2013/07/26 14:47:18 | 000,356,290 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-18-0.dat
[2013/07/08 02:18:34 | 000,109,696 | ---- | C] () -- C:\WINDOWS\System32\EasyHook64.dll
[2013/07/08 02:18:34 | 000,091,264 | ---- | C] () -- C:\WINDOWS\System32\EasyHook32.dll
[2013/07/02 10:39:13 | 000,007,201 | ---- | C] () -- C:\Documents and Settings\Jim\r
[2012/04/25 16:43:51 | 000,537,103 | ---- | C] () -- C:\Documents and Settings\Jim\sign invoices
[2012/02/15 10:52:46 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/09/15 22:06:08 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\Jim\WINWORD.box
[2011/09/05 21:46:32 | 001,680,747 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1645522239-1035525444-839522115-1004-0.dat
[2011/09/05 21:46:21 | 000,345,650 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/05/20 11:21:12 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\Jim\usb002
[2011/05/19 22:06:28 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\Jim\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/05/18 15:44:04 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/01/26 19:11:47 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\fusioncache.dat
[2009/06/24 14:59:23 | 000,060,744 | ---- | C] () -- C:\Documents and Settings\Jim\g2mdlhlpx.exe
[2009/01/02 15:58:06 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jim\LOG
[2008/07/31 17:27:22 | 000,000,560 | ---- | C] () -- C:\Documents and Settings\Jim\Application Data\ViewerApp.dat
[2008/03/08 15:43:24 | 000,000,545 | ---- | C] () -- C:\Documents and Settings\Jim\Shortcut to Desktop.lnk
[2007/06/27 19:15:14 | 005,353,472 | ---- | C] () -- C:\Documents and Settings\Jim\s-1-5-21-1645522239-1035525444-839522115-1004.rrr
[2007/02/21 17:13:54 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jim\delete
[2006/12/09 21:50:22 | 000,047,187 | ---- | C] () -- C:\Documents and Settings\Jim\prn file.PRN
[2006/11/30 23:20:26 | 000,066,048 | ---- | C] () -- C:\Documents and Settings\Jim\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/30 23:02:59 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Jim\Local Settings\Application Data\fusioncache.dat
[2006/11/20 12:58:51 | 000,001,356 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/10/18 02:45:14 | 000,002,048 | ---- | C] () -- C:\Documents and Settings\Jim\check.db

========== ZeroAccess Check ==========

[2006/11/30 20:50:41 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2009/10/08 10:39:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems
[2011/09/05 13:12:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Applian
[2012/09/20 15:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG
[2013/09/25 17:54:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2014
[2011/06/24 02:33:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BSecure
[2011/05/17 20:45:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/12/22 06:31:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Carbonite
[2011/06/22 10:41:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\COMMON FILES
[2012/01/18 12:34:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ContentWatch
[2009/01/17 19:15:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DiskAnalyzer
[2010/02/12 11:42:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DonationCoder
[2012/01/02 09:43:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverScanner
[2009/08/08 01:23:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EmailNotifier
[2010/02/18 12:22:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EstiMate
[2011/09/05 15:32:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Extensions
[2013/10/02 00:30:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Freemake
[2009/01/20 14:24:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\G7PS
[2009/03/30 14:05:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GigaSize
[2012/02/25 21:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2009/08/01 09:29:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iolo OLD
[2011/07/02 11:33:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\kinoma
[2013/10/26 18:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009/05/25 23:40:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NBC Direct
[2009/06/09 13:29:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OpenDNS Updater
[2009/06/22 22:36:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2013/07/08 11:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\r2 Studios
[2013/09/06 10:17:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1995-08.com.techsmith
[2009/01/18 01:04:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScreenCapture
[2007/11/29 22:02:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SMSI
[2013/10/22 12:53:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Speedbit
[2012/01/02 02:13:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SUPERSetup
[2011/10/08 09:36:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2009/01/17 19:03:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TaskManager
[2013/09/06 10:17:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2013/10/26 21:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/09/21 14:39:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2009/01/18 01:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VideoConverter
[2008/10/06 20:37:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2009/07/27 22:16:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}
[2009/08/18 18:41:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2012/09/19 17:54:39 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2009/10/08 10:45:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\ACD Systems
[2006/10/18 21:40:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Aladdin Systems
[2009/12/07 10:54:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Amazon
[2013/10/02 16:39:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Apowersoft
[2012/09/20 15:47:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\AVG
[2013/09/25 18:05:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\AVG2014
[2007/08/24 09:02:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Beehive
[2011/05/20 00:09:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Catalina Marketing Corp
[2013/02/11 17:14:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\com.amazon.music.uploader
[2012/02/26 03:12:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\driveridentifier
[2006/10/18 00:32:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\EarthLink Toolbar
[2010/02/08 10:48:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\ElevatedDiagnostics
[2013/10/26 21:22:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\EQATEC Analytics
[2010/02/17 09:32:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Foxit
[2013/10/11 12:02:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Free Download Manager
[2009/01/20 14:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\G7PS
[2009/12/21 14:07:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\GetRightToGo
[2009/04/15 16:52:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\gigasizetb
[2009/03/30 18:08:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Gigauper
[2009/05/24 22:01:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\IDM
[2010/01/28 13:54:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\iolo
[2009/08/06 21:00:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\iolo OLD
[2012/06/29 02:11:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\KeePass
[2013/09/07 08:22:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\MOVAVI
[2009/05/25 23:40:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\NBC Direct
[2006/12/07 15:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Opera
[2012/08/31 13:27:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\PandoraRecovery
[2011/08/31 10:41:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\pdftoepub
[2009/08/07 21:12:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\QuickenPicks_Toolbar
[2006/10/17 08:31:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Simple Star
[2006/10/19 22:41:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Snapfish
[2010/06/29 10:11:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Tific
[2009/09/21 14:38:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\TomTom
[2011/08/15 13:00:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\TotalRecorder
[2012/09/18 20:14:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\TuneUp Software
[2013/10/26 10:04:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Uniblue
[2009/10/06 09:18:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Windows Desktop Search
[2009/10/06 10:47:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Windows Search
[2012/03/06 15:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\YouSendIt
[2006/12/09 16:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Z-Firm LLC
[2012/07/19 15:53:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jim\Application Data\Zbang.it

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 269 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:56E2E879
@Alternate Data Stream - 259 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:553CA6CA
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

< End of report >
  • 0

#15
JIm Andersen

JIm Andersen

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
That completes my log posting, Mr. Kinner.
I look forward to your reply,
and I appreciate your continued assistance.
Thank you.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP