Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Yep issue is back today,,, ordered a new computer. screw this. Toshiba Canada has no forums and usa guys wont even give it a try. Its also out of warrantee so Toshiba here wont help and it has old drivers with no new updated ones.
Screw them and there OEM third party drivers! Never buy a Toshiba again. thx Guestsolo anyhow... wanna buy a computer lol
had a good run there where it was fine,,, but today after a windows update it went back to incorrect ratio and no matter what do it wont go back to the proper ratio.
So im guessing your right theres some conflict with my display hardware or softwares.... could I have 2 and they are clashing?
Heres the info my divice manager says I have.... and this is what intel says:
Graphics Driver
..... this is the last driver toshibia lists for my computer
yes,,, did 2 clean boots in a row and still came up the incorrect ratio,,,, so i did a various reboots/shutdowns/plugged in/un plugged/shut cover/pulled battery..... 20 all together.... etc... and no real pattern emerged other then 99% of reboots (computer or user generated) will create a incorrect ratio and 99% of all full shutdown and 10 sec wait or more will fix the issue. For that 1% that didnt work a batt removal during shut down always gets the correct ratio.
but get this so I tryed to clean boot again and it was fine? then i tried unplugged clean boot... and it was fine.
then again tryed a reg restart with the start menu option and again back to wrong ratio. so i hard re-booted it back to reg ratio.
....................ok yup left it off longer then 10mins this time unplugged from ac and after start up it came up normal again:
Currently the aspect ratio says is at 1366x768 right now, with the full screen no border option turned on. Also all of my desktop icons are back to normal (correct position)
ok so after all day yesterday it was correct, this morning avg updated again and wanted to restart so i did, which restarted it and I was back to the messed up screen,,, so powered it down,,, waited more then 10sec and powered on and it didnt fix.
It seems like it might need to be left off longer then 10sec,,, maybe 5mins?
I keep trying...
Currently the aspect ratio says is at 1280x800 right now with a messed up screen, with the full screen no border option turned on. Also all of my desktop icons are to one side (incorrect position) but If I do a screen capture )(ctrl alt print screen) my windows bottom bar is showing in the picture.
sorry 3rd post in a row,,, but the log you asked for is on my 3rd last reply... anyhow I found a pattern to my incorrect aspect ratio,
a hard reboot will make the screen normal.
a soft reboot (ex. triggered by windows update or clicking the restart button) puts the computer into the incorrect ratio... and will stay like that until I do a complete shut down again.
wierd? what should I do?
im thinking spyware might be affecting my screen,,, as last night after all that i did a hard reboot,,, and turned it on this morning and my aspect ratio is fine again and all my icons are in the correct spot.
ok,,,well things seem to be running faster a tad,,, it wasnt really a slow computer to begin with. Im the only user and like to keep it cleaned up the best i can,,, is there any monthly or daily things i can do to keep the crap from coming back. I completely replaced the hard drive and have only been useing this for less then a yr now. so for it to have spyware on it already surprizes me.
Only thing I seen pop up there before i remember getting was the codec,,not sure if that was it or a different one,,,, it was for a AC3 sound i think. Something i thought was free of spam. But that might be unrelated to that one i seen above...not sure.
Basicly moveing on from here,,,, what other cleaning do you think i should do?
and what should i think about doing to fix my aspect ratio problem. A bios reload?
I dont see any updates from toshibia that i dont have... maybe ill look into the bios update. as the aspect ratio is incorrect the same during start up on the toshibia screen. But I find it very odd the issue went away then came back again a few days later,,, and its still incorrect as I type this. heres that log..
All processes killed
========== COMMANDS ==========
[EMPTYJAVA]
User: Administrator
User: All Users
User: Default
User: Default User
User: JC
->Java cache emptied: 10610925 bytes
User: Public
Total Java Files Cleaned = 10.00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default
User: Default User
User: JC
->Flash cache emptied: 81399 bytes
User: Public
Total Flash Files Cleaned = 0.00 mb
[EMPTYTEMP]
User: Administrator
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: JC
->Temp folder emptied: 794666155 bytes
->Temporary Internet Files folder emptied: 218130974 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 424168391 bytes
->Flash cache emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\\System32 .tmp files removed: 0 bytes
%systemroot%\\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\\System32\\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 409178050 bytes
%systemroot%\\sysnative\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files folder emptied: 78386116 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 1,835.00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 02112014_175829
Files\\Folders moved on Reboot...
C:\\Users\\JC\\AppData\\Local\\Temp\\FXSAPIDebugLogFile.txt moved successfully.
C:\\Users\\JC\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\counters.dat moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
# AdwCleaner v3.018 - Report created 10/02/2014 at 16:10:59
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : JC - JC-PC
# Running from : C:\\Users\\JC\\Desktop\\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\\ProgramData\\AVG Security Toolbar
Folder Deleted : C:\\ProgramData\\Tarma Installer
Folder Deleted : C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\myfree codec
Folder Deleted : C:\\Program Files (x86)\\myfree codec
Folder Deleted : C:\\Users\\JC\\AppData\\Local\\SwvUpdater
File Deleted : C:\\END
File Deleted : C:\\Users\\JC\\AppData\\Local\\Temp\\Uninstall.exe
File Deleted : C:\\Users\\JC\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qsei7pda.default\\user.js
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\\SOFTWARE\\Classes\\AppID\\ScriptHelper.EXE
Key Deleted : HKLM\\SOFTWARE\\Classes\\AppID\\secman.DLL
Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Tracing\\QuickShare_RASAPI32
Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Tracing\\QuickShare_RASMANCS
Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Tracing\\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Tracing\\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\\SOFTWARE\\Classes\\CrossriderApp0037004.BHO
Key Deleted : HKLM\\SOFTWARE\\Classes\\CrossriderApp0037004.BHO.1
Key Deleted : HKLM\\SOFTWARE\\Classes\\CrossriderApp0037004.Sandbox
Key Deleted : HKLM\\SOFTWARE\\Classes\\CrossriderApp0037004.Sandbox.1
Key Deleted : HKLM\\SOFTWARE\\Classes\\AppID\\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\\SOFTWARE\\Classes\\AppID\\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{11111111-1111-1111-1111-110311701104}
Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{55555555-5555-5555-5555-550355705504}
Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{66666666-6666-6666-6666-660366706604}
Key Deleted : HKLM\\SOFTWARE\\Classes\\TypeLib\\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\\SOFTWARE\\Classes\\TypeLib\\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\\SOFTWARE\\Classes\\TypeLib\\{44444444-4444-4444-4444-440344704404}
Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{11111111-1111-1111-1111-110311701104}
Key Deleted : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Stats\\{11111111-1111-1111-1111-110311701104}
Key Deleted : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{11111111-1111-1111-1111-110311701104}
Value Deleted : HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\CLSID\\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{55555555-5555-5555-5555-550355705504}
Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{66666666-6666-6666-6666-660366706604}
Value Deleted : [x64] HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : HKCU\\Software\\AVG Secure Search
Key Deleted : HKCU\\Software\\Conduit
Key Deleted : HKCU\\Software\\Cr_Installer
Key Deleted : HKCU\\Software\\InstallCore
Key Deleted : HKCU\\Software\\Myfree Codec
Key Deleted : HKCU\\Software\\smartbar
Key Deleted : HKCU\\Software\\UpdateStar
Key Deleted : HKCU\\Software\\AppDataLow\\Software\\Crossrider
Key Deleted : HKLM\\Software\\Myfree Codec
Key Deleted : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\MyFreeCodec
Key Deleted : [x64] HKLM\\SOFTWARE\\Tarma Installer
***** [ Browsers ] *****
-\\\\ Internet Explorer v11.0.9600.16428
-\\\\ Mozilla Firefox v26.0 (en-US)
[ File : C:\\Users\\JC\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qsei7pda.default\\prefs.js ]
*************************
AdwCleaner[R0].txt - [5970 octets] - [10/02/2014 16:07:15]
AdwCleaner[S0].txt - [5602 octets] - [10/02/2014 16:10:59]
########## EOF - C:\\AdwCleaner\\AdwCleaner[S0].txt - [5662 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Home Premium x64
Ran by JC on 10/02/2014 at 16:14:28.97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\\CLSID\\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\\CLSID\\{22222222-2222-2222-2222-220322702204}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\\Wow6432Node\\CLSID\\{22222222-2222-2222-2222-220322702204}
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\\Users\\JC\\AppData\\Roaming\\mozilla\\firefox\\profiles\\qsei7pda.default\\minidumps [34 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10/02/2014 at 16:21:39.66
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
OTL logfile created on: 10/02/2014 4:24:56 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\\Users\\JC\\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
3.84 Gb Total Physical Memory | 2.70 Gb Available Physical Memory | 70.33% Memory free
7.68 Gb Paging File | 6.42 Gb Available in Paging File | 83.57% Paging File free
Paging file location(s): ?:\\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\\Windows | %ProgramFiles% = C:\\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 122.73 Gb Free Space | 13.18% Space Free | Partition Type: NTFS
Computer Name: JC-PC | User Name: JC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/02/10 08:34:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\\Users\\JC\\Desktop\\OTL.exe
PRC - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe
PRC - [2013/11/14 20:48:30 | 001,861,968 | ---- | M] () -- C:\\Program Files (x86)\\DivX\\DivX Update\\DivXUpdate.exe
PRC - [2013/11/11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\\Program Files (x86)\\AVG\\AVG2014\\avgidsagent.exe
PRC - [2013/11/07 22:03:50 | 004,956,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\\Program Files (x86)\\AVG\\AVG2014\\avgui.exe
PRC - [2013/09/24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\\Program Files (x86)\\AVG\\AVG2014\\avgwdsvc.exe
PRC - [2013/05/23 14:16:56 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\\Program Files (x86)\\Samsung\\Kies\\KiesTrayAgent.exe
PRC - [2013/05/23 14:16:52 | 001,561,968 | ---- | M] (Samsung) -- C:\\Program Files (x86)\\Samsung\\Kies\\Kies.exe
========== Modules (No Company Name) ==========
MOD - [2014/01/09 22:23:22 | 000,223,232 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Serv759bfb78#\\3bc7ec22c021d74dce4f8230f3631fca\\System.ServiceProcess.ni.dll
MOD - [2014/01/09 22:23:09 | 001,889,792 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Xaml\\639f444db9491d25b5d158531e1f7d9b\\System.Xaml.ni.dll
MOD - [2014/01/09 22:23:07 | 000,802,816 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Runt73a1fc9d#\\034c34ee777c7a2efc9c631b1179211c\\System.Runtime.Remoting.ni.dll
MOD - [2014/01/09 22:22:52 | 018,813,440 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\Presentatio5ae0f00f#\\a2eb039301af47660eebc7566ce02b9c\\PresentationFramework.ni.dll
MOD - [2014/01/09 22:22:40 | 007,662,080 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Xml\\d91f3556f8011a5d48e1448e3fa8df9e\\System.Xml.ni.dll
MOD - [2014/01/09 22:22:35 | 011,025,920 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\PresentationCore\\b9fe579783a35b57dd7e69375f35e239\\PresentationCore.ni.dll
MOD - [2014/01/09 22:22:35 | 000,976,384 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Configuration\\1f56d5786274992934de0c900431c447\\System.Configuration.ni.dll
MOD - [2014/01/09 22:22:32 | 006,990,336 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Core\\4e69f1e7d86d79012db2d7e0dadc8880\\System.Core.ni.dll
MOD - [2014/01/09 22:22:26 | 003,950,080 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\WindowsBase\\ef90aeb894485d14b249d102309b6df3\\WindowsBase.ni.dll
MOD - [2014/01/09 22:22:22 | 010,060,800 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System\\79f6324a598a7c4446a4a1168be7c4b1\\System.ni.dll
MOD - [2014/01/09 22:22:15 | 016,953,856 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\mscorlib\\045c9588954c3662d542b53f4462268b\\mscorlib.ni.dll
MOD - [2013/11/14 20:49:56 | 000,100,688 | ---- | M] () -- C:\\Program Files (x86)\\DivX\\DivX Update\\DivXUpdateCheck.dll
MOD - [2013/11/14 20:48:30 | 001,861,968 | ---- | M] () -- C:\\Program Files (x86)\\DivX\\DivX Update\\DivXUpdate.exe
========== Services (SafeList) ==========
SRV:64bit: - [2013/11/26 05:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysNative\\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Program Files\\Windows Defender\\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/02/23 17:57:42 | 000,835,952 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\\Program Files\\TOSHIBA\\TPHM\\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2009/11/05 21:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\\Program Files\\TOSHIBA\\Power Saver\\TosCoSrv.exe -- (TosCoSrv)
SRV - [2014/02/05 11:16:12 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/20 09:06:44 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\\Program Files (x86)\\Mozilla Maintenance Service\\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/11/11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\\Program Files (x86)\\AVG\\AVG2014\\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/09/24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\\Program Files (x86)\\AVG\\AVG2014\\avgwdsvc.exe -- (avgwd)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2011/02/11 12:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\\Program Files (x86)\\TOSHIBA\\TOSHIBA Service Station\\TMachInfo.exe -- (TMachInfo)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework\\v2.0.50727\\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/11/05 21:55:48 | 000,150,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\\Windows\\SysNative\\drivers\\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2013/11/04 21:52:42 | 000,240,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\\Windows\\SysNative\\drivers\\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/10/31 23:00:18 | 000,212,280 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\\Windows\\SysNative\\drivers\\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/10/31 22:49:46 | 000,294,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/10/24 22:25:58 | 000,194,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/10/01 00:52:08 | 000,123,704 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013/09/10 00:43:02 | 000,031,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2013/08/01 15:07:06 | 000,251,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\\Windows\\SysNative\\drivers\\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2013/06/20 20:07:52 | 000,203,672 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013/06/20 20:07:52 | 000,103,448 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\\Windows\\SysNative\\drivers\\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/06/20 09:07:08 | 001,225,832 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/08/27 08:07:06 | 007,369,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/07/20 16:48:32 | 000,274,480 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/14 14:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/19 19:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/10 17:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/01 22:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\Rt64win7.sys -- (RTL8167)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\drivers\\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\\..\\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\\..\\SearchScopes\\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: \"URL\" = http://www.bing.com/search?q=\'>http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Local Page = C:\\Windows\\SysWOW64\\blank.htm
IE - HKLM\\..\\SearchScopes,DefaultScope =
IE - HKLM\\..\\SearchScopes\\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: \"URL\" = http://www.bing.com/search?q=\'>http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\\..\\SearchScopes,DefaultScope =
IE - HKCU\\..\\SearchScopes\\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: \"URL\" = http://www.bing.com/search?q=\'>http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyEnable\" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: \"http://ca.msn.com/\'>http://ca.msn.com/\"
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.9.1
FF - prefs.js..extensions.enabledAddons: youtube2mp3%40mondayx.de:1.2.3
FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:1.3.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..keyword.URL: \"\"
FF - user.js - File not found
FF:64bit: - HKLM\\Software\\MozillaPlugins\\@adobe.com/FlashPlayer: C:\\Windows\\system32\\Macromed\\Flash\\NPSWF64_12_0_0_43.dll File not found
FF:64bit: - HKLM\\Software\\MozillaPlugins\\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\\Software\\MozillaPlugins\\@Microsoft.com/NpCtrl,version=1.0: c:\\Program Files\\Microsoft Silverlight\\5.1.20913.0\\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\\Software\\MozillaPlugins\\@microsoft.com/OfficeAuthz,version=14.0: C:\\PROGRA~1\\MICROS~3\\Office14\\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@adobe.com/FlashPlayer: C:\\Windows\\SysWOW64\\Macromed\\Flash\\NPSWF32_12_0_0_44.dll ()
FF - HKLM\\Software\\MozillaPlugins\\@divx.com/DivX VOD Helper,version=1.0.0: C:\\Program Files (x86)\\DivX\\DivX OVS Helper\\npovshelper.dll (DivX, LLC.)
FF - HKLM\\Software\\MozillaPlugins\\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\\Program Files (x86)\\DivX\\DivX Web Player\\npdivx32.dll (DivX, LLC)
FF - HKLM\\Software\\MozillaPlugins\\@java.com/DTPlugin,version=10.51.2: C:\\Program Files (x86)\\Java\\jre7\\bin\\dtplugin\\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@java.com/JavaPlugin,version=10.51.2: C:\\Program Files (x86)\\Java\\jre7\\bin\\plugin2\\npjp2.dll (Oracle Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\\Software\\MozillaPlugins\\@Microsoft.com/NpCtrl,version=1.0: c:\\Program Files (x86)\\Microsoft Silverlight\\5.1.20913.0\\npctrl.dll ( Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/OfficeAuthz,version=14.0: C:\\PROGRA~2\\MICROS~4\\Office14\\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/SharePoint,version=14.0: C:\\PROGRA~2\\MICROS~4\\Office14\\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/WLPG,version=16.4.3508.0205: C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@videolan.org/vlc,version=2.0.8: C:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll (VideoLAN)
FF - HKLM\\Software\\MozillaPlugins\\Adobe Reader: C:\\Program Files (x86)\\Adobe\\Reader 11.0\\Reader\\AIR\\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\\software\\mozilla\\Mozilla Firefox 26.0\\extensions\\\\Components: C:\\Program Files (x86)\\Mozilla Firefox\\components
FF - HKEY_LOCAL_MACHINE\\software\\mozilla\\Mozilla Firefox 26.0\\extensions\\\\Plugins: C:\\Program Files (x86)\\Mozilla Firefox\\plugins [2014/01/15 17:35:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\\software\\mozilla\\Mozilla Firefox 26.0\\extensions\\\\Components: C:\\Program Files (x86)\\Mozilla Firefox\\components
FF - HKEY_CURRENT_USER\\software\\mozilla\\Mozilla Firefox 26.0\\extensions\\\\Plugins: C:\\Program Files (x86)\\Mozilla Firefox\\plugins [2014/01/15 17:35:32 | 000,000,000 | ---D | M]
[2013/07/19 21:43:55 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\JC\\AppData\\Roaming\\Mozilla\\Extensions
[2014/01/16 19:19:51 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\JC\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qsei7pda.default\\extensions
[2013/08/15 22:17:22 | 000,128,676 | ---- | M] () (No name found) -- C:\\Users\\JC\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qsei7pda.default\\extensions\\[email protected]
[2013/10/28 16:52:00 | 000,011,510 | ---- | M] () (No name found) -- C:\\Users\\JC\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qsei7pda.default\\extensions\\[email protected]
[2013/10/28 16:52:00 | 000,021,093 | ---- | M] () (No name found) -- C:\\Users\\JC\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qsei7pda.default\\extensions\\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2014/01/16 19:19:51 | 000,940,775 | ---- | M] () (No name found) -- C:\\Users\\JC\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qsei7pda.default\\extensions\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/11/19 11:00:31 | 000,000,000 | ---D | M] (No name found) -- C:\\Program Files (x86)\\Mozilla Firefox\\browser\\extensions
[2013/12/20 09:06:45 | 000,000,000 | ---D | M] (Default) -- C:\\Program Files (x86)\\Mozilla Firefox\\browser\\extensions\\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\\Windows\\SysNative\\drivers\\etc\\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files (x86)\\Java\\jre7\\bin\\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files (x86)\\Java\\jre7\\bin\\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\\Run: [00TCrdMain] C:\\Program Files\\TOSHIBA\\FlashCards\\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\\Run: [HotKeysCmds] C:\\Windows\\SysNative\\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\\Run: [HSON] C:\\Program Files\\TOSHIBA\\TBS\\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\\Run: [IgfxTray] C:\\Windows\\SysNative\\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\\Run: [Persistence] C:\\Windows\\SysNative\\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\\Run: [SmoothView] C:\\Program Files\\TOSHIBA\\SmoothView\\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\\Run: [TosWaitSrv] C:\\Program Files\\TOSHIBA\\TPHM\\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\\Run: [TPwrMain] C:\\Program Files\\TOSHIBA\\Power Saver\\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\\Run: [AVG_UI] C:\\Program Files (x86)\\AVG\\AVG2014\\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\\Run: [DivXMediaServer] C:\\Program Files (x86)\\DivX\\DivX Media Server\\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\\Run: [DivXUpdate] C:\\Program Files (x86)\\DivX\\DivX Update\\DivXUpdate.exe ()
O4 - HKLM..\\Run: [KiesTrayAgent] C:\\Program Files (x86)\\Samsung\\Kies\\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\\Run: [ToshibaServiceStation] C:\\Program Files (x86)\\TOSHIBA\\TOSHIBA Service Station\\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKCU..\\Run: [AVG-Secure-Search-Update_0214c] C:\\Users\\JC\\AppData\\Roaming\\AVG 0214c Campaign\\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=3d36cfad21ae47d3ac4ad16f64d72b2d-0bce24661d296fd33ca722b7840714b550f4dabf /CMPID=0214c File not found
O4 - HKCU..\\Run: [AVG-Secure-Search-Update_1113a] C:\\Users\\JC\\AppData\\Roaming\\AVG 1113a Campaign\\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=3d36cfad21ae47d3ac4ad16f64d72b2d-0bce24661d296fd33ca722b7840714b550f4dabf /CMPID=1113a File not found
O4 - HKCU..\\Run: [KiesAirMessage] C:\\Program Files (x86)\\Samsung\\Kies\\KiesAirMessage.exe -startup File not found
O4 - HKCU..\\Run: [KiesPreload] C:\\Program Files (x86)\\Samsung\\Kies\\Kies.exe (Samsung)
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoActiveDesktop = 1
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab\'>http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters\\Interfaces\\{93FA396F-A4DC-4D34-91C8-DE334BF6D81D}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18:64bit: - Protocol\\Handler\\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\\Handler\\wlpg - No CLSID value found
O18 - Protocol\\Handler\\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\\Windows\\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\\Windows\\system32\\userinit.exe) - C:\\Windows\\SysNative\\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\\Windows\\SysWow64\\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\\Windows\\SysWow64\\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\\Notify\\igfxcui: DllName - (igfxdev.dll) - C:\\Windows\\SysNative\\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\\{b21e9637-ef4f-11e2-bd3d-806e6f6e6963}\\Shell - \"\" = AutoRun
O33 - MountPoints2\\{b21e9637-ef4f-11e2-bd3d-806e6f6e6963}\\Shell\\AutoRun\\command - \"\" = D:\\SETUP.EXE
O33 - MountPoints2\\{b21e9637-ef4f-11e2-bd3d-806e6f6e6963}\\Shell\\configure\\command - \"\" = D:\\SETUP.EXE
O33 - MountPoints2\\{b21e9637-ef4f-11e2-bd3d-806e6f6e6963}\\Shell\\install\\command - \"\" = D:\\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\\..comfile [open] -- \"%1\" %*
O35:64bit: - HKLM\\..exefile [open] -- \"%1\" %*
O35 - HKLM\\..comfile [open] -- \"%1\" %*
O35 - HKLM\\..exefile [open] -- \"%1\" %*
O37:64bit: - HKLM\\...com [@ = comfile] -- \"%1\" %*
O37:64bit: - HKLM\\...exe [@ = exefile] -- \"%1\" %*
O37 - HKLM\\...com [@ = comfile] -- \"%1\" %*
O37 - HKLM\\...exe [@ = exefile] -- \"%1\" %*
O38 - SubSystems\\\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/02/10 16:14:27 | 000,000,000 | ---D | C] -- C:\\Windows\\ERUNT
[2014/02/10 16:00:37 | 001,037,530 | ---- | C] (Thisisu) -- C:\\Users\\JC\\Desktop\\JRT.exe
[2014/02/10 15:58:56 | 000,000,000 | ---D | C] -- C:\\AdwCleaner
[2014/02/10 08:33:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\\Users\\JC\\Desktop\\OTL.exe
[2014/02/04 18:35:20 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\\Windows\\SysWow64\\CSVer.dll
[2014/02/04 18:32:22 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\SystemRequirementsLab
[2014/02/04 18:32:16 | 000,000,000 | ---D | C] -- C:\\Users\\JC\\AppData\\Roaming\\SystemRequirementsLab
[2014/02/04 17:51:06 | 000,000,000 | ---D | C] -- C:\\Windows\\SysWow64\\x64
[2014/02/04 17:51:06 | 000,000,000 | ---D | C] -- C:\\Windows\\SysWow64\\Lang
[2014/02/04 17:51:05 | 001,002,008 | ---- | C] (Intel Corporation) -- C:\\Windows\\SysWow64\\igxpun.exe
[2014/02/04 11:12:52 | 000,000,000 | --SD | C] -- C:\\Users\\JC\\Documents\\My Data Sources
[2014/02/04 10:22:39 | 000,000,000 | ---D | C] -- C:\\Users\\JC\\Documents\\Excel Activator
[2014/02/04 10:19:16 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Microsoft Office
[2014/02/04 10:18:57 | 000,000,000 | ---D | C] -- C:\\Program Files\\Microsoft Synchronization Services
[2014/02/04 10:18:55 | 000,000,000 | ---D | C] -- C:\\Program Files\\Common Files\\DESIGNER
[2014/02/04 10:18:23 | 000,000,000 | ---D | C] -- C:\\Program Files\\Microsoft SQL Server Compact Edition
[2014/02/04 10:16:53 | 000,000,000 | ---D | C] -- C:\\Program Files\\Microsoft Analysis Services
[2014/02/04 10:16:53 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Microsoft Analysis Services
[2014/02/04 10:16:41 | 000,000,000 | ---D | C] -- C:\\Users\\JC\\AppData\\Local\\Microsoft Help
[2014/02/04 10:16:40 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Microsoft Office
[2014/02/04 10:16:38 | 000,000,000 | ---D | C] -- C:\\Program Files\\Microsoft Office
[2014/02/04 10:16:38 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Microsoft Help
[2014/02/04 10:16:23 | 000,000,000 | RH-D | C] -- C:\\MSOCache
[2014/01/21 21:09:27 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\\Windows\\SysWow64\\javaws.exe
[2014/01/21 21:09:20 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\\Windows\\SysWow64\\java.exe
[2014/01/21 21:09:20 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\\Windows\\SysWow64\\WindowsAccessBridge-32.dll
[2014/01/21 21:09:20 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Java
[2014/01/15 22:36:02 | 000,000,000 | ---D | C] -- C:\\Windows\\Minidump
[2014/01/15 08:46:41 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\drivers\\usbport.sys
[2014/01/15 08:46:41 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\drivers\\usbd.sys
[2014/01/15 08:46:38 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\drivers\\netio.sys
========== Files - Modified Within 30 Days ==========
[2014/02/10 16:19:41 | 000,028,352 | -H-- | M] () -- C:\\Windows\\SysNative\\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/10 16:19:41 | 000,028,352 | -H-- | M] () -- C:\\Windows\\SysNative\\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/10 16:16:00 | 000,000,830 | ---- | M] () -- C:\\Windows\\tasks\\Adobe Flash Player Updater.job
[2014/02/10 16:12:25 | 000,067,584 | --S- | M] () -- C:\\Windows\\bootstat.dat
[2014/02/10 16:12:21 | 3092,938,752 | -HS- | M] () -- C:\\hiberfil.sys
[2014/02/10 16:00:40 | 001,037,530 | ---- | M] (Thisisu) -- C:\\Users\\JC\\Desktop\\JRT.exe
[2014/02/10 15:58:42 | 001,166,132 | ---- | M] () -- C:\\Users\\JC\\Desktop\\adwcleaner.exe
[2014/02/10 08:34:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\\Users\\JC\\Desktop\\OTL.exe
[2014/02/09 16:13:17 | 000,001,798 | ---- | M] () -- C:\\Users\\Public\\Desktop\\Vuze.lnk
[2014/02/09 16:13:17 | 000,001,798 | ---- | M] () -- C:\\Users\\JC\\Application Data\\Microsoft\\Internet Explorer\\Quick Launch\\Vuze.lnk
[2014/02/09 09:56:52 | 000,781,618 | ---- | M] () -- C:\\Windows\\SysNative\\PerfStringBackup.INI
[2014/02/09 09:56:52 | 000,666,680 | ---- | M] () -- C:\\Windows\\SysNative\\perfh009.dat
[2014/02/09 09:56:52 | 000,126,324 | ---- | M] () -- C:\\Windows\\SysNative\\perfc009.dat
[2014/02/05 11:16:12 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\\Windows\\SysWow64\\FlashPlayerApp.exe
[2014/02/05 11:16:12 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\\Windows\\SysWow64\\FlashPlayerCPLApp.cpl
[2014/02/04 17:54:25 | 000,015,190 | ---- | M] () -- C:\\Windows\\SysNative\\results.xml
[2014/02/04 17:33:24 | 000,291,152 | ---- | M] () -- C:\\Windows\\SysNative\\FNTCACHE.DAT
[2014/02/04 09:44:58 | 000,002,835 | ---- | M] () -- C:\\Users\\JC\\Documents\\Budget as of Jan 2014.rtf
[2014/02/04 09:44:58 | 000,002,835 | ---- | M] () -- C:\\Users\\JC\\Desktop\\Budget as of Jan 2014.rtf
[2014/01/24 09:39:43 | 000,000,332 | ---- | M] () -- C:\\Users\\JC\\Desktop\\new cds.rtf
[2014/01/15 22:35:59 | 443,984,828 | ---- | M] () -- C:\\Windows\\MEMORY.DMP
========== Files Created - No Company Name ==========
[2014/02/10 15:58:37 | 001,166,132 | ---- | C] () -- C:\\Users\\JC\\Desktop\\adwcleaner.exe
[2014/02/04 17:54:25 | 000,015,190 | ---- | C] () -- C:\\Windows\\SysNative\\results.xml
[2014/01/15 22:35:59 | 443,984,828 | ---- | C] () -- C:\\Windows\\MEMORY.DMP
[2014/01/09 22:19:43 | 000,762,252 | ---- | C] () -- C:\\Windows\\SysWow64\\PerfStringBackup.INI
[2013/05/22 19:43:52 | 000,030,568 | ---- | C] () -- C:\\Windows\\MusiccityDownload.exe
[2013/05/22 19:43:48 | 000,974,848 | ---- | C] () -- C:\\Windows\\SysWow64\\cis-2.4.dll
[2013/05/22 19:43:48 | 000,081,920 | ---- | C] () -- C:\\Windows\\SysWow64\\issacapi_bs-2.3.dll
[2013/05/22 19:43:48 | 000,065,536 | ---- | C] () -- C:\\Windows\\SysWow64\\issacapi_pe-2.3.dll
[2013/05/22 19:43:48 | 000,057,344 | ---- | C] () -- C:\\Windows\\SysWow64\\issacapi_se-2.3.dll
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\\Windows\\assembly\\Desktop.ini
[HKEY_CURRENT_USER\\Software\\Classes\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32] /64
[HKEY_CURRENT_USER\\Software\\Classes\\Wow6432node\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32]
[HKEY_CURRENT_USER\\Software\\Classes\\clsid\\{fbeb8a05-beee-4442-804e-409d6c4515e9}\\InProcServer32] /64
[HKEY_CURRENT_USER\\Software\\Classes\\Wow6432node\\clsid\\{fbeb8a05-beee-4442-804e-409d6c4515e9}\\InProcServer32]
[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32] /64
\"\" = C:\\Windows\\SysNative\\shell32.dll -- [2013/07/25 22:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
\"ThreadingModel\" = Apartment
[HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\Classes\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32]
\"\" = %SystemRoot%\\system32\\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
\"ThreadingModel\" = Apartment
[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\\InProcServer32] /64
\"\" = C:\\Windows\\SysNative\\wbem\\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
\"ThreadingModel\" = Free
[HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\Classes\\clsid\\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\\InProcServer32]
\"\" = %systemroot%\\system32\\wbem\\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
\"ThreadingModel\" = Free
[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\\InProcServer32] /64
\"\" = C:\\Windows\\SysNative\\wbem\\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
\"ThreadingModel\" = Both
[HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\Classes\\clsid\\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\\InProcServer32]
< End of report >
OTL logfile created on: 10/02/2014 8:35:33 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\\Users\\JC\\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
3.84 Gb Total Physical Memory | 2.29 Gb Available Physical Memory | 59.72% Memory free
7.68 Gb Paging File | 6.09 Gb Available in Paging File | 79.26% Paging File free
Paging file location(s): ?:\\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\\Windows | %ProgramFiles% = C:\\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 116.28 Gb Free Space | 12.48% Space Free | Partition Type: NTFS
Computer Name: JC-PC | User Name: JC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/02/10 08:34:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\\Users\\JC\\Desktop\\OTL.exe
PRC - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe
PRC - [2013/11/14 20:48:30 | 001,861,968 | ---- | M] () -- C:\\Program Files (x86)\\DivX\\DivX Update\\DivXUpdate.exe
PRC - [2013/11/11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\\Program Files (x86)\\AVG\\AVG2014\\avgidsagent.exe
PRC - [2013/11/07 22:03:50 | 004,956,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\\Program Files (x86)\\AVG\\AVG2014\\avgui.exe
PRC - [2013/09/24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\\Program Files (x86)\\AVG\\AVG2014\\avgwdsvc.exe
PRC - [2013/05/23 14:16:56 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\\Program Files (x86)\\Samsung\\Kies\\KiesTrayAgent.exe
PRC - [2013/05/23 14:16:52 | 001,561,968 | ---- | M] (Samsung) -- C:\\Program Files (x86)\\Samsung\\Kies\\Kies.exe
========== Modules (No Company Name) ==========
MOD - [2014/01/09 22:23:22 | 000,223,232 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Serv759bfb78#\\3bc7ec22c021d74dce4f8230f3631fca\\System.ServiceProcess.ni.dll
MOD - [2014/01/09 22:23:09 | 001,889,792 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Xaml\\639f444db9491d25b5d158531e1f7d9b\\System.Xaml.ni.dll
MOD - [2014/01/09 22:23:07 | 000,802,816 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Runt73a1fc9d#\\034c34ee777c7a2efc9c631b1179211c\\System.Runtime.Remoting.ni.dll
MOD - [2014/01/09 22:22:52 | 018,813,440 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\Presentatio5ae0f00f#\\a2eb039301af47660eebc7566ce02b9c\\PresentationFramework.ni.dll
MOD - [2014/01/09 22:22:40 | 007,662,080 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Xml\\d91f3556f8011a5d48e1448e3fa8df9e\\System.Xml.ni.dll
MOD - [2014/01/09 22:22:35 | 011,025,920 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\PresentationCore\\b9fe579783a35b57dd7e69375f35e239\\PresentationCore.ni.dll
MOD - [2014/01/09 22:22:35 | 000,976,384 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Configuration\\1f56d5786274992934de0c900431c447\\System.Configuration.ni.dll
MOD - [2014/01/09 22:22:32 | 006,990,336 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Core\\4e69f1e7d86d79012db2d7e0dadc8880\\System.Core.ni.dll
MOD - [2014/01/09 22:22:26 | 003,950,080 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\WindowsBase\\ef90aeb894485d14b249d102309b6df3\\WindowsBase.ni.dll
MOD - [2014/01/09 22:22:22 | 010,060,800 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System\\79f6324a598a7c4446a4a1168be7c4b1\\System.ni.dll
MOD - [2014/01/09 22:22:15 | 016,953,856 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\mscorlib\\045c9588954c3662d542b53f4462268b\\mscorlib.ni.dll
MOD - [2013/11/14 20:49:56 | 000,100,688 | ---- | M] () -- C:\\Program Files (x86)\\DivX\\DivX Update\\DivXUpdateCheck.dll
MOD - [2013/11/14 20:48:30 | 001,861,968 | ---- | M] () -- C:\\Program Files (x86)\\DivX\\DivX Update\\DivXUpdate.exe
========== Services (SafeList) ==========
SRV:64bit: - [2013/11/26 05:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysNative\\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Program Files\\Windows Defender\\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/02/23 17:57:42 | 000,835,952 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\\Program Files\\TOSHIBA\\TPHM\\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2009/11/05 21:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\\Program Files\\TOSHIBA\\Power Saver\\TosCoSrv.exe -- (TosCoSrv)
SRV - [2014/02/05 11:16:12 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/20 09:06:44 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\\Program Files (x86)\\Mozilla Maintenance Service\\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/11/11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\\Program Files (x86)\\AVG\\AVG2014\\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/09/24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\\Program Files (x86)\\AVG\\AVG2014\\avgwdsvc.exe -- (avgwd)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2011/02/11 12:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\\Program Files (x86)\\TOSHIBA\\TOSHIBA Service Station\\TMachInfo.exe -- (TMachInfo)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework\\v2.0.50727\\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/11/05 21:55:48 | 000,150,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\\Windows\\SysNative\\drivers\\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2013/11/04 21:52:42 | 000,240,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\\Windows\\SysNative\\drivers\\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/10/31 23:00:18 | 000,212,280 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\\Windows\\SysNative\\drivers\\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/10/31 22:49:46 | 000,294,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/10/24 22:25:58 | 000,194,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/10/01 00:52:08 | 000,123,704 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013/09/10 00:43:02 | 000,031,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2013/08/01 15:07:06 | 000,251,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\\Windows\\SysNative\\drivers\\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2013/06/20 20:07:52 | 000,203,672 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013/06/20 20:07:52 | 000,103,448 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\\Windows\\SysNative\\drivers\\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/06/20 09:07:08 | 001,225,832 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/08/27 08:07:06 | 007,369,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/07/20 16:48:32 | 000,274,480 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/14 14:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/19 19:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/10 17:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/01 22:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\Rt64win7.sys -- (RTL8167)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\drivers\\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\\..\\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\\..\\SearchScopes\\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: \"URL\" = http://www.bing.com/search?q=\'>http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Local Page = C:\\Windows\\SysWOW64\\blank.htm
IE - HKLM\\..\\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\\..\\SearchScopes\\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: \"URL\" = http://www.bing.com/search?q=\'>http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\\..\\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\\..\\SearchScopes\\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: \"URL\" = http://www.bing.com/search?q=\'>http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyEnable\" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: \"http://ca.msn.com/\'>http://ca.msn.com/\"
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.9.1
FF - prefs.js..extensions.enabledAddons: youtube2mp3%40mondayx.de:1.2.3
FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:1.3.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..keyword.URL: \"\"
FF:64bit: - HKLM\\Software\\MozillaPlugins\\@adobe.com/FlashPlayer: C:\\Windows\\system32\\Macromed\\Flash\\NPSWF64_12_0_0_43.dll File not found
FF:64bit: - HKLM\\Software\\MozillaPlugins\\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\\Software\\MozillaPlugins\\@Microsoft.com/NpCtrl,version=1.0: c:\\Program Files\\Microsoft Silverlight\\5.1.20913.0\\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\\Software\\MozillaPlugins\\@microsoft.com/OfficeAuthz,version=14.0: C:\\PROGRA~1\\MICROS~3\\Office14\\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@adobe.com/FlashPlayer: C:\\Windows\\SysWOW64\\Macromed\\Flash\\NPSWF32_12_0_0_44.dll ()
FF - HKLM\\Software\\MozillaPlugins\\@divx.com/DivX VOD Helper,version=1.0.0: C:\\Program Files (x86)\\DivX\\DivX OVS Helper\\npovshelper.dll (DivX, LLC.)
FF - HKLM\\Software\\MozillaPlugins\\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\\Program Files (x86)\\DivX\\DivX Web Player\\npdivx32.dll (DivX, LLC)
FF - HKLM\\Software\\MozillaPlugins\\@java.com/DTPlugin,version=10.51.2: C:\\Program Files (x86)\\Java\\jre7\\bin\\dtplugin\\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@java.com/JavaPlugin,version=10.51.2: C:\\Program Files (x86)\\Java\\jre7\\bin\\plugin2\\npjp2.dll (Oracle Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\\Software\\MozillaPlugins\\@Microsoft.com/NpCtrl,version=1.0: c:\\Program Files (x86)\\Microsoft Silverlight\\5.1.20913.0\\npctrl.dll ( Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/OfficeAuthz,version=14.0: C:\\PROGRA~2\\MICROS~4\\Office14\\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/SharePoint,version=14.0: C:\\PROGRA~2\\MICROS~4\\Office14\\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/WLPG,version=16.4.3508.0205: C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@videolan.org/vlc,version=2.0.8: C:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll (VideoLAN)
FF - HKLM\\Software\\MozillaPlugins\\Adobe Reader: C:\\Program Files (x86)\\Adobe\\Reader 11.0\\Reader\\AIR\\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\\software\\mozilla\\Mozilla Firefox 26.0\\extensions\\\\Components: C:\\Program Files (x86)\\Mozilla Firefox\\components
FF - HKEY_LOCAL_MACHINE\\software\\mozilla\\Mozilla Firefox 26.0\\extensions\\\\Plugins: C:\\Program Files (x86)\\Mozilla Firefox\\plugins [2014/01/15 17:35:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\\software\\mozilla\\Mozilla Firefox 26.0\\extensions\\\\Components: C:\\Program Files (x86)\\Mozilla Firefox\\components
FF - HKEY_CURRENT_USER\\software\\mozilla\\Mozilla Firefox 26.0\\extensions\\\\Plugins: C:\\Program Files (x86)\\Mozilla Firefox\\plugins [2014/01/15 17:35:32 | 000,000,000 | ---D | M]
[2013/07/19 21:43:55 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\JC\\AppData\\Roaming\\Mozilla\\Extensions
[2014/01/16 19:19:51 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\JC\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qsei7pda.default\\extensions
[2013/08/15 22:17:22 | 000,128,676 | ---- | M] () (No name found) -- C:\\Users\\JC\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qsei7pda.default\\extensions\\[email protected]
[2013/10/28 16:52:00 | 000,011,510 | ---- | M] () (No name found) -- C:\\Users\\JC\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qsei7pda.default\\extensions\\[email protected]
[2013/10/28 16:52:00 | 000,021,093 | ---- | M] () (No name found) -- C:\\Users\\JC\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qsei7pda.default\\extensions\\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2014/01/16 19:19:51 | 000,940,775 | ---- | M] () (No name found) -- C:\\Users\\JC\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qsei7pda.default\\extensions\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/11/19 11:00:31 | 000,000,000 | ---D | M] (No name found) -- C:\\Program Files (x86)\\Mozilla Firefox\\browser\\extensions
[2013/12/20 09:06:45 | 000,000,000 | ---D | M] (Default) -- C:\\Program Files (x86)\\Mozilla Firefox\\browser\\extensions\\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\\Windows\\SysNative\\drivers\\etc\\hosts
O2 - BHO: (Lightning Savings) - {11111111-1111-1111-1111-110311701104} - C:\\Program Files (x86)\\Lightning Savings\\Lightning Savings-bho.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files (x86)\\Java\\jre7\\bin\\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files (x86)\\Java\\jre7\\bin\\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\\..\\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\\..\\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O4:64bit: - HKLM..\\Run: [00TCrdMain] C:\\Program Files\\TOSHIBA\\FlashCards\\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\\Run: [HotKeysCmds] C:\\Windows\\SysNative\\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\\Run: [HSON] C:\\Program Files\\TOSHIBA\\TBS\\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\\Run: [IgfxTray] C:\\Windows\\SysNative\\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\\Run: [Persistence] C:\\Windows\\SysNative\\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\\Run: [SmoothView] C:\\Program Files\\TOSHIBA\\SmoothView\\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\\Run: [TosWaitSrv] C:\\Program Files\\TOSHIBA\\TPHM\\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\\Run: [TPwrMain] C:\\Program Files\\TOSHIBA\\Power Saver\\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\\Run: [AVG_UI] C:\\Program Files (x86)\\AVG\\AVG2014\\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\\Run: [DivXMediaServer] C:\\Program Files (x86)\\DivX\\DivX Media Server\\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\\Run: [DivXUpdate] C:\\Program Files (x86)\\DivX\\DivX Update\\DivXUpdate.exe ()
O4 - HKLM..\\Run: [KiesTrayAgent] C:\\Program Files (x86)\\Samsung\\Kies\\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\\Run: [ToshibaServiceStation] C:\\Program Files (x86)\\TOSHIBA\\TOSHIBA Service Station\\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKCU..\\Run: [AVG-Secure-Search-Update_0214c] C:\\Users\\JC\\AppData\\Roaming\\AVG 0214c Campaign\\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=3d36cfad21ae47d3ac4ad16f64d72b2d-0bce24661d296fd33ca722b7840714b550f4dabf /CMPID=0214c File not found
O4 - HKCU..\\Run: [AVG-Secure-Search-Update_1113a] C:\\Users\\JC\\AppData\\Roaming\\AVG 1113a Campaign\\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=3d36cfad21ae47d3ac4ad16f64d72b2d-0bce24661d296fd33ca722b7840714b550f4dabf /CMPID=1113a File not found
O4 - HKCU..\\Run: [KiesAirMessage] C:\\Program Files (x86)\\Samsung\\Kies\\KiesAirMessage.exe -startup File not found
O4 - HKCU..\\Run: [KiesPreload] C:\\Program Files (x86)\\Samsung\\Kies\\Kies.exe (Samsung)
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoActiveDesktop = 1
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab\'>http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters\\Interfaces\\{93FA396F-A4DC-4D34-91C8-DE334BF6D81D}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18:64bit: - Protocol\\Handler\\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\\Handler\\wlpg - No CLSID value found
O18 - Protocol\\Handler\\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\\Windows\\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\\Windows\\system32\\userinit.exe) - C:\\Windows\\SysNative\\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\\Windows\\SysWow64\\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\\Windows\\SysWow64\\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\\Notify\\igfxcui: DllName - (igfxdev.dll) - C:\\Windows\\SysNative\\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\\{b21e9637-ef4f-11e2-bd3d-806e6f6e6963}\\Shell - \"\" = AutoRun
O33 - MountPoints2\\{b21e9637-ef4f-11e2-bd3d-806e6f6e6963}\\Shell\\AutoRun\\command - \"\" = D:\\SETUP.EXE
O33 - MountPoints2\\{b21e9637-ef4f-11e2-bd3d-806e6f6e6963}\\Shell\\configure\\command - \"\" = D:\\SETUP.EXE
O33 - MountPoints2\\{b21e9637-ef4f-11e2-bd3d-806e6f6e6963}\\Shell\\install\\command - \"\" = D:\\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\\..comfile [open] -- \"%1\" %*
O35:64bit: - HKLM\\..exefile [open] -- \"%1\" %*
O35 - HKLM\\..comfile [open] -- \"%1\" %*
O35 - HKLM\\..exefile [open] -- \"%1\" %*
O37:64bit: - HKLM\\...com [@ = comfile] -- \"%1\" %*
O37:64bit: - HKLM\\...exe [@ = exefile] -- \"%1\" %*
O37 - HKLM\\...com [@ = comfile] -- \"%1\" %*
O37 - HKLM\\...exe [@ = exefile] -- \"%1\" %*
O38 - SubSystems\\\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/02/10 08:33:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\\Users\\JC\\Desktop\\OTL.exe
[2014/02/04 18:35:20 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\\Windows\\SysWow64\\CSVer.dll
[2014/02/04 18:32:22 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\SystemRequirementsLab
[2014/02/04 18:32:16 | 000,000,000 | ---D | C] -- C:\\Users\\JC\\AppData\\Roaming\\SystemRequirementsLab
[2014/02/04 17:51:06 | 000,000,000 | ---D | C] -- C:\\Windows\\SysWow64\\x64
[2014/02/04 17:51:06 | 000,000,000 | ---D | C] -- C:\\Windows\\SysWow64\\Lang
[2014/02/04 17:51:05 | 001,002,008 | ---- | C] (Intel Corporation) -- C:\\Windows\\SysWow64\\igxpun.exe
[2014/02/04 11:12:52 | 000,000,000 | --SD | C] -- C:\\Users\\JC\\Documents\\My Data Sources
[2014/02/04 10:22:39 | 000,000,000 | ---D | C] -- C:\\Users\\JC\\Documents\\Excel Activator
[2014/02/04 10:19:16 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Microsoft Office
[2014/02/04 10:18:57 | 000,000,000 | ---D | C] -- C:\\Program Files\\Microsoft Synchronization Services
[2014/02/04 10:18:55 | 000,000,000 | ---D | C] -- C:\\Program Files\\Common Files\\DESIGNER
[2014/02/04 10:18:23 | 000,000,000 | ---D | C] -- C:\\Program Files\\Microsoft SQL Server Compact Edition
[2014/02/04 10:16:53 | 000,000,000 | ---D | C] -- C:\\Program Files\\Microsoft Analysis Services
[2014/02/04 10:16:53 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Microsoft Analysis Services
[2014/02/04 10:16:41 | 000,000,000 | ---D | C] -- C:\\Users\\JC\\AppData\\Local\\Microsoft Help
[2014/02/04 10:16:40 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Microsoft Office
[2014/02/04 10:16:38 | 000,000,000 | ---D | C] -- C:\\Program Files\\Microsoft Office
[2014/02/04 10:16:38 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Microsoft Help
[2014/02/04 10:16:23 | 000,000,000 | RH-D | C] -- C:\\MSOCache
[2014/01/21 21:09:27 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\\Windows\\SysWow64\\javaws.exe
[2014/01/21 21:09:20 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\\Windows\\SysWow64\\java.exe
[2014/01/21 21:09:20 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\\Windows\\SysWow64\\WindowsAccessBridge-32.dll
[2014/01/21 21:09:20 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Java
[2014/01/15 22:36:02 | 000,000,000 | ---D | C] -- C:\\Windows\\Minidump
[2014/01/15 08:46:41 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\drivers\\usbport.sys
[2014/01/15 08:46:41 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\drivers\\usbd.sys
[2014/01/15 08:46:38 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\drivers\\netio.sys
========== Files - Modified Within 30 Days ==========
[2014/02/10 08:34:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\\Users\\JC\\Desktop\\OTL.exe
[2014/02/10 08:31:48 | 000,067,584 | --S- | M] () -- C:\\Windows\\bootstat.dat
[2014/02/10 00:16:00 | 000,000,830 | ---- | M] () -- C:\\Windows\\tasks\\Adobe Flash Player Updater.job
[2014/02/09 16:13:17 | 000,001,798 | ---- | M] () -- C:\\Users\\Public\\Desktop\\Vuze.lnk
[2014/02/09 16:13:17 | 000,001,798 | ---- | M] () -- C:\\Users\\JC\\Application Data\\Microsoft\\Internet Explorer\\Quick Launch\\Vuze.lnk
[2014/02/09 09:56:52 | 000,781,618 | ---- | M] () -- C:\\Windows\\SysNative\\PerfStringBackup.INI
[2014/02/09 09:56:52 | 000,666,680 | ---- | M] () -- C:\\Windows\\SysNative\\perfh009.dat
[2014/02/09 09:56:52 | 000,126,324 | ---- | M] () -- C:\\Windows\\SysNative\\perfc009.dat
[2014/02/08 13:19:04 | 000,028,352 | -H-- | M] () -- C:\\Windows\\SysNative\\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/08 13:19:04 | 000,028,352 | -H-- | M] () -- C:\\Windows\\SysNative\\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/08 13:11:40 | 3092,938,752 | -HS- | M] () -- C:\\hiberfil.sys
[2014/02/05 11:16:12 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\\Windows\\SysWow64\\FlashPlayerApp.exe
[2014/02/05 11:16:12 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\\Windows\\SysWow64\\FlashPlayerCPLApp.cpl
[2014/02/04 17:54:25 | 000,015,190 | ---- | M] () -- C:\\Windows\\SysNative\\results.xml
[2014/02/04 17:33:24 | 000,291,152 | ---- | M] () -- C:\\Windows\\SysNative\\FNTCACHE.DAT
[2014/02/04 09:44:58 | 000,002,835 | ---- | M] () -- C:\\Users\\JC\\Documents\\Budget as of Jan 2014.rtf
[2014/02/04 09:44:58 | 000,002,835 | ---- | M] () -- C:\\Users\\JC\\Desktop\\Budget as of Jan 2014.rtf
[2014/01/24 09:39:43 | 000,000,332 | ---- | M] () -- C:\\Users\\JC\\Desktop\\new cds.rtf
[2014/01/15 22:35:59 | 443,984,828 | ---- | M] () -- C:\\Windows\\MEMORY.DMP
========== Files Created - No Company Name ==========
[2014/02/04 17:54:25 | 000,015,190 | ---- | C] () -- C:\\Windows\\SysNative\\results.xml
[2014/01/15 22:35:59 | 443,984,828 | ---- | C] () -- C:\\Windows\\MEMORY.DMP
[2014/01/09 22:19:43 | 000,762,252 | ---- | C] () -- C:\\Windows\\SysWow64\\PerfStringBackup.INI
[2013/05/22 19:43:52 | 000,030,568 | ---- | C] () -- C:\\Windows\\MusiccityDownload.exe
[2013/05/22 19:43:48 | 000,974,848 | ---- | C] () -- C:\\Windows\\SysWow64\\cis-2.4.dll
[2013/05/22 19:43:48 | 000,081,920 | ---- | C] () -- C:\\Windows\\SysWow64\\issacapi_bs-2.3.dll
[2013/05/22 19:43:48 | 000,065,536 | ---- | C] () -- C:\\Windows\\SysWow64\\issacapi_pe-2.3.dll
[2013/05/22 19:43:48 | 000,057,344 | ---- | C] () -- C:\\Windows\\SysWow64\\issacapi_se-2.3.dll
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\\Windows\\assembly\\Desktop.ini
[HKEY_CURRENT_USER\\Software\\Classes\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32] /64
[HKEY_CURRENT_USER\\Software\\Classes\\Wow6432node\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32]
[HKEY_CURRENT_USER\\Software\\Classes\\clsid\\{fbeb8a05-beee-4442-804e-409d6c4515e9}\\InProcServer32] /64
[HKEY_CURRENT_USER\\Software\\Classes\\Wow6432node\\clsid\\{fbeb8a05-beee-4442-804e-409d6c4515e9}\\InProcServer32]
[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32] /64
\"\" = C:\\Windows\\SysNative\\shell32.dll -- [2013/07/25 22:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
\"ThreadingModel\" = Apartment
[HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\Classes\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32]
\"\" = %SystemRoot%\\system32\\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
\"ThreadingModel\" = Apartment
[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\\InProcServer32] /64
\"\" = C:\\Windows\\SysNative\\wbem\\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
\"ThreadingModel\" = Free
[HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\Classes\\clsid\\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\\InProcServer32]
\"\" = %systemroot%\\system32\\wbem\\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
\"ThreadingModel\" = Free
[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\\InProcServer32] /64
\"\" = C:\\Windows\\SysNative\\wbem\\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
\"ThreadingModel\" = Both
[HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\Classes\\clsid\\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\\InProcServer32]
< End of report >
OTL Extras logfile created on: 10/02/2014 8:35:33 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\\Users\\JC\\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
3.84 Gb Total Physical Memory | 2.29 Gb Available Physical Memory | 59.72% Memory free
7.68 Gb Paging File | 6.09 Gb Available in Paging File | 79.26% Paging File free
Paging file location(s): ?:\\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\\Windows | %ProgramFiles% = C:\\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 116.28 Gb Free Space | 12.48% Space Free | Partition Type: NTFS
Computer Name: JC-PC | User Name: JC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\<extension>]
.html[@ = htmlfile] -- C:\\Program Files\\Internet Explorer\\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\\Windows\\SysNative\\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\<extension>]
.cpl [@ = cplfile] -- C:\\Windows\\SysWow64\\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\\Program Files\\Internet Explorer\\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\\SOFTWARE\\Classes\\<extension>]
.html [@ = FirefoxHTML] -- C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\<key>\\shell\\[command]\\command]
batfile [open] -- \"%1\" %*
cmdfile [open] -- \"%1\" %*
comfile [open] -- \"%1\" %*
exefile [open] -- \"%1\" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)
htmlfile [opennew] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)
http [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)
https [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\\System32\\InfDefaultInstall.exe \"%1\" (Microsoft Corporation)
InternetShortcut [open] -- \"C:\\Windows\\System32\\rundll32.exe\" \"C:\\Windows\\System32\\ieframe.dll\",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- \"C:\\Windows\\System32\\rundll32.exe\" \"C:\\Windows\\System32\\mshtml.dll\",PrintHTML \"%1\" (Microsoft Corporation)
piffile [open] -- \"%1\" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- \"%1\"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- \"%1\" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\\system32\\rundll32.exe %SystemRoot%\\system32\\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- \"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\" --started-from-file --playlist-enqueue \"%1\" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd \"%V\" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- \"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\" --started-from-file --no-playlist-enqueue \"%1\" (VideoLAN)
Folder [open] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)
Applications\\iexplore.exe [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)
CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\<key>\\shell\\[command]\\command]
batfile [open] -- \"%1\" %*
cmdfile [open] -- \"%1\" %*
comfile [open] -- \"%1\" %*
cplfile [cplopen] -- %SystemRoot%\\System32\\control.exe \"%1\",%* (Microsoft Corporation)
exefile [open] -- \"%1\" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)
htmlfile [opennew] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)
http [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)
https [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\\System32\\InfDefaultInstall.exe \"%1\" (Microsoft Corporation)
piffile [open] -- \"%1\" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- \"%1\"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- \"%1\" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\\system32\\rundll32.exe %SystemRoot%\\system32\\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- \"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\" --started-from-file --playlist-enqueue \"%1\" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd \"%V\" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- \"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\" --started-from-file --no-playlist-enqueue \"%1\" (VideoLAN)
Folder [open] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)
Applications\\iexplore.exe [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)
CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center]
\"cval\" = 1
64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center\\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center\\Svc]
\"VistaSp1\" = 28 4D B2 76 41 04 CA 01 [binary data]
\"AntiVirusOverride\" = 0
\"AntiSpywareOverride\" = 0
\"FirewallOverride\" = 0
64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center\\Svc\\Vol]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center\\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\DomainProfile]
\"EnableFirewall\" = 1
\"DisableNotifications\" = 0
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\StandardProfile]
\"EnableFirewall\" = 1
\"DisableNotifications\" = 0
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\PublicProfile]
\"EnableFirewall\" = 1
\"DisableNotifications\" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\FirewallRules]
\"{0BA3FFFF-F020-4FAC-B111-77EC54688373}\" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
\"{11AD22B3-738C-4D77-917C-8A4A120CEB9A}\" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
\"{1BD15A4A-5177-458F-8865-1EA0C06EF340}\" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\\system32\\svchost.exe |
\"{237243F1-3ABC-4998-8CC4-C4735791F754}\" = lport=138 | protocol=17 | dir=in | app=system |
\"{28F3DE44-7B2D-4DB5-A41D-790D880BDCC0}\" = rport=139 | protocol=6 | dir=out | app=system |
\"{2CFA701C-07BA-4B39-A3E9-38DDD808E56C}\" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\\system32\\svchost.exe |
\"{2E92F9CE-DFEA-4453-995A-D28830EAB945}\" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\\system32\\svchost.exe |
\"{50681E6A-20A1-432A-A437-C41A2DF03828}\" = lport=139 | protocol=6 | dir=in | app=system |
\"{516F6FAE-43BE-4235-96EE-8FADB691EC2A}\" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\\system32\\svchost.exe |
\"{5F4EF54C-6A24-40C1-9260-34F0FE547100}\" = rport=137 | protocol=17 | dir=out | app=system |
\"{6EF62BA7-1157-495C-9A70-05CDE6A14C9B}\" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
\"{7CFE1605-1A1C-4116-9926-BAF701DE911D}\" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\\system32\\svchost.exe |
\"{82044F62-106B-43FC-8843-D8CA4FE4242B}\" = rport=10243 | protocol=6 | dir=out | app=system |
\"{86431778-C0FE-4F3A-85A8-A33D04ECB3CE}\" = lport=137 | protocol=17 | dir=in | app=system |
\"{97EA11BB-B307-4014-BA74-E96184AE2678}\" = lport=10243 | protocol=6 | dir=in | app=system |
\"{9A72AB18-3513-42AB-AFF1-C8111F2D97E0}\" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\\system32\\svchost.exe |
\"{BC318A78-0A81-48A8-9DF5-43D06F00FD1A}\" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\\system32\\svchost.exe |
\"{BE7AEDB3-2131-423E-8E1F-14D26F37C813}\" = rport=445 | protocol=6 | dir=out | app=system |
\"{C599A71B-1473-433B-A3CF-1BDD6AE451DB}\" = lport=2869 | protocol=6 | dir=in | app=system |
\"{C716B052-4F30-4BF0-9986-8BCFCFECD0AA}\" = lport=445 | protocol=6 | dir=in | app=system |
\"{E667391F-70BA-46BE-83DB-19499AF483D9}\" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\\system32\\svchost.exe |
\"{EAB36F5B-3E3D-4742-850B-B8B806C5C448}\" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\\system32\\spoolsv.exe |
\"{EC9916A3-D175-490D-9DDC-CF343B4639A7}\" = rport=138 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\FirewallRules]
\"{04A57A22-F169-4CE2-9CCF-36FB1A307693}\" = protocol=17 | dir=out | app=%programfiles(x86)%\\windows media player\\wmplayer.exe |
\"{065D3FBD-73FB-4100-8876-8E96E2DA34B1}\" = protocol=58 | dir=out | [email protected],-28546 |
\"{0F8DD5C0-05C3-4096-9D88-40BBB3E9F2FF}\" = protocol=6 | dir=out | app=system |
\"{16D183ED-68D4-4108-B1D7-77B663F4E303}\" = protocol=6 | dir=out | app=%programfiles(x86)%\\windows media player\\wmplayer.exe |
\"{17E7E3B8-3C3B-4CEE-84CF-38B548EFF6E2}\" = dir=in | app=c:\\users\\jc\\appdata\\local\\microsoft\\skydrive\\skydrive.exe |
\"{2266AA9E-5F6E-489E-BE93-B9451242ADB5}\" = protocol=6 | dir=in | app=c:\\program files (x86)\\avg\\avg2014\\avgdiagex.exe |
\"{22EB4D6B-453E-4780-9A75-9BE975DCBDFC}\" = protocol=6 | dir=out | app=%programfiles%\\windows media player\\wmpnetwk.exe |
\"{25CC852A-A2AF-456C-8906-2BD079C5BB02}\" = dir=in | app=c:\\program files (x86)\\windows live\\contacts\\wlcomm.exe |
\"{3E1776FC-8D80-40B5-AA88-EFAA0AA3B870}\" = protocol=6 | dir=in | app=%programfiles%\\windows media player\\wmpnetwk.exe |
\"{401799B5-3BE1-4A85-BE2A-D6E4466E8C45}\" = protocol=1 | dir=in | [email protected],-28543 |
\"{53BB459D-C169-4585-A742-093B6D99D2F3}\" = protocol=17 | dir=in | app=c:\\program files\\vuze\\azureus.exe |
\"{581AB47C-E8BC-4BBF-8F56-0C44681051FE}\" = protocol=58 | dir=in | [email protected],-28545 |
\"{5E0D697C-AF07-411A-80CB-6D25B3720F8C}\" = protocol=17 | dir=in | app=%programfiles%\\windows media player\\wmplayer.exe |
\"{62083F21-DCC9-414D-8ADF-693973ED9C7A}\" = protocol=17 | dir=in | app=%programfiles%\\windows media player\\wmpnetwk.exe |
\"{850B313A-FB80-4D3E-978E-8CEC322933E5}\" = protocol=6 | dir=in | app=c:\\program files (x86)\\avg\\avg2014\\avgmfapx.exe |
\"{9FDB115B-1BE5-4172-962B-818019B2FBA5}\" = protocol=17 | dir=in | app=c:\\program files (x86)\\avg\\avg2014\\avgmfapx.exe |
\"{A9F026E7-6F83-40F9-BB4E-E3A6DE51C0C2}\" = protocol=6 | dir=in | app=c:\\program files\\vuze\\azureus.exe |
\"{AE8C8FC0-9252-4FDF-B158-A3298F1A2DD4}\" = protocol=6 | dir=in | app=c:\\program files (x86)\\avg\\avg2014\\avgemca.exe |
\"{BEC3FDDF-0698-4351-B1C4-DF89E0015B35}\" = protocol=17 | dir=in | app=c:\\program files (x86)\\avg\\avg2014\\avgemca.exe |
\"{CAC024C4-30E4-4E82-BC05-536D43CBA79E}\" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\\system32\\svchost.exe |
\"{D066CB8A-AABA-41EC-9F0A-9BF4076652C3}\" = protocol=6 | dir=in | app=c:\\program files (x86)\\avg\\avg2014\\avgnsa.exe |
\"{D4226D38-2904-4343-8C2C-1609D4DF6873}\" = protocol=6 | dir=in | app=c:\\program files (x86)\\avg\\avg2013\\avgmfapx.exe |
\"{D8F5B880-7D05-44B0-B672-5BE19B513DE0}\" = protocol=17 | dir=in | app=c:\\program files (x86)\\avg\\avg2014\\avgdiagex.exe |
\"{DBD08996-4D4C-4DC8-B426-9A0C371444F2}\" = protocol=17 | dir=in | app=%programfiles(x86)%\\windows media player\\wmplayer.exe |
\"{E0361DD4-B4A0-4D2A-ABEA-82CDB804342F}\" = protocol=17 | dir=in | app=c:\\program files (x86)\\avg\\avg2014\\avgnsa.exe |
\"{E161B68D-E906-4121-82FC-EE8CAC4903A9}\" = protocol=17 | dir=out | app=%programfiles%\\windows media player\\wmpnetwk.exe |
\"{E7EA3BFA-0846-4845-B03D-F15C037DA381}\" = protocol=6 | dir=out | app=%programfiles%\\windows media player\\wmplayer.exe |
\"{E9639E5D-0802-433E-841F-5FFE787DFC36}\" = protocol=17 | dir=in | app=%programfiles%\\windows media player\\wmplayer.exe |
\"{E9E1E519-93FA-49EC-9081-5AB9DBD6108C}\" = protocol=6 | dir=out | app=%programfiles%\\windows media player\\wmplayer.exe |
\"{F00BA7CD-E4C7-47F9-91AE-5CB35C345F06}\" = protocol=17 | dir=out | app=%programfiles%\\windows media player\\wmplayer.exe |
\"{F033ED68-86EA-464C-BDE9-0AE84FFEE762}\" = protocol=17 | dir=out | app=%programfiles%\\windows media player\\wmplayer.exe |
\"{F7A7DD2D-EF63-46CB-AB53-729420E5519F}\" = protocol=1 | dir=out | [email protected],-28544 |
\"{FCECFB2B-64E8-4C25-B026-32762FD257AC}\" = protocol=17 | dir=in | app=c:\\program files (x86)\\avg\\avg2013\\avgmfapx.exe |
\"TCP Query User{99D04120-A8AE-4080-8448-F107A08D3DC2}C:\\program files\\vuze\\azureus.exe\" = protocol=6 | dir=in | app=c:\\program files\\vuze\\azureus.exe |
\"TCP Query User{F23ADFD5-06FF-47CD-97C5-708075C62FA2}C:\\program files (x86)\\java\\jre7\\bin\\javaw.exe\" = protocol=6 | dir=in | app=c:\\program files (x86)\\java\\jre7\\bin\\javaw.exe |
\"UDP Query User{7D26D706-3551-431E-B367-F5E48010AB9E}C:\\program files\\vuze\\azureus.exe\" = protocol=17 | dir=in | app=c:\\program files\\vuze\\azureus.exe |
\"UDP Query User{9C1B6A2F-5BE9-43FC-A98E-6249C1753E00}C:\\program files (x86)\\java\\jre7\\bin\\javaw.exe\" = protocol=17 | dir=in | app=c:\\program files (x86)\\java\\jre7\\bin\\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall]
\"{066CFFF8-12BF-4390-A673-75F95EFF188E}\" = TOSHIBA Value Added Package
\"{21B133D6-5979-47F0-BE1C-F6A6B304693F}\" = Visual Studio 2010 x64 Redistributables
\"{34883B9C-CDFE-46F0-9C5B-935484C218C3}\" = AVG 2014
\"{5EEC477F-8E9B-4420-8829-16E7426227DB}\" = Windows Live MIME IFilter
\"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}\" = Microsoft .NET Framework 4.5.1
\"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\" = Microsoft Silverlight
\"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}\" = Visual Studio 2012 x64 Redistributables
\"{90140000-0016-0000-1000-0000000FF1CE}\" = Microsoft Office Excel 2010
\"{90140000-0016-0409-1000-0000000FF1CE}\" = Microsoft Office Excel MUI (English) 2010
\"{90140000-001F-0409-1000-0000000FF1CE}\" = Microsoft Office Proof (English) 2010
\"{90140000-001F-040C-1000-0000000FF1CE}\" = Microsoft Office Proof (French) 2010
\"{90140000-001F-0C0A-1000-0000000FF1CE}\" = Microsoft Office Proof (Spanish) 2010
\"{90140000-002C-0409-1000-0000000FF1CE}\" = Microsoft Office Proofing (English) 2010
\"{90140000-0043-0000-1000-0000000FF1CE}\" = Microsoft Office Office 32-bit Components 2010
\"{90140000-0043-0409-1000-0000000FF1CE}\" = Microsoft Office Shared 32-bit MUI (English) 2010
\"{90140000-006E-0409-1000-0000000FF1CE}\" = Microsoft Office Shared MUI (English) 2010
\"{90140000-0115-0409-1000-0000000FF1CE}\" = Microsoft Office Shared Setup Metadata MUI (English) 2010
\"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033\" = Microsoft .NET Framework 4.5.1
\"{95120000-00B9-0409-1000-0000000FF1CE}\" = Microsoft Application Error Reporting
\"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}\" = TOSHIBA PC Health Monitor
\"{CE52672C-A0E9-4450-8875-88A221D5CD50}\" = Windows Live ID Sign-in Assistant
\"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\" = SAMSUNG USB Driver for Mobile Phones
\"{E9FA781F-3E80-4399-825A-AD3E11C28C77}\" = MSVCRT110_amd64
\"{F95BF201-C9AE-4215-883A-EC12A0D88C58}\" = AVG 2014
\"8461-7759-5462-8226\" = Vuze
\"AVG\" = AVG 2014
\"HDMI\" = Intel(R) Graphics Media Accelerator Driver
\"Office14.EXCEL\" = Microsoft Excel 2010
\"SynTPDeinstKey\" = Synaptics Pointing Device Driver
\"WinRAR archiver\" = WinRAR 4.00 (64-bit)
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall]
\"{03D562B5-C4E2-4846-A920-33178788BE00}\" = Windows Live Communications Platform
\"{066CFFF8-12BF-4390-A673-75F95EFF188E}\" = TOSHIBA Value Added Package
\"{0F929651-F516-4956-90F2-FFBD2CD5D30E}\" = Photo Gallery
\"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}\" = Realtek WLAN Driver
\"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}\" = Windows Live SOXE Definitions
\"{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}\" = System Requirements Lab for Intel
\"{26A24AE4-039D-4CA4-87B4-2F83217040FF}\" = Java 7 Update 51
\"{2AC01935-3774-4981-98C8-14E93C14372C}\" = Windows Live UX Platform Language Pack
\"{45898170-E68C-4F02-AA35-C2186BF347A3}\" = Movie Maker
\"{4A03706F-666A-4037-7777-5F2748764D10}\" = Java Auto Updater
\"{4B0446EF-2E04-4639-94CC-25C1666788A2}\" = Silhouette Studio
\"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}\" = Windows Live Installer
\"{5E094C92-6288-4F43-AA9A-D452D0218F3F}\" = Windows Live Essentials
\"{6389F199-1D6C-4974-9557-693F9DD48736}\" = Windows Live Writer Resources
\"{6B6923B9-8719-425B-916C-CD2908F31AAF}\" = Windows Live SOXE
\"{758C8301-2696-4855-AF45-534B1200980A}\" = Samsung Kies
\"{7C6F0282-3DCD-4A80-95AC-BB298E821C44}\" = Windows Live Writer
\"{89870E0D-9602-41F8-9E83-14F6849346A4}\" = Windows Live Mail
\"{89C7E0A7-4D9D-4DCC-8834-A9A2B92D7EBB}\" = Photo Gallery
\"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}\" = MSVCRT
\"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}\" = MSVCRT110
\"{933B4015-4618-4716-A828-5289FC03165F}\" = VC80CRTRedist - 8.0.50727.6195
\"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}\" = Visual Studio 2012 x86 Redistributables
\"{AAA94EAA-40A4-458C-9D86-D1DA765B51D5}\" = Windows Live Writer
\"{AC6569FA-6919-442A-8552-073BE69E247A}\" = TOSHIBA Service Station
\"{AC76BA86-7AD7-1033-7B44-AB0000000001}\" = Adobe Reader XI (11.0.06)
\"{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}\" = Movie Maker
\"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}\" = Windows Live Photo Common
\"{D0B44725-3666-492D-BEF6-587A14BD9BD9}\" = MSVCRT_amd64
\"{D604900F-A275-416C-AF9D-CDEDF58B72DB}\" = Windows Live Mail
\"{DD7C5FC1-DCA5-487A-AF23-658B1C00243F}\" = Photo Common
\"{E09C4DB7-630C-4F06-A631-8EA7239923AF}\" = D3DX10
\"{E3445598-4424-4EE2-B71C-C23325F7FB71}\" = Windows Live PIMT Platform
\"{EFBCA571-617D-484A-9ECA-E301BB6D0750}\" = Windows Live Writer
\"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\" = Microsoft SQL Server 2005 Compact Edition [ENU]
\"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}\" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
\"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}\" = Windows Live UX Platform
\"{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}\" = Junk Mail filter update
\"AC3Filter_is1\" = AC3Filter 1.62b
\"Adobe Flash Player ActiveX\" = Adobe Flash Player 12 ActiveX
\"Adobe Flash Player Plugin\" = Adobe Flash Player 12 Plugin
\"DivX Setup\" = DivX Setup
\"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}\" = TOSHIBA Value Added Package
\"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}\" = Samsung Kies
\"Mozilla Firefox 26.0 (x86 en-US)\" = Mozilla Firefox 26.0 (x86 en-US)
\"MozillaMaintenanceService\" = Mozilla Maintenance Service
\"PS3 Media Server\" = PS3 Media Server
\"VLC media player\" = VLC media player 2.0.8
\"Windows Essentials Media Codec Pack\" = Windows Essentials Media Codec Pack 4.0 [64-Bit]
\"WinLiveSuite\" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall]
\"MyFreeCodec\" = MyFreeCodec
\"SkyDriveSetup.exe\" = Microsoft SkyDrive
\"The Weather Network\" = The Weather Network
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 04/02/2014 5:34:47 PM | Computer Name = JC-PC | Source = WinMgmt | ID = 10
Description =
Error - 04/02/2014 5:45:32 PM | Computer Name = JC-PC | Source = WinMgmt | ID = 10
Description =
Error - 04/02/2014 5:54:57 PM | Computer Name = JC-PC | Source = WinMgmt | ID = 10
Description =
Error - 04/02/2014 6:08:48 PM | Computer Name = JC-PC | Source = WinMgmt | ID = 10
Description =
Error - 04/02/2014 6:38:11 PM | Computer Name = JC-PC | Source = WinMgmt | ID = 10
Description =
Error - 04/02/2014 6:56:21 PM | Computer Name = JC-PC | Source = WinMgmt | ID = 10
Description =
Error - 04/02/2014 7:00:52 PM | Computer Name = JC-PC | Source = WinMgmt | ID = 10
Description =
Error - 04/02/2014 7:27:44 PM | Computer Name = JC-PC | Source = Application Error | ID = 1000
Error - 08/02/2014 10:47:53 AM | Computer Name = JC-PC | Source = WinMgmt | ID =
10
Description =
Error - 08/02/2014 11:10:15 AM | Computer Name = JC-PC | Source = WinMgmt | ID =
10
Description =
Error - 08/02/2014 1:13:16 PM | Computer Name = JC-PC | Source = WinMgmt | ID =
10
Description =
Error encountered while reading event logs.
< End of report >
recently this week I have an issue where Ive restarted my laptop and right away 1\" of the right side of my screen is not being used and a smaller portion on the bottom of the screen is hidden below. Horizonanaly it srunk and verticaly it got longer. Its like this before the windows screen and know matter what resolution change i make its still incorrect. Eventally after some other restarts it will be back to normal all over again. Im guessing its spyware or something worse. please help. Its happened twice now and just before it happened this time i lost alot of computer speed and download speed was cut in half. I tryed updateing my graphics driver and nothing,,, theres no toshibia updates or windows updates. Im running windows 7 on a Satellite L500-02H PSLS0C-02H012
Toshiba Satellite L500 -02H
PSLS0C-02H012
Windows 7 64bit
Like i said its all factory except now it has a western digital 1T hard drive
i dont seem to have a system drive showing on it is this normal?
My toshibia laptop was calling for a new harddrive, i installed the new one and used my recovery disks to reinstall to out of box state. Windows has installed and is back up and running but had some errors along the way.
My modem, audio, monitor and lan drivers are all not working correctly. It says they are not digitally signed. I also tryed the drivers avail on the toshibia update site but it doesnt help anything.
I didnt change any hardware ever on this laptop... this is the only change ever done to it. I cant update windows or get on the net with it. So where do i start. thx
ps it is windows 7 home preimuim 64bit
ok so heres an update:
I finally found my comuter has a Trojan Vondo virus,,, i tryed useing Malwarebytes to remove it,,, and it says it removed it,, but im still getting redirected from my browser. I dont think it totaly cleaned it off. i ran it again and i still get some fixes,,,, so i assume the virus is still working.
ttt
I have sence noticed that ie and firefox will not go to any google site or google search result site. It will be redirected to the same spam site or have a connection error message. Problem is only on google sites.
I picked up this old computer for the gf and wanted to clean it up and check for issues. Im getting redirected to spam webpages.
running: windows live essesials and xp
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:50:23 AM, on 1/21/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\\WINDOWS\\System32\\smss.exe
C:\\WINDOWS\\system32\\winlogon.exe
C:\\WINDOWS\\system32\\services.exe
C:\\WINDOWS\\system32\\lsass.exe
C:\\WINDOWS\\system32\\Ati2evxx.exe
C:\\WINDOWS\\system32\\svchost.exe
c:\\Program Files\\Microsoft Security Client\\MsMpEng.exe
C:\\WINDOWS\\System32\\svchost.exe
C:\\WINDOWS\\system32\\ACS.exe
C:\\WINDOWS\\system32\\spoolsv.exe
C:\\Program Files\\Microsoft\\BingDesktop\\BingDesktopUpdater.exe
C:\\WINDOWS\\Explorer.EXE
C:\\Program Files\\TOSHIBA\\Power Management\\CeEPwrSvc.exe
C:\\Program Files\\TOSHIBA\\ConfigFree\\CFSvcs.exe
C:\\WINDOWS\\Microsoft.NET\\Framework\\v4.0.30319\\mscorsvw.exe
C:\\WINDOWS\\system32\\DVDRAMSV.exe
C:\\Program Files\\Java\\jre6\\bin\\jqs.exe
C:\\Program Files\\Common Files\\Microsoft Shared\\VS7Debug\\mdm.exe
C:\\WINDOWS\\system32\\svchost.exe
C:\\WINDOWS\\system32\\SearchIndexer.exe
C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe
C:\\Program Files\\TOSHIBA\\E-KEY\\CeEKey.exe
C:\\Program Files\\TOSHIBA\\Power Management\\CePMTray.exe
C:\\Program Files\\Apoint2K\\Apoint.exe
C:\\Program Files\\TOSHIBA\\TouchPad\\TPTray.exe
C:\\Program Files\\TOSHIBA\\Touch and Launch\\PadExe.exe
C:\\Program Files\\Microsoft Security Client\\msseces.exe
C:\\Program Files\\TOSHIBA\\TOSCDSPD\\toscdspd.exe
C:\\WINDOWS\\system32\\ctfmon.exe
C:\\Program Files\\Apoint2K\\Apntex.exe
C:\\Documents and Settings\\Alma\\Local Settings\\Application Data\\TheWeatherNetwork\\WeatherEye\\WeatherEye.exe
C:\\WINDOWS\\system32\\RAMASST.exe
C:\\Program Files\\Windows Desktop Search\\WindowsSearch.exe
C:\\WINDOWS\\system32\\wuauclt.exe
C:\\Documents and Settings\\Alma\\Desktop\\HijackThis.exe
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://www.mavideniz.gen.tr
R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\SearchURL,(Default) = http://ca.search.yahoo.com/search?fr=mcafee&p=%s
O1 - Hosts: 94.76.227.20 www.google.com.tr
O1 - Hosts: 94.76.227.20 www.google.ca
O1 - Hosts: 94.76.227.20 www.google.com.br
O1 - Hosts: 94.76.227.20 www.google.co.il
O1 - Hosts: 94.76.227.20 www.google.com.ar
O1 - Hosts: 94.76.227.20 www.google.com.my
O1 - Hosts: 94.76.227.20 www.google.gr
O1 - Hosts: 94.76.227.20 www.google.com.ph
O1 - Hosts: 94.76.227.20 www.google.com.tw
O1 - Hosts: 94.76.227.20 www.google.co.id
O1 - Hosts: 94.76.227.20 www.google.co.in
O1 - Hosts: 94.76.227.20 www.google.com.au
O1 - Hosts: 94.76.227.20 www.google.co.nz
O1 - Hosts: 94.76.227.20 www.google.com.pk
O1 - Hosts: 94.76.227.20 www.google.dk
O1 - Hosts: 94.76.227.20 www.google.pt
O1 - Hosts: 94.76.227.20 www.google.es
O1 - Hosts: 94.76.227.20 www.google.se
O1 - Hosts: 94.76.227.20 www.google.de
O1 - Hosts: 94.76.227.20 www.google.com.hk
O1 - Hosts: 94.76.227.20 www.google.fr
O1 - Hosts: 94.76.227.20 www.google.co.jp
O1 - Hosts: 94.76.227.20 www.google.com.mx
O1 - Hosts: 94.76.227.20 www.google.com.sa
O1 - Hosts: 94.76.227.20 www.google.com.sg
O1 - Hosts: 94.76.227.20 www.google.cn
O1 - Hosts: 94.76.227.20 www.google.com.eg
O1 - Hosts: 94.76.227.20 www.google.com.ba
O1 - Hosts: 94.76.227.20 www.google.com.at
O1 - Hosts: 94.76.227.20 www.google.be
O1 - Hosts: 94.76.227.20 www.google.ch
O1 - Hosts: 94.76.227.20 www.google.no
O1 - Hosts: 94.76.227.20 www.google.sk
O1 - Hosts: 94.76.227.20 www.google.fi
O1 - Hosts: 94.76.227.20 search.yahoo.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\\Program Files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelperShim.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files\\Java\\jre6\\bin\\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\\Program Files\\Java\\jre6\\lib\\deploy\\jqs\\ie\\jqs_plugin.dll
O4 - HKLM\\..\\Run: [ATIPTA] C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe
O4 - HKLM\\..\\Run: [CeEKEY] C:\\Program Files\\TOSHIBA\\E-KEY\\CeEKey.exe
O4 - HKLM\\..\\Run: [CeEPOWER] C:\\Program Files\\TOSHIBA\\Power Management\\CePMTray.exe
O4 - HKLM\\..\\Run: [Apoint] C:\\Program Files\\Apoint2K\\Apoint.exe
O4 - HKLM\\..\\Run: [TPNF] C:\\Program Files\\TOSHIBA\\TouchPad\\TPTray.exe
O4 - HKLM\\..\\Run: [PadTouch] C:\\Program Files\\TOSHIBA\\Touch and Launch\\PadExe.exe
O4 - HKLM\\..\\Run: [PrinTray] C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\2\\printray.exe
O4 - HKLM\\..\\Run: [MSC] \"c:\\Program Files\\Microsoft Security Client\\msseces.exe\" -hide -runkey
O4 - HKLM\\..\\Run: [BingDesktop] C:\\Program Files\\Microsoft\\BingDesktop\\BingDesktop.exe /fromkey
O4 - HKCU\\..\\Run: [TOSCDSPD] C:\\Program Files\\TOSHIBA\\TOSCDSPD\\toscdspd.exe
O4 - HKCU\\..\\Run: [ctfmon.exe] C:\\WINDOWS\\system32\\ctfmon.exe
O4 - HKCU\\..\\Run: [WeatherEye] C:\\Documents and Settings\\Alma\\Local Settings\\Application Data\\TheWeatherNetwork\\WeatherEye\\WeatherEye.exe
O4 - HKCU\\..\\Run: [msnmsgr] \"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background
O4 - HKUS\\S-1-5-18\\..\\Run: [DWQueuedReporting] \"c:\\PROGRA~1\\COMMON~1\\MICROS~1\\DW\\dwtrig20.exe\" -t (User \'SYSTEM\')
O4 - HKUS\\.DEFAULT\\..\\Run: [DWQueuedReporting] \"c:\\PROGRA~1\\COMMON~1\\MICROS~1\\DW\\dwtrig20.exe\" -t (User \'Default user\')
O4 - Global Startup: RAMASST.lnk = C:\\WINDOWS\\system32\\RAMASST.exe
O4 - Global Startup: Windows Search.lnk = C:\\Program Files\\Windows Desktop Search\\WindowsSearch.exe
O6 - HKCU\\Software\\Policies\\Microsoft\\Internet Explorer\\Control Panel present
O6 - HKLM\\Software\\Policies\\Microsoft\\Internet Explorer\\Control Panel present
O7 - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System, DisableRegedit=1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\\PROGRA~1\\MICROS~2\\Office10\\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\\Program Files\\Java\\jre6\\bin\\jp2iexp.dll
O9 - Extra \'Tools\' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\\Program Files\\Java\\jre6\\bin\\jp2iexp.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\Program Files\\Windows Live\\Writer\\WriterBrowserExtension.dll
O9 - Extra \'Tools\' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\Program Files\\Windows Live\\Writer\\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~1\\MICROS~2\\OFFICE11\\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe
O9 - Extra \'Tools\' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe
O9 - Extra \'Tools\' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1358748985796
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://142.176.20.26/islandcam/AxisCamControl.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\\WINDOWS\\system32\\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\\WINDOWS\\system32\\browseui.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\\WINDOWS\\system32\\ACS.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\\WINDOWS\\system32\\Macromed\\Flash\\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\\WINDOWS\\system32\\Ati2evxx.exe
O23 - Service: CeEPwrSvc - COMPAL ELECTRONIC INC. - C:\\Program Files\\TOSHIBA\\Power Management\\CeEPwrSvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\\Program Files\\TOSHIBA\\ConfigFree\\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\\WINDOWS\\system32\\DVDRAMSV.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\\Program Files\\Common Files\\InstallShield\\Driver\\11\\Intel 32\\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\\Program Files\\Java\\jre6\\bin\\jqs.exe
--
End of file - 9581 bytes
