Author Topic: 2nd GPU running at 99% load (Read 2257 times)

rambag3 · « **on:** June 29, 2014, 06:26:41 PM »

So my 2nd GPU a Saphire 7850 has sometimes over the last week started up and gone straight to 99% load while my main GPU an XFX 280x is at idle.

This is with the computer idling nothing opened except speedfan and then GPU-Z to check the gpu usage.

Task manager doesn\'t show anything running out of the ordinary that I can tell so here is the log, any help is much appreciated.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 7:21:18 PM, on 6/29/2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17126)

Boot mode: Normal

Running processes:

C:\\Windows\\SysWOW64\\Rundll32.exe

C:\\Users\\Evan Kopilow\\AppData\\Local\\FluxSoftware\\Flux\\flux.exe

C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe

C:\\Program Files (x86)\\Razer\\Synapse\\RzSynapse.exe

C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe

D:\\iTunes\\iTunesHelper.exe

D:\\Program Files (x86)\\Steam\\steam.exe

C:\\Program Files (x86)\\Samsung Magician\\Samsung Magician.exe

D:\\Program Files (x86)\\SpeedFan\\speedfan.exe

C:\\Users\\Evan Kopilow\\Desktop\\GPU-Z.0.7.8.exe

C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe

C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe

C:\\Program Files (x86)\\Trend Micro\\HiJackThis\\HiJackThis.exe

R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896\'>http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx\'>http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx

R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141\'>http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896\'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896\'>http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141\'>http://go.microsoft.com/fwlink/p/?LinkId=255141

R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,SearchAssistant =

R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,CustomizeSearch =

R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Local Page = C:\\Windows\\SysWOW64\\blank.htm

R1 - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings,ProxyOverride = *.local

R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName =

R3 - URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\\Program Files (x86)\\uTorrentControl2\\prxtbuTor.dll

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\\Program Files (x86)\\Winamp Toolbar\\winamptb.dll

O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\\Program Files (x86)\\uTorrentControl2\\prxtbuTor.dll

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files (x86)\\Java\\jre7\\bin\\ssv.dll

O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files (x86)\\Java\\jre7\\bin\\jp2ssv.dll

O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\\Program Files (x86)\\Winamp Toolbar\\winamptb.dll

O3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\\Program Files (x86)\\uTorrentControl2\\prxtbuTor.dll

O4 - HKLM\\..\\Run: [APSDaemon] \"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"

O4 - HKLM\\..\\Run: [StartCCC] \"C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\amd64\\CLIStart.exe\" MSRun

O4 - HKLM\\..\\Run: [Adobe ARM] \"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"

O4 - HKLM\\..\\Run: [Razer Synapse] \"C:\\Program Files (x86)\\Razer\\Synapse\\RzSynapse.exe\"

O4 - HKLM\\..\\Run: [SunJavaUpdateSched] \"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"

O4 - HKLM\\..\\Run: [iTunesHelper] \"D:\\iTunes\\iTunesHelper.exe\"

O4 - HKLM\\..\\Run: [QuickTime Task] \"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime

O4 - HKCU\\..\\Run: [f.lux] \"C:\\Users\\Evan Kopilow\\AppData\\Local\\FluxSoftware\\Flux\\flux.exe\" /noshow

O4 - HKCU\\..\\Run: [Spotify Web Helper] \"C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\"

O4 - HKCU\\..\\Run: [Skype] \"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun

O4 - HKUS\\S-1-5-19\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /autoRun (User \'LOCAL SERVICE\')

O4 - HKUS\\S-1-5-19\\..\\RunOnce: [mctadmin] C:\\Windows\\System32\\mctadmin.exe (User \'LOCAL SERVICE\')

O4 - HKUS\\S-1-5-20\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /autoRun (User \'NETWORK SERVICE\')

O4 - HKUS\\S-1-5-20\\..\\RunOnce: [mctadmin] C:\\Windows\\System32\\mctadmin.exe (User \'NETWORK SERVICE\')

O4 - Startup: Dropbox.lnk = Evan Kopilow\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe

O4 - Startup: Samsung Magician.lnk = C:\\Program Files (x86)\\Samsung Magician\\Samsung Magician.exe

O4 - Startup: SpeedFan.lnk = C:\\Program Files (x86)\\SpeedFan\\speedfan.exe

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\\PROGRA~2\\COMMON~1\\Skype\\SKYPE4~1.DLL

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - D:\\Program Files\\SUPERAntiSpyware\\SASCORE64.EXE

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\\system32\\Alg.exe,-112 (ALG) - Unknown owner - C:\\Windows\\System32\\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\\Windows\\system32\\atiesrxx.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\\Program Files (x86)\\Common Files\\Apple\\Mobile Device Support\\AppleMobileDeviceService.exe

O23 - Service: AppleChargerSrv - Unknown owner - C:\\Windows\\system32\\AppleChargerSrv.exe (file missing)

O23 - Service: Bonjour Service - Apple Inc. - C:\\Program Files\\Bonjour\\mDNSResponder.exe

O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\\Windows\\SysWow64\\IntelCpHeciSvc.exe

O23 - Service: @%SystemRoot%\\system32\\efssvc.dll,-100 (EFS) - Unknown owner - C:\\Windows\\System32\\lsass.exe (file missing)

O23 - Service: @%systemroot%\\system32\\fxsresm.dll,-118 (Fax) - Unknown owner - C:\\Windows\\system32\\fxssvc.exe (file missing)

O23 - Service: Freemake Improver - Freemake - C:\\ProgramData\\Freemake\\FreemakeUtilsService\\FreemakeUtilsService.exe

O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\\Program Files (x86)\\Futuremark\\Futuremark SystemInfo\\FMSISvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\\Program Files (x86)\\Common Files\\InstallShield\\Driver\\11\\Intel 32\\IDriverT.exe

O23 - Service: @%SystemRoot%\\system32\\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\\Windows\\system32\\IEEtwCollector.exe (file missing)

O23 - Service: IHA_MessageCenter - Verizon - C:\\Program Files (x86)\\Verizon\\IHA_MessageCenter\\Bin\\Verizon_IHAMessageCenter.exe

O23 - Service: iPod Service - Apple Inc. - C:\\Program Files\\iPod\\bin\\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)

O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\LMS\\LMS.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\\Program Files (x86)\\Mozilla Maintenance Service\\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\\Windows\\System32\\msdtc.exe (file missing)

O23 - Service: NBService - Nero AG - D:\\Program Files (x86)\\Nero 7\\Nero BackItUp\\NBService.exe

O23 - Service: @%SystemRoot%\\System32\\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)

O23 - Service: NMIndexingService - Nero AG - C:\\Program Files (x86)\\Common Files\\Ahead\\Lib\\NMIndexingService.exe

O23 - Service: @%systemroot%\\system32\\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)

O23 - Service: @%systemroot%\\system32\\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\\Windows\\system32\\locator.exe (file missing)

O23 - Service: @%SystemRoot%\\system32\\samsrv.dll,-1 (SamSs) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\\Program Files (x86)\\Skype\\Updater\\Updater.exe

O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\\Program Files (x86)\\GIGABYTE\\Smart6\\Timelock\\TimeMgmtDaemon.exe

O23 - Service: @%SystemRoot%\\system32\\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\\Windows\\System32\\snmptrap.exe (file missing)

O23 - Service: Soluto Launcher Service (SolutoLauncherService) - Soluto - C:\\Program Files\\Soluto\\SolutoLauncherService.exe

O23 - Service: Soluto Remote Service (SolutoRemoteService) - Soluto - C:\\Program Files\\Soluto\\SolutoRemoteService.exe

O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\\Program Files\\Soluto\\SolutoService.exe

O23 - Service: @%systemroot%\\system32\\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\\Windows\\System32\\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\\system32\\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\\Windows\\system32\\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\\Program Files (x86)\\Common Files\\Steam\\SteamService.exe

O23 - Service: @%SystemRoot%\\system32\\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\\Windows\\system32\\UI0Detect.exe (file missing)

O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\UNS\\UNS.exe

O23 - Service: @%SystemRoot%\\system32\\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\\system32\\vds.exe,-100 (vds) - Unknown owner - C:\\Windows\\System32\\vds.exe (file missing)

O23 - Service: @%systemroot%\\system32\\vssvc.exe,-102 (VSS) - Unknown owner - C:\\Windows\\system32\\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\\system32\\Wat\\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\\Windows\\system32\\Wat\\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\\system32\\wbengine.exe,-104 (wbengine) - Unknown owner - C:\\Windows\\system32\\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\\system32\\wbem\\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\\Windows\\system32\\wbem\\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\\Windows Media Player\\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\\Program Files (x86)\\Windows Media Player\\wmpnetwk.exe (file missing)

--

End of file - 10896 bytes

guestolo · « **Reply #1 on:** July 01, 2014, 10:19:17 AM »

Download http://oldtimer.geekstogo.com/OTL.exe\'>OTL.exe by OldTimer to your Desktop.

Close all windows and double click on OTL.exe to run it
right click on OTL.exe and choose to \"Run as Administrator\"
Click Run Scan and let the program run uninterrupted.
It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.

rambag3 · « **Reply #2 on:** July 01, 2014, 11:46:32 PM »

OTL log:

OTL logfile created on: 7/2/2014 12:40:39 AM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\\Users\\Evan Kopilow\\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.17126)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.92 Gb Total Physical Memory | 13.15 Gb Available Physical Memory | 82.58% Memory free

31.84 Gb Paging File | 28.75 Gb Available in Paging File | 90.32% Paging File free

Paging file location(s): c:\\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\\Windows | %ProgramFiles% = C:\\Program Files (x86)

Drive C: | 232.78 Gb Total Space | 146.28 Gb Free Space | 62.84% Space Free | Partition Type: NTFS

Drive D: | 931.51 Gb Total Space | 594.45 Gb Free Space | 63.82% Space Free | Partition Type: NTFS

Drive E: | 931.51 Gb Total Space | 865.01 Gb Free Space | 92.86% Space Free | Partition Type: NTFS

Drive F: | 111.79 Gb Total Space | 71.39 Gb Free Space | 63.86% Space Free | Partition Type: NTFS

Drive G: | 702.83 Mb Total Space | 479.74 Mb Free Space | 68.26% Space Free | Partition Type: UDF

Drive H: | 55.90 Gb Total Space | 45.31 Gb Free Space | 81.06% Space Free | Partition Type: NTFS

Computer Name: LJSMONSTER | User Name: Evan Kopilow | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/07/02 00:39:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\\Users\\Evan Kopilow\\Desktop\\OTL.exe

PRC - [2014/06/10 16:25:03 | 001,176,632 | ---- | M] (Spotify Ltd) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe

PRC - [2014/05/31 16:26:48 | 000,585,048 | ---- | M] (Razer Inc.) -- C:\\Program Files (x86)\\Razer\\Synapse\\RzSynapse.exe

PRC - [2014/05/29 13:36:52 | 000,543,424 | ---- | M] (Valve Corporation) -- C:\\Program Files (x86)\\Common Files\\Steam\\SteamService.exe

PRC - [2014/05/29 13:36:48 | 001,754,816 | ---- | M] (Valve Corporation) -- D:\\Program Files (x86)\\Steam\\Steam.exe

PRC - [2014/05/19 20:45:22 | 033,322,312 | ---- | M] (Dropbox, Inc.) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe

PRC - [2014/05/19 20:34:36 | 004,737,440 | ---- | M] (Samsung Electronics.) -- C:\\Program Files (x86)\\Samsung Magician\\Samsung Magician.exe

PRC - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe

PRC - [2013/10/15 19:06:12 | 001,016,712 | ---- | M] (Flux Software LLC) -- C:\\Users\\Evan Kopilow\\AppData\\Local\\FluxSoftware\\Flux\\flux.exe

PRC - [2011/08/08 17:39:32 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\UNS\\UNS.exe

PRC - [2011/08/08 17:39:26 | 000,325,912 | ---- | M] (Intel Corporation) -- C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\LMS\\LMS.exe

PRC - [2010/04/22 15:05:26 | 001,011,712 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\\Program Files (x86)\\GIGABYTE\\smart6\\timelock\\AlarmClock.exe

PRC - [2009/10/13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\\Program Files (x86)\\GIGABYTE\\smart6\\timelock\\TimeMgmtDaemon.exe

========== Modules (No Company Name) ==========

MOD - [2014/07/02 00:34:08 | 000,043,008 | ---- | M] () -- c:\\Users\\Evan Kopilow\\AppData\\Local\\Temp\\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppwy5tq.dll

MOD - [2014/05/29 13:37:34 | 002,139,840 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\video.dll

MOD - [2014/05/29 13:36:54 | 001,116,864 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\bin\\chromehtml.dll

MOD - [2014/05/19 20:20:50 | 000,103,424 | ---- | M] () -- C:\\Program Files (x86)\\Samsung Magician\\PAL.dll

MOD - [2014/05/19 20:20:10 | 000,039,424 | ---- | M] () -- C:\\Program Files (x86)\\Samsung Magician\\SATA.dll

MOD - [2014/05/19 20:20:10 | 000,031,232 | ---- | M] () -- C:\\Program Files (x86)\\Samsung Magician\\SMINI.dll

MOD - [2014/05/19 20:19:48 | 000,029,696 | ---- | M] () -- C:\\Program Files (x86)\\Samsung Magician\\SAS.dll

MOD - [2014/05/19 20:19:46 | 000,038,400 | ---- | M] () -- C:\\Program Files (x86)\\Samsung Magician\\SAT.dll

MOD - [2014/05/16 21:36:10 | 000,756,224 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\SDL2.dll

MOD - [2014/05/06 11:24:38 | 000,013,824 | ---- | M] () -- C:\\Program Files (x86)\\Samsung Magician\\SAMSUNG_SSD.dll

MOD - [2014/05/01 19:35:22 | 020,628,160 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\bin\\libcef.dll

MOD - [2014/04/29 20:08:08 | 001,135,104 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\libavcodec-55.dll

MOD - [2014/04/29 20:08:08 | 000,471,552 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\libavutil-53.dll

MOD - [2014/04/29 20:08:08 | 000,404,992 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\libavformat-55.dll

MOD - [2014/04/29 20:08:08 | 000,340,992 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\libavresample-1.dll

MOD - [2014/04/28 20:37:22 | 000,519,168 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\libswscale-2.dll

MOD - [2014/02/12 13:56:33 | 000,399,872 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Xml.Linq\\b6c7a1ca929c1b10f36b683c9f1a0517\\System.Xml.Linq.ni.dll

MOD - [2014/02/12 13:56:15 | 000,190,976 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\UIAutomationTypes\\75b6a68103e1b76063d9f69b8275ae61\\UIAutomationTypes.ni.dll

MOD - [2014/02/12 13:56:14 | 000,018,944 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\Presentatio49d6fefe#\\47e7fc401facd4a5d3f2237f16948f36\\PresentationFramework-SystemXml.ni.dll

MOD - [2014/02/12 13:56:14 | 000,014,336 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\Presentatio4b37ff64#\\0d3cb1df8b6af32cebdc6e2cc4948c69\\PresentationFramework-SystemXmlLinq.ni.dll

MOD - [2014/02/12 00:24:08 | 018,813,440 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\Presentatio5ae0f00f#\\a4b45c44490c75bc2fb22780e7ef087d\\PresentationFramework.ni.dll

MOD - [2014/02/12 00:24:01 | 001,889,792 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Xaml\\3fe705796c6a41d4889d9001d1c56af8\\System.Xaml.ni.dll

MOD - [2014/02/12 00:23:59 | 012,894,208 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Windows.Forms\\f4f6ee0df2aa4189bf36e6335cb92761\\System.Windows.Forms.ni.dll

MOD - [2014/02/12 00:23:59 | 001,180,672 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Management\\0893e0e7137e3b2da905da6216b75344\\System.Management.ni.dll

MOD - [2014/02/12 00:23:55 | 011,025,920 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\PresentationCore\\a74542efbeb46445949a39026c501132\\PresentationCore.ni.dll

MOD - [2014/02/12 00:23:50 | 006,990,336 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Core\\dce99d8de14d8a015313db98c72552ee\\System.Core.ni.dll

MOD - [2014/02/12 00:23:50 | 001,644,544 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Drawing\\5cd2aee5e7c07227c694d89219688ab3\\System.Drawing.ni.dll

MOD - [2014/02/12 00:23:49 | 007,662,080 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Xml\\bada32953bb6b16a53d653eae23d78dc\\System.Xml.ni.dll

MOD - [2014/02/12 00:23:49 | 000,806,400 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Servd1dec626#\\34b53ecafa1d7ccc7ca961d722b5d983\\System.ServiceModel.Internals.ni.dll

MOD - [2014/02/12 00:23:49 | 000,122,880 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\SMDiagnostics\\78652b7fa68ee058bff6a118c657f565\\SMDiagnostics.ni.dll

MOD - [2014/02/12 00:23:48 | 002,825,216 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Runteb92aa12#\\f6d7bb59f318c130d68816a89335d05e\\System.Runtime.Serialization.ni.dll

MOD - [2014/02/12 00:23:47 | 003,950,080 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\WindowsBase\\acf97bfe2a931d4a47253b26b7218991\\WindowsBase.ni.dll

MOD - [2014/02/12 00:23:45 | 000,470,528 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\Presentatio1c9175f8#\\75f8bc4cf08030c4a53b6d5e0ae20046\\PresentationFramework.Aero.ni.dll

MOD - [2014/02/12 00:23:44 | 010,060,800 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System\\ff26cc03e6d57d8abd13b990332e67c6\\System.ni.dll

MOD - [2014/02/12 00:23:44 | 000,976,384 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Configuration\\bbc48ec4245e502ae19b0601d3799c9e\\System.Configuration.ni.dll

MOD - [2014/02/12 00:23:39 | 016,953,856 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\mscorlib\\ce5f61c5754789df97be8dc991c47d07\\mscorlib.ni.dll

MOD - [2014/01/20 14:17:04 | 000,073,544 | ---- | M] () -- C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\zlib1.dll

MOD - [2014/01/20 14:16:38 | 001,044,808 | ---- | M] () -- C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\libxml2.dll

MOD - [2014/01/02 21:09:26 | 003,610,624 | ---- | M] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Dropbox\\bin\\wxmsw28uh_vc.dll

MOD - [2013/08/23 15:01:44 | 025,100,288 | ---- | M] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Dropbox\\bin\\libcef.dll

MOD - [2013/06/14 19:49:12 | 001,100,800 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\bin\\avcodec-53.dll

MOD - [2013/06/14 19:49:12 | 000,192,000 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\bin\\avformat-53.dll

MOD - [2013/06/14 19:49:12 | 000,124,416 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\bin\\avutil-51.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014/05/30 05:21:05 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysNative\\IEEtwCollector.exe -- (IEEtwCollectorService)

SRV:64bit: - [2014/03/11 12:34:10 | 000,347,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\\Program Files\\Microsoft Security Client\\NisSrv.exe -- (NisSrv)

SRV:64bit: - [2014/03/11 12:34:10 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe -- (MsMpSvc)

SRV:64bit: - [2013/12/06 16:52:10 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\\Windows\\SysNative\\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Program Files\\Windows Defender\\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2013/04/21 14:23:50 | 000,182,848 | ---- | M] (Soluto) [Auto | Running] -- C:\\Program Files\\Soluto\\SolutoLauncherService.exe -- (SolutoLauncherService)

SRV:64bit: - [2013/04/21 14:23:48 | 000,721,472 | ---- | M] (Soluto) [Auto | Running] -- C:\\Program Files\\Soluto\\SolutoService.exe -- (SolutoService)

SRV:64bit: - [2013/04/21 14:16:00 | 001,245,248 | ---- | M] (Soluto) [On_Demand | Stopped] -- C:\\Program Files\\Soluto\\SolutoRemoteService.exe -- (SolutoRemoteService)

SRV:64bit: - [2010/04/06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\\Windows\\SysNative\\AppleChargerSrv.exe -- (AppleChargerSrv)

SRV - [2014/06/18 02:23:30 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\\Program Files (x86)\\Mozilla Maintenance Service\\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2014/06/11 10:48:44 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2014/05/29 13:36:52 | 000,543,424 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\\Program Files (x86)\\Common Files\\Steam\\SteamService.exe -- (Steam Client Service)

SRV - [2014/05/21 09:32:04 | 000,358,984 | ---- | M] (Verizon) [Auto | Running] -- C:\\Program Files (x86)\\Verizon\\IHA_MessageCenter\\Bin\\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)

SRV - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe -- (AdobeARMservice)

SRV - [2013/11/07 02:52:56 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\IntelCpHeciSvc.exe -- (cphs)

SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [On_Demand | Running] -- C:\\Program Files (x86)\\Skype\\Updater\\Updater.exe -- (SkypeUpdate)

SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2013/08/14 16:46:02 | 000,101,888 | ---- | M] (Freemake) [On_Demand | Stopped] -- C:\\ProgramData\\Freemake\\FreemakeUtilsService\\FreemakeUtilsService.exe -- (Freemake Improver)

SRV - [2013/05/23 16:12:02 | 000,143,120 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- D:\\Program Files\\SUPERAntiSpyware\\SASCore64.exe -- (!SASCORE)

SRV - [2011/12/09 14:39:52 | 000,135,584 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\\Program Files (x86)\\Futuremark\\Futuremark SystemInfo\\FMSISvc.exe -- (Futuremark SystemInfo Service)

SRV - [2011/08/08 17:39:32 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\UNS\\UNS.exe -- (UNS)

SRV - [2011/08/08 17:39:26 | 000,325,912 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\LMS\\LMS.exe -- (LMS)

SRV - [2009/10/13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Running] -- C:\\Program Files (x86)\\GIGABYTE\\smart6\\timelock\\TimeMgmtDaemon.exe -- (Smart TimeLock)

SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework\\v2.0.50727\\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2007/01/15 17:14:38 | 000,774,144 | ---- | M] (Nero AG) [On_Demand | Stopped] -- D:\\Program Files (x86)\\Nero 7\\Nero BackItUp\\NBService.exe -- (NBService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/05/19 02:47:28 | 000,155,816 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\rzudd.sys -- (rzudd)

DRV:64bit: - [2014/03/11 09:52:30 | 000,133,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\NisDrvWFP.sys -- (NisDrv)

DRV:64bit: - [2014/01/22 09:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\ssudmdm.sys -- (ssudmdm)

DRV:64bit: - [2014/01/22 09:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\ssudbus.sys -- (dg_ssudbus)

DRV:64bit: - [2013/12/06 17:52:14 | 013,207,552 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2013/12/06 16:21:44 | 000,626,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2013/11/07 02:52:44 | 005,363,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\igdkmd64.sys -- (igfx)

DRV:64bit: - [2013/10/01 22:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2013/09/24 10:53:50 | 000,094,208 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\AtihdW76.sys -- (AtiHDAudioService)

DRV:64bit: - [2013/09/20 11:52:42 | 000,016,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\SWDUMon.sys -- (SWDUMon)

DRV:64bit: - [2013/04/21 14:15:34 | 000,054,728 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\Soluto.sys -- (Soluto)

DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2012/11/02 16:38:36 | 000,050,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\point64.sys -- (Point64)

DRV:64bit: - [2012/11/01 22:52:50 | 000,075,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\dc3d.sys -- (dc3d)

DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2012/05/06 12:56:42 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\pcouffin.sys -- (pcouffin)

DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\\Windows\\SysNative\\drivers\\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011/09/21 10:25:54 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\cpuz135_x64.sys -- (cpuz135)

DRV:64bit: - [2011/05/16 10:55:28 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\amdxata.sys -- (amdxata)

DRV:64bit: - [2011/01/10 18:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\\Windows\\SysNative\\drivers\\AppleCharger.sys -- (AppleCharger)

DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\HECIx64.sys -- (MEIx64)

DRV:64bit: - [2009/08/21 02:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\xusb21.sys -- (xusb21)

DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [1999/12/31 20:00:00 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\IntcDAud.sys -- (IntcDAud)

DRV:64bit: - [1999/12/31 20:00:00 | 000,088,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\EtronXHCI.sys -- (EtronXHCI)

DRV:64bit: - [1999/12/31 20:00:00 | 000,065,152 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\EtronHub3.sys -- (EtronHub3)

DRV - [2014/07/02 00:33:50 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\\Windows\\gdrv.sys -- (gdrv)

DRV - [2013/01/03 15:07:47 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\\Windows\\GVTDrv64.sys -- (GVTDrv64)

DRV - [2012/08/23 17:02:26 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\\Windows\\etdrv.sys -- (etdrv)

DRV - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\\Program Files\\SUPERAntiSpyware\\sasdifsv64.sys -- (SASDIFSV)

DRV - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\\Program Files\\SUPERAntiSpyware\\saskutil64.sys -- (SASKUTIL)

DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\drivers\\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\\..\\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\\..\\SearchScopes\\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: \"URL\" = http://www.bing.com/search?q=\'>http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Local Page = C:\\Windows\\SysWOW64\\blank.htm

IE - HKLM\\..\\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\\Program Files (x86)\\uTorrentControl2\\prxtbuTor.dll (Conduit Ltd.)

IE - HKLM\\..\\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\\..\\SearchScopes\\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: \"URL\" = http://www.bing.com/search?q=\'>http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Secondary Start Pages = [binary data]

IE - HKCU\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Start Page = http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx\'>http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx

IE - HKCU\\..\\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\\Program Files (x86)\\uTorrentControl2\\prxtbuTor.dll (Conduit Ltd.)

IE - HKCU\\..\\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\\..\\SearchScopes\\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: \"URL\" = http://www.bing.com/search?q=\'>http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR

IE - HKCU\\..\\SearchScopes\\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: \"URL\" = http://search.babylon.com/?q=\'>http://search.babylon.com/?q={searchTerms}&AF=110018&babsrc=SP_ss&mntrId=d4f84c3200000000000050e549e97722

IE - HKCU\\..\\SearchScopes\\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: \"URL\" = http://searchservices.verizon.com/search/ws.portal?&_nfpb=true&_pageLabel=google_results&rs=&web_search_type=basic&sc=web&clientid=vz-cnsmr-tlbr&channel=Brwsr-v6IE&q=\'>http://searchservices.verizon.com/search/ws.portal?&_nfpb=true&_pageLabel=google_results&rs=&web_search_type=basic&sc=web&clientid=vz-cnsmr-tlbr&channel=Brwsr-v6IE&q={searchTerms}

IE - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyEnable\" = 0

IE - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyOverride\" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: \"Google\"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: \"http://www.google.com/\'>http://www.google.com/\"

FF - prefs.js..extensions.enabledAddons: TFToolbarX%40torrent-finder:1.3.1

FF - prefs.js..extensions.enabledAddons: ex1%40icrewmax.com:3.6

FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:5.9.1

FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.29

FF - prefs.js..extensions.enabledAddons: %7B37fa1426-b82d-11db-8314-0800200c9a66%7D:3.4.2

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0

FF - prefs.js..keyword.URL: \"http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&CUI=UN66950574046415219&UM=&q=\'>http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&CUI=UN66950574046415219&UM=&q=\"

FF:64bit: - HKLM\\Software\\MozillaPlugins\\@adobe.com/FlashPlayer: C:\\Windows\\system32\\Macromed\\Flash\\NPSWF64_14_0_0_125.dll File not found

FF:64bit: - HKLM\\Software\\MozillaPlugins\\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\\Software\\MozillaPlugins\\@Microsoft.com/NpCtrl,version=1.0: C:\\Program Files\\Microsoft Silverlight\\5.1.30214.0\\npctrl.dll ( Microsoft Corporation)

FF - HKLM\\Software\\MozillaPlugins\\@adobe.com/FlashPlayer: C:\\Windows\\SysWOW64\\Macromed\\Flash\\NPSWF32_14_0_0_125.dll ()

FF - HKLM\\Software\\MozillaPlugins\\@Apple.com/iTunes,version=: File not found

FF - HKLM\\Software\\MozillaPlugins\\@Apple.com/iTunes,version=1.0: D:\\iTunes\\Mozilla Plugins\\npitunes.dll ()

FF - HKLM\\Software\\MozillaPlugins\\@java.com/DTPlugin,version=10.55.2: C:\\Program Files (x86)\\Java\\jre7\\bin\\dtplugin\\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\\Software\\MozillaPlugins\\@java.com/JavaPlugin,version=10.55.2: C:\\Program Files (x86)\\Java\\jre7\\bin\\plugin2\\npjp2.dll (Oracle Corporation)

FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\\Software\\MozillaPlugins\\@Microsoft.com/NpCtrl,version=1.0: C:\\Program Files (x86)\\Microsoft Silverlight\\5.1.30214.0\\npctrl.dll ( Microsoft Corporation)

FF - HKLM\\Software\\MozillaPlugins\\@pandonetworks.com/PandoWebPlugin: C:\\Program Files (x86)\\Pando Networks\\Media Booster\\npPandoWebPlugin.dll (Pando Networks)

FF - HKLM\\Software\\MozillaPlugins\\@raidcall.en/RCplugin: C:\\Users\\Evan Kopilow\\AppData\\Roaming\\raidcall\\plugins\\nprcplugin.dll (Raidcall)

FF - HKLM\\Software\\MozillaPlugins\\@videolan.org/vlc,version=2.0.8: D:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll (VideoLAN)

FF - HKLM\\Software\\MozillaPlugins\\@videolan.org/vlc,version=2.1.0: C:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll (VideoLAN)

FF - HKLM\\Software\\MozillaPlugins\\@videolan.org/vlc,version=2.1.1: C:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll (VideoLAN)

FF - HKLM\\Software\\MozillaPlugins\\@videolan.org/vlc,version=2.1.2: C:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll (VideoLAN)

FF - HKLM\\Software\\MozillaPlugins\\@videolan.org/vlc,version=2.1.3: C:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll (VideoLAN)

FF - HKLM\\Software\\MozillaPlugins\\Adobe Reader: C:\\Program Files (x86)\\Adobe\\Reader 11.0\\Reader\\AIR\\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\\Software\\MozillaPlugins\\pandonetworks.com/PandoWebPlugin: C:\\Program Files (x86)\\Pando Networks\\Media Booster\\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\\software\\mozilla\\Mozilla Firefox 30.0\\extensions\\\\Components: C:\\Program Files (x86)\\Mozilla Firefox\\components [2014/06/18 02:23:15 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\\software\\mozilla\\Mozilla Firefox 30.0\\extensions\\\\Plugins: C:\\Program Files (x86)\\Mozilla Firefox\\plugins [2014/06/18 02:23:15 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\\software\\mozilla\\Mozilla Firefox 30.0\\extensions\\\\Components: C:\\Program Files (x86)\\Mozilla Firefox\\components [2014/06/18 02:23:15 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\\software\\mozilla\\Mozilla Firefox 30.0\\extensions\\\\Plugins: C:\\Program Files (x86)\\Mozilla Firefox\\plugins [2014/06/18 02:23:15 | 000,000,000 | ---D | M]

[2012/04/10 10:50:54 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Extensions

[2014/06/27 19:29:50 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions

[2013/04/07 13:02:48 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\{0b38152b-1b20-484d-a11f-5e04a9b0661f}

[2013/11/11 22:52:22 | 000,000,000 | ---D | M] (uTorrentControl2) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\{687578b9-7132-4a7a-80e4-30ee31099e03}

[2014/05/14 17:37:37 | 000,000,000 | ---D | M] (\"Flash Video Downloader - Full HD Download\") -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\[email protected]

[2014/04/24 15:50:52 | 000,057,781 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\[email protected]

[2014/04/08 03:16:26 | 000,625,308 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\[email protected]

[2013/01/30 10:35:10 | 000,119,925 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\[email protected]

[2014/06/20 21:41:17 | 000,009,259 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\[email protected]

[2014/06/27 19:29:50 | 000,220,046 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi

[2014/06/24 08:52:53 | 000,516,098 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi

[2014/06/10 17:17:35 | 000,967,387 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2014/06/18 02:23:15 | 000,000,000 | ---D | M] (No name found) -- C:\\Program Files (x86)\\Mozilla Firefox\\extensions

[2014/06/18 02:23:15 | 000,000,000 | ---D | M] (Java Console) -- C:\\Program Files (x86)\\Mozilla Firefox\\extensions\\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

[2014/06/18 02:23:15 | 000,000,000 | ---D | M] (Java Console) -- C:\\Program Files (x86)\\Mozilla Firefox\\extensions\\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

[2014/06/18 02:23:15 | 000,000,000 | ---D | M] (No name found) -- C:\\Program Files (x86)\\Mozilla Firefox\\browser\\extensions

[2014/06/18 02:23:31 | 000,000,000 | ---D | M] (Default) -- C:\\Program Files (x86)\\Mozilla Firefox\\browser\\extensions\\{972ce4c6-7e08-4474-a285-3208198ce6fd}

File not found (No name found) -- C:\\PROGRAMDATA\\AVG SECURE SEARCH\\FIREFOXEXT\\17.2.0.38

[2011/12/09 13:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\\Program Files (x86)\\mozilla firefox\\plugins\\npwachk.dll

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\\Windows\\SysNative\\drivers\\etc\\hosts

O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\\Program Files (x86)\\Winamp Toolbar\\winamptb.dll (AOL Inc.)

O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\\Program Files (x86)\\uTorrentControl2\\prxtbuTor.dll (Conduit Ltd.)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files (x86)\\Java\\jre7\\bin\\ssv.dll (Oracle Corporation)

O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files (x86)\\Java\\jre7\\bin\\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\\..\\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\\Program Files (x86)\\uTorrentControl2\\prxtbuTor.dll (Conduit Ltd.)

O3 - HKLM\\..\\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\\Program Files (x86)\\Winamp Toolbar\\winamptb.dll (AOL Inc.)

O3 - HKCU\\..\\Toolbar\\WebBrowser: (uTorrentControl2 Toolbar) - {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\\Program Files (x86)\\uTorrentControl2\\prxtbuTor.dll (Conduit Ltd.)

O3 - HKCU\\..\\Toolbar\\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\\Program Files (x86)\\Winamp Toolbar\\winamptb.dll (AOL Inc.)

O4:64bit: - HKLM..\\Run: [HotKeysCmds] C:\\Windows\\SysNative\\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\\Run: [IgfxTray] C:\\Windows\\SysNative\\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\\Run: [IntelliPoint] C:\\Program Files\\Microsoft Mouse and Keyboard Center\\ipoint.exe (Microsoft Corporation)

O4:64bit: - HKLM..\\Run: [IntelliType Pro] C:\\Program Files\\Microsoft Mouse and Keyboard Center\\itype.exe (Microsoft Corporation)

O4:64bit: - HKLM..\\Run: [MSC] C:\\Program Files\\Microsoft Security Client\\msseces.exe (Microsoft Corporation)

O4:64bit: - HKLM..\\Run: [Persistence] C:\\Windows\\SysNative\\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\\Run: [RtHDVCpl] C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\\Run: [] File not found

O4 - HKLM..\\Run: [APSDaemon] C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\\Run: [Razer Synapse] C:\\Program Files (x86)\\Razer\\Synapse\\RzSynapse.exe (Razer Inc.)

O4 - HKLM..\\Run: [StartCCC] C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\amd64\\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKCU..\\Run: [BackgroundContainer] C:\\Users\\Evan Kopilow\\AppData\\Local\\Conduit\\BackgroundContainer\\BackgroundContainer.dll (Conduit Ltd.)

O4 - HKCU..\\Run: [f.lux] C:\\Users\\Evan Kopilow\\AppData\\Local\\FluxSoftware\\Flux\\flux.exe (Flux Software LLC)

O4:64bit: - HKLM..\\RunOnce: [RPMKickstart] C:\\Program Files\\GIGABYTE\\SMART6\\Recovery\\RPMKickstart.exe (Gigabyte Technology CO., LTD.)

O4 - Startup: C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Samsung Magician.lnk = C:\\Windows\\SysWOW64\\schtasks.exe (Microsoft Corporation)

O4 - Startup: C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\SpeedFan.lnk = File not found

O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoActiveDesktop = 1

O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: PromptOnSecureDesktop = 0

O10:64bit: - NameSpace_Catalog5\\Catalog_Entries64\\000000000007 [] - C:\\Program Files\\Bonjour\\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\\Catalog_Entries\\000000000007 [] - C:\\Program Files (x86)\\Bonjour\\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKCU\\..Trusted Domains: verizon.net ([activate] https in Trusted sites)

O15 - HKCU\\..Trusted Domains: verizon.net ([activatemydsl] https in Trusted sites)

O15 - HKCU\\..Trusted Domains: verizon.net ([activatemyfios] https in Trusted sites)

O15 - HKCU\\..Trusted Domains: verizon.net ([activatemyhsi] https in Trusted sites)

O15 - HKCU\\..Trusted Domains: verizon.net ([activatemywifi] https in Trusted sites)

O15 - HKCU\\..Trusted Domains: verizon.net ([wbadownload] https in Trusted sites)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab\'>http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab (Java Plug-in 10.55.2)

O16 - DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab\'>http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab (Java Plug-in 1.7.0_51)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab\'>http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab (Java Plug-in 10.55.2)

O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters\\Interfaces\\{0D22C8E2-A8B1-4FA7-8886-7DFC39D6AA92}: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\\Handler\\skype4com - No CLSID value found

O18 - Protocol\\Handler\\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\\Program Files (x86)\\Common Files\\Skype\\Skype4COM.dll (Skype Technologies)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\\Windows\\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (c:\\windows\\system32\\userinit.exe) - C:\\Windows\\SysNative\\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (c:\\program files\\soluto\\soluto.exe /userinit) - c:\\program files\\soluto\\soluto.exe (Soluto)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\\Windows\\SysWow64\\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\\Windows\\SysWow64\\userinit.exe (Microsoft Corporation)

O20:64bit: - Winlogon\\Notify\\igfxcui: DllName - (igfxdev.dll) - C:\\Windows\\SysNative\\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\\{5625bff4-8119-11e2-a428-50e549e97722}\\Shell - \"\" = AutoRun

O33 - MountPoints2\\{5625bff4-8119-11e2-a428-50e549e97722}\\Shell\\AutoRun\\command - \"\" = H:\\ToolLauncher-Bootstrap.exe

O33 - MountPoints2\\{8fec731b-8330-11e1-982c-806e6f6e6963}\\Shell - \"\" = AutoRun

O33 - MountPoints2\\{8fec731b-8330-11e1-982c-806e6f6e6963}\\Shell\\AutoRun\\command - \"\" = D:\\Run.exe

O33 - MountPoints2\\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\\Shell - \"\" = AutoRun

O33 - MountPoints2\\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\\Shell\\AutoRun\\command - \"\" = J:\\VZW_Software_upgrade_assistant.exe

O33 - MountPoints2\\J\\Shell - \"\" = AutoRun

O33 - MountPoints2\\J\\Shell\\AutoRun\\command - \"\" = J:\\VZW_Software_upgrade_assistant.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\\..comfile [open] -- \"%1\" %*

O35:64bit: - HKLM\\..exefile [open] -- \"%1\" %*

O35 - HKLM\\..comfile [open] -- \"%1\" %*

O35 - HKLM\\..exefile [open] -- \"%1\" %*

O37:64bit: - HKLM\\...com [@ = comfile] -- \"%1\" %*

O37:64bit: - HKLM\\...exe [@ = exefile] -- \"%1\" %*

O37 - HKLM\\...com [@ = comfile] -- \"%1\" %*

O37 - HKLM\\...exe [@ = exefile] -- \"%1\" %*

O38 - SubSystems\\\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/07/02 00:39:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\\Users\\Evan Kopilow\\Desktop\\OTL.exe

[2014/07/02 00:35:13 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Samsung Magician

[2014/06/29 19:18:35 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Trend Micro

[2014/06/29 19:18:35 | 000,000,000 | ---D | C] -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\HiJackThis

[2014/06/24 13:19:18 | 000,000,000 | ---D | C] -- C:\\Users\\Evan Kopilow\\Desktop\\Phone pictures

[2014/06/18 02:23:15 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Mozilla Firefox

[2014/06/14 18:36:14 | 000,000,000 | ---D | C] -- C:\\Users\\Evan Kopilow\\AppData\\Local\\Adobe

[2014/06/10 16:26:01 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Common Files\\Skype

[2014/06/10 16:05:12 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\jscript9diag.dll

[2014/06/10 16:05:12 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\mshtmled.dll

[2014/06/10 16:05:12 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ieetwproxystub.dll

[2014/06/10 16:05:12 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieetwproxystub.dll

[2014/06/10 16:05:12 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\JavaScriptCollectionAgent.dll

[2014/06/10 16:05:11 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\iesetup.dll

[2014/06/10 16:05:11 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\JavaScriptCollectionAgent.dll

[2014/06/10 16:05:10 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\inetcpl.cpl

[2014/06/10 16:05:10 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msfeeds.dll

[2014/06/10 16:05:10 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\dxtmsft.dll

[2014/06/10 16:05:10 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ieui.dll

[2014/06/10 16:05:10 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieetwcollector.exe

[2014/06/10 16:05:10 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\iernonce.dll

[2014/06/10 16:05:10 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieetwcollectorres.dll

[2014/06/10 16:05:09 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\inetcpl.cpl

[2014/06/10 16:05:09 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ie4uinit.exe

[2014/06/10 16:05:09 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\iesetup.dll

[2014/06/10 16:05:08 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\mshtmlmedia.dll

[2014/06/10 16:05:08 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ieapfltr.dll

[2014/06/10 16:05:08 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ieUnatt.exe

[2014/06/10 16:05:08 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\iernonce.dll

[2014/06/10 16:05:07 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieui.dll

[2014/06/10 16:05:07 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\dxtrans.dll

[2014/06/10 16:05:07 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\msrating.dll

[2014/06/10 16:05:06 | 005,782,528 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\jscript9.dll

[2014/06/10 16:05:06 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\mshtmlmedia.dll

[2014/06/10 16:05:06 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\jscript9diag.dll

[2014/06/10 16:05:06 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\vbscript.dll

[2014/06/10 16:05:06 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieUnatt.exe

[2014/06/10 16:05:06 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\mshtmled.dll

[2014/06/10 16:05:05 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\MsSpellCheckingFacility.exe

[2014/06/10 16:05:05 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieapfltr.dll

[2014/06/10 16:05:05 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msrating.dll

[2014/06/10 16:04:58 | 003,178,496 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\rdpcorets.dll

[2014/06/10 16:04:58 | 000,288,192 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\drivers\\FWPKCLNT.SYS

[2014/06/10 16:04:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\RdpGroupPolicyExtension.dll

[2014/06/10 16:04:57 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\usp10.dll

[2014/06/10 16:04:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\msxml6r.dll

[2014/06/10 16:04:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msxml6r.dll

[2014/06/10 16:04:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\msxml3r.dll

[2014/06/10 16:04:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msxml3r.dll

[2014/06/10 16:04:56 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\aepdu.dll

[2014/06/10 16:04:55 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\aeinv.dll

[2012/05/06 12:56:42 | 000,082,816 | ---- | C] (VSO Software) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2014/07/02 00:40:51 | 000,022,064 | -H-- | M] () -- C:\\Windows\\SysNative\\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2014/07/02 00:40:51 | 000,022,064 | -H-- | M] () -- C:\\Windows\\SysNative\\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2014/07/02 00:39:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\\Users\\Evan Kopilow\\Desktop\\OTL.exe

[2014/07/02 00:39:42 | 000,782,510 | ---- | M] () -- C:\\Windows\\SysNative\\PerfStringBackup.INI

[2014/07/02 00:39:42 | 000,662,400 | ---- | M] () -- C:\\Windows\\SysNative\\perfh009.dat

[2014/07/02 00:39:42 | 000,122,268 | ---- | M] () -- C:\\Windows\\SysNative\\perfc009.dat

[2014/07/02 00:35:13 | 000,001,744 | ---- | M] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Samsung Magician.lnk

[2014/07/02 00:33:50 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\\Windows\\gdrv.sys

[2014/07/02 00:33:48 | 000,000,350 | ---- | M] () -- C:\\Windows\\tasks\\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job

[2014/07/02 00:33:48 | 000,000,350 | ---- | M] () -- C:\\Windows\\tasks\\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job

[2014/07/02 00:33:41 | 000,067,584 | --S- | M] () -- C:\\Windows\\bootstat.dat

[2014/07/02 00:33:34 | 4229,779,454 | -HS- | M] () -- C:\\hiberfil.sys

[2014/06/29 20:06:00 | 000,000,830 | ---- | M] () -- C:\\Windows\\tasks\\Adobe Flash Player Updater.job

[2014/06/29 19:23:04 | 000,016,037 | ---- | M] () -- C:\\Users\\Evan Kopilow\\Desktop\\99 load.gif

[2014/06/29 19:18:35 | 000,003,007 | ---- | M] () -- C:\\Users\\Evan Kopilow\\Desktop\\HiJackThis.lnk

[2014/06/29 19:17:30 | 001,402,880 | ---- | M] () -- C:\\Users\\Evan Kopilow\\Desktop\\HiJackThis.msi

[2014/06/28 06:46:28 | 580,129,489 | ---- | M] () -- C:\\Windows\\MEMORY.DMP

[2014/06/25 13:30:44 | 000,001,117 | ---- | M] () -- C:\\Users\\Public\\Desktop\\Vz In-Home Agent.lnk

[2014/06/24 13:20:03 | 000,001,058 | ---- | M] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk

[2014/06/18 11:46:14 | 000,002,044 | ---- | M] () -- C:\\Users\\Evan Kopilow\\Application Data\\Microsoft\\Internet Explorer\\Quick Launch\\Mozilla Firefox.lnk

[2014/06/11 10:48:44 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\\Windows\\SysWow64\\FlashPlayerApp.exe

[2014/06/11 10:48:44 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\\Windows\\SysWow64\\FlashPlayerCPLApp.cpl

[2014/06/08 05:13:05 | 000,506,368 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\SysNative\\aepdu.dll

[2014/06/08 05:08:04 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\SysNative\\aeinv.dll

========== Files Created - No Company Name ==========

[2014/07/02 00:35:13 | 000,001,744 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Samsung Magician.lnk

[2014/06/29 19:23:04 | 000,016,037 | ---- | C] () -- C:\\Users\\Evan Kopilow\\Desktop\\99 load.gif

[2014/06/29 19:18:35 | 000,003,007 | ---- | C] () -- C:\\Users\\Evan Kopilow\\Desktop\\HiJackThis.lnk

[2014/06/29 19:17:29 | 001,402,880 | ---- | C] () -- C:\\Users\\Evan Kopilow\\Desktop\\HiJackThis.msi

[2014/06/25 13:30:44 | 000,001,117 | ---- | C] () -- C:\\Users\\Public\\Desktop\\Vz In-Home Agent.lnk

[2014/06/24 08:59:45 | 000,001,058 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk

[2014/02/12 12:05:09 | 000,000,114 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Dogecoin.conf

[2013/12/06 17:44:26 | 000,038,912 | ---- | C] () -- C:\\Windows\\SysWow64\\kdbsdk32.dll

[2013/11/07 02:52:42 | 000,077,312 | ---- | C] () -- C:\\Windows\\SysWow64\\igdde32.dll

[2013/03/28 22:13:14 | 000,798,734 | ---- | C] () -- C:\\Windows\\SysWow64\\amdocl_ld32.exe

[2013/03/28 22:13:12 | 000,995,342 | ---- | C] () -- C:\\Windows\\SysWow64\\amdocl_as32.exe

[2012/12/10 21:45:50 | 000,002,048 | ---- | C] () -- C:\\Users\\Evan Kopilow\\comdrv8z.bin

[2012/11/20 00:17:57 | 000,000,193 | ---- | C] () -- C:\\ProgramData\\Microsoft.SqlServer.Compact.351.64.bc

[2012/10/10 03:22:28 | 000,272,928 | ---- | C] () -- C:\\Windows\\SysWow64\\igvpkrng600.bin

[2012/10/10 03:22:20 | 000,963,452 | ---- | C] () -- C:\\Windows\\SysWow64\\igcodeckrng600.bin

[2012/05/06 12:57:06 | 000,001,057 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\vso_ts_preview.xml

[2012/05/06 12:56:42 | 000,099,384 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\inst.exe

[2012/05/06 12:56:42 | 000,007,859 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\pcouffin.cat

[2012/05/06 12:56:42 | 000,001,167 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\pcouffin.inf

[2012/04/13 10:54:19 | 000,007,601 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Local\\Resmon.ResmonCfg

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\\Windows\\assembly\\Desktop.ini

[HKEY_CURRENT_USER\\Software\\Classes\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32] /64

[HKEY_CURRENT_USER\\Software\\Classes\\Wow6432node\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32]

[HKEY_CURRENT_USER\\Software\\Classes\\clsid\\{fbeb8a05-beee-4442-804e-409d6c4515e9}\\InProcServer32] /64

[HKEY_CURRENT_USER\\Software\\Classes\\Wow6432node\\clsid\\{fbeb8a05-beee-4442-804e-409d6c4515e9}\\InProcServer32]

[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32] /64

\"\" = C:\\Windows\\SysNative\\shell32.dll -- [2014/03/24 22:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)

\"ThreadingModel\" = Apartment

[HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\Classes\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32]

\"\" = %SystemRoot%\\system32\\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)

\"ThreadingModel\" = Apartment

[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\\InProcServer32] /64

\"\" = C:\\Windows\\SysNative\\wbem\\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

\"ThreadingModel\" = Free

[HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\Classes\\clsid\\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\\InProcServer32]

\"\" = %systemroot%\\system32\\wbem\\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

\"ThreadingModel\" = Free

[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\\InProcServer32] /64

\"\" = C:\\Windows\\SysNative\\wbem\\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

\"ThreadingModel\" = Both

[HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\Classes\\clsid\\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\\InProcServer32]

< End of report >

Extras Log

OTL Extras logfile created on: 7/2/2014 12:40:39 AM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\\Users\\Evan Kopilow\\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.17126)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.92 Gb Total Physical Memory | 13.15 Gb Available Physical Memory | 82.58% Memory free

31.84 Gb Paging File | 28.75 Gb Available in Paging File | 90.32% Paging File free

Paging file location(s): c:\\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\\Windows | %ProgramFiles% = C:\\Program Files (x86)

Drive C: | 232.78 Gb Total Space | 146.28 Gb Free Space | 62.84% Space Free | Partition Type: NTFS

Drive D: | 931.51 Gb Total Space | 594.45 Gb Free Space | 63.82% Space Free | Partition Type: NTFS

Drive E: | 931.51 Gb Total Space | 865.01 Gb Free Space | 92.86% Space Free | Partition Type: NTFS

Drive F: | 111.79 Gb Total Space | 71.39 Gb Free Space | 63.86% Space Free | Partition Type: NTFS

Drive G: | 702.83 Mb Total Space | 479.74 Mb Free Space | 68.26% Space Free | Partition Type: UDF

Drive H: | 55.90 Gb Total Space | 45.31 Gb Free Space | 81.06% Space Free | Partition Type: NTFS

Computer Name: LJSMONSTER | User Name: Evan Kopilow | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\<extension>]

.html[@ = htmlfile] -- C:\\Program Files\\Internet Explorer\\iexplore.exe (Microsoft Corporation)

.url[@ = InternetShortcut] -- C:\\Windows\\SysNative\\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\<extension>]

.cpl [@ = cplfile] -- C:\\Windows\\SysWow64\\control.exe (Microsoft Corporation)

.html [@ = htmlfile] -- C:\\Program Files\\Internet Explorer\\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\\SOFTWARE\\Classes\\<extension>]

.html [@ = FirefoxHTML] -- C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\<key>\\shell\\[command]\\command]

batfile [open] -- \"%1\" %*

cmdfile [open] -- \"%1\" %*

comfile [open] -- \"%1\" %*

exefile [open] -- \"%1\" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)

htmlfile [opennew] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)

htmlfile [print] -- \"%systemroot%\\system32\\rundll32.exe\" \"%systemroot%\\system32\\mshtml.dll\",PrintHTML \"%1\"

http [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)

https [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\\System32\\InfDefaultInstall.exe \"%1\" (Microsoft Corporation)

InternetShortcut [open] -- \"C:\\Windows\\System32\\rundll32.exe\" \"C:\\Windows\\System32\\ieframe.dll\",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- \"C:\\Windows\\System32\\rundll32.exe\" \"C:\\Windows\\System32\\mshtml.dll\",PrintHTML \"%1\" (Microsoft Corporation)

piffile [open] -- \"%1\" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- \"%1\"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- \"%1\" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\\system32\\rundll32.exe %SystemRoot%\\system32\\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- \"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\" --started-from-file --playlist-enqueue \"%1\" (VideoLAN)

Directory [cmd] -- cmd.exe /s /k pushd \"%V\" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- \"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\" --started-from-file --no-playlist-enqueue \"%1\" (VideoLAN)

Directory [Winamp.Bookmark] -- \"C:\\Program Files (x86)\\Winamp\\winamp.exe\" /BOOKMARK \"%1\" (Nullsoft, Inc.)

Directory [Winamp.Enqueue] -- \"C:\\Program Files (x86)\\Winamp\\winamp.exe\" /ADD \"%1\" (Nullsoft, Inc.)

Directory [Winamp.Play] -- \"C:\\Program Files (x86)\\Winamp\\winamp.exe\" \"%1\" (Nullsoft, Inc.)

Folder [open] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)

Applications\\iexplore.exe [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)

CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\<key>\\shell\\[command]\\command]

batfile [open] -- \"%1\" %*

cmdfile [open] -- \"%1\" %*

comfile [open] -- \"%1\" %*

cplfile [cplopen] -- %SystemRoot%\\System32\\control.exe \"%1\",%* (Microsoft Corporation)

exefile [open] -- \"%1\" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)

htmlfile [opennew] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)

htmlfile [print] -- \"%systemroot%\\system32\\rundll32.exe\" \"%systemroot%\\system32\\mshtml.dll\",PrintHTML \"%1\"

http [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)

https [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\\System32\\InfDefaultInstall.exe \"%1\" (Microsoft Corporation)

piffile [open] -- \"%1\" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- \"%1\"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- \"%1\" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\\system32\\rundll32.exe %SystemRoot%\\system32\\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- \"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\" --started-from-file --playlist-enqueue \"%1\" (VideoLAN)

Directory [cmd] -- cmd.exe /s /k pushd \"%V\" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- \"C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc.exe\" --started-from-file --no-playlist-enqueue \"%1\" (VideoLAN)

Directory [Winamp.Bookmark] -- \"C:\\Program Files (x86)\\Winamp\\winamp.exe\" /BOOKMARK \"%1\" (Nullsoft, Inc.)

Directory [Winamp.Enqueue] -- \"C:\\Program Files (x86)\\Winamp\\winamp.exe\" /ADD \"%1\" (Nullsoft, Inc.)

Directory [Winamp.Play] -- \"C:\\Program Files (x86)\\Winamp\\winamp.exe\" \"%1\" (Nullsoft, Inc.)

Folder [open] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)

Applications\\iexplore.exe [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)

CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center]

\"cval\" = 1

64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center\\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center\\Svc]

\"VistaSp1\" = 28 4D B2 76 41 04 CA 01 [binary data]

\"AntiVirusOverride\" = 0

\"AntiSpywareOverride\" = 0

\"FirewallOverride\" = 0

64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center

guestolo · « **Reply #3 on:** July 03, 2014, 09:03:23 AM »

Sorry for the delay, nothing looking too bad, but please try the following:

-AdwCleaner-
Please download http://www.majorgeeks.com/files/details/adwcleaner.html\'>AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click the Scan button and wait for the process to complete.
Click on the Clean button follow the prompts.
A log file will automatically open after the scan has finished and the PC has rebooted.
Please post the content of that log file with your next answer.
You can also find the log file at C:\\AdwCleaner

-Junkware-Removal-Tool-

Please download http://www.majorgeeks.com/files/details/junkware_removal_tool.html\'>Junkware Removal Tool to your desktop.
Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select \"Run as Administrator\".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system\'s specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

In addition:
Right click on OTL.exe again and choose to \"Run as Administrator\"
Run another scan, only one log will be created this time named Otl.txt
Can you post it\'s contents please

rambag3 · « **Reply #4 on:** July 03, 2014, 10:18:58 AM »

ADW Cleaner log

# AdwCleaner v3.214 - Report created 03/07/2014 at 11:12:26

# Updated 29/06/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Evan Kopilow - LJSMONSTER

# Running from : C:\\Users\\Evan Kopilow\\Desktop\\AdwCleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\\ProgramData\\Babylon

Folder Deleted : C:\\ProgramData\\Winamp Toolbar

Folder Deleted : C:\\Program Files (x86)\\Conduit

Folder Deleted : C:\\Program Files (x86)\\Winamp Toolbar

Folder Deleted : C:\\Program Files (x86)\\uTorrentControl2

Folder Deleted : C:\\Program Files (x86)\\Common Files\\Software Update Utility

Folder Deleted : C:\\Users\\Evan Kopilow\\AppData\\Local\\Babylon

Folder Deleted : C:\\Users\\Evan Kopilow\\AppData\\Local\\Conduit

Folder Deleted : C:\\Users\\Evan Kopilow\\AppData\\Local\\Winamp Toolbar

Folder Deleted : C:\\Users\\Evan Kopilow\\AppData\\LocalLow\\Conduit

Folder Deleted : C:\\Users\\Evan Kopilow\\AppData\\LocalLow\\PriceGong

Folder Deleted : C:\\Users\\Evan Kopilow\\AppData\\LocalLow\\uTorrentControl2

Folder Deleted : C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Babylon

Folder Deleted : C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\ConduitCommon

Folder Deleted : C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\Smartbar

Folder Deleted : C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\WinampToolbarData

Folder Deleted : C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\CT3072253

Folder Deleted : C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\Extensions\\{0B38152B-1B20-484D-A11F-5E04A9B0661F}

Folder Deleted : C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\Extensions\\{687578b9-7132-4a7a-80e4-30ee31099e03}

File Deleted : C:\\Users\\EVANKO~1\\AppData\\Local\\Temp\\Uninstall.exe

File Deleted : C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npdnu.dll

File Deleted : C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npdnu.xpt

File Deleted : C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npdnupdater2.dll

File Deleted : C:\\Program Files (x86)\\Mozilla Firefox\\plugins\\npdnupdater2.xpt

File Deleted : C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\user.js

File Deleted : C:\\Windows\\System32\\Tasks\\BackgroundContainer Startup Task

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\\Software\\Microsoft\\Internet Explorer\\LowRegistry\\DOMStorage\\conduit.com

Key Deleted : HKCU\\Software\\Microsoft\\Internet Explorer\\LowRegistry\\DOMStorage\\conduitapps.com

Value Deleted : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run [BackgroundContainer]

Key Deleted : HKLM\\SOFTWARE\\Classes\\AppID\\dnu.EXE

Key Deleted : HKLM\\SOFTWARE\\Classes\\AppID\\escort.DLL

Key Deleted : HKLM\\SOFTWARE\\Classes\\AppID\\ScriptHelper.EXE

Key Deleted : HKLM\\SOFTWARE\\Classes\\AppID\\winamptbServer.exe

Key Deleted : HKLM\\SOFTWARE\\Classes\\dnUpdate

Key Deleted : HKLM\\SOFTWARE\\Classes\\dnUpdater.DownloadUIBrowser

Key Deleted : HKLM\\SOFTWARE\\Classes\\dnUpdater.DownloadUIBrowser.1

Key Deleted : HKLM\\SOFTWARE\\Classes\\dnUpdater.DownloadUpdController

Key Deleted : HKLM\\SOFTWARE\\Classes\\dnUpdater.DownloadUpdController.1

Key Deleted : HKLM\\SOFTWARE\\Classes\\Prod.cap

Key Deleted : HKLM\\SOFTWARE\\Classes\\WinampTb.AOLTBSearch

Key Deleted : HKLM\\SOFTWARE\\Classes\\WinampTb.AOLTBSearch.1

Key Deleted : HKLM\\SOFTWARE\\Classes\\WinampTb.AOLToolBand

Key Deleted : HKLM\\SOFTWARE\\Classes\\WinampTb.AOLToolBand.1

Key Deleted : HKLM\\SOFTWARE\\Classes\\WinampTb.Downloader

Key Deleted : HKLM\\SOFTWARE\\Classes\\WinampTb.Downloader.1

Key Deleted : HKLM\\SOFTWARE\\Classes\\WinampTb.ToolbarInfo

Key Deleted : HKLM\\SOFTWARE\\Classes\\WinampTb.ToolbarInfo.1

Key Deleted : HKLM\\SOFTWARE\\Classes\\WinampTb.ToolbarParams

Key Deleted : HKLM\\SOFTWARE\\Classes\\WinampTb.ToolbarParams.1

Key Deleted : HKLM\\SOFTWARE\\Classes\\WinampTbServer.AolToolbarHelper

Key Deleted : HKLM\\SOFTWARE\\Classes\\WinampTbServer.AolToolbarHelper.1

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Tracing\\apnstub_RASAPI32

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Tracing\\apnstub_RASMANCS

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Tracing\\au__rasapi32

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Tracing\\au__rasmancs

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Tracing\\MyBabylontb_RASAPI32

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Tracing\\MyBabylontb_RASMANCS

Key Deleted : HKLM\\SOFTWARE\\Classes\\Toolbar.CT3072253

Key Deleted : HKLM\\SOFTWARE\\Classes\\AppID\\{09C554C3-109B-483C-A06B-F14172F1A947}

Key Deleted : HKLM\\SOFTWARE\\Classes\\AppID\\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}

Key Deleted : HKLM\\SOFTWARE\\Classes\\AppID\\{B27D9527-3762-4D71-963D-FB7A94FDD678}

Key Deleted : HKLM\\SOFTWARE\\Classes\\AppID\\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Deleted : HKLM\\SOFTWARE\\Classes\\AppID\\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{408CFAD9-8F13-4747-8EC7-770A339C7237}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{687578B9-7132-4A7A-80E4-30EE31099E03}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{6EF4E91D-DDD5-4478-BCA7-DA04435934C0}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{841FD004-57A2-4B49-BBDB-5897394619DB}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{94496571-6AC5-4836-82D5-D46260C44B17}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{B38D6EDE-390B-4620-8365-29E16459EBDA}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{BC9FD17D-30F6-4464-9E53-596A90AFF023}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{E1164984-B567-47BD-A7FF-240C2594404A}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{E15A9BFD-D16D-496D-8222-44CADF316E70}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{FE178B09-C8AA-4734-804D-1849BCCA0C29}

Key Deleted : HKLM\\SOFTWARE\\Classes\\CLSID\\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}

Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}

Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}

Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{51A971CA-D36E-4D13-A799-2CF0A491D04D}

Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}

Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{660E6F4F-840D-436D-B668-433D9591BAC5}

Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D}

Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}

Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{841FD004-57A2-4B49-BBDB-5897394619DB}

Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{E1164984-B567-47BD-A7FF-240C2594404A}

Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}

Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{E7435878-65B9-44D1-A443-81754E5DFC90}

Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}

Key Deleted : HKLM\\SOFTWARE\\Classes\\Interface\\{FE0273D1-99DF-4AC0-87D5-1371C6271785}

Key Deleted : HKLM\\SOFTWARE\\Classes\\TypeLib\\{07CAC314-E962-4F78-89AB-DD002F2490EE}

Key Deleted : HKLM\\SOFTWARE\\Classes\\TypeLib\\{13ABD093-D46F-40DF-A608-47E162EC799D}

Key Deleted : HKLM\\SOFTWARE\\Classes\\TypeLib\\{507591C2-2F4E-46A7-92D6-E6CFF82E5F26}

Key Deleted : HKLM\\SOFTWARE\\Classes\\TypeLib\\{538CD77C-BFDD-49B0-9562-77419CAB89D1}

Key Deleted : HKLM\\SOFTWARE\\Classes\\TypeLib\\{92380354-381A-471F-BE2E-DD9ACD9777EA}

Key Deleted : HKLM\\SOFTWARE\\Classes\\TypeLib\\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{687578B9-7132-4A7A-80E4-30EE31099E03}

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Stats\\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}

Key Deleted : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Stats\\{687578B9-7132-4A7A-80E4-30EE31099E03}

Key Deleted : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Stats\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}

Key Deleted : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Stats\\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Stats\\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}

Key Deleted : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}

Key Deleted : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{687578B9-7132-4A7A-80E4-30EE31099E03}

Key Deleted : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Ext\\PreApproved\\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Ext\\PreApproved\\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Low Rights\\ElevationPolicy\\{A8C2644D-BF72-4A89-A88C-D85F565F2F46}

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Low Rights\\ElevationPolicy\\{357E7254-CBD5-4AEA-AD32-8622993457EB}

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Low Rights\\ElevationPolicy\\{E74B6F30-AA4B-465B-9E7B-B13E3C2AF45E}

Key Deleted : HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Deleted : HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

Key Deleted : HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Value Deleted : HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Toolbar [{687578B9-7132-4A7A-80E4-30EE31099E03}]

Value Deleted : HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Toolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]

Value Deleted : HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar\\WebBrowser [{687578B9-7132-4A7A-80E4-30EE31099E03}]

Value Deleted : HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar\\WebBrowser [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]

Value Deleted : HKCU\\Software\\Microsoft\\Internet Explorer\\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]

Value Deleted : HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]

Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}

Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}

Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{51A971CA-D36E-4D13-A799-2CF0A491D04D}

Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}

Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{660E6F4F-840D-436D-B668-433D9591BAC5}

Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D}

Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}

Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{841FD004-57A2-4B49-BBDB-5897394619DB}

Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{E1164984-B567-47BD-A7FF-240C2594404A}

Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}

Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{E7435878-65B9-44D1-A443-81754E5DFC90}

Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}

Key Deleted : [x64] HKLM\\SOFTWARE\\Classes\\Interface\\{FE0273D1-99DF-4AC0-87D5-1371C6271785}

Key Deleted : HKCU\\Software\\2YourFace

Key Deleted : HKCU\\Software\\Conduit

Key Deleted : HKCU\\Software\\IGearSettings

Key Deleted : HKCU\\Software\\Winamp Toolbar

Key Deleted : HKCU\\Software\\AppDataLow\\Toolbar

Key Deleted : HKCU\\Software\\AppDataLow\\Software\\BackgroundContainer

Key Deleted : HKCU\\Software\\AppDataLow\\Software\\Conduit

Key Deleted : HKCU\\Software\\AppDataLow\\Software\\PriceGong

Key Deleted : HKCU\\Software\\AppDataLow\\Software\\SmartBar

Key Deleted : HKCU\\Software\\AppDataLow\\Software\\uTorrentControl2

Key Deleted : HKLM\\Software\\Babylon

Key Deleted : HKLM\\Software\\Conduit

Key Deleted : HKLM\\Software\\Winamp Toolbar

Key Deleted : HKLM\\Software\\uTorrentControl2

Key Deleted : HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Winamp Toolbar

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\SoftwareUpdUtility

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Winamp Toolbar

Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\uTorrentControl2 Toolbar

***** [ Browsers ] *****

-\\\\ Internet Explorer v11.0.9600.17126

-\\\\ Mozilla Firefox v30.0 (en-US)

[ File : C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\prefs.js ]

Line Deleted : user_pref(\"CT3072253..clientLogIsEnabled\", true);

Line Deleted : user_pref(\"CT3072253.ALLOW_SHOWING_HIDDEN_TOOLBAR\", false);

Line Deleted : user_pref(\"CT3072253.BrowserCompStateIsOpen_129573915102477663\", true);

Line Deleted : user_pref(\"CT3072253.BrowserCompStateIsOpen_129749445530228833\", true);

Line Deleted : user_pref(\"CT3072253.BrowserCompStateIsOpen_129749445881800338\", true);

Line Deleted : user_pref(\"CT3072253.BrowserCompStateIsOpen_129805375651312503\", true);

Line Deleted : user_pref(\"CT3072253.BrowserCompStateIsOpen_130067979083742856\", true);

Line Deleted : user_pref(\"CT3072253.BrowserCompStateIsOpen_1359634299000\", true);

Line Deleted : user_pref(\"CT3072253.CTID\", \"CT3072253\");

Line Deleted : user_pref(\"CT3072253.ConfigurationLastCheckTime\", \"Mon Nov 11 2013 14:41:55 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.CurrentServerDate\", \"12-11-2013\");

Line Deleted : user_pref(\"CT3072253.DSInstall\", false);

Line Deleted : user_pref(\"CT3072253.DialogsAlignMode\", \"LTR\");

Line Deleted : user_pref(\"CT3072253.DialogsGetterLastCheckTime\", \"Wed Nov 06 2013 12:10:44 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.DownloadReferralCookieData\", \"\");

Line Deleted : user_pref(\"CT3072253.ENABALE_HISTORY\", \"{\\\"dataType\\\":\\\"string\\\",\\\"data\\\":\\\"true\\\"}\");

Line Deleted : user_pref(\"CT3072253.FirstServerDate\", \"13-4-2012\");

Line Deleted : user_pref(\"CT3072253.FirstTime\", true);

Line Deleted : user_pref(\"CT3072253.FirstTimeFF3\", true);

Line Deleted : user_pref(\"CT3072253.FixPageNotFoundErrors\", true);

Line Deleted : user_pref(\"CT3072253.GroupingServerCheckInterval\", 1440);

Line Deleted : user_pref(\"CT3072253.HPInstall\", false);

Line Deleted : user_pref(\"CT3072253.HasUserGlobalKeys\", true);

Line Deleted : user_pref(\"CT3072253.HomePageProtectorEnabled\", false);

Line Deleted : user_pref(\"CT3072253.Initialize\", true);

Line Deleted : user_pref(\"CT3072253.InitializeCommonPrefs\", true);

Line Deleted : user_pref(\"CT3072253.InstallationAndCookieDataSentCount\", 3);

Line Deleted : user_pref(\"CT3072253.InstallationId\", \"ConduitXPEIntegration\");

Line Deleted : user_pref(\"CT3072253.InstallationType\", \"ConduitXPEIntegration\");

Line Deleted : user_pref(\"CT3072253.InstalledDate\", \"Sat Apr 14 2012 02:20:20 GMT-0400 (Eastern Daylight Time)\");

Line Deleted : user_pref(\"CT3072253.IsAlertDBUpdated\", true);

Line Deleted : user_pref(\"CT3072253.IsGrouping\", false);

Line Deleted : user_pref(\"CT3072253.IsInitSetupIni\", true);

Line Deleted : user_pref(\"CT3072253.IsMulticommunity\", false);

Line Deleted : user_pref(\"CT3072253.IsOpenThankYouPage\", true);

Line Deleted : user_pref(\"CT3072253.IsOpenUninstallPage\", false);

Line Deleted : user_pref(\"CT3072253.LanguagePackLastCheckTime\", \"Mon Nov 11 2013 14:41:55 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.LanguagePackReloadIntervalMM\", 1440);

Line Deleted : user_pref(\"CT3072253.LastLogin_3.10.0.1\", \"Sun Apr 15 2012 23:16:07 GMT-0400 (Eastern Daylight Time)\");

Line Deleted : user_pref(\"CT3072253.LastLogin_3.12.2.3\", \"Thu May 31 2012 01:02:48 GMT-0400 (Eastern Daylight Time)\");

Line Deleted : user_pref(\"CT3072253.LastLogin_3.13.0.6\", \"Wed Jul 18 2012 00:43:20 GMT-0400 (Eastern Daylight Time)\");

Line Deleted : user_pref(\"CT3072253.LastLogin_3.14.1.0\", \"Mon Aug 27 2012 23:35:38 GMT-0400 (Eastern Daylight Time)\");

Line Deleted : user_pref(\"CT3072253.LastLogin_3.15.1.0\", \"Mon Nov 19 2012 01:26:46 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.LastLogin_3.16.0.3\", \"Sun Feb 10 2013 13:27:59 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.LastLogin_3.18.0.7\", \"Sun Jul 14 2013 23:15:02 GMT-0400 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.LastLogin_3.19.0.3\", \"Mon Sep 09 2013 15:49:38 GMT-0400 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.LastLogin_3.20.0.4\", \"Mon Nov 11 2013 18:41:55 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.LatestVersion\", \"3.20.0.4\");

Line Deleted : user_pref(\"CT3072253.Locale\", \"en\");

Line Deleted : user_pref(\"CT3072253.MCDetectTooltipHeight\", \"83\");

Line Deleted : user_pref(\"CT3072253.MCDetectTooltipWidth\", \"295\");

Line Deleted : user_pref(\"CT3072253.MyStuffEnabledAtInstallation\", true);

Line Deleted : user_pref(\"CT3072253.OriginalFirstVersion\", \"3.10.0.1\");

Line Deleted : user_pref(\"CT3072253.SearchAPILastCheckTime\", \"Mon Nov 11 2013 14:41:55 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.SearchCaption\", \"uTorrentControl2 Customized Web Search\");

Line Deleted : user_pref(\"CT3072253.SearchEngineBeforeUnload\", \"Google\");

Line Deleted : user_pref(\"CT3072253.SearchFromAddressBarIsInit\", true);

Line Deleted : user_pref(\"CT3072253.SearchInNewTabEnabled\", true);

Line Deleted : user_pref(\"CT3072253.SearchInNewTabIntervalMM\", 1440);

Line Deleted : user_pref(\"CT3072253.SearchInNewTabLastCheckTime\", \"Mon Sep 09 2013 10:44:59 GMT-0400 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.SearchInNewTabUserEnabled\", false);

Line Deleted : user_pref(\"CT3072253.SearchProtectorEnabled\", false);

Line Deleted : user_pref(\"CT3072253.SearchProtectorToolbarDisabled\", false);

Line Deleted : user_pref(\"CT3072253.SendProtectorDataViaLogin\", true);

Line Deleted : user_pref(\"CT3072253.ServiceMapLastCheckTime\", \"Mon Nov 11 2013 14:41:55 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.SettingsLastCheckTime\", \"Mon Nov 11 2013 14:41:54 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.SettingsLastUpdate\", \"1384160275\");

Line Deleted : user_pref(\"CT3072253.ThirdPartyComponentsInterval\", 504);

Line Deleted : user_pref(\"CT3072253.ThirdPartyComponentsLastCheck\", \"Sat Apr 14 2012 02:20:20 GMT-0400 (Eastern Daylight Time)\");

Line Deleted : user_pref(\"CT3072253.ThirdPartyComponentsLastUpdate\", \"1312887586\");

Line Deleted : user_pref(\"CT3072253.ToolbarShrinkedFromSetup\", false);

Line Deleted : user_pref(\"CT3072253.TrustedApiDomains\", \"conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]

Line Deleted : user_pref(\"CT3072253.UserID\", \"UN66950574046415219\");

Line Deleted : user_pref(\"CT3072253.ValidationData_Toolbar\", 0);

Line Deleted : user_pref(\"CT3072253.addressBarTakeOverEnabledInHidden\", \"true\");

Line Deleted : user_pref(\"CT3072253.alertChannelId\", \"1463702\");

Line Deleted : user_pref(\"CT3072253.autoDisableScopes\", -1);

Line Deleted : user_pref(\"CT3072253.backendstorage.cbcountry_000\", \"5553\");

Line Deleted : user_pref(\"CT3072253.backendstorage.cbfirsttime\", \"5361742041707220313420323031322030323A32303A323120474D542D3034303020284561737465726E204461796C696768742054696D6529\");

Line Deleted : user_pref(\"CT3072253.backendstorage.url_history0001\", \"68747470733A2F2F7777772E66616365626F6F6B2E636F6D2F3F7265663D6C6F676F3A3A3A636C69636B68616E646C65723A3A3A313333343532313139313635302C2C2C687474707[...]

Line Deleted : user_pref(\"CT3072253.cbcountry_000.from_oldbar.enc\", \"VVM=\");

Line Deleted : user_pref(\"CT3072253.cbfirsttime.from_oldbar.enc\", \"U2F0IEFwciAxNCAyMDEyIDAyOjIwOjIxIEdNVC0wNDAwIChFYXN0ZXJuIERheWxpZ2h0IFRpbWUp\");

Line Deleted : user_pref(\"CT3072253.countryCode\", \"US\");

Line Deleted : user_pref(\"CT3072253.firstTimeDialogOpened\", true);

Line Deleted : user_pref(\"CT3072253.fixPageNotFoundErrorByUser\", \"TRUE\");

Line Deleted : user_pref(\"CT3072253.fixPageNotFoundErrorInHidden\", \"true\");

Line Deleted : user_pref(\"CT3072253.fullUserID\", \"UN66950574046415219.UP.2133\");

Line Deleted : user_pref(\"CT3072253.globalFirstTimeInfoLastCheckTime\", \"Sat Apr 14 2012 02:20:20 GMT-0400 (Eastern Daylight Time)\");

Line Deleted : user_pref(\"CT3072253.homepageProtectorEnableByLogin\", true);

Line Deleted : user_pref(\"CT3072253.initDone\", true);

Line Deleted : user_pref(\"CT3072253.installId\", \"ConduitXPEIntegration\");

Line Deleted : user_pref(\"CT3072253.installType\", \"ConduitXPEIntegration\");

Line Deleted : user_pref(\"CT3072253.isAppTrackingManagerOn\", true);

Line Deleted : user_pref(\"CT3072253.isCheckedStartAsHidden\", true);

Line Deleted : user_pref(\"CT3072253.isEnableAllDialogs\", \"{\\\"dataType\\\":\\\"string\\\",\\\"data\\\":\\\"true\\\"}\");

Line Deleted : user_pref(\"CT3072253.isFirstTimeToolbarLoading\", \"false\");

Line Deleted : user_pref(\"CT3072253.isPerformedSmartBarTransition\", \"true\");

Line Deleted : user_pref(\"CT3072253.isToolbarShrinked\", \"{\\\"dataType\\\":\\\"string\\\",\\\"data\\\":\\\"false\\\"}\");

Line Deleted : user_pref(\"CT3072253.keyword\", true);

Line Deleted : user_pref(\"CT3072253.lastVersion\", \"10.20.101.5\");

Line Deleted : user_pref(\"CT3072253.myStuffEnabled\", true);

Line Deleted : user_pref(\"CT3072253.myStuffPublihserMinWidth\", 400);

Line Deleted : user_pref(\"CT3072253.myStuffServiceIntervalMM\", 1440);

Line Deleted : user_pref(\"CT3072253.navigateToUrlOnSearch\", false);

Line Deleted : user_pref(\"CT3072253.navigationAliasesJson\", \"{\\\"EB_SEARCH_TERM\\\":\\\"\\\",\\\"EB_MAIN_FRAME_URL\\\":\\\"hxxp%3A%2F%2Fwww.reddit.com%2Fr%2FOkCupid%2Fcomments%2F1s0och%2Fhow_i_spent_the_last_8_months_hello_again[...]

Line Deleted : user_pref(\"CT3072253.originalSearchEngine\", \"Google\");

Line Deleted : user_pref(\"CT3072253.revertSettingsEnabled\", true);

Line Deleted : user_pref(\"CT3072253.searchFromAddressBarEnabledByUser\", \"true\");

Line Deleted : user_pref(\"CT3072253.searchInNewTabEnabledByUser\", \"false\");

Line Deleted : user_pref(\"CT3072253.searchInNewTabEnabledInHidden\", \"true\");

Line Deleted : user_pref(\"CT3072253.searchProtectorDialogDelayInSec\", 10);

Line Deleted : user_pref(\"CT3072253.searchProtectorEnableByLogin\", true);

Line Deleted : user_pref(\"CT3072253.searchSuggestEnabledByUser\", \"true\");

Line Deleted : user_pref(\"CT3072253.selectToSearchBoxEnabled\", \"{\\\"dataType\\\":\\\"string\\\",\\\"data\\\":\\\"true\\\"}\");

Line Deleted : user_pref(\"CT3072253.serviceLayer_service_login_isFirstLoginInvoked\", \"{\\\"dataType\\\":\\\"boolean\\\",\\\"data\\\":\\\"true\\\"}\");

Line Deleted : user_pref(\"CT3072253.serviceLayer_service_login_loginCount\", \"{\\\"dataType\\\":\\\"number\\\",\\\"data\\\":\\\"4\\\"}\");

Line Deleted : user_pref(\"CT3072253.serviceLayer_service_toolbarGrouping_activeCTID\", \"{\\\"dataType\\\":\\\"string\\\",\\\"data\\\":\\\"CT3072253\\\"}\");

Line Deleted : user_pref(\"CT3072253.serviceLayer_service_toolbarGrouping_activeToolbarName\", \"{\\\"dataType\\\":\\\"string\\\",\\\"data\\\":\\\"uTorrentControl2 \\\"}\");

Line Deleted : user_pref(\"CT3072253.serviceLayer_service_toolbarGrouping_invoked\", \"{\\\"dataType\\\":\\\"string\\\",\\\"data\\\":\\\"true\\\"}\");

Line Deleted : user_pref(\"CT3072253.serviceLayer_service_usage_toolbarUsageCount\", \"{\\\"dataType\\\":\\\"number\\\",\\\"data\\\":\\\"2\\\"}\");

Line Deleted : user_pref(\"CT3072253.serviceLayer_services_Configuration_lastUpdate\", \"1386110715870\");

Line Deleted : user_pref(\"CT3072253.serviceLayer_services_login_10.20.101.5_lastUpdate\", \"1386110715707\");

Line Deleted : user_pref(\"CT3072253.serviceLayer_services_searchAPI_lastUpdate\", \"1386110715828\");

Line Deleted : user_pref(\"CT3072253.serviceLayer_services_serviceMap_lastUpdate\", \"1386110715684\");

Line Deleted : user_pref(\"CT3072253.serviceLayer_services_toolbarSettings_lastUpdate\", \"1386117915829\");

Line Deleted : user_pref(\"CT3072253.serviceLayer_services_translation_lastUpdate\", \"1386110715524\");

Line Deleted : user_pref(\"CT3072253.settingsINI\", true);

Line Deleted : user_pref(\"CT3072253.showToolbarPermission\", \"false\");

Line Deleted : user_pref(\"CT3072253.smartbar.CTID\", \"CT3072253\");

Line Deleted : user_pref(\"CT3072253.smartbar.Uninstall\", \"0\");

Line Deleted : user_pref(\"CT3072253.smartbar.toolbarName\", \"uTorrentControl2 \");

Line Deleted : user_pref(\"CT3072253.testingCtid\", \"\");

Line Deleted : user_pref(\"CT3072253.toolbarAppMetaDataLastCheckTime\", \"Mon Nov 11 2013 14:41:55 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.toolbarBornServerTime\", \"13-4-2012\");

Line Deleted : user_pref(\"CT3072253.toolbarContextMenuLastCheckTime\", \"Sat Apr 14 2012 02:20:20 GMT-0400 (Eastern Daylight Time)\");

Line Deleted : user_pref(\"CT3072253.toolbarCurrentServerTime\", \"4-12-2013\");

Line Deleted : user_pref(\"CT3072253.toolbarDisabled\", \"true\");

Line Deleted : user_pref(\"CT3072253.toolbarLoginClientTime\", \"Mon Nov 11 2013 21:52:26 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CT3072253.upgradeFromOBVersion\", true);

Line Deleted : user_pref(\"CT3072253.url_history0001.from_oldbar.enc\", \"aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tLz9yZWY9bG9nbzo6OmNsaWNraGFuZGxlcjo6OjEzMzQ1MjExOTE2NTAsLCxodHRwczovL3d3dy5mYWNlYm9vay5jb20vP3JlZj1sb2dvOjo6Y2xp[...]

Line Deleted : user_pref(\"CT3072253.usagesFlag\", 2);

Line Deleted : user_pref(\"CT3072253_Firefox.csv\", \"[{\\\"from\\\":\\\"Abs Layer\\\",\\\"action\\\":\\\"loading toolbar\\\",\\\"time\\\":1386110713356,\\\"isWithState\\\":\\\"\\\",\\\"timeFromStart\\\":0,\\\"timeFromPrev\\\":0}]\");

Line Deleted : user_pref(\"CommunityToolbar.LatestToolbarVersionInstalled\", \"3.16.0.3\");

Line Deleted : user_pref(\"CommunityToolbar.ToolbarsList\", \"CT3072253\");

Line Deleted : user_pref(\"CommunityToolbar.ToolbarsList2\", \"CT3072253\");

Line Deleted : user_pref(\"CommunityToolbar.ToolbarsList4\", \"CT3072253\");

Line Deleted : user_pref(\"CommunityToolbar.globalUserId\", \"149f1479-f2d8-4f9d-9a82-b65ee4eb3b4a\");

Line Deleted : user_pref(\"CommunityToolbar.isAlertUrlAddedToFeedItemTable\", true);

Line Deleted : user_pref(\"CommunityToolbar.isClickActionAddedToFeedItemTable\", true);

Line Deleted : user_pref(\"CommunityToolbar.keywordURLSelectedCTID\", \"CT3072253\");

Line Deleted : user_pref(\"CommunityToolbar.notifications.alertDialogsGetterLastCheckTime\", \"Mon Dec 03 2012 00:09:28 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CommunityToolbar.notifications.alertInfoInterval\", 60);

Line Deleted : user_pref(\"CommunityToolbar.notifications.alertInfoLastCheckTime\", \"Mon Dec 03 2012 00:09:36 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CommunityToolbar.notifications.locale\", \"en\");

Line Deleted : user_pref(\"CommunityToolbar.notifications.loginIntervalMin\", 1440);

Line Deleted : user_pref(\"CommunityToolbar.notifications.loginLastCheckTime\", \"Mon Dec 03 2012 00:09:28 GMT-0500 (Eastern Standard Time)\");

Line Deleted : user_pref(\"CommunityToolbar.notifications.loginLastUpdateTime\", \"1313487611\");

Line Deleted : user_pref(\"CommunityToolbar.notifications.messageShowTimeSec\", 20);

Line Deleted : user_pref(\"CommunityToolbar.notifications.showTrayIcon\", false);

Line Deleted : user_pref(\"CommunityToolbar.notifications.userCloseIntervalMin\", 300);

Line Deleted : user_pref(\"CommunityToolbar.notifications.userId\", \"a9177cd5-4d39-4b41-b3e3-2d67f050c1fa\");

Line Deleted : user_pref(\"CommunityToolbar.originalSearchEngine\", \"Google\");

Line Deleted : user_pref(\"Smartbar.keywordURLSelectedCTID\", \"CT3072253\");

Line Deleted : user_pref(\"browser.babylon.HPOnNewTab\", \"search.babylon.com\");

Line Deleted : user_pref(\"extensions.BabylonToolbar_i.newTab\", true);

Line Deleted : user_pref(\"extensions.atlantis.sys.delta2\", 5);

Line Deleted : user_pref(\"extensions.fvd_single.surfcanyon.ramp.start_time\", \"1394021605488\");

Line Deleted : user_pref(\"smartbar.addressBarOwnerCTID\", \"CT3072253\");

Line Deleted : user_pref(\"smartbar.machineId\", \"5MZW3UMCXOO+YBLFZD/DWABDK78SWWZVCDQXZMYTPM3JENDXBLVXVRG2HJ0HJYJMSBGN8X5HR+MYJLKHCCX4NG\");

*************************

AdwCleaner[R0].txt - [37042 octets] - [03/07/2014 11:11:56]

AdwCleaner[S0].txt - [36261 octets] - [03/07/2014 11:12:26]

########## EOF - C:\\AdwCleaner\\AdwCleaner[S0].txt - [36322 octets] ##########

rambag3 · « **Reply #5 on:** July 03, 2014, 10:29:08 AM »

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 7 Home Premium x64

Ran by Evan Kopilow on Thu 07/03/2014 at 11:19:27.41

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

Successfully deleted: [Folder] \"C:\\Users\\Evan Kopilow\\AppData\\Roaming\\getrighttogo\"

Successfully deleted: [Folder] \"C:\\Windows\\syswow64\\ai_recyclebin\"

~~~ FireFox

Successfully deleted: [File] C:\\user.js

Successfully deleted the following from C:\\Users\\Evan Kopilow\\AppData\\Roaming\\mozilla\\firefox\\profiles\\qpz899co.default\\prefs.js

user_pref(\"extensions.atlantis.profile.XG33v9.doneTime\", \"0\");

user_pref(\"extensions.atlantis.profile.XG33v9.efficiency\", \"3\");

user_pref(\"extensions.atlantis.profile.XG33v9.overnights\", \"\");

user_pref(\"extensions.atlantis.profile.XG33v9.rotation_file_fmt\", 3);

user_pref(\"extensions.atlantis.profile.XG33v9.showTime\", \"0\");

Emptied folder: C:\\Users\\Evan Kopilow\\AppData\\Roaming\\mozilla\\firefox\\profiles\\qpz899co.default\\minidumps [160 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Thu 07/03/2014 at 11:23:53.69

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

guestolo · « **Reply #6 on:** July 03, 2014, 12:36:38 PM »

In addition:

Right click on OTL.exe again and choose to \"Run as Administrator\"

Run another scan, only one log will be created this time named Otl.txt

Can you post it\'s contents please

Can you do that step please

rambag3 · « **Reply #7 on:** July 05, 2014, 03:52:16 PM »

OTL logfile created on: 7/5/2014 4:47:45 PM - Run 2

OTL by OldTimer - Version 3.2.69.0 Folder = C:\\Users\\Evan Kopilow\\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.17126)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.92 Gb Total Physical Memory | 13.05 Gb Available Physical Memory | 81.98% Memory free

31.84 Gb Paging File | 28.66 Gb Available in Paging File | 90.01% Paging File free

Paging file location(s): c:\\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\\Windows | %ProgramFiles% = C:\\Program Files (x86)

Drive C: | 232.78 Gb Total Space | 146.13 Gb Free Space | 62.77% Space Free | Partition Type: NTFS

Drive D: | 931.51 Gb Total Space | 622.20 Gb Free Space | 66.80% Space Free | Partition Type: NTFS

Drive E: | 931.51 Gb Total Space | 865.01 Gb Free Space | 92.86% Space Free | Partition Type: NTFS

Drive F: | 111.79 Gb Total Space | 71.39 Gb Free Space | 63.86% Space Free | Partition Type: NTFS

Drive G: | 702.83 Mb Total Space | 479.74 Mb Free Space | 68.26% Space Free | Partition Type: UDF

Drive H: | 55.90 Gb Total Space | 45.11 Gb Free Space | 80.70% Space Free | Partition Type: NTFS

Computer Name: LJSMONSTER | User Name: Evan Kopilow | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/07/02 00:39:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\\Users\\Evan Kopilow\\Desktop\\OTL.exe

PRC - [2014/06/30 17:46:52 | 000,542,400 | ---- | M] (Valve Corporation) -- C:\\Program Files (x86)\\Common Files\\Steam\\SteamService.exe

PRC - [2014/06/30 17:46:50 | 001,753,280 | ---- | M] (Valve Corporation) -- D:\\Program Files (x86)\\Steam\\Steam.exe

PRC - [2014/06/18 02:23:31 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe

PRC - [2014/06/10 16:25:03 | 001,176,632 | ---- | M] (Spotify Ltd) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe

PRC - [2014/05/31 16:26:48 | 000,585,048 | ---- | M] (Razer Inc.) -- C:\\Program Files (x86)\\Razer\\Synapse\\RzSynapse.exe

PRC - [2014/05/21 09:32:02 | 001,721,416 | ---- | M] (Verizon) -- C:\\Program Files (x86)\\Verizon\\IHA_MessageCenter\\Bin\\VzDetectAgent.exe

PRC - [2014/05/19 20:45:22 | 033,322,312 | ---- | M] (Dropbox, Inc.) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe

PRC - [2014/05/19 20:34:36 | 004,737,440 | ---- | M] (Samsung Electronics.) -- C:\\Program Files (x86)\\Samsung Magician\\Samsung Magician.exe

PRC - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe

PRC - [2013/10/15 19:06:12 | 001,016,712 | ---- | M] (Flux Software LLC) -- C:\\Users\\Evan Kopilow\\AppData\\Local\\FluxSoftware\\Flux\\flux.exe

PRC - [2013/03/15 15:28:12 | 004,683,768 | ---- | M] (Almico Software (www.almico.com)) -- D:\\Program Files (x86)\\SpeedFan\\speedfan.exe

PRC - [2011/08/08 17:39:32 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\UNS\\UNS.exe

PRC - [2011/08/08 17:39:26 | 000,325,912 | ---- | M] (Intel Corporation) -- C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\LMS\\LMS.exe

PRC - [2010/04/22 15:05:26 | 001,011,712 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\\Program Files (x86)\\GIGABYTE\\smart6\\timelock\\AlarmClock.exe

PRC - [2009/10/13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\\Program Files (x86)\\GIGABYTE\\smart6\\timelock\\TimeMgmtDaemon.exe

========== Modules (No Company Name) ==========

MOD - [2014/07/05 15:15:02 | 000,192,512 | ---- | M] () -- C:\\Users\\Evan Kopilow\\AppData\\Local\\Temp\\sfamcc00001.dll

MOD - [2014/07/05 15:15:02 | 000,158,720 | ---- | M] () -- C:\\Users\\Evan Kopilow\\AppData\\Local\\Temp\\sfareca00001.dll

MOD - [2014/07/05 15:14:33 | 000,043,008 | ---- | M] () -- c:\\Users\\Evan Kopilow\\AppData\\Local\\Temp\\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmp_v8c.dll

MOD - [2014/06/30 17:47:12 | 002,139,328 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\video.dll

MOD - [2014/06/30 17:46:52 | 001,116,864 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\bin\\chromehtml.dll

MOD - [2014/06/26 18:40:28 | 000,764,416 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\SDL2.dll

MOD - [2014/06/18 02:23:19 | 003,852,912 | ---- | M] () -- C:\\Program Files (x86)\\Mozilla Firefox\\mozjs.dll

MOD - [2014/05/30 21:27:20 | 001,116,672 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\libavcodec-55.dll

MOD - [2014/05/30 21:27:20 | 000,438,784 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\libavutil-53.dll

MOD - [2014/05/30 21:27:20 | 000,399,360 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\libavformat-55.dll

MOD - [2014/05/30 21:27:20 | 000,331,264 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\libavresample-1.dll

MOD - [2014/05/19 20:20:50 | 000,103,424 | ---- | M] () -- C:\\Program Files (x86)\\Samsung Magician\\PAL.dll

MOD - [2014/05/19 20:20:10 | 000,039,424 | ---- | M] () -- C:\\Program Files (x86)\\Samsung Magician\\SATA.dll

MOD - [2014/05/19 20:20:10 | 000,031,232 | ---- | M] () -- C:\\Program Files (x86)\\Samsung Magician\\SMINI.dll

MOD - [2014/05/19 20:19:48 | 000,029,696 | ---- | M] () -- C:\\Program Files (x86)\\Samsung Magician\\SAS.dll

MOD - [2014/05/19 20:19:46 | 000,038,400 | ---- | M] () -- C:\\Program Files (x86)\\Samsung Magician\\SAT.dll

MOD - [2014/05/06 11:24:38 | 000,013,824 | ---- | M] () -- C:\\Program Files (x86)\\Samsung Magician\\SAMSUNG_SSD.dll

MOD - [2014/05/01 19:35:22 | 020,628,160 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\bin\\libcef.dll

MOD - [2014/04/28 20:37:22 | 000,519,168 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\libswscale-2.dll

MOD - [2014/02/12 13:56:33 | 000,399,872 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Xml.Linq\\b6c7a1ca929c1b10f36b683c9f1a0517\\System.Xml.Linq.ni.dll

MOD - [2014/02/12 13:56:15 | 000,190,976 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\UIAutomationTypes\\75b6a68103e1b76063d9f69b8275ae61\\UIAutomationTypes.ni.dll

MOD - [2014/02/12 13:56:14 | 000,018,944 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\Presentatio49d6fefe#\\47e7fc401facd4a5d3f2237f16948f36\\PresentationFramework-SystemXml.ni.dll

MOD - [2014/02/12 13:56:14 | 000,014,336 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\Presentatio4b37ff64#\\0d3cb1df8b6af32cebdc6e2cc4948c69\\PresentationFramework-SystemXmlLinq.ni.dll

MOD - [2014/02/12 00:24:08 | 018,813,440 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\Presentatio5ae0f00f#\\a4b45c44490c75bc2fb22780e7ef087d\\PresentationFramework.ni.dll

MOD - [2014/02/12 00:24:01 | 001,889,792 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Xaml\\3fe705796c6a41d4889d9001d1c56af8\\System.Xaml.ni.dll

MOD - [2014/02/12 00:23:59 | 012,894,208 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Windows.Forms\\f4f6ee0df2aa4189bf36e6335cb92761\\System.Windows.Forms.ni.dll

MOD - [2014/02/12 00:23:59 | 001,180,672 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Management\\0893e0e7137e3b2da905da6216b75344\\System.Management.ni.dll

MOD - [2014/02/12 00:23:55 | 011,025,920 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\PresentationCore\\a74542efbeb46445949a39026c501132\\PresentationCore.ni.dll

MOD - [2014/02/12 00:23:50 | 006,990,336 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Core\\dce99d8de14d8a015313db98c72552ee\\System.Core.ni.dll

MOD - [2014/02/12 00:23:50 | 001,644,544 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Drawing\\5cd2aee5e7c07227c694d89219688ab3\\System.Drawing.ni.dll

MOD - [2014/02/12 00:23:49 | 007,662,080 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Xml\\bada32953bb6b16a53d653eae23d78dc\\System.Xml.ni.dll

MOD - [2014/02/12 00:23:49 | 000,806,400 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Servd1dec626#\\34b53ecafa1d7ccc7ca961d722b5d983\\System.ServiceModel.Internals.ni.dll

MOD - [2014/02/12 00:23:49 | 000,122,880 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\SMDiagnostics\\78652b7fa68ee058bff6a118c657f565\\SMDiagnostics.ni.dll

MOD - [2014/02/12 00:23:48 | 002,825,216 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Runteb92aa12#\\f6d7bb59f318c130d68816a89335d05e\\System.Runtime.Serialization.ni.dll

MOD - [2014/02/12 00:23:47 | 003,950,080 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\WindowsBase\\acf97bfe2a931d4a47253b26b7218991\\WindowsBase.ni.dll

MOD - [2014/02/12 00:23:45 | 000,470,528 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\Presentatio1c9175f8#\\75f8bc4cf08030c4a53b6d5e0ae20046\\PresentationFramework.Aero.ni.dll

MOD - [2014/02/12 00:23:44 | 010,060,800 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System\\ff26cc03e6d57d8abd13b990332e67c6\\System.ni.dll

MOD - [2014/02/12 00:23:44 | 000,976,384 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\System.Configuration\\bbc48ec4245e502ae19b0601d3799c9e\\System.Configuration.ni.dll

MOD - [2014/02/12 00:23:39 | 016,953,856 | ---- | M] () -- C:\\Windows\\assembly\\NativeImages_v4.0.30319_32\\mscorlib\\ce5f61c5754789df97be8dc991c47d07\\mscorlib.ni.dll

MOD - [2014/01/20 14:17:04 | 000,073,544 | ---- | M] () -- C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\zlib1.dll

MOD - [2014/01/20 14:16:38 | 001,044,808 | ---- | M] () -- C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\libxml2.dll

MOD - [2014/01/02 21:09:26 | 003,610,624 | ---- | M] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Dropbox\\bin\\wxmsw28uh_vc.dll

MOD - [2013/08/23 15:01:44 | 025,100,288 | ---- | M] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Dropbox\\bin\\libcef.dll

MOD - [2013/06/14 19:49:12 | 001,100,800 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\bin\\avcodec-53.dll

MOD - [2013/06/14 19:49:12 | 000,192,000 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\bin\\avformat-53.dll

MOD - [2013/06/14 19:49:12 | 000,124,416 | ---- | M] () -- D:\\Program Files (x86)\\Steam\\bin\\avutil-51.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014/05/30 05:21:05 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysNative\\IEEtwCollector.exe -- (IEEtwCollectorService)

SRV:64bit: - [2014/03/11 12:34:10 | 000,347,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\\Program Files\\Microsoft Security Client\\NisSrv.exe -- (NisSrv)

SRV:64bit: - [2014/03/11 12:34:10 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe -- (MsMpSvc)

SRV:64bit: - [2013/12/06 16:52:10 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\\Windows\\SysNative\\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Program Files\\Windows Defender\\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2013/04/21 14:23:50 | 000,182,848 | ---- | M] (Soluto) [Auto | Running] -- C:\\Program Files\\Soluto\\SolutoLauncherService.exe -- (SolutoLauncherService)

SRV:64bit: - [2013/04/21 14:23:48 | 000,721,472 | ---- | M] (Soluto) [Auto | Running] -- C:\\Program Files\\Soluto\\SolutoService.exe -- (SolutoService)

SRV:64bit: - [2013/04/21 14:16:00 | 001,245,248 | ---- | M] (Soluto) [On_Demand | Stopped] -- C:\\Program Files\\Soluto\\SolutoRemoteService.exe -- (SolutoRemoteService)

SRV:64bit: - [2010/04/06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\\Windows\\SysNative\\AppleChargerSrv.exe -- (AppleChargerSrv)

SRV - [2014/06/30 17:46:52 | 000,542,400 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\\Program Files (x86)\\Common Files\\Steam\\SteamService.exe -- (Steam Client Service)

SRV - [2014/06/18 02:23:30 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\\Program Files (x86)\\Mozilla Maintenance Service\\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2014/06/11 10:48:44 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2014/05/21 09:32:04 | 000,358,984 | ---- | M] (Verizon) [Auto | Running] -- C:\\Program Files (x86)\\Verizon\\IHA_MessageCenter\\Bin\\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)

SRV - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe -- (AdobeARMservice)

SRV - [2013/11/07 02:52:56 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\IntelCpHeciSvc.exe -- (cphs)

SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\\Program Files (x86)\\Skype\\Updater\\Updater.exe -- (SkypeUpdate)

SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2013/08/14 16:46:02 | 000,101,888 | ---- | M] (Freemake) [On_Demand | Stopped] -- C:\\ProgramData\\Freemake\\FreemakeUtilsService\\FreemakeUtilsService.exe -- (Freemake Improver)

SRV - [2013/05/23 16:12:02 | 000,143,120 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- D:\\Program Files\\SUPERAntiSpyware\\SASCore64.exe -- (!SASCORE)

SRV - [2011/12/09 14:39:52 | 000,135,584 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\\Program Files (x86)\\Futuremark\\Futuremark SystemInfo\\FMSISvc.exe -- (Futuremark SystemInfo Service)

SRV - [2011/08/08 17:39:32 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\UNS\\UNS.exe -- (UNS)

SRV - [2011/08/08 17:39:26 | 000,325,912 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\\Program Files (x86)\\Intel\\Intel(R) Management Engine Components\\LMS\\LMS.exe -- (LMS)

SRV - [2009/10/13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Running] -- C:\\Program Files (x86)\\GIGABYTE\\smart6\\timelock\\TimeMgmtDaemon.exe -- (Smart TimeLock)

SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework\\v2.0.50727\\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2007/01/15 17:14:38 | 000,774,144 | ---- | M] (Nero AG) [On_Demand | Stopped] -- D:\\Program Files (x86)\\Nero 7\\Nero BackItUp\\NBService.exe -- (NBService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/05/19 02:47:28 | 000,155,816 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\rzudd.sys -- (rzudd)

DRV:64bit: - [2014/03/11 09:52:30 | 000,133,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\NisDrvWFP.sys -- (NisDrv)

DRV:64bit: - [2014/01/22 09:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\ssudmdm.sys -- (ssudmdm)

DRV:64bit: - [2014/01/22 09:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\ssudbus.sys -- (dg_ssudbus)

DRV:64bit: - [2013/12/06 17:52:14 | 013,207,552 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2013/12/06 16:21:44 | 000,626,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2013/11/07 02:52:44 | 005,363,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\igdkmd64.sys -- (igfx)

DRV:64bit: - [2013/10/01 22:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2013/09/24 10:53:50 | 000,094,208 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\AtihdW76.sys -- (AtiHDAudioService)

DRV:64bit: - [2013/09/20 11:52:42 | 000,016,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\SWDUMon.sys -- (SWDUMon)

DRV:64bit: - [2013/04/21 14:15:34 | 000,054,728 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\Soluto.sys -- (Soluto)

DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2012/11/02 16:38:36 | 000,050,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\point64.sys -- (Point64)

DRV:64bit: - [2012/11/01 22:52:50 | 000,075,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\dc3d.sys -- (dc3d)

DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2012/05/06 12:56:42 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\pcouffin.sys -- (pcouffin)

DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\\Windows\\SysNative\\drivers\\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011/09/21 10:25:54 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\cpuz135_x64.sys -- (cpuz135)

DRV:64bit: - [2011/05/16 10:55:28 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\amdxata.sys -- (amdxata)

DRV:64bit: - [2011/01/10 18:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\\Windows\\SysNative\\drivers\\AppleCharger.sys -- (AppleCharger)

DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\HECIx64.sys -- (MEIx64)

DRV:64bit: - [2009/08/21 02:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\xusb21.sys -- (xusb21)

DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [1999/12/31 20:00:00 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\IntcDAud.sys -- (IntcDAud)

DRV:64bit: - [1999/12/31 20:00:00 | 000,088,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\EtronXHCI.sys -- (EtronXHCI)

DRV:64bit: - [1999/12/31 20:00:00 | 000,065,152 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\EtronHub3.sys -- (EtronHub3)

DRV - [2014/07/05 15:14:15 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\\Windows\\gdrv.sys -- (gdrv)

DRV - [2013/01/03 15:07:47 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\\Windows\\GVTDrv64.sys -- (GVTDrv64)

DRV - [2012/08/23 17:02:26 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\\Windows\\etdrv.sys -- (etdrv)

DRV - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\\Program Files\\SUPERAntiSpyware\\sasdifsv64.sys -- (SASDIFSV)

DRV - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\\Program Files\\SUPERAntiSpyware\\saskutil64.sys -- (SASKUTIL)

DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\drivers\\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\\..\\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\\..\\SearchScopes\\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: \"URL\" = http://www.bing.com/search?q=\'>http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Local Page = C:\\Windows\\SysWOW64\\blank.htm

IE - HKLM\\..\\SearchScopes,DefaultScope =

IE - HKLM\\..\\SearchScopes\\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: \"URL\" = http://www.bing.com/search?q=\'>http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Secondary Start Pages = [binary data]

IE - HKCU\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Start Page = http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx\'>http://www22.verizon.com/Foryourhome/MyAccount/Unprotected/UserManagement/Login/Login.aspx

IE - HKCU\\..\\SearchScopes,DefaultScope =

IE - HKCU\\..\\SearchScopes\\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: \"URL\" = http://www.bing.com/search?q=\'>http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR

IE - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyEnable\" = 0

IE - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyOverride\" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: \"Google\"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: \"http://www.google.com/\'>http://www.google.com/\"

FF - prefs.js..extensions.enabledAddons: TFToolbarX%40torrent-finder:1.3.1

FF - prefs.js..extensions.enabledAddons: ex1%40icrewmax.com:3.6

FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:5.9.1

FF - prefs.js..extensions.enabledAddons: %7B37fa1426-b82d-11db-8314-0800200c9a66%7D:3.4.2

FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.31

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0

FF - user.js - File not found

FF:64bit: - HKLM\\Software\\MozillaPlugins\\@adobe.com/FlashPlayer: C:\\Windows\\system32\\Macromed\\Flash\\NPSWF64_14_0_0_125.dll File not found

FF:64bit: - HKLM\\Software\\MozillaPlugins\\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\\Software\\MozillaPlugins\\@Microsoft.com/NpCtrl,version=1.0: C:\\Program Files\\Microsoft Silverlight\\5.1.30214.0\\npctrl.dll ( Microsoft Corporation)

FF - HKLM\\Software\\MozillaPlugins\\@adobe.com/FlashPlayer: C:\\Windows\\SysWOW64\\Macromed\\Flash\\NPSWF32_14_0_0_125.dll ()

FF - HKLM\\Software\\MozillaPlugins\\@Apple.com/iTunes,version=: File not found

FF - HKLM\\Software\\MozillaPlugins\\@Apple.com/iTunes,version=1.0: D:\\iTunes\\Mozilla Plugins\\npitunes.dll ()

FF - HKLM\\Software\\MozillaPlugins\\@java.com/DTPlugin,version=10.55.2: C:\\Program Files (x86)\\Java\\jre7\\bin\\dtplugin\\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\\Software\\MozillaPlugins\\@java.com/JavaPlugin,version=10.55.2: C:\\Program Files (x86)\\Java\\jre7\\bin\\plugin2\\npjp2.dll (Oracle Corporation)

FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\\Software\\MozillaPlugins\\@Microsoft.com/NpCtrl,version=1.0: C:\\Program Files (x86)\\Microsoft Silverlight\\5.1.30214.0\\npctrl.dll ( Microsoft Corporation)

FF - HKLM\\Software\\MozillaPlugins\\@pandonetworks.com/PandoWebPlugin: C:\\Program Files (x86)\\Pando Networks\\Media Booster\\npPandoWebPlugin.dll (Pando Networks)

FF - HKLM\\Software\\MozillaPlugins\\@raidcall.en/RCplugin: C:\\Users\\Evan Kopilow\\AppData\\Roaming\\raidcall\\plugins\\nprcplugin.dll (Raidcall)

FF - HKLM\\Software\\MozillaPlugins\\@videolan.org/vlc,version=2.0.8: D:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll (VideoLAN)

FF - HKLM\\Software\\MozillaPlugins\\@videolan.org/vlc,version=2.1.0: C:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll (VideoLAN)

FF - HKLM\\Software\\MozillaPlugins\\@videolan.org/vlc,version=2.1.1: C:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll (VideoLAN)

FF - HKLM\\Software\\MozillaPlugins\\@videolan.org/vlc,version=2.1.2: C:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll (VideoLAN)

FF - HKLM\\Software\\MozillaPlugins\\@videolan.org/vlc,version=2.1.3: C:\\Program Files (x86)\\VideoLAN\\VLC\\npvlc.dll (VideoLAN)

FF - HKLM\\Software\\MozillaPlugins\\Adobe Reader: C:\\Program Files (x86)\\Adobe\\Reader 11.0\\Reader\\AIR\\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\\Software\\MozillaPlugins\\pandonetworks.com/PandoWebPlugin: C:\\Program Files (x86)\\Pando Networks\\Media Booster\\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\\software\\mozilla\\Mozilla Firefox 30.0\\extensions\\\\Components: C:\\Program Files (x86)\\Mozilla Firefox\\components [2014/06/18 02:23:15 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\\software\\mozilla\\Mozilla Firefox 30.0\\extensions\\\\Plugins: C:\\Program Files (x86)\\Mozilla Firefox\\plugins [2014/07/03 11:12:31 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\\software\\mozilla\\Mozilla Firefox 30.0\\extensions\\\\Components: C:\\Program Files (x86)\\Mozilla Firefox\\components [2014/06/18 02:23:15 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\\software\\mozilla\\Mozilla Firefox 30.0\\extensions\\\\Plugins: C:\\Program Files (x86)\\Mozilla Firefox\\plugins [2014/07/03 11:12:31 | 000,000,000 | ---D | M]

[2012/04/10 10:50:54 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Extensions

[2014/07/03 11:12:30 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions

[2014/05/14 17:37:37 | 000,000,000 | ---D | M] (\"Flash Video Downloader - Full HD Download\") -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\[email protected]

[2014/04/24 15:50:52 | 000,057,781 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\[email protected]

[2014/04/08 03:16:26 | 000,625,308 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\[email protected]

[2013/01/30 10:35:10 | 000,119,925 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\[email protected]

[2014/06/20 21:41:17 | 000,009,259 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\[email protected]

[2014/06/27 19:29:50 | 000,220,046 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi

[2014/07/02 01:32:28 | 000,538,404 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi

[2014/06/10 17:17:35 | 000,967,387 | ---- | M] () (No name found) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qpz899co.default\\extensions\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2014/06/18 02:23:15 | 000,000,000 | ---D | M] (No name found) -- C:\\Program Files (x86)\\Mozilla Firefox\\extensions

[2014/06/18 02:23:15 | 000,000,000 | ---D | M] (Java Console) -- C:\\Program Files (x86)\\Mozilla Firefox\\extensions\\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

[2014/06/18 02:23:15 | 000,000,000 | ---D | M] (Java Console) -- C:\\Program Files (x86)\\Mozilla Firefox\\extensions\\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

[2014/06/18 02:23:15 | 000,000,000 | ---D | M] (No name found) -- C:\\Program Files (x86)\\Mozilla Firefox\\browser\\extensions

[2014/06/18 02:23:31 | 000,000,000 | ---D | M] (Default) -- C:\\Program Files (x86)\\Mozilla Firefox\\browser\\extensions\\{972ce4c6-7e08-4474-a285-3208198ce6fd}

File not found (No name found) -- C:\\PROGRAMDATA\\AVG SECURE SEARCH\\FIREFOXEXT\\17.2.0.38

[2011/12/09 13:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\\Program Files (x86)\\mozilla firefox\\plugins\\npwachk.dll

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\\Windows\\SysNative\\drivers\\etc\\hosts

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files (x86)\\Java\\jre7\\bin\\ssv.dll (Oracle Corporation)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files (x86)\\Java\\jre7\\bin\\jp2ssv.dll (Oracle Corporation)

O4:64bit: - HKLM..\\Run: [HotKeysCmds] C:\\Windows\\SysNative\\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\\Run: [IgfxTray] C:\\Windows\\SysNative\\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\\Run: [IntelliPoint] C:\\Program Files\\Microsoft Mouse and Keyboard Center\\ipoint.exe (Microsoft Corporation)

O4:64bit: - HKLM..\\Run: [IntelliType Pro] C:\\Program Files\\Microsoft Mouse and Keyboard Center\\itype.exe (Microsoft Corporation)

O4:64bit: - HKLM..\\Run: [MSC] C:\\Program Files\\Microsoft Security Client\\msseces.exe (Microsoft Corporation)

O4:64bit: - HKLM..\\Run: [Persistence] C:\\Windows\\SysNative\\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\\Run: [RtHDVCpl] C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\\Run: [] File not found

O4 - HKLM..\\Run: [APSDaemon] C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\\Run: [Razer Synapse] C:\\Program Files (x86)\\Razer\\Synapse\\RzSynapse.exe (Razer Inc.)

O4 - HKLM..\\Run: [StartCCC] C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\amd64\\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKCU..\\Run: [f.lux] C:\\Users\\Evan Kopilow\\AppData\\Local\\FluxSoftware\\Flux\\flux.exe (Flux Software LLC)

O4:64bit: - HKLM..\\RunOnce: [RPMKickstart] C:\\Program Files\\GIGABYTE\\SMART6\\Recovery\\RPMKickstart.exe (Gigabyte Technology CO., LTD.)

O4 - Startup: C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Samsung Magician.lnk = C:\\Windows\\SysWOW64\\schtasks.exe (Microsoft Corporation)

O4 - Startup: C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\SpeedFan.lnk = File not found

O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoActiveDesktop = 1

O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: PromptOnSecureDesktop = 0

O10:64bit: - NameSpace_Catalog5\\Catalog_Entries64\\000000000007 [] - C:\\Program Files\\Bonjour\\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\\Catalog_Entries\\000000000007 [] - C:\\Program Files (x86)\\Bonjour\\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKCU\\..Trusted Domains: verizon.net ([activate] https in Trusted sites)

O15 - HKCU\\..Trusted Domains: verizon.net ([activatemydsl] https in Trusted sites)

O15 - HKCU\\..Trusted Domains: verizon.net ([activatemyfios] https in Trusted sites)

O15 - HKCU\\..Trusted Domains: verizon.net ([activatemyhsi] https in Trusted sites)

O15 - HKCU\\..Trusted Domains: verizon.net ([activatemywifi] https in Trusted sites)

O15 - HKCU\\..Trusted Domains: verizon.net ([wbadownload] https in Trusted sites)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab\'>http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab (Java Plug-in 10.55.2)

O16 - DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab\'>http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab (Java Plug-in 1.7.0_51)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab\'>http://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab (Java Plug-in 10.55.2)

O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters\\Interfaces\\{0D22C8E2-A8B1-4FA7-8886-7DFC39D6AA92}: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\\Handler\\skype4com - No CLSID value found

O18 - Protocol\\Handler\\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\\Program Files (x86)\\Common Files\\Skype\\Skype4COM.dll (Skype Technologies)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\\Windows\\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (c:\\windows\\system32\\userinit.exe) - C:\\Windows\\SysNative\\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (c:\\program files\\soluto\\soluto.exe /userinit) - c:\\program files\\soluto\\soluto.exe (Soluto)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\\Windows\\SysWow64\\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\\Windows\\SysWow64\\userinit.exe (Microsoft Corporation)

O20:64bit: - Winlogon\\Notify\\igfxcui: DllName - (igfxdev.dll) - C:\\Windows\\SysNative\\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\\{5625bff4-8119-11e2-a428-50e549e97722}\\Shell - \"\" = AutoRun

O33 - MountPoints2\\{5625bff4-8119-11e2-a428-50e549e97722}\\Shell\\AutoRun\\command - \"\" = H:\\ToolLauncher-Bootstrap.exe

O33 - MountPoints2\\{8fec731b-8330-11e1-982c-806e6f6e6963}\\Shell - \"\" = AutoRun

O33 - MountPoints2\\{8fec731b-8330-11e1-982c-806e6f6e6963}\\Shell\\AutoRun\\command - \"\" = D:\\Run.exe

O33 - MountPoints2\\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\\Shell - \"\" = AutoRun

O33 - MountPoints2\\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\\Shell\\AutoRun\\command - \"\" = J:\\VZW_Software_upgrade_assistant.exe

O33 - MountPoints2\\J\\Shell - \"\" = AutoRun

O33 - MountPoints2\\J\\Shell\\AutoRun\\command - \"\" = J:\\VZW_Software_upgrade_assistant.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\\..comfile [open] -- \"%1\" %*

O35:64bit: - HKLM\\..exefile [open] -- \"%1\" %*

O35 - HKLM\\..comfile [open] -- \"%1\" %*

O35 - HKLM\\..exefile [open] -- \"%1\" %*

O37:64bit: - HKLM\\...com [@ = comfile] -- \"%1\" %*

O37:64bit: - HKLM\\...exe [@ = exefile] -- \"%1\" %*

O37 - HKLM\\...com [@ = comfile] -- \"%1\" %*

O37 - HKLM\\...exe [@ = exefile] -- \"%1\" %*

O38 - SubSystems\\\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/07/03 11:19:26 | 000,000,000 | ---D | C] -- C:\\Windows\\ERUNT

[2014/07/03 11:11:54 | 000,000,000 | ---D | C] -- C:\\AdwCleaner

[2014/07/03 11:10:07 | 001,016,261 | ---- | C] (Thisisu) -- C:\\Users\\Evan Kopilow\\Desktop\\JRT.exe

[2014/07/02 20:07:24 | 000,000,000 | -HSD | C] -- C:\\Users\\Evan Kopilow\\AppData\\Local\\EmieUserList

[2014/07/02 20:07:24 | 000,000,000 | -HSD | C] -- C:\\Users\\Evan Kopilow\\AppData\\Local\\EmieSiteList

[2014/07/02 00:39:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\\Users\\Evan Kopilow\\Desktop\\OTL.exe

[2014/07/02 00:35:13 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Samsung Magician

[2014/06/29 19:18:35 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Trend Micro

[2014/06/29 19:18:35 | 000,000,000 | ---D | C] -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\HiJackThis

[2014/06/24 13:19:18 | 000,000,000 | ---D | C] -- C:\\Users\\Evan Kopilow\\Desktop\\Phone pictures

[2014/06/18 02:23:15 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Mozilla Firefox

[2014/06/14 18:36:14 | 000,000,000 | ---D | C] -- C:\\Users\\Evan Kopilow\\AppData\\Local\\Adobe

[2014/06/10 16:26:01 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Common Files\\Skype

[2014/06/10 16:05:12 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\jscript9diag.dll

[2014/06/10 16:05:12 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\mshtmled.dll

[2014/06/10 16:05:12 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ieetwproxystub.dll

[2014/06/10 16:05:12 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieetwproxystub.dll

[2014/06/10 16:05:12 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\JavaScriptCollectionAgent.dll

[2014/06/10 16:05:11 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\iesetup.dll

[2014/06/10 16:05:11 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\JavaScriptCollectionAgent.dll

[2014/06/10 16:05:10 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\inetcpl.cpl

[2014/06/10 16:05:10 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msfeeds.dll

[2014/06/10 16:05:10 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\dxtmsft.dll

[2014/06/10 16:05:10 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ieui.dll

[2014/06/10 16:05:10 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieetwcollector.exe

[2014/06/10 16:05:10 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\iernonce.dll

[2014/06/10 16:05:10 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieetwcollectorres.dll

[2014/06/10 16:05:09 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\inetcpl.cpl

[2014/06/10 16:05:09 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ie4uinit.exe

[2014/06/10 16:05:09 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\iesetup.dll

[2014/06/10 16:05:08 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\mshtmlmedia.dll

[2014/06/10 16:05:08 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ieapfltr.dll

[2014/06/10 16:05:08 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ieUnatt.exe

[2014/06/10 16:05:08 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\iernonce.dll

[2014/06/10 16:05:07 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieui.dll

[2014/06/10 16:05:07 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\dxtrans.dll

[2014/06/10 16:05:07 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\msrating.dll

[2014/06/10 16:05:06 | 005,782,528 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\jscript9.dll

[2014/06/10 16:05:06 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\mshtmlmedia.dll

[2014/06/10 16:05:06 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\jscript9diag.dll

[2014/06/10 16:05:06 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\vbscript.dll

[2014/06/10 16:05:06 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieUnatt.exe

[2014/06/10 16:05:06 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\mshtmled.dll

[2014/06/10 16:05:05 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\MsSpellCheckingFacility.exe

[2014/06/10 16:05:05 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieapfltr.dll

[2014/06/10 16:05:05 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msrating.dll

[2014/06/10 16:04:58 | 003,178,496 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\rdpcorets.dll

[2014/06/10 16:04:58 | 000,288,192 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\drivers\\FWPKCLNT.SYS

[2014/06/10 16:04:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\RdpGroupPolicyExtension.dll

[2014/06/10 16:04:57 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\usp10.dll

[2014/06/10 16:04:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\msxml6r.dll

[2014/06/10 16:04:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msxml6r.dll

[2014/06/10 16:04:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\msxml3r.dll

[2014/06/10 16:04:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msxml3r.dll

[2014/06/10 16:04:56 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\aepdu.dll

[2014/06/10 16:04:55 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\aeinv.dll

[2012/05/06 12:56:42 | 000,082,816 | ---- | C] (VSO Software) -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2014/07/05 16:06:00 | 000,000,830 | ---- | M] () -- C:\\Windows\\tasks\\Adobe Flash Player Updater.job

[2014/07/05 15:21:40 | 000,022,064 | -H-- | M] () -- C:\\Windows\\SysNative\\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2014/07/05 15:21:40 | 000,022,064 | -H-- | M] () -- C:\\Windows\\SysNative\\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2014/07/05 15:19:18 | 000,782,510 | ---- | M] () -- C:\\Windows\\SysNative\\PerfStringBackup.INI

[2014/07/05 15:19:18 | 000,662,400 | ---- | M] () -- C:\\Windows\\SysNative\\perfh009.dat

[2014/07/05 15:19:18 | 000,122,268 | ---- | M] () -- C:\\Windows\\SysNative\\perfc009.dat

[2014/07/05 15:14:15 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\\Windows\\gdrv.sys

[2014/07/05 15:14:13 | 000,000,350 | ---- | M] () -- C:\\Windows\\tasks\\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job

[2014/07/05 15:14:13 | 000,000,350 | ---- | M] () -- C:\\Windows\\tasks\\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job

[2014/07/05 15:13:16 | 000,067,584 | --S- | M] () -- C:\\Windows\\bootstat.dat

[2014/07/05 15:13:10 | 4229,779,454 | -HS- | M] () -- C:\\hiberfil.sys

[2014/07/03 11:10:56 | 001,346,519 | ---- | M] () -- C:\\Users\\Evan Kopilow\\Desktop\\AdwCleaner.exe

[2014/07/03 11:10:11 | 001,016,261 | ---- | M] (Thisisu) -- C:\\Users\\Evan Kopilow\\Desktop\\JRT.exe

[2014/07/02 00:39:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\\Users\\Evan Kopilow\\Desktop\\OTL.exe

[2014/07/02 00:35:13 | 000,001,744 | ---- | M] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Samsung Magician.lnk

[2014/06/29 19:23:04 | 000,016,037 | ---- | M] () -- C:\\Users\\Evan Kopilow\\Desktop\\99 load.gif

[2014/06/29 19:18:35 | 000,003,007 | ---- | M] () -- C:\\Users\\Evan Kopilow\\Desktop\\HiJackThis.lnk

[2014/06/29 19:17:30 | 001,402,880 | ---- | M] () -- C:\\Users\\Evan Kopilow\\Desktop\\HiJackThis.msi

[2014/06/28 06:46:28 | 580,129,489 | ---- | M] () -- C:\\Windows\\MEMORY.DMP

[2014/06/25 13:30:44 | 000,001,117 | ---- | M] () -- C:\\Users\\Public\\Desktop\\Vz In-Home Agent.lnk

[2014/06/18 11:46:14 | 000,002,044 | ---- | M] () -- C:\\Users\\Evan Kopilow\\Application Data\\Microsoft\\Internet Explorer\\Quick Launch\\Mozilla Firefox.lnk

[2014/06/11 10:48:44 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\\Windows\\SysWow64\\FlashPlayerApp.exe

[2014/06/11 10:48:44 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\\Windows\\SysWow64\\FlashPlayerCPLApp.cpl

[2014/06/08 05:13:05 | 000,506,368 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\SysNative\\aepdu.dll

[2014/06/08 05:08:04 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\\Windows\\SysNative\\aeinv.dll

========== Files Created - No Company Name ==========

[2014/07/03 11:10:51 | 001,346,519 | ---- | C] () -- C:\\Users\\Evan Kopilow\\Desktop\\AdwCleaner.exe

[2014/07/02 00:35:13 | 000,001,744 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Samsung Magician.lnk

[2014/06/29 19:23:04 | 000,016,037 | ---- | C] () -- C:\\Users\\Evan Kopilow\\Desktop\\99 load.gif

[2014/06/29 19:18:35 | 000,003,007 | ---- | C] () -- C:\\Users\\Evan Kopilow\\Desktop\\HiJackThis.lnk

[2014/06/29 19:17:29 | 001,402,880 | ---- | C] () -- C:\\Users\\Evan Kopilow\\Desktop\\HiJackThis.msi

[2014/06/25 13:30:44 | 000,001,117 | ---- | C] () -- C:\\Users\\Public\\Desktop\\Vz In-Home Agent.lnk

[2014/02/12 12:05:09 | 000,000,114 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\Dogecoin.conf

[2013/12/06 17:44:26 | 000,038,912 | ---- | C] () -- C:\\Windows\\SysWow64\\kdbsdk32.dll

[2013/11/07 02:52:42 | 000,077,312 | ---- | C] () -- C:\\Windows\\SysWow64\\igdde32.dll

[2013/03/28 22:13:14 | 000,798,734 | ---- | C] () -- C:\\Windows\\SysWow64\\amdocl_ld32.exe

[2013/03/28 22:13:12 | 000,995,342 | ---- | C] () -- C:\\Windows\\SysWow64\\amdocl_as32.exe

[2012/12/10 21:45:50 | 000,002,048 | ---- | C] () -- C:\\Users\\Evan Kopilow\\comdrv8z.bin

[2012/11/20 00:17:57 | 000,000,193 | ---- | C] () -- C:\\ProgramData\\Microsoft.SqlServer.Compact.351.64.bc

[2012/10/10 03:22:28 | 000,272,928 | ---- | C] () -- C:\\Windows\\SysWow64\\igvpkrng600.bin

[2012/10/10 03:22:20 | 000,963,452 | ---- | C] () -- C:\\Windows\\SysWow64\\igcodeckrng600.bin

[2012/05/06 12:57:06 | 000,001,057 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\vso_ts_preview.xml

[2012/05/06 12:56:42 | 000,099,384 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\inst.exe

[2012/05/06 12:56:42 | 000,007,859 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\pcouffin.cat

[2012/05/06 12:56:42 | 000,001,167 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Roaming\\pcouffin.inf

[2012/04/13 10:54:19 | 000,007,601 | ---- | C] () -- C:\\Users\\Evan Kopilow\\AppData\\Local\\Resmon.ResmonCfg

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\\Windows\\assembly\\Desktop.ini

[HKEY_CURRENT_USER\\Software\\Classes\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32] /64

[HKEY_CURRENT_USER\\Software\\Classes\\Wow6432node\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32]

[HKEY_CURRENT_USER\\Software\\Classes\\clsid\\{fbeb8a05-beee-4442-804e-409d6c4515e9}\\InProcServer32] /64

[HKEY_CURRENT_USER\\Software\\Classes\\Wow6432node\\clsid\\{fbeb8a05-beee-4442-804e-409d6c4515e9}\\InProcServer32]

[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32] /64

\"\" = C:\\Windows\\SysNative\\shell32.dll -- [2014/03/24 22:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)

\"ThreadingModel\" = Apartment

[HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\Classes\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32]

\"\" = %SystemRoot%\\system32\\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)

\"ThreadingModel\" = Apartment

[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\\InProcServer32] /64

\"\" = C:\\Windows\\SysNative\\wbem\\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

\"ThreadingModel\" = Free

[HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\Classes\\clsid\\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\\InProcServer32]

\"\" = %systemroot%\\system32\\wbem\\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

\"ThreadingModel\" = Free

[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\\InProcServer32] /64

\"\" = C:\\Windows\\SysNative\\wbem\\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

\"ThreadingModel\" = Both

[HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\Classes\\clsid\\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\\InProcServer32]

< End of report >

Sorry about that

guestolo · « **Reply #8 on:** July 05, 2014, 07:17:48 PM »

Double click on OTL.exe and Run it

Under the Custom Scans/Fixes box at the bottom, copy/paste in the following in the quote box below. don\'t include the word Quote please

:OTL
FF - prefs.js..extensions.enabledAddons: TFToolbarX%40torrent-finder:1.3.1

FF - prefs.js..extensions.enabledAddons: ex1%40icrewmax.com:3.6

FF - prefs.js..extensions.enabledAddons: %7B37fa1426-b82d-11db-8314-0800200c9a66%7D:3.4.2

FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.31

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0

File not found (No name found) -- C:\\PROGRAMDATA\\AVG SECURE SEARCH\\FIREFOXEXT\\17.2.0.38

O33 - MountPoints2\\{5625bff4-8119-11e2-a428-50e549e97722}\\Shell - \"\" = AutoRun

O33 - MountPoints2\\{5625bff4-8119-11e2-a428-50e549e97722}\\Shell\\AutoRun\\command - \"\" = H:\\ToolLauncher-Bootstrap.exe

O33 - MountPoints2\\{8fec731b-8330-11e1-982c-806e6f6e6963}\\Shell - \"\" = AutoRun

O33 - MountPoints2\\{8fec731b-8330-11e1-982c-806e6f6e6963}\\Shell\\AutoRun\\command - \"\" = D:\\Run.exe

O33 - MountPoints2\\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\\Shell - \"\" = AutoRun

O33 - MountPoints2\\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\\Shell\\AutoRun\\command - \"\" = J:\\VZW_Software_upgrade_assistant.exe

O33 - MountPoints2\\J\\Shell - \"\" = AutoRun

O33 - MountPoints2\\J\\Shell\\AutoRun\\command - \"\" = J:\\VZW_Software_upgrade_assistant.exe

:Files

ipconfig /flushdns /c

:Commands

[EmptyJava}

[EmptyFlash]

[EmptyTemp]

[Reboot]

Then click the Run Fix button at the top

Let the program run unhindered, reboot the PC when it is done

On startup, Allow OTL to run if prompted

A log should open, can you post it please

A copy of this log can also be found in

C:\\_OTL\\Moved Files folder

Keep me informed how the computer is now running please

rambag3 · « **Reply #9 on:** July 05, 2014, 09:44:10 PM »

All processes killed

========== OTL ==========

Prefs.js: TFToolbarX%40torrent-finder:1.3.1 removed from extensions.enabledAddons

Prefs.js: ex1%40icrewmax.com:3.6 removed from extensions.enabledAddons

Prefs.js: %7B37fa1426-b82d-11db-8314-0800200c9a66%7D:3.4.2 removed from extensions.enabledAddons

Prefs.js: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.31 removed from extensions.enabledAddons

Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0 removed from extensions.enabledAddons

Registry key HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\{5625bff4-8119-11e2-a428-50e549e97722}\\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{5625bff4-8119-11e2-a428-50e549e97722}\\ not found.

Registry key HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\{5625bff4-8119-11e2-a428-50e549e97722}\\ not found.

Registry key HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{5625bff4-8119-11e2-a428-50e549e97722}\\ not found.

File H:\\ToolLauncher-Bootstrap.exe not found.

Registry key HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\{8fec731b-8330-11e1-982c-806e6f6e6963}\\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{8fec731b-8330-11e1-982c-806e6f6e6963}\\ not found.

Registry key HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\{8fec731b-8330-11e1-982c-806e6f6e6963}\\ not found.

Registry key HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{8fec731b-8330-11e1-982c-806e6f6e6963}\\ not found.

File D:\\Run.exe not found.

Registry key HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\\ not found.

Registry key HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\\ not found.

Registry key HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{a0a3cf5c-c480-11e2-b96d-50e549e97722}\\ not found.

File J:\\VZW_Software_upgrade_assistant.exe not found.

Registry key HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\J\\ deleted successfully.

Registry key HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\J\\ not found.

File J:\\VZW_Software_upgrade_assistant.exe not found.

========== FILES ==========

< ipconfig /flushdns /c >

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

C:\\Users\\Evan Kopilow\\Desktop\\cmd.bat deleted successfully.

C:\\Users\\Evan Kopilow\\Desktop\\cmd.txt deleted successfully.

========== COMMANDS ==========

Error: Unable to interpret <[EmptyJava}> in the current context!

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Evan Kopilow

->Flash cache emptied: 61148 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

[EMPTYTEMP]

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Evan Kopilow

->Temp folder emptied: 2585068008 bytes

->Temporary Internet Files folder emptied: 7089811 bytes

->Java cache emptied: 149158085 bytes

->FireFox cache emptied: 390454767 bytes

->Apple Safari cache emptied: 123629568 bytes

->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\\System32 .tmp files removed: 0 bytes

%systemroot%\\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\\System32\\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 798809692 bytes

%systemroot%\\sysnative\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files folder emptied: 36073306 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 3,901.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 07052014_223749

Files\\Folders moved on Reboot...

C:\\Users\\Evan Kopilow\\AppData\\Local\\Temp\\FXSAPIDebugLogFile.txt moved successfully.

File move failed. C:\\Users\\Evan Kopilow\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\counters.dat scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

guestolo · « **Reply #10 on:** July 05, 2014, 09:56:03 PM »

how\'s things running on your end with the computer?

rambag3 · « **Reply #11 on:** July 05, 2014, 09:59:28 PM »

Everything seems fine, the big problem is, the 99% load was very random and only started a couple of weeks ago. So it\'s hard to know if anything was fixed.

I will update you if anything changes. What did you have me remove if I may ask?

guestolo · « **Reply #12 on:** July 05, 2014, 11:54:03 PM »

Adwcleaner and jrt do virtually the same thing

Here\'s a quote

AdwCleaner is a program that searches for and deletes Adware, Toolbars, Potentially Unwanted Programs (PUP), and browser Hijackers from your computer. By using AdwCleaner you can easily remove many of these types of programs for a better user experience on your computer and while browsing the web.

The types of programs that AdwCleaner targets are typically bundled with free programs that you download from the web. In many cases when you download and install a program, the install will state that these programs will be installed along with the program you downloaded. Unless you perform a Custom install, these unwanted programs will automatically be installed on your computer leaving you with extra browser toolbars, adware, and other unwanted programs. AdwCleaner is designed to search for and remove these types of programs.

In addition we used otl to clean temp files

I\'m on my way to work camp tommorrow so I\'ll pop in when I can

Yes please keep me updated how things are running

guestolo · « **Reply #13 on:** July 28, 2015, 04:44:29 PM »

As your problems appear resolved I\'ll lock this topic

TheTechGuide Forum

News:

Author Topic: 2nd GPU running at 99% load (Read 2257 times)

rambag3

2nd GPU running at 99% load

guestolo

2nd GPU running at 99% load

rambag3

2nd GPU running at 99% load

guestolo

2nd GPU running at 99% load

rambag3

2nd GPU running at 99% load

rambag3

2nd GPU running at 99% load

guestolo

2nd GPU running at 99% load

rambag3

2nd GPU running at 99% load

guestolo

2nd GPU running at 99% load

rambag3

2nd GPU running at 99% load

guestolo

2nd GPU running at 99% load

rambag3

2nd GPU running at 99% load

guestolo

2nd GPU running at 99% load

guestolo

2nd GPU running at 99% load