Jump to content


Photo
- - - - -

PC is running very slow

PC Slow

  • This topic is locked This topic is locked
9 replies to this topic

#1 jimmydef11

jimmydef11

    Newbie

  • Newbie
  • Pip
  • 5 posts

Posted 02 February 2013 - 01:48 PM

Hi,

My laptop has started to run very slow. I have run anti-spyware to clean it up and I have found no viruses. I have Norton 360. Can you take a look at my HiJackthis log and tell me if there is something else I can do? This just started about 30 days ago and gets slower each day.

 

thanks very much

Jim

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 2:39:36 PM, on 2/2/2013

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v9.00 (9.00.8112.16457)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe

C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe

C:\Program Files (x86)\Ask.com\Updater\Updater.exe

C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brmon.exe

C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Users\Jimdef\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe

C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe

C:\Users\Jimdef\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeHelper.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Jimdef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\STB28MF5\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {0696f815-a3a9-490a-bb14-9ec3350b1276} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll

R3 - URLSearchHook: (no name) - {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Toolbar BHO - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\PROGRA~2\MAPSGA~2\bar\1.bin\39bar.dll

O2 - BHO: Search Assistant BHO - {5d79f641-c168-40df-a32f-bacea7509e75} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll

O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll

O2 - BHO: ShopAtHome - {66516A07-F617-488A-90CF-4E690CFB3C5F} - C:\Users\Jimdef\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\IPS\IPSBHO.DLL

O2 - BHO: Search Assistant BHO - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll

O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Toolbar BHO - {cb41fc95-f1b3-4797-8bb6-1012ff62abba} - C:\PROGRA~2\TELEVI~2\bar\1.bin\64bar.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

O3 - Toolbar: Support.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: TelevisionFanatic - {c98d5b61-b0ea-4d48-9839-1079d352d880} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll

O3 - Toolbar: MapsGalaxy - {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll

O3 - Toolbar: ShopAtHome.com Toolbar - {311B58DC-A4DC-4B04-B1B5-60299AD3D803} - C:\Users\Jimdef\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe

O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP

O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL

O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

O4 - HKLM\..\Run: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe

O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"

O4 - HKLM\..\Run: [TelevisionFanatic Search Scope Monitor] "C:\PROGRA~2\TELEVI~2\bar\1.bin\64srchmn.exe" /m=2 /w /h

O4 - HKLM\..\Run: [TelevisionFanatic Browser Plugin Loader] C:\PROGRA~2\TELEVI~2\bar\1.bin\64brmon.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [MapsGalaxy Search Scope Monitor] "C:\PROGRA~2\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h

O4 - HKLM\..\Run: [MapsGalaxy_39 Browser Plugin Loader] C:\PROGRA~2\MAPSGA~2\bar\1.bin\39brmon.exe

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [ShopAtHomeWatcher] C:\Users\Jimdef\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe

O4 - HKCU\..\Run: [Best Buy pc app] C:\Users\Jimdef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms

O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\windows\system32\StikyNot.exe

O4 - .DEFAULT User Startup: Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (User 'Default user')

O4 - Global Startup: McAfee Security Scan Plus.lnk = ?

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - c:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Intel® PROSet/Wireless WiMAX Red Bend Device Management Service (DMAgent) - Red Bend Ltd. - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)

O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: IHA_MessageCenter - Verizon - C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: lxbf_device - - C:\windows\system32\lxbfcoms.exe

O23 - Service: lxdu_device - Unknown owner - C:\windows\system32\lxducoms.exe (file missing)

O23 - Service: MapsGalaxyService (MapsGalaxy_39Service) - COMPANYVERS_NAME - C:\PROGRA~2\MAPSGA~2\bar\1.bin\39barsvc.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)

O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)

O23 - Service: TelevisionFanaticService - COMPANYVERS_NAME - C:\PROGRA~2\TELEVI~2\bar\1.bin\64barsvc.exe

O23 - Service: TOSHIBA HDD Protection (Thpsrv) - Unknown owner - C:\windows\system32\ThpSrv.exe (file missing)

O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)

O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe

O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)

O23 - Service: Intel® PROSet/Wireless WiMAX Service (WiMAXAppSrv) - Intel® Corporation - C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

--



#2 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 02 February 2013 - 06:21 PM

Can you do the following please
Download OTL.exe by OldTimer to your Desktop.
  • Close all windows and right click on OTL.exe and choose to "Run as Administrator"
  • Click Run Scan and let the program run uninterrupted.
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.


  • In addition:
     
    Please download AdwCleaner by Xplode onto your Desktop.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Search.
    • A logfile will automatically open after the scan has finished.
    • Please post the content of that logfile in your reply.
    • You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.

Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#3 jimmydef11

jimmydef11

    Newbie

  • Newbie
  • Pip
  • 5 posts

Posted 03 February 2013 - 07:22 AM

Hi Guestolo,

Thank you for the reply. Here are the 2 logs:

OTL Extras logfile created on: 2/3/2013 8:07:42 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jimdef\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.80 Gb Total Physical Memory | 1.84 Gb Available Physical Memory | 48.37% Memory free
7.60 Gb Paging File | 5.16 Gb Available in Paging File | 67.93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 583.11 Gb Total Space | 537.78 Gb Free Space | 92.23% Space Free | Partition Type: NTFS
 
Computer Name: JIMDEF-PC | User Name: Jimdef | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\windows\system32\rundll32.exe" "C:\windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01B188BC-6E84-4848-AF97-692AE205805A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{03B0E000-492C-4A58-9225-5B146051A473}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1040A5F7-6264-490C-8386-350F7FE855F6}" = lport=445 | protocol=6 | dir=in | app=system |
"{23B2580A-F2BE-4C71-841C-00DCDAE8194E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{380638F9-7F2D-4373-8B5B-D8659F623361}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{48FE25AB-500D-4C46-A4B6-D2DE0036EDB3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{490BEE19-7418-4EDA-B1C8-BA2992410015}" = rport=138 | protocol=17 | dir=out | app=system |
"{4E612F40-751A-4C55-99A6-121E92061298}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4F43C68F-A07F-4E0B-955E-CCE2DE50AAB1}" = lport=139 | protocol=6 | dir=in | app=system |
"{6DCB3CC1-61AE-4221-A4C8-E072FE86A4E7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7834AFD1-2B90-4D45-964A-2B884D3CAEB2}" = lport=50000 | protocol=17 | dir=in | name=iha_messagecenter |
"{7E2D5E6A-3226-4653-BE87-2C6B99713B83}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7F823235-FBF9-423B-AEAC-1E2D0CF062AF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{819110CE-0C73-4A6E-9783-0C33CFFBBC8B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8224F80F-E840-4A81-A89B-7448BCA8723E}" = lport=138 | protocol=17 | dir=in | app=system |
"{8920EDBC-A221-4C6D-8A21-F7971A519E03}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8AA21059-D37C-479A-9D10-6C8EE0DDB450}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8C4EB611-7AED-470C-BBBE-908200DB078C}" = lport=50000 | protocol=17 | dir=in | name=iha_messagecenter |
"{91FC2BBA-AF9B-4188-85CE-F30F435F9F76}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A4A0DAE8-881B-44E5-81E7-1446C02A4FEA}" = rport=137 | protocol=17 | dir=out | app=system |
"{B8A3DAA0-A014-40E1-80BD-0772CB04C1A7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CB6C7112-F1BD-44FC-85CB-8E3999D0AC83}" = lport=137 | protocol=17 | dir=in | app=system |
"{CCB962E5-93F4-4C9C-A68D-46BD8E8F2336}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D1FBE3EE-9839-4B3E-98BE-7D865C327213}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D5C763B9-5D36-4151-B0DD-40D6093435AE}" = rport=139 | protocol=6 | dir=out | app=system |
"{D5D50CEE-D060-4393-8581-816A215EDA31}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{DD8B6A61-61CA-4573-B941-50F51622705C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E0B93574-FD7C-4E34-814C-B300D1DE30C4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F7C1EE00-CF1D-4BF0-AFA7-78E4019DEF4D}" = rport=445 | protocol=6 | dir=out | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0829D7B1-D5C3-4C09-A888-6B99DF3B004F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0D8B3746-2515-4F31-BA79-3BAF63B59B7E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{17EB828F-41B0-4594-943B-6D4FEFE08891}" = protocol=6 | dir=in | app=c:\users\jimdef\appdata\local\temp\7zs496e.tmp\symnrt.exe |
"{1C57A4E8-F83F-4B4E-95A9-61A539EB2923}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{1ED99612-6D22-46C4-955F-9930D5DE2478}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2B44BA06-959D-408C-AC46-DA475B023F25}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\live meeting 8\console\pwconsole.exe |
"{2C4FC0D2-5DDC-48BC-8635-1AB6DF0D51B4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2D1CF05D-96FD-4748-A2EB-003FDECDD03D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{30A5ACE7-A805-4F3F-9524-4C7900F6C04A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{32049F0B-C8B3-40DB-9FE6-662A87F5FF39}" = protocol=6 | dir=in | app=c:\users\jimdef\appdata\local\temp\7zsaacf.tmp\symnrt.exe |
"{3EE777AC-C207-445A-AE26-B83004EA93D3}" = dir=in | app=c:\program files (x86)\intel corporation\intel wireless display\widiapp.exe |
"{408F0505-4D93-4C2B-AE48-07790C07EC9F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{48579AB7-3278-4060-A932-75B0E0F34F1E}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxbfcoms.exe |
"{489A0D90-C83A-4470-AB98-FF5212743B60}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\live meeting 8\console\pwconsole.exe |
"{4BC7BF98-C357-4AAC-8DA6-0140279E34FF}" = protocol=6 | dir=in | app=c:\windows\system32\lxbfcoms.exe |
"{4CC68A25-93B3-48ED-A7CA-2F46A223B462}" = protocol=17 | dir=in | app=c:\windows\system32\lxbfcoms.exe |
"{4D6B277A-9153-4FBA-8CDA-93DB5C1E6C85}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{4EE7FC54-D964-4836-811D-C2100A57FDB5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4EE8C00A-0FB6-4451-BAFB-E785F60D4EDC}" = protocol=17 | dir=in | app=c:\users\jimdef\appdata\local\temp\7zs496e.tmp\symnrt.exe |
"{4FF38AF5-EFCC-4036-B108-3F70976FA254}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{554B2B01-2FC5-4316-B2D1-0E1D7380D090}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5F0DC987-9EA6-4642-B1D7-4D82500880C4}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{6C5F436F-4290-4BB5-BF5B-16519F2D0A28}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{706F0418-DC83-4EB1-8398-787101FFAE73}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxbfpswx.exe |
"{7D8666AE-804F-42BF-9A9F-04812D9A39D7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7FE9FDAA-2483-4D9D-B763-222F5B4B788F}" = protocol=58 | dir=in | [email protected],-28545 |
"{86FD9134-6F3A-41C8-A94E-35F54FBDA0AB}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{884A5054-2A01-4572-B977-84B1E75935A6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\live meeting 8\console\pwconsole.exe |
"{8ADB355D-8FF4-4E42-9AD7-8824D8A476C1}" = protocol=1 | dir=out | [email protected],-28544 |
"{8F720BC0-2321-49D0-B44A-BCEE9B68B438}" = protocol=1 | dir=in | [email protected],-28543 |
"{9FF7B303-05A2-4231-8B6B-3131492A0CAB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A3252161-42FB-4BD9-BC30-5E8CF279BB32}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A90E6AEF-6AFE-4820-8F02-27361DECBB1D}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxbfpswx.exe |
"{ABEF18C4-FD93-4B6A-A79D-7A359DABB67A}" = protocol=6 | dir=in | app=c:\program files\intel\wimax\bin\dmagent.exe |
"{AD24B7ED-1F23-4817-BDF0-656B8B554A41}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BBBA6DA9-0E7E-446C-9305-837EB189A26F}" = protocol=6 | dir=in | app=c:\windows\system32\lxducoms.exe |
"{BDD3060B-8716-4671-9737-9B7A2728D3E7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\live meeting 8\console\pwconsole.exe |
"{BE496EE3-8CBC-4258-ABB4-BDC9F5946941}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C17DCFD8-5D52-4AA3-9F75-5F3E530DB1C6}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{C621E34C-C15B-442D-9BB2-F793F7DDA75F}" = protocol=17 | dir=in | app=c:\users\jimdef\appdata\local\temp\7zsaacf.tmp\symnrt.exe |
"{C6991BB3-D0A5-4A80-891E-AE4E3DD73A2C}" = protocol=17 | dir=in | app=c:\program files\intel\wimax\bin\appsrv.exe |
"{C6A9F621-1131-438B-8695-CFF547B683A7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C7EFA6E8-A9FF-4B95-AC6C-B88BA1466767}" = protocol=58 | dir=out | [email protected],-28546 |
"{CF292D42-1D1C-46CD-AB56-AAD5227CD4A7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DB1050A2-4AA6-4838-BD80-DC373FAAA384}" = protocol=6 | dir=in | app=c:\program files\intel\wimax\bin\appsrv.exe |
"{DC741239-8138-45AD-BE50-8B24165F645F}" = protocol=6 | dir=out | app=system |
"{DD038D1D-EF87-44C8-ABB5-9DF6ADA1ADB5}" = protocol=17 | dir=in | app=c:\windows\system32\lxducoms.exe |
"{E4CD15FE-B2B7-4BD2-98FD-964FF1A11BB7}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{ED0BEE32-F529-4CAF-B461-01C361C74C05}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{F025A449-73A2-42CF-B03A-096591E32535}" = protocol=17 | dir=in | app=c:\program files\intel\wimax\bin\dmagent.exe |
"{F60ED696-5AC8-40EE-B014-74EF1650E5B2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FA38E663-A21F-449F-B9D3-2432CDCB6810}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxbfcoms.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4F26C164-9373-4974-8F43-E0F2176AF937}" = Intel WiMAX Tutorial
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6548B189-BEA4-4041-80E0-AEB60548E046}" = Intel® PROSet/Wireless WiMAX Software
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{94A90C69-71C1-470A-88F5-AA47ECC96B40}" = TOSHIBA HDD Protection
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"{C298FF86-AB23-4B58-AC53-A23383C07B3A}" = Intel® Wireless Display
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D16A2127-B927-4379-B153-3DEC091E4EEB}" = Intel® PROSet/Wireless WiFi Software
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app
"2C293EC1A06665BB961CBA4EC7AFF4BF2BEAD042" = ENE CIR Receiver Driver
"CCleaner" = CCleaner
"Lexmark X6100 Series" = Lexmark X6100 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{07FF08D2-C0CD-4B02-B9A6-E2E7E5762AA9}" = Vz In Home Agent
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D795777-9D60-4692-8386-F2B3F2B5E5BF}" = [email protected] 1.0
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{53C49C8D-DFB2-42B9-A7EF-0F9CA386CC13}" = IHA_MessageCenter
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{604CD5A1-4520-4844-B064-A3D884B77E91}" = SpeedyPC Pro
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{654F7484-88C5-46DC-AB32-C66BCB0E2102}" = TOSHIBA Sleep Utility
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.3
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{BB51B753-9A0C-4D1D-B3EF-A1B936F55796}" = Toshiba Book Place
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E30E7561-A466-4393-B8BF-FD93E733EF3C}" = Microsoft Office Live Meeting 2007
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"BetOnline Poker 8.2" = BetOnline Poker 8.2
"Google Chrome" = Google Chrome
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"InstallShield_{231A1A09-FDF2-45F2-B3D1-964CECE372BC}" = Seagate Manager Installer
"InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"MapsGalaxy_39bar Uninstall" = MapsGalaxy
"McAfee Security Scan" = McAfee Security Scan Plus
"N360" = Norton 360
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"ShopAtHome.com Helper" = ShopAtHome.com Helper
"ShopAtHome.com Toolbar" = ShopAtHome.com Toolbar
"TelevisionFanaticbar Uninstall" = TelevisionFanatic
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ClosetMaid v1.5.2" = ClosetMaid v1.5.2
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 1/23/2013 8:49:33 PM | Computer Name = Jimdef-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 11871
 
Error - 1/23/2013 8:49:33 PM | Computer Name = Jimdef-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 11871
 
Error - 1/31/2013 7:19:59 AM | Computer Name = Jimdef-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16457,
time stamp: 0x50a2f9e3  Faulting module name: IEFRAME.dll, version: 9.0.8112.16457,
 time stamp: 0x50a2fe39  Exception code: 0xc0000005  Fault offset: 0x000db1e1  Faulting
 process id: 0x3744  Faulting application start time: 0x01cdffa4e73ac093  Faulting application
 path: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Faulting module path:
 C:\windows\system32\IEFRAME.dll  Report Id: 25c4ab6d-6b98-11e2-92e0-1c7508853004
 
Error - 2/1/2013 10:46:45 AM | Computer Name = Jimdef-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 2/1/2013 10:46:48 AM | Computer Name = Jimdef-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 40221551
 
Error - 2/1/2013 10:46:48 AM | Computer Name = Jimdef-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 40221551
 
Error - 2/1/2013 10:46:52 AM | Computer Name = Jimdef-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 2/1/2013 10:46:52 AM | Computer Name = Jimdef-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 40231441
 
Error - 2/1/2013 10:46:52 AM | Computer Name = Jimdef-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 40231441
 
Error - 2/2/2013 9:01:53 AM | Computer Name = Jimdef-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16457,
time stamp: 0x50a2f9e3  Faulting module name: ntdll.dll, version: 6.1.7600.16915,
time stamp: 0x4ec49d10  Exception code: 0xc0000374  Fault offset: 0x000ce903  Faulting
 process id: 0x1b64  Faulting application start time: 0x01ce01454c091787  Faulting application
 path: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Faulting module path:
 C:\windows\SysWOW64\ntdll.dll  Report Id: b6f79d18-6d38-11e2-9c1c-1c7508853004
 
[ System Events ]
Error - 8/1/2012 7:11:14 AM | Computer Name = Jimdef-PC | Source = Schannel | ID = 36887
Description = The following fatal alert was received: 40.
 
Error - 8/1/2012 7:11:14 AM | Computer Name = Jimdef-PC | Source = Schannel | ID = 36887
Description = The following fatal alert was received: 40.
 
Error - 8/1/2012 7:11:14 AM | Computer Name = Jimdef-PC | Source = Schannel | ID = 36887
Description = The following fatal alert was received: 40.
 
Error - 8/1/2012 7:11:15 AM | Computer Name = Jimdef-PC | Source = Schannel | ID = 36887
Description = The following fatal alert was received: 40.
 
Error - 8/1/2012 7:11:15 AM | Computer Name = Jimdef-PC | Source = Schannel | ID = 36887
Description = The following fatal alert was received: 40.
 
Error - 8/1/2012 7:11:15 AM | Computer Name = Jimdef-PC | Source = Schannel | ID = 36887
Description = The following fatal alert was received: 40.
 
Error - 8/1/2012 7:11:15 AM | Computer Name = Jimdef-PC | Source = Schannel | ID = 36887
Description = The following fatal alert was received: 40.
 
Error - 8/1/2012 7:11:15 AM | Computer Name = Jimdef-PC | Source = Schannel | ID = 36887
Description = The following fatal alert was received: 40.
 
Error - 8/1/2012 7:11:15 AM | Computer Name = Jimdef-PC | Source = Schannel | ID = 36887
Description = The following fatal alert was received: 40.
 
Error - 8/8/2012 6:44:43 PM | Computer Name = Jimdef-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
 response from the PlugPlay service.
 
 
< End of report >
 

OTL logfile created on: 2/3/2013 8:07:42 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jimdef\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.80 Gb Total Physical Memory | 1.84 Gb Available Physical Memory | 48.37% Memory free
7.60 Gb Paging File | 5.16 Gb Available in Paging File | 67.93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 583.11 Gb Total Space | 537.78 Gb Free Space | 92.23% Space Free | Partition Type: NTFS
 
Computer Name: JIMDEF-PC | User Name: Jimdef | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/02/03 08:02:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jimdef\Desktop\OTL.exe
PRC - [2013/01/09 08:50:30 | 000,699,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe
PRC - [2012/10/18 11:10:42 | 000,103,864 | ---- | M] () -- C:\Users\Jimdef\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
PRC - [2012/02/01 08:05:20 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39barsvc.exe
PRC - [2012/02/01 08:05:20 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe
PRC - [2011/12/01 22:16:05 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64barsvc.exe
PRC - [2011/12/01 22:16:05 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brmon.exe
PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/08/24 00:20:18 | 000,887,976 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccsvchst.exe
PRC - [2010/09/03 01:45:02 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
PRC - [2010/03/03 17:42:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/03/03 17:41:58 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/12/25 18:21:16 | 000,034,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
PRC - [2009/09/26 02:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/09/26 02:31:32 | 000,185,640 | ---- | M] (Seagate LLC) -- C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012/10/18 11:10:42 | 000,103,864 | ---- | M] () -- C:\Users\Jimdef\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
MOD - [2012/10/18 11:10:18 | 000,049,080 | ---- | M] () -- C:\Users\Jimdef\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeHelperPS.dll
MOD - [2011/09/27 10:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 10:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012/09/29 09:20:31 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2010/07/28 13:27:16 | 000,267,192 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2010/07/22 19:36:16 | 000,822,192 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2010/06/29 14:05:02 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2010/06/07 18:39:40 | 000,911,872 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv)
SRV:64bit: - [2010/06/07 18:34:20 | 000,408,576 | ---- | M] (Red Bend Ltd.) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent)
SRV:64bit: - [2010/03/05 13:26:38 | 001,425,168 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2010/03/05 13:07:58 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2010/03/05 13:06:22 | 000,831,760 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2010/02/05 19:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/10/21 12:30:36 | 000,531,520 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2009/10/16 16:06:40 | 001,039,360 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxducoms.exe -- (lxdu_device)
SRV:64bit: - [2009/07/28 17:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/04/24 19:24:34 | 000,566,704 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxbfcoms.exe -- (lxbf_device)
SRV - [2013/01/09 14:19:56 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/02/01 08:05:20 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39barsvc.exe -- (MapsGalaxy_39Service)
SRV - [2011/12/12 11:03:40 | 000,290,832 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2011/12/01 22:16:05 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64barsvc.exe -- (TelevisionFanaticService)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe -- (N360)
SRV - [2010/09/03 01:45:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 17:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/03 17:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/10/06 12:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/09/26 02:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/04/24 18:24:16 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxbfcoms.exe -- (lxbf_device)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/09/28 10:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 01:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/15 15:48:23 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/07/22 11:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 16:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/04/20 20:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/03/30 22:00:09 | 000,744,568 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011/03/30 22:00:09 | 000,040,568 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2011/03/14 21:31:23 | 000,912,504 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011/03/11 01:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/27 01:47:10 | 000,450,680 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symds64.sys -- (SymDS)
DRV:64bit: - [2011/01/27 00:07:06 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010/06/18 13:38:06 | 000,039,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010/05/31 15:05:06 | 007,689,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2010/05/18 19:02:48 | 000,164,464 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2010/05/16 20:28:38 | 000,175,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpmp.sys -- (bpmp)
DRV:64bit: - [2010/05/16 20:28:30 | 000,081,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpusb.sys -- (bpusb)
DRV:64bit: - [2010/05/16 20:28:28 | 000,071,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpenum.sys -- (bpenum)
DRV:64bit: - [2010/05/08 21:38:56 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2010/05/03 17:44:02 | 000,331,880 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/04/21 14:18:44 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/03/10 21:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/02/26 19:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/03 09:38:30 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/01/15 15:22:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/10/09 21:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/09/17 15:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/31 00:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009/07/30 22:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:00:24 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpials.sys -- (acpials)
DRV:64bit: - [2009/06/29 19:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009/06/29 13:25:22 | 000,034,880 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2009/06/22 20:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009/06/19 22:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/01/16 07:22:12 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20130202.007\ex64.sys -- (NAVEX15)
DRV - [2013/01/16 07:22:07 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20130202.007\eng64.sys -- (NAVENG)
DRV - [2013/01/15 21:51:11 | 001,388,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20130116.013\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/09/06 03:54:30 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20130201.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/08/08 22:35:05 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/08/08 22:35:04 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {39462F38-807D-488D-B307-3D5CA747BDA6}
IE:64bit: - HKLM\..\SearchScopes\{39462F38-807D-488D-B307-3D5CA747BDA6}: "URL" = http://www.google.co...ng}&rlz=1I7TSND
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSND&bmod=TSND
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=TSND&bmod=TSND
IE - HKLM\..\SearchScopes,DefaultScope = {210AE5F3-866A-4832-9D21-79FFAB0ECC02}
IE - HKLM\..\SearchScopes\{210AE5F3-866A-4832-9D21-79FFAB0ECC02}: "URL" = http://www.google.co...ng}&rlz=1I7TSND
IE - HKLM\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebs...or={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\URLSearchHook: {0696f815-a3a9-490a-bb14-9ec3350b1276} - No CLSID value found
IE - HKCU\..\URLSearchHook: {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {A27E6BEA-C80B-4861-9F0E-B3E63AE5B9A5}
IE - HKCU\..\SearchScopes\{210AE5F3-866A-4832-9D21-79FFAB0ECC02}: "URL" = http://www.google.co...ng}&rlz=1I7TSND
IE - HKCU\..\SearchScopes\{294FD327-A0C1-43CF-AA13-AFB5C82FE33D}: "URL" = http://search.yahoo....f-8&fr=chr-yie9
IE - HKCU\..\SearchScopes\{34E4CBC7-E44C-4BEA-8974-B87AF0C27FC1}: "URL" = http://delicious.com...?p={searchTerms}
IE - HKCU\..\SearchScopes\{35C9BB05-D25B-4993-B767-96FADFCF256A}: "URL" = http://www.google.co...ND_enUS458US458
IE - HKCU\..\SearchScopes\{677D3C0A-5B8B-42F6-B7FC-311EC3F17F23}: "URL" = http://www.flickr.co...?q={searchTerms}
IE - HKCU\..\SearchScopes\{A27E6BEA-C80B-4861-9F0E-B3E63AE5B9A5}: "URL" = http://websearch.sho...&q={searchTerms}
IE - HKCU\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebs...or={searchTerms}
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...il&geo=US&ver=5
IE - HKCU\..\SearchScopes\{B97F2187-C245-4D9A-95F9-2B9325DA0E6E}: "URL" = http://websearch.ask...FA-3E1AAE219548&
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@MapsGalaxy_39.com/Plugin: C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\NP39Stub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@TelevisionFanatic.com/Plugin: C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\NP64Stub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\Email Removed/BrowserPlus,version=2.9.8: C:\Users\Jimdef\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\TelevisionFanatic\bar\1.bin [2011/12/01 22:16:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPlgn\ [2012/01/31 14:11:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn_2011_7_13_2 [2013/02/01 10:21:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]_39.com: C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin [2012/02/01 08:05:24 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - homepage: http://www.google.co...=TSND&bmod=TSND
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.co...=TSND&bmod=TSND
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: registryAccess (Enabled) = C:\Users\Jimdef\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaanplonkoccjbnlleoidjplmhgeahe\7.13.1.0_0\background/registryAccess.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\NP64Stub.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Sammsoft Toolbar = C:\Users\Jimdef\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaanplonkoccjbnlleoidjplmhgeahe\7.13.1.19132_0\
CHR - Extension: YouTube = C:\Users\Jimdef\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Users\Jimdef\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Users\Jimdef\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Search = C:\Users\Jimdef\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Gmail = C:\Users\Jimdef\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Gmail = C:\Users\Jimdef\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Toolbar BHO) - {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll (MindSpark)
O2 - BHO: (Search Assistant BHO) - {5d79f641-c168-40df-a32f-bacea7509e75} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll (MindSpark)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (ShopAtHome.com Cash Back Helper) - {66516A07-F617-488A-90CF-4E690CFB3C5F} - C:\Users\Jimdef\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll (ShopAtHome.com)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Search Assistant BHO) - {71c1d63a-c944-428a-a5bd-ba513190e5d2} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrcAs.dll (MindSpark)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Toolbar BHO) - {cb41fc95-f1b3-4797-8bb6-1012ff62abba} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll (MindSpark)
O2 - BHO: (Support.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (ShopAtHome.com Toolbar) - {311B58DC-A4DC-4B04-B1B5-60299AD3D803} - C:\Users\Jimdef\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll (ShopAtHome.com)
O3 - HKLM\..\Toolbar: (MapsGalaxy) - {364ea597-e728-4ce4-bb4a-ed846ef47970} - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39bar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (TelevisionFanatic) - {c98d5b61-b0ea-4d48-9839-1079d352d880} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (Support.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (ShopAtHome.com Toolbar) - {311B58DC-A4DC-4B04-B1B5-60299AD3D803} - C:\Users\Jimdef\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll (ShopAtHome.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (TelevisionFanatic) - {C98D5B61-B0EA-4D48-9839-1079D352D880} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll (MindSpark)
O3 - HKCU\..\Toolbar\WebBrowser: (Support.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: []  File not found
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [IntelWirelessWiMAX] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [MapsGalaxy Search Scope Monitor] C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39SrchMn.exe (MindSpark)
O4 - HKLM..\Run: [MapsGalaxy_39 Browser Plugin Loader] C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\39brmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [ShopAtHomeWatcher] C:\Users\Jimdef\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe ()
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [TelevisionFanatic Browser Plugin Loader] C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [TelevisionFanatic Search Scope Monitor] C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrchMn.exe (MindSpark)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe (TOSHIBA)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKCU..\Run: [Best Buy pc app] C:\Users\Jimdef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms File not found
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\windows\system32\StikyNot.exe File not found
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.250.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{95F0DC77-ACC9-48D6-B326-62972E0FEFF8}: DhcpNameServer = 192.168.1.1 71.250.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B97FE76F-4ACD-4630-B0CD-C56594291322}: DhcpNameServer = 4.2.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5ff53d4a-1168-11e1-b0ae-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5ff53d4a-1168-11e1-b0ae-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/02/03 08:02:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jimdef\Desktop\OTL.exe
[2013/02/01 12:37:03 | 000,000,000 | ---D | C] -- C:\Users\Jimdef\AppData\Roaming\SpeedyPC Software
[2013/02/01 12:37:03 | 000,000,000 | ---D | C] -- C:\Users\Jimdef\AppData\Roaming\DriverCure
[2013/02/01 12:36:58 | 000,000,000 | ---D | C] -- C:\Users\Jimdef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedyPC Software
[2013/02/01 12:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SpeedyPC Software
[2013/02/01 12:36:51 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software
[2013/02/01 12:36:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedyPC Software
[2013/01/21 12:24:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopAtHome.com Toolbar
[2013/01/21 12:24:18 | 000,000,000 | ---D | C] -- C:\Users\Jimdef\AppData\Roaming\ShopAtHome
[2013/01/09 07:05:44 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
[2013/01/09 07:05:44 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
[2013/01/09 07:05:33 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2013/01/09 07:05:29 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usp10.dll
[2013/01/09 07:05:23 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wpc.dll
[2013/01/09 07:05:23 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysWow64\fpb.rs
[2013/01/09 07:05:23 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysNative\fpb.rs
[2013/01/09 07:05:23 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc-nz.rs
[2013/01/09 07:05:23 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc-nz.rs
[2013/01/09 07:05:23 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegibbfc.rs
[2013/01/09 07:05:23 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegibbfc.rs
[2013/01/09 07:05:23 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysWow64\csrr.rs
[2013/01/09 07:05:23 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysNative\csrr.rs
[2013/01/09 07:05:23 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cob-au.rs
[2013/01/09 07:05:23 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysNative\cob-au.rs
[2013/01/09 07:05:23 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysWow64\usk.rs
[2013/01/09 07:05:23 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysNative\usk.rs
[2013/01/09 07:05:23 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysWow64\grb.rs
[2013/01/09 07:05:23 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysNative\grb.rs
[2013/01/09 07:05:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-pt.rs
[2013/01/09 07:05:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-pt.rs
[2013/01/09 07:05:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi.rs
[2013/01/09 07:05:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi.rs
[2013/01/09 07:05:23 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysWow64\djctq.rs
[2013/01/09 07:05:23 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysNative\djctq.rs
[2013/01/09 07:05:22 | 002,745,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gameux.dll
[2013/01/09 07:05:22 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gameux.dll
[2013/01/09 07:05:22 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Wpc.dll
[2013/01/09 07:05:22 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysWow64\esrb.rs
[2013/01/09 07:05:22 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysNative\esrb.rs
[2013/01/09 07:05:22 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc.rs
[2013/01/09 07:05:22 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-fi.rs
[2013/01/09 07:05:22 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-fi.rs
[2013/01/09 07:05:21 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cero.rs
[2013/01/09 07:05:21 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysNative\cero.rs
[2013/01/09 07:05:21 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc.rs
[2013/01/09 07:05:06 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2013/01/09 07:05:04 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2013/01/09 07:05:03 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2013/01/09 07:05:03 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2013/01/09 07:05:03 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2013/01/09 07:05:03 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2013/01/09 07:05:03 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2013/01/09 07:05:03 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll
[2013/01/09 07:05:03 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2013/01/09 07:05:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
[2013/01/09 07:05:03 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2013/01/09 07:05:03 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/01/09 07:05:03 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/01/09 07:05:03 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/01/09 07:05:03 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/01/09 07:05:03 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2013/01/09 07:05:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/01/09 07:05:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/01/09 07:05:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/01/09 07:05:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/01/09 07:05:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/01/09 07:05:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/01/09 07:05:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/01/09 07:05:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/01/09 07:05:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/01/09 07:05:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/01/09 07:05:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/01/09 07:05:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/01/09 07:05:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/01/09 07:05:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/02/03 08:02:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jimdef\Desktop\OTL.exe
[2013/02/03 07:50:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/02/03 07:39:00 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/03 06:41:28 | 000,000,422 | ---- | M] () -- C:\windows\tasks\SpeedyPC Pro.job
[2013/02/02 22:39:00 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/02 18:04:59 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/02/02 18:00:00 | 000,000,494 | ---- | M] () -- C:\windows\tasks\SpeedyPC Registration3.job
[2013/02/02 15:03:46 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/02/02 13:22:46 | 001,167,166 | ---- | M] () -- C:\Users\Jimdef\Desktop\MASCLUB.pdf
[2013/02/02 13:19:15 | 001,167,166 | ---- | M] () -- C:\Users\Jimdef\Desktop\MASCapril.pdf
[2013/02/01 12:36:58 | 000,000,518 | ---- | M] () -- C:\windows\tasks\SpeedyPC Update Version3 Startup Task.job
[2013/02/01 12:36:57 | 000,000,466 | ---- | M] () -- C:\windows\tasks\SpeedyPC Update Version3.job
[2013/02/01 10:29:25 | 000,016,304 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/01 10:29:25 | 000,016,304 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/01 10:26:06 | 000,727,310 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/02/01 10:26:06 | 000,624,856 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/02/01 10:26:06 | 000,106,942 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/02/01 10:21:15 | 3059,748,864 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/01 09:54:57 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2013/01/25 08:47:48 | 000,007,605 | ---- | M] () -- C:\Users\Jimdef\AppData\Local\Resmon.ResmonCfg
[2013/01/20 08:53:09 | 000,133,507 | ---- | M] () -- C:\Users\Jimdef\Desktop\StKittsBeachClub_2013-14PointsChart.pdf
[2013/01/20 08:51:36 | 000,148,567 | ---- | M] () -- C:\Users\Jimdef\Desktop\FrenchmansCove_2013-14PointsChart.pdf
[2013/01/20 08:50:36 | 000,203,223 | ---- | M] () -- C:\Users\Jimdef\Desktop\VillagedIledeFrance_2013-14PointsChart.pdf
[2013/01/20 08:45:26 | 000,248,469 | ---- | M] () -- C:\Users\Jimdef\Desktop\Marbella_2013-14PointsChart.pdf
[2013/01/20 08:36:28 | 000,076,107 | ---- | M] () -- C:\Users\Jimdef\Desktop\ArubaSurfClub_2013-14PointsChart.pdf
[2013/01/16 11:02:56 | 000,050,773 | ---- | M] () -- C:\Users\Jimdef\Desktop\Briella-7months.jpg
[2013/01/16 11:02:15 | 000,097,021 | ---- | M] () -- C:\Users\Jimdef\Desktop\Briella-6months.jpg
[2013/01/13 09:30:25 | 000,126,398 | ---- | M] () -- C:\Users\Jimdef\Desktop\grandvista closing.pdf
[2013/01/10 16:40:07 | 014,495,878 | ---- | M] () -- C:\Users\Jimdef\Desktop\ipad_user_guide.pdf
[2013/01/10 09:21:12 | 000,275,712 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/01/09 14:19:55 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013/01/09 14:19:55 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/01/08 09:35:20 | 000,126,398 | ---- | M] () -- C:\Users\Jimdef\Desktop\MGV Check in Days.pdf
[2013/01/08 09:33:06 | 000,142,531 | ---- | M] () -- C:\Users\Jimdef\Desktop\MASC Check in Days.pdf
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/02/02 13:22:46 | 001,167,166 | ---- | C] () -- C:\Users\Jimdef\Desktop\MASCLUB.pdf
[2013/02/02 13:21:59 | 001,167,166 | ---- | C] () -- C:\Users\Jimdef\Desktop\MASCapril.pdf
[2013/02/01 12:37:08 | 000,000,494 | ---- | C] () -- C:\windows\tasks\SpeedyPC Registration3.job
[2013/02/01 12:36:57 | 000,000,518 | ---- | C] () -- C:\windows\tasks\SpeedyPC Update Version3 Startup Task.job
[2013/02/01 12:36:56 | 000,000,466 | ---- | C] () -- C:\windows\tasks\SpeedyPC Update Version3.job
[2013/02/01 12:36:54 | 000,000,422 | ---- | C] () -- C:\windows\tasks\SpeedyPC Pro.job
[2013/01/25 08:47:48 | 000,007,605 | ---- | C] () -- C:\Users\Jimdef\AppData\Local\Resmon.ResmonCfg
[2013/01/20 08:53:09 | 000,133,507 | ---- | C] () -- C:\Users\Jimdef\Desktop\StKittsBeachClub_2013-14PointsChart.pdf
[2013/01/20 08:51:36 | 000,148,567 | ---- | C] () -- C:\Users\Jimdef\Desktop\FrenchmansCove_2013-14PointsChart.pdf
[2013/01/20 08:50:36 | 000,203,223 | ---- | C] () -- C:\Users\Jimdef\Desktop\VillagedIledeFrance_2013-14PointsChart.pdf
[2013/01/20 08:45:26 | 000,248,469 | ---- | C] () -- C:\Users\Jimdef\Desktop\Marbella_2013-14PointsChart.pdf
[2013/01/20 08:36:28 | 000,076,107 | ---- | C] () -- C:\Users\Jimdef\Desktop\ArubaSurfClub_2013-14PointsChart.pdf
[2013/01/16 11:02:55 | 000,050,773 | ---- | C] () -- C:\Users\Jimdef\Desktop\Briella-7months.jpg
[2013/01/16 11:02:15 | 000,097,021 | ---- | C] () -- C:\Users\Jimdef\Desktop\Briella-6months.jpg
[2013/01/13 09:30:25 | 000,126,398 | ---- | C] () -- C:\Users\Jimdef\Desktop\grandvista closing.pdf
[2013/01/10 16:40:06 | 014,495,878 | ---- | C] () -- C:\Users\Jimdef\Desktop\ipad_user_guide.pdf
[2013/01/08 09:35:20 | 000,126,398 | ---- | C] () -- C:\Users\Jimdef\Desktop\MGV Check in Days.pdf
[2013/01/08 09:33:06 | 000,142,531 | ---- | C] () -- C:\Users\Jimdef\Desktop\MASC Check in Days.pdf
[2012/03/31 13:54:27 | 001,224,704 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfserv.dll
[2012/03/31 13:54:27 | 000,995,328 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfusb1.dll
[2012/03/31 13:54:27 | 000,696,320 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfhbn3.dll
[2012/03/31 13:54:27 | 000,684,032 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfcomc.dll
[2012/03/31 13:54:27 | 000,643,072 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfpmui.dll
[2012/03/31 13:54:27 | 000,585,728 | ---- | C] ( ) -- C:\windows\SysWow64\lxbflmpm.dll
[2012/03/31 13:54:27 | 000,537,520 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfcoms.exe
[2012/03/31 13:54:27 | 000,421,888 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfcomm.dll
[2012/03/31 13:54:27 | 000,413,696 | ---- | C] () -- C:\windows\SysWow64\lxbfutil.dll
[2012/03/31 13:54:27 | 000,413,696 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfinpa.dll
[2012/03/31 13:54:27 | 000,397,312 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfiesc.dll
[2012/03/31 13:54:27 | 000,385,968 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfih.exe
[2012/03/31 13:54:27 | 000,381,872 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfcfg.exe
[2012/03/31 13:54:27 | 000,274,432 | ---- | C] () -- C:\windows\SysWow64\LXBFinst.dll
[2012/03/31 13:54:27 | 000,181,168 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfppls.exe
[2012/03/31 13:54:27 | 000,163,840 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfprox.dll
[2012/03/31 13:54:27 | 000,094,208 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfpplc.dll
[2012/02/04 09:18:21 | 000,000,409 | ---- | C] () -- C:\windows\lexstat.ini
[2011/12/15 17:10:50 | 000,103,720 | ---- | C] () -- C:\Users\Jimdef\GoToAssistDownloadHelper.exe
[2011/11/17 18:35:59 | 000,743,534 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
 
========== ZeroAccess Check ==========
 
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 20:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

 

 



#4 jimmydef11

jimmydef11

    Newbie

  • Newbie
  • Pip
  • 5 posts

Posted 03 February 2013 - 07:31 AM

Thanks again.   Here is the other log.

 

# AdwCleaner v2.109 - Logfile created 02/03/2013 at 08:25:50

# Updated 26/01/2013 by Xplode

# Operating system : Windows 7 Home Premium (64 bits)

# User : Jimdef - JIMDEF-PC

# Boot Mode : Normal

# Running from : C:\Users\Jimdef\Desktop\adwcleaner.exe

# Option [Search]

 

***** [Services] *****

 

***** [Files / Folders] *****

Folder Found : C:\Program Files (x86)\Ask.com

Folder Found : C:\ProgramData\IBUpdaterService

Folder Found : C:\ProgramData\Partner

Folder Found : C:\Users\Jimdef\AppData\Local\APN

Folder Found : C:\Users\Jimdef\AppData\LocalLow\AskToolbar

Folder Found : C:\windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Found : HKCU\Software\APN

Key Found : HKCU\Software\AppDataLow\Software\AskToolbar

Key Found : HKCU\Software\Ask.com

Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}

Key Found : HKLM\Software\APN

Key Found : HKLM\Software\AskToolbar

Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}

Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}

Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL

Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL

Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE

Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler

Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1

Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd

Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1

Key Found : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF

Key Found : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils

Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1

Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager

Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1

Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager

Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1

Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest

Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1

Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask

Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1

Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper

Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1

Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier

Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1

Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl

Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1

Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager

Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}

Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook

Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}

Key Found : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}

Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}

Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}

Key Found : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}

Key Found : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}

Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}

Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Key Found : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}

Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}

Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}

Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}

Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}

Key Found : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

Key Found : HKLM\SOFTWARE\Software

Key Found : HKU\S-1-5-21-2580627141-1426816011-3489356639-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Jimdef\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [9839 octets] - [03/02/2013 08:25:50]

########## EOF - C:\AdwCleaner[R1].txt - [9899 octets] ##########



#5 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 03 February 2013 - 08:40 AM

Can you do the following: You have many toolbars installed.. None are required, most get installed while
installing other software
Close down All browser windows
Uninstall the following from "Programs and Features" in Windows Control Panel


Ask Toolbar
MapsGalaxy
ShopAtHome.com Helper
ShopAtHome.com Toolbar
TelevisionFanatic


In addition, I would also remove the following if not needed/required
McAfee Security Scan Plus
Google Toolbar for Internet Explorer


If you didn't pay anything for the next program, uninstall it also
SpeedyPC Pro

Reboot your pc.. Back in Windows
  • Please close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number
Also: Reopen OTL.exe
Run a Quick Scan.. When it's complete, post the contents of the log that opens

Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#6 jimmydef11

jimmydef11

    Newbie

  • Newbie
  • Pip
  • 5 posts

Posted 03 February 2013 - 10:40 AM

Thanks for your help.   I could not find the ask toolbar.

 

# Updated 26/01/2013 by Xplode

# Operating system : Windows 7 Home Premium (64 bits)

# User : Jimdef - JIMDEF-PC

# Boot Mode : Normal

# Running from : C:\Users\Jimdef\Desktop\adwcleaner.exe

# Option [Delete]

 

***** [Services] *****

 

***** [Files / Folders] *****

 

***** [Registry] *****

 

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Jimdef\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

 

 

OTL logfile created on: 2/3/2013 11:26:08 AM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jimdef\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.80 Gb Total Physical Memory | 2.37 Gb Available Physical Memory | 62.31% Memory free
7.60 Gb Paging File | 5.88 Gb Available in Paging File | 77.39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 583.11 Gb Total Space | 537.73 Gb Free Space | 92.22% Space Free | Partition Type: NTFS
 
Computer Name: JIMDEF-PC | User Name: Jimdef | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/02/03 08:02:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jimdef\Desktop\OTL.exe
PRC - [2012/10/18 11:10:42 | 000,103,864 | ---- | M] () -- C:\Users\Jimdef\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccsvchst.exe
PRC - [2010/03/03 17:41:58 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/12/25 18:21:16 | 000,034,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
PRC - [2009/09/26 02:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/09/26 02:31:32 | 000,185,640 | ---- | M] (Seagate LLC) -- C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2009/07/13 20:14:47 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012/10/18 11:10:42 | 000,103,864 | ---- | M] () -- C:\Users\Jimdef\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
MOD - [2012/10/18 11:10:18 | 000,049,080 | ---- | M] () -- C:\Users\Jimdef\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeHelperPS.dll
MOD - [2011/09/27 10:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 10:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012/09/29 09:20:31 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2010/07/28 13:27:16 | 000,267,192 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2010/07/22 19:36:16 | 000,822,192 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2010/06/29 14:05:02 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2010/06/07 18:39:40 | 000,911,872 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv)
SRV:64bit: - [2010/06/07 18:34:20 | 000,408,576 | ---- | M] (Red Bend Ltd.) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent)
SRV:64bit: - [2010/03/05 13:26:38 | 001,425,168 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2010/03/05 13:07:58 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2010/03/05 13:06:22 | 000,831,760 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2010/02/05 19:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/10/21 12:30:36 | 000,531,520 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2009/10/16 16:06:40 | 001,039,360 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxducoms.exe -- (lxdu_device)
SRV:64bit: - [2009/07/28 17:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/04/24 19:24:34 | 000,566,704 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxbfcoms.exe -- (lxbf_device)
SRV - [2013/01/09 14:19:56 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011/12/12 11:03:40 | 000,290,832 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe -- (N360)
SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 17:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/03 17:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/10/06 12:21:50 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/09/26 02:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/04/24 18:24:16 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxbfcoms.exe -- (lxbf_device)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/09/28 10:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 01:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/15 15:48:23 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/07/22 11:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 16:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/04/20 20:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/03/30 22:00:09 | 000,744,568 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011/03/30 22:00:09 | 000,040,568 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2011/03/14 21:31:23 | 000,912,504 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011/03/11 01:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/27 01:47:10 | 000,450,680 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\symds64.sys -- (SymDS)
DRV:64bit: - [2011/01/27 00:07:06 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502020.003\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010/06/18 13:38:06 | 000,039,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010/05/31 15:05:06 | 007,689,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2010/05/18 19:02:48 | 000,164,464 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2010/05/16 20:28:38 | 000,175,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpmp.sys -- (bpmp)
DRV:64bit: - [2010/05/16 20:28:30 | 000,081,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpusb.sys -- (bpusb)
DRV:64bit: - [2010/05/16 20:28:28 | 000,071,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpenum.sys -- (bpenum)
DRV:64bit: - [2010/05/08 21:38:56 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2010/05/03 17:44:02 | 000,331,880 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/04/21 14:18:44 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/03/10 21:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/02/26 19:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/03 09:38:30 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/01/15 15:22:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/10/09 21:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/09/17 15:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/31 00:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009/07/30 22:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 18:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:00:24 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpials.sys -- (acpials)
DRV:64bit: - [2009/06/29 19:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009/06/29 13:25:22 | 000,034,880 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2009/06/22 20:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009/06/19 22:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/01/16 07:22:12 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20130202.007\ex64.sys -- (NAVEX15)
DRV - [2013/01/16 07:22:07 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20130202.007\eng64.sys -- (NAVENG)
DRV - [2013/01/15 21:51:11 | 001,388,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20130116.013\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/09/06 03:54:30 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20130201.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/08/08 22:35:05 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/08/08 22:35:04 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{39462F38-807D-488D-B307-3D5CA747BDA6}: "URL" = http://www.google.co...ng}&rlz=1I7TSND
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=TSND&bmod=TSND
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=TSND&bmod=TSND
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{210AE5F3-866A-4832-9D21-79FFAB0ECC02}: "URL" = http://www.google.co...ng}&rlz=1I7TSND
IE - HKLM\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebs...or={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{210AE5F3-866A-4832-9D21-79FFAB0ECC02}: "URL" = http://www.google.co...ng}&rlz=1I7TSND
IE - HKCU\..\SearchScopes\{294FD327-A0C1-43CF-AA13-AFB5C82FE33D}: "URL" = http://search.yahoo....f-8&fr=chr-yie9
IE - HKCU\..\SearchScopes\{34E4CBC7-E44C-4BEA-8974-B87AF0C27FC1}: "URL" = http://delicious.com...?p={searchTerms}
IE - HKCU\..\SearchScopes\{35C9BB05-D25B-4993-B767-96FADFCF256A}: "URL" = http://www.google.co...ND_enUS458US458
IE - HKCU\..\SearchScopes\{677D3C0A-5B8B-42F6-B7FC-311EC3F17F23}: "URL" = http://www.flickr.co...?q={searchTerms}
IE - HKCU\..\SearchScopes\{A27E6BEA-C80B-4861-9F0E-B3E63AE5B9A5}: "URL" = http://websearch.sho...&q={searchTerms}
IE - HKCU\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebs...or={searchTerms}
IE - HKCU\..\SearchScopes\{B97F2187-C245-4D9A-95F9-2B9325DA0E6E}: "URL" = http://websearch.ask...FA-3E1AAE219548&
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\Email Removed/BrowserPlus,version=2.9.8: C:\Users\Jimdef\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPlgn\ [2012/01/31 14:11:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn_2011_7_13_2 [2013/02/03 11:24:46 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - homepage: http://www.google.co...=TSND&bmod=TSND
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.co...=TSND&bmod=TSND
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: registryAccess (Enabled) = C:\Users\Jimdef\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaanplonkoccjbnlleoidjplmhgeahe\7.13.1.0_0\background/registryAccess.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\NP64Stub.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Sammsoft Toolbar = C:\Users\Jimdef\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaanplonkoccjbnlleoidjplmhgeahe\7.13.1.19132_0\
CHR - Extension: YouTube = C:\Users\Jimdef\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Users\Jimdef\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Users\Jimdef\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Search = C:\Users\Jimdef\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Gmail = C:\Users\Jimdef\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Gmail = C:\Users\Jimdef\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: []  File not found
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [IntelWirelessWiMAX] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [ShopAtHomeWatcher] C:\Users\Jimdef\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe ()
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe (TOSHIBA)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKCU..\Run: [Best Buy pc app] C:\Users\Jimdef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms File not found
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.250.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{95F0DC77-ACC9-48D6-B326-62972E0FEFF8}: DhcpNameServer = 192.168.1.1 71.250.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B97FE76F-4ACD-4630-B0CD-C56594291322}: DhcpNameServer = 4.2.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5ff53d4a-1168-11e1-b0ae-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5ff53d4a-1168-11e1-b0ae-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/02/03 08:02:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jimdef\Desktop\OTL.exe
[2013/02/01 12:37:03 | 000,000,000 | ---D | C] -- C:\Users\Jimdef\AppData\Roaming\SpeedyPC Software
[2013/02/01 12:37:03 | 000,000,000 | ---D | C] -- C:\Users\Jimdef\AppData\Roaming\DriverCure
[2013/02/01 12:36:51 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedyPC Software
[2013/01/21 12:24:18 | 000,000,000 | ---D | C] -- C:\Users\Jimdef\AppData\Roaming\ShopAtHome
[2013/01/09 07:05:44 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
[2013/01/09 07:05:44 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
[2013/01/09 07:05:33 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2013/01/09 07:05:29 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usp10.dll
[2013/01/09 07:05:23 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wpc.dll
[2013/01/09 07:05:23 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysWow64\fpb.rs
[2013/01/09 07:05:23 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysNative\fpb.rs
[2013/01/09 07:05:23 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc-nz.rs
[2013/01/09 07:05:23 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc-nz.rs
[2013/01/09 07:05:23 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegibbfc.rs
[2013/01/09 07:05:23 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegibbfc.rs
[2013/01/09 07:05:23 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysWow64\csrr.rs
[2013/01/09 07:05:23 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysNative\csrr.rs
[2013/01/09 07:05:23 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cob-au.rs
[2013/01/09 07:05:23 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysNative\cob-au.rs
[2013/01/09 07:05:23 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysWow64\usk.rs
[2013/01/09 07:05:23 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysNative\usk.rs
[2013/01/09 07:05:23 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysWow64\grb.rs
[2013/01/09 07:05:23 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysNative\grb.rs
[2013/01/09 07:05:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-pt.rs
[2013/01/09 07:05:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-pt.rs
[2013/01/09 07:05:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi.rs
[2013/01/09 07:05:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi.rs
[2013/01/09 07:05:23 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysWow64\djctq.rs
[2013/01/09 07:05:23 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysNative\djctq.rs
[2013/01/09 07:05:22 | 002,745,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gameux.dll
[2013/01/09 07:05:22 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gameux.dll
[2013/01/09 07:05:22 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Wpc.dll
[2013/01/09 07:05:22 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysWow64\esrb.rs
[2013/01/09 07:05:22 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysNative\esrb.rs
[2013/01/09 07:05:22 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc.rs
[2013/01/09 07:05:22 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-fi.rs
[2013/01/09 07:05:22 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-fi.rs
[2013/01/09 07:05:21 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cero.rs
[2013/01/09 07:05:21 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysNative\cero.rs
[2013/01/09 07:05:21 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc.rs
[2013/01/09 07:05:06 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2013/01/09 07:05:04 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2013/01/09 07:05:03 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2013/01/09 07:05:03 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2013/01/09 07:05:03 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2013/01/09 07:05:03 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2013/01/09 07:05:03 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2013/01/09 07:05:03 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll
[2013/01/09 07:05:03 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2013/01/09 07:05:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
[2013/01/09 07:05:03 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2013/01/09 07:05:03 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/01/09 07:05:03 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/01/09 07:05:03 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/01/09 07:05:03 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/01/09 07:05:03 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2013/01/09 07:05:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/01/09 07:05:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/01/09 07:05:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/01/09 07:05:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/01/09 07:05:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/01/09 07:05:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/01/09 07:05:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/01/09 07:05:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/01/09 07:05:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/01/09 07:05:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/01/09 07:05:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/01/09 07:05:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/01/09 07:05:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/01/09 07:05:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/01/09 07:05:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/02/03 11:24:51 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/03 11:24:31 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/02/03 11:24:26 | 3059,748,864 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/03 11:23:45 | 000,016,304 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/02/03 11:23:45 | 000,016,304 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/02/03 11:11:25 | 000,727,310 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/02/03 11:11:25 | 000,624,856 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/02/03 11:11:25 | 000,106,942 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/02/03 10:50:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/02/03 10:42:16 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/03 08:24:41 | 000,580,235 | ---- | M] () -- C:\Users\Jimdef\Desktop\adwcleaner.exe
[2013/02/03 08:02:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jimdef\Desktop\OTL.exe
[2013/02/02 15:03:46 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/02/02 13:19:15 | 001,167,166 | ---- | M] () -- C:\Users\Jimdef\Desktop\MASCapril.pdf
[2013/02/01 09:54:57 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2013/01/25 08:47:48 | 000,007,605 | ---- | M] () -- C:\Users\Jimdef\AppData\Local\Resmon.ResmonCfg
[2013/01/20 08:53:09 | 000,133,507 | ---- | M] () -- C:\Users\Jimdef\Desktop\StKittsBeachClub_2013-14PointsChart.pdf
[2013/01/20 08:51:36 | 000,148,567 | ---- | M] () -- C:\Users\Jimdef\Desktop\FrenchmansCove_2013-14PointsChart.pdf
[2013/01/20 08:50:36 | 000,203,223 | ---- | M] () -- C:\Users\Jimdef\Desktop\VillagedIledeFrance_2013-14PointsChart.pdf
[2013/01/20 08:45:26 | 000,248,469 | ---- | M] () -- C:\Users\Jimdef\Desktop\Marbella_2013-14PointsChart.pdf
[2013/01/20 08:36:28 | 000,076,107 | ---- | M] () -- C:\Users\Jimdef\Desktop\ArubaSurfClub_2013-14PointsChart.pdf
[2013/01/16 11:02:56 | 000,050,773 | ---- | M] () -- C:\Users\Jimdef\Desktop\Briella-7months.jpg
[2013/01/16 11:02:15 | 000,097,021 | ---- | M] () -- C:\Users\Jimdef\Desktop\Briella-6months.jpg
[2013/01/13 09:30:25 | 000,126,398 | ---- | M] () -- C:\Users\Jimdef\Desktop\grandvista closing.pdf
[2013/01/10 16:40:07 | 014,495,878 | ---- | M] () -- C:\Users\Jimdef\Desktop\ipad_user_guide.pdf
[2013/01/10 09:21:12 | 000,275,712 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/01/09 14:19:55 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013/01/09 14:19:55 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/01/08 09:35:20 | 000,126,398 | ---- | M] () -- C:\Users\Jimdef\Desktop\MGV Check in Days.pdf
[2013/01/08 09:33:06 | 000,142,531 | ---- | M] () -- C:\Users\Jimdef\Desktop\MASC Check in Days.pdf
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/02/03 08:24:41 | 000,580,235 | ---- | C] () -- C:\Users\Jimdef\Desktop\adwcleaner.exe
[2013/02/02 13:21:59 | 001,167,166 | ---- | C] () -- C:\Users\Jimdef\Desktop\MASCapril.pdf
[2013/01/25 08:47:48 | 000,007,605 | ---- | C] () -- C:\Users\Jimdef\AppData\Local\Resmon.ResmonCfg
[2013/01/20 08:53:09 | 000,133,507 | ---- | C] () -- C:\Users\Jimdef\Desktop\StKittsBeachClub_2013-14PointsChart.pdf
[2013/01/20 08:51:36 | 000,148,567 | ---- | C] () -- C:\Users\Jimdef\Desktop\FrenchmansCove_2013-14PointsChart.pdf
[2013/01/20 08:50:36 | 000,203,223 | ---- | C] () -- C:\Users\Jimdef\Desktop\VillagedIledeFrance_2013-14PointsChart.pdf
[2013/01/20 08:45:26 | 000,248,469 | ---- | C] () -- C:\Users\Jimdef\Desktop\Marbella_2013-14PointsChart.pdf
[2013/01/20 08:36:28 | 000,076,107 | ---- | C] () -- C:\Users\Jimdef\Desktop\ArubaSurfClub_2013-14PointsChart.pdf
[2013/01/16 11:02:55 | 000,050,773 | ---- | C] () -- C:\Users\Jimdef\Desktop\Briella-7months.jpg
[2013/01/16 11:02:15 | 000,097,021 | ---- | C] () -- C:\Users\Jimdef\Desktop\Briella-6months.jpg
[2013/01/13 09:30:25 | 000,126,398 | ---- | C] () -- C:\Users\Jimdef\Desktop\grandvista closing.pdf
[2013/01/10 16:40:06 | 014,495,878 | ---- | C] () -- C:\Users\Jimdef\Desktop\ipad_user_guide.pdf
[2013/01/08 09:35:20 | 000,126,398 | ---- | C] () -- C:\Users\Jimdef\Desktop\MGV Check in Days.pdf
[2013/01/08 09:33:06 | 000,142,531 | ---- | C] () -- C:\Users\Jimdef\Desktop\MASC Check in Days.pdf
[2012/03/31 13:54:27 | 001,224,704 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfserv.dll
[2012/03/31 13:54:27 | 000,995,328 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfusb1.dll
[2012/03/31 13:54:27 | 000,696,320 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfhbn3.dll
[2012/03/31 13:54:27 | 000,684,032 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfcomc.dll
[2012/03/31 13:54:27 | 000,643,072 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfpmui.dll
[2012/03/31 13:54:27 | 000,585,728 | ---- | C] ( ) -- C:\windows\SysWow64\lxbflmpm.dll
[2012/03/31 13:54:27 | 000,537,520 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfcoms.exe
[2012/03/31 13:54:27 | 000,421,888 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfcomm.dll
[2012/03/31 13:54:27 | 000,413,696 | ---- | C] () -- C:\windows\SysWow64\lxbfutil.dll
[2012/03/31 13:54:27 | 000,413,696 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfinpa.dll
[2012/03/31 13:54:27 | 000,397,312 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfiesc.dll
[2012/03/31 13:54:27 | 000,385,968 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfih.exe
[2012/03/31 13:54:27 | 000,381,872 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfcfg.exe
[2012/03/31 13:54:27 | 000,274,432 | ---- | C] () -- C:\windows\SysWow64\LXBFinst.dll
[2012/03/31 13:54:27 | 000,181,168 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfppls.exe
[2012/03/31 13:54:27 | 000,163,840 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfprox.dll
[2012/03/31 13:54:27 | 000,094,208 | ---- | C] ( ) -- C:\windows\SysWow64\lxbfpplc.dll
[2012/02/04 09:18:21 | 000,000,409 | ---- | C] () -- C:\windows\lexstat.ini
[2011/12/15 17:10:50 | 000,103,720 | ---- | C] () -- C:\Users\Jimdef\GoToAssistDownloadHelper.exe
[2011/11/17 18:35:59 | 000,743,534 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
 
========== ZeroAccess Check ==========
 
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 20:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >



#7 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 03 February 2013 - 11:30 AM

Right click on OTL.exe and choose to "Run as Admin"
  • Under the Custom Scans/Fixes box at the bottom, copy/paste in the following in the quote box below. don't include the word Quote please
    :OTL
    MOD - [2012/10/18 11:10:42 | 000,103,864 ---- M] () -- C:\Users\Jimdef\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
    MOD - [2012/10/18 11:10:18 | 000,049,080 ---- M] () -- C:\Users\Jimdef\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeHelperPS.dll
    IE - HKLM\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebs...or={searchTerms}
    IE - HKCU\..\SearchScopes\{A27E6BEA-C80B-4861-9F0E-B3E63AE5B9A5}: "URL" = http://websearch.sho...&q={searchTerms}
    IE - HKCU\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebs...or={searchTerms}
    IE - HKCU\..\SearchScopes\{B97F2187-C245-4D9A-95F9-2B9325DA0E6E}: "URL" = http://websearch.ask...FA-3E1AAE219548&
    CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\NP64Stub.dll
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O4 - HKLM..\Run: []  File not found
    O4 - HKLM..\Run: [ShopAtHomeWatcher] C:\Users\Jimdef\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe ()
    O4 - HKCU..\Run: [Best Buy pc app] C:\Users\Jimdef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms File not found
    O33 - MountPoints2\{5ff53d4a-1168-11e1-b0ae-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{5ff53d4a-1168-11e1-b0ae-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.EXE
    [2013/02/01 12:37:03 | 000,000,000 ---D C] -- C:\Users\Jimdef\AppData\Roaming\SpeedyPC Software
    [2013/02/01 12:37:03 | 000,000,000 ---D C] -- C:\Users\Jimdef\AppData\Roaming\DriverCure
    [2013/02/01 12:36:51 | 000,000,000 ---D C] -- C:\ProgramData\SpeedyPC Software
    [2013/01/21 12:24:18 | 000,000,000 ---D C] -- C:\Users\Jimdef\AppData\Roaming\ShopAtHome
    :Files
    C:\Users\Jimdef\AppData\Roaming\ShopAtHome
    C:\Program Files (x86)\TelevisionFanatic
    :Commands
    [EmptyTemp]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • On startup, Allow OTL to run if prompted
    A log should open, can you post it please
    A copy of this log can also be found in
    C:\_OTL\Moved Files folder
     
    In addition: You showed me a Delete log from Adwcleaner.exe with no results
    This may indicate you ran the fix more than once
    Can you reopen AdwCleaner.exe and run a Search, post the new log that opens
     
    Also:
    Download Security Check by screen317 from here or here.
    • Save it to your Desktop.
    • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
     
    Keep me informed how things are running please

Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#8 jimmydef11

jimmydef11

    Newbie

  • Newbie
  • Pip
  • 5 posts

Posted 03 February 2013 - 01:32 PM

My laptop is running a lot faster.   BIG BIG improvement.   Can't thank you enough.   I will make a contribution to your website.   I really appreciate your

help.    After I copied the text to OTL and ran the fixes, when the PC booted up, at first it stated that the RPC server was not available.   So, I rebooted and everything was fine.

 

Thanks again.  

 

 

 

Results of screen317's Security Check version 0.99.57 
 Windows 7  x64 (UAC is enabled) 
 Out of date service pack!!
 Internet Explorer 9 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Norton 360   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 JavaFX 2.1.1   
 Java™ 6 Update 20 
 Java 7 Update 9 
 Java version out of Date!
 Adobe Flash Player 11.5.502.146 
 Adobe Reader 9 Adobe Reader out of Date!
 Google Chrome 24.0.1312.56 
 Google Chrome 24.0.1312.57 
````````Process Check: objlist.exe by Laurent```````` 
 Norton ccSvcHst.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

 

 

 

 

 

 

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A27E6BEA-C80B-4861-9F0E-B3E63AE5B9A5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A27E6BEA-C80B-4861-9F0E-B3E63AE5B9A5}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B97F2187-C245-4D9A-95F9-2B9325DA0E6E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B97F2187-C245-4D9A-95F9-2B9325DA0E6E}\ not found.
File C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\NP64Stub.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ShopAtHomeWatcher deleted successfully.
C:\Users\Jimdef\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Best Buy pc app deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5ff53d4a-1168-11e1-b0ae-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5ff53d4a-1168-11e1-b0ae-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5ff53d4a-1168-11e1-b0ae-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5ff53d4a-1168-11e1-b0ae-806e6f6e6963}\ not found.
File D:\Setup.EXE not found.
C:\Users\Jimdef\AppData\Roaming\SpeedyPC Software\SpeedyPC Pro folder moved successfully.
C:\Users\Jimdef\AppData\Roaming\SpeedyPC Software folder moved successfully.
C:\Users\Jimdef\AppData\Roaming\DriverCure folder moved successfully.
C:\ProgramData\SpeedyPC Software\SpeedyPC Pro folder moved successfully.
C:\ProgramData\SpeedyPC Software folder moved successfully.
C:\Users\Jimdef\AppData\Roaming\ShopAtHome\ShopAtHomeHelper folder moved successfully.
C:\Users\Jimdef\AppData\Roaming\ShopAtHome folder moved successfully.
File ptyTemp] not found.
 
OTL by OldTimer - Version 3.2.69.0 log created on 02032013_141637

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...



#9 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 03 February 2013 - 03:54 PM

glad to hear things are running better
I won't have a chance to look at your last logs till later tonight or tomorrow morning
Off to watch Superbowl

Didn't want to leave you waiting smile.png


Do you want to post your own logs from FRST?
Follow the instructions posted Click Here


#10 guestolo

guestolo

    Site Donator

  • Admin
  • PipPipPipPipPipPipPip
  • 16,247 posts

Posted 04 February 2013 - 12:21 PM

Let's see if we can get some of your software updated, keeping it more secure and less vunerable to exploits
 
Close down all browser windows>> Access "Programs and Features" and remove:
 JavaFX 2.1.1
Java™ 6 Update 20 
 Java 7 Update 9

 
After removal go to the following link and get latest version 
http://www.java.com/...nload/index.jsp
 
NOTE: ensure to Uncheck any option for security scan or toolbar.. They are not needed
 
Afterwards: open up your copy of Adobe Reader, click on HELP>>Check for updates
If any update. Allow to download and install
Keep rechecking till you have all updates
Again, while updating, if any toolbar or optional software is checked
uncheck it before continuing
 
Come back here when done and keep me updated how things are running

Do you want to post your own logs from FRST?
Follow the instructions posted Click Here