Page 1 of 2 12 LastLast
Results 1 to 10 of 17
  1. #1
    Member mrr107i's Avatar
    Join Date
    Sep 2003
    Location
    Pittsfield, MA
    Posts
    40
    Points
    0

    Default Got recommendation to post log files in help2go detective, so here they are:

    Malwarebytes Anti-Malware 1.75.0.1300
    Malwarebytes : Free anti-malware download

    Database version: v2013.08.28.08

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 10.0.9200.16660
    mrr107i :: MY-ACER [administrator]

    8/28/2013 5:41:21 PM
    MBAM-log-2013-08-28 (17-48-40).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
    Scan options disabled:
    Objects scanned: 268956
    Time elapsed: 6 minute(s), 54 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 2
    HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> No action taken.
    HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> No action taken.

    Registry Values Detected: 2
    HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {0C179A52-C62D-11E2-AEFD-08002700604B} -> No action taken.
    HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {0C179A52-C62D-11E2-AEFD-08002700604B} -> No action taken.

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)


    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 08/28/2013 at 05:54 PM

    Application Version : 5.6.1032

    Core Rules Database Version : 10726
    Trace Rules Database Version: 8538

    Scan type : Quick Scan
    Total Scan Time : 00:04:52

    Operating System Information
    Windows 7 Professional 64-bit, Service Pack 1 (Build 6.01.7601)
    UAC Off - Administrator

    Memory items scanned : 683
    Memory threats detected : 0
    Registry items scanned : 60780
    Registry threats detected : 0
    File items scanned : 11530
    File threats detected : 218

    Adware.Tracking Cookie
    .c.atdmt.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .c.atdmt.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .h.atdmt.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .h.atdmt.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .h.atdmt.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .h.atdmt.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .adtechus.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .saymedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .saymedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .adtech.de [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .apmebf.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .apmebf.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .mediaplex.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .realmedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .realmedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .ad.mlnadvertising.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .eyeviewads.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .burstnet.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .burstnet.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .burstnet.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .burstnet.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .burstnet.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    BurstMedia [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .burstnet.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .algoclicks.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    algoclicks.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    delivery.adseekmedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    delivery.adseekmedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    delivery.adseekmedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    delivery.adseekmedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    adserver.bz [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .madadsmedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .pointroll.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .specificclick.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .media.adfrontiers.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .yieldmanager.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    pch.directtrack.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    pch.directtrack.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .directtrack.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .t.pointroll.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .media.adfrontiers.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .burstnet.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    underdog.rotator.hadj1.adjuggler.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    underdog.rotator.hadj1.adjuggler.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .bs.serving-sys.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .t.pointroll.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .amazon-adsystem.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .amazon-adsystem.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .questionmarket.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .intermundomedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .intermundomedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    underdog.rotator.hadj1.adjuggler.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .burstnet.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    track.adform.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    track.adform.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .adform.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    stats.adotube.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .a1.interclick.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .network.realmedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .at.atwola.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .at.atwola.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    a.intentmedia.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .realmedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .network.realmedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .network.realmedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    network.realmedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    track.prd.inpwrd.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .saymedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .saymedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .questionmarket.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    imp.bid.ace.advertising.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .mediaplex.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    delivery.adseekmedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    delivery.adseekmedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    delivery.adseekmedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .myaccountaccess.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .myaccountaccess.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .pointroll.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .questionmarket.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .questionmarket.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .fastclick.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    algoclicks.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    dfm-ssp.medianewsgroup.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .realmedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    network.realmedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .lucidmedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .tribalfusion.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    mediaservices-d.openxenterprise.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    mediaservices-d.openxenterprise.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\MRR107I\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CYGUJFLY.DEFAULT-1374547060579\COOKIES.SQLITE ]

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 6:04:34 PM, on 8/28/2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v10.0 (10.00.9200.16660)
    Boot mode: Normal

    Running processes:
    C:\PROGRA~2\AD-AWA~1\AdAware.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
    C:\Users\mrr107i\Downloads\hijackthis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
    O2 - BHO: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O3 - Toolbar: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
    O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Search Protection] C:\ProgramData\Search Protection\SearchProtection.exe
    O4 - HKCU\..\Run: [DriverMax_RESTART] "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -RESTART
    O4 - HKCU\..\Run: [Google Update] "C:\Users\mrr107i\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe (User 'Default user')
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O15 - Trusted Zone: *.whitenergroup.com
    O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: Indexing Service (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing)
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: IHA_MessageCenter - Verizon - C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
    O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30007 (IISADMIN) - Unknown owner - C:\Windows\system32\inetsrv\inetinfo.exe (file missing)
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\Windows\system32\mqsvc.exe (file missing)
    O23 - Service: @mqutil.dll,-6203 (MSMQTriggers) - Unknown owner - C:\Windows\system32\mqtgsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
    O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
    O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-20001 (WMSVC) - Unknown owner - C:\Windows\system32\inetsrv\wmsvc.exe (file missing)
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

    --
    End of file - 10040 bytes

    Thank You.

  2. #2
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,327
    Points
    144

    Default

    Download AdwCleaner
    • Double click on AdwCleaner.exe to run the tool.
      ***Note: Windows Vista and Windows 7 users:
      Right click in the adwCleaner.exe and select
    • Click the Delete button.
    • A logfile will automatically open after the scan has finished.
    • Please post the content of that logfile in your next reply.
    • Or you can find the logfile at C:\AdwCleaner[R1].txt.
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  3. #3
    Member mrr107i's Avatar
    Join Date
    Sep 2003
    Location
    Pittsfield, MA
    Posts
    40
    Points
    0

    Default

    What site should I go to download adwcleaner?

  4. #4
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,327
    Points
    144

    Default

    Just click Adwcleaner. Where it says Download Adwcleaner it will auto download it.
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  5. #5
    Member mrr107i's Avatar
    Join Date
    Sep 2003
    Location
    Pittsfield, MA
    Posts
    40
    Points
    0

    Default

    OK thanks fireman, now here is the log file for adwcleaner:

    # AdwCleaner v3.001 - Report created 29/08/2013 at 19:15:29
    # Updated 24/08/2013 by Xplode
    # Operating System : Windows 7 Professional Service Pack 1 (64 bits)
    # Username : mrr107i - MY-ACER
    # Running from : C:\Users\mrr107i\Downloads\adwcleaner.exe
    # Option : Scan

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    File Found : C:\END
    Folder Found C:\Program Files (x86)\adawaretb
    Folder Found C:\Program Files (x86)\Common Files\AVG Secure Search
    Folder Found C:\Program Files (x86)\Conduit
    Folder Found C:\ProgramData\blekko toolbars
    Folder Found C:\ProgramData\PC Optimizer Pro
    Folder Found C:\ProgramData\search protection
    Folder Found C:\SearchProtect
    Folder Found C:\Users\mrr107i\AppData\Local\Conduit
    Folder Found C:\Users\mrr107i\AppData\Local\Supreme Savings
    Folder Found C:\Users\mrr107i\AppData\Local\visi_coupon
    Folder Found C:\Users\mrr107i\AppData\Local\visualbeeexe
    Folder Found C:\Users\mrr107i\AppData\LocalLow\adawaretb
    Folder Found C:\Users\mrr107i\AppData\LocalLow\Conduit

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Found : HKCU\Software\APN PIP
    Key Found : HKCU\Software\AppDataLow\Software\adawaretb
    Key Found : HKCU\Software\AppDataLow\Software\Conduit
    Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Key Found : HKCU\Software\AppDataLow\Software\Crossrider
    Key Found : HKCU\Software\AppDataLow\Software\SmartBar
    Key Found : HKCU\Software\IM
    Key Found : HKCU\Software\ImInstaller
    Key Found : HKCU\Software\InstallCore
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
    Key Found : HKCU\Software\pc optimizer pro
    Key Found : [x64] HKCU\Software\APN PIP
    Key Found : [x64] HKCU\Software\IM
    Key Found : [x64] HKCU\Software\ImInstaller
    Key Found : [x64] HKCU\Software\InstallCore
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    Key Found : [x64] HKCU\Software\pc optimizer pro
    Key Found : HKLM\Software\adawaretb
    Key Found : HKLM\Software\AVG Security Toolbar
    Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
    Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
    Key Found : HKLM\SOFTWARE\Classes\S
    Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
    Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
    Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
    Key Found : HKLM\Software\Conduit
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
    Key Found : HKLM\Software\InstallIQ
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
    Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    Key Found : HKLM\Software\PIP
    Key Found : HKLM\Software\Supreme Savings
    Key Found : [x64] HKLM\SOFTWARE\DomaIQ
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
    Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
    Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

    ***** [ Browsers ] *****

    -\\ Internet Explorer v10.0.9200.16660


    -\\ Mozilla Firefox v23.0.1 (en-US)

    [ File : C:\Users\mrr107i\AppData\Roaming\Mozilla\Firefox\Profiles\cygujfly.default-1374547060579\prefs.js ]

    Line Found : user_pref("browser.search.defaultenginename", "AVG Secure Search");
    Line Found : user_pref("browser.search.selectedEngine", "AVG Secure Search");

    -\\ Google Chrome v

    [ File : C:\Users\mrr107i\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [7667 octets] - [29/08/2013 19:15:29]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [7727 octets] ##########

  6. #6
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,327
    Points
    144

    Default

    • 1. Please download OTL from one of the following mirrors:
    • This is THE Mirror
      2. Save it to your desktop.
      3. Double click on the icon on your desktop.
      4. Under the Custom Scan box paste this in
      c:\windows\*. /SL
      c:\windows\*. /RP
      netsvcs
      activex
      drivers32
      %ALLUSERSPROFILE%\Application Data\*.
      %ALLUSERSPROFILE%\Application Data\*.exe /s
      %APPDATA%\*.
      %APPDATA%\*.exe /s
      %SYSTEMDRIVE%\*.exe
      %systemroot%\*. /mp /s
      CREATERESTOREPOINT
      %systemroot%\system32\*.dll /lockedfiles
      %systemroot%\Tasks\*.job /lockedfiles
      %systemroot%\system32\drivers\*.sys /lockedfiles
      %systemroot%\System32\config\*.sav
      %systemroot%\system32\drivers\*.sys /90
      5. Push the Quick Scan button.
      6. Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  7. #7
    Member mrr107i's Avatar
    Join Date
    Sep 2003
    Location
    Pittsfield, MA
    Posts
    40
    Points
    0

    Default

    Here are the two scans:

    OTL logfile created on: 8/31/2013 7:08:19 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mrr107i\Desktop
    64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16660)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.75 Gb Total Physical Memory | 1.39 Gb Available Physical Memory | 50.64% Memory free
    5.49 Gb Paging File | 3.73 Gb Available in Paging File | 67.93% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 149.05 Gb Total Space | 106.95 Gb Free Space | 71.75% Space Free | Partition Type: NTFS

    Computer Name: MY-ACER | User Name: mrr107i | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2013/08/31 19:07:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mrr107i\Desktop\OTL.exe
    PRC - [2013/07/23 02:45:26 | 000,240,288 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE
    PRC - [2013/06/13 02:27:38 | 001,236,336 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
    PRC - [2013/05/09 04:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
    PRC - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    PRC - [2013/04/16 03:09:06 | 000,233,048 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
    PRC - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    PRC - [2012/09/20 05:39:12 | 003,677,000 | ---- | M] (GFI Software) -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
    PRC - [2012/06/27 03:25:04 | 000,681,056 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
    PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


    ========== Modules (No Company Name) ==========


    ========== Services (SafeList) ==========

    SRV:64bit: - [2013/06/15 23:39:39 | 000,143,120 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
    SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
    SRV:64bit: - [2012/06/01 01:36:12 | 000,350,720 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\inetsrv\ftpsvc.dll -- (ftpsvc)
    SRV:64bit: - [2010/11/20 23:24:51 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\snmp.exe -- (SNMP)
    SRV:64bit: - [2010/11/20 23:24:38 | 000,189,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqtgsvc.exe -- (MSMQTriggers)
    SRV:64bit: - [2010/11/20 23:24:38 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)
    SRV:64bit: - [2009/07/13 21:41:19 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lpdsvc.dll -- (LPDSVC)
    SRV:64bit: - [2009/07/13 21:41:10 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iprip.dll -- (iprip)
    SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
    SRV:64bit: - [2009/07/13 21:39:56 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\WMSvc.exe -- (WMSVC)
    SRV:64bit: - [2009/07/13 21:39:47 | 000,081,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tlntsvr.exe -- (TlntSvr)
    SRV:64bit: - [2009/07/13 21:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)
    SRV:64bit: - [2009/07/13 21:39:20 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
    SRV:64bit: - [2009/07/13 21:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
    SRV:64bit: - [2008/12/01 23:45:18 | 000,932,864 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
    SRV - [2013/08/16 20:51:17 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2013/07/23 02:45:26 | 000,240,288 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE -- (BBUpdate)
    SRV - [2013/07/23 02:45:26 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.EXE -- (BBSvc)
    SRV - [2013/07/12 18:52:41 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013/06/21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2013/06/13 02:27:38 | 001,236,336 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service)
    SRV - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
    SRV - [2013/01/25 11:34:04 | 000,166,408 | ---- | M] (Microsoft Corp.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
    SRV - [2012/09/20 05:39:12 | 003,677,000 | ---- | M] (GFI Software) [Auto | Running] -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc)
    SRV - [2012/08/03 20:22:18 | 000,352,248 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
    SRV - [2012/06/27 03:25:06 | 001,326,176 | ---- | M] (Secunia) [On_Demand | Stopped] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
    SRV - [2012/06/27 03:25:04 | 000,681,056 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
    SRV - [2010/11/20 23:25:10 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP)
    SRV - [2010/11/20 23:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
    SRV - [2010/11/20 23:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
    SRV - [2010/11/20 23:24:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
    SRV - [2010/11/20 09:27:28 | 000,444,416 | ---- | M] () [On_Demand | Stopped] -- \winhttp.dll -- (WinHttpAutoProxySvc)
    SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/02/10 16:11:44 | 000,443,448 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
    SRV - [2009/07/13 21:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)
    SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2013/08/29 21:10:51 | 000,045,856 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
    DRV:64bit: - [2013/06/27 16:56:46 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
    DRV:64bit: - [2013/06/27 16:56:45 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
    DRV:64bit: - [2013/06/27 16:56:45 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
    DRV:64bit: - [2013/06/24 22:56:16 | 003,979,776 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
    DRV:64bit: - [2013/06/24 17:38:40 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
    DRV:64bit: - [2013/06/21 16:00:16 | 000,131,856 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
    DRV:64bit: - [2013/05/09 04:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
    DRV:64bit: - [2013/05/09 04:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
    DRV:64bit: - [2013/05/09 04:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
    DRV:64bit: - [2013/05/09 04:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV:64bit: - [2013/05/09 04:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV:64bit: - [2013/04/30 04:51:09 | 000,040,616 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
    DRV:64bit: - [2013/03/14 22:17:46 | 000,021,600 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdkmafd.sys -- (amdkmafd)
    DRV:64bit: - [2013/01/31 05:50:58 | 000,028,160 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
    DRV:64bit: - [2013/01/21 08:53:42 | 000,398,816 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
    DRV:64bit: - [2012/12/03 23:49:38 | 000,011,944 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdide64.sys -- (amdide64)
    DRV:64bit: - [2012/10/24 10:32:15 | 000,035,456 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gfiark.sys -- (gfiark)
    DRV:64bit: - [2012/10/10 23:08:10 | 000,044,928 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam)
    DRV:64bit: - [2012/10/05 15:26:20 | 000,132,608 | ---- | M] (Unibrain) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ubohci.sys -- (ubohci)
    DRV:64bit: - [2012/10/05 10:57:02 | 000,092,160 | ---- | M] (Unibrain) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\UBUMAPI.sys -- (ubumapi)
    DRV:64bit: - [2012/10/05 10:56:40 | 000,024,064 | ---- | M] (Unibrain) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\UBSBM.sys -- (ubsbm)
    DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
    DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
    DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2012/08/02 16:50:48 | 000,031,024 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
    DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011/12/16 10:20:10 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
    DRV:64bit: - [2011/10/20 12:24:06 | 000,157,696 | ---- | M] (Matrox Graphics Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\MxEFUF64.sys -- (MxEFUF)
    DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
    DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
    DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010/11/20 23:24:15 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
    DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/04/27 17:42:00 | 000,056,040 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2sdx64.sys -- (O2SDRDR)
    DRV:64bit: - [2010/02/10 16:12:30 | 001,492,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV)
    DRV:64bit: - [2010/02/10 16:12:28 | 000,747,576 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf)
    DRV:64bit: - [2010/02/10 16:12:28 | 000,299,576 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWAZL.sys -- (CAXHWAZL)
    DRV:64bit: - [2010/02/10 16:11:44 | 000,016,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)
    DRV:64bit: - [2010/02/10 16:11:40 | 000,023,736 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)
    DRV:64bit: - [2009/09/12 16:24:52 | 000,057,376 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2mdx64.sys -- (O2MDRDR)
    DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/13 20:26:13 | 000,189,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
    DRV:64bit: - [2009/07/13 20:09:02 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
    DRV:64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
    DRV:64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
    DRV:64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
    DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2008/12/02 01:15:04 | 005,000,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
    DRV:64bit: - [2008/01/19 09:36:14 | 000,036,352 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nscirda.sys -- (NSCIRDA)
    DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{4B51C980-C6B0-11E1-9136-AED16088709B}: "URL" = http://www.safesearch.net/search?q={searchTerms}&utm_medium=ie&utm_campaign=21&utm_source=sm&utm_content=1&utm_term=5EDBBE5459F7448B

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A3 9A 9D B4 9A A6 CE 01 [binary data]
    IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
    FF - prefs.js..keyword.URL: ""
    FF - user.js - File not found

    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
    FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
    FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
    FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\mrr107i\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\mrr107i\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\mrr107i\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\mrr107i\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\mrr107i\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

    64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/05/13 10:57:23 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/05/26 14:39:22 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/05/26 14:39:22 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/08/16 20:51:02 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

    [2013/05/26 14:32:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mrr107i\AppData\Roaming\Mozilla\Extensions
    [2013/08/16 20:51:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
    [2013/08/16 20:51:19 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

    ========== Chrome ==========


    O1 HOSTS File: ([2013/01/21 22:04:17 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
    O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O4:64bit: - HKLM..\Run: [MsmqIntCert] C:\Windows\SysNative\mqrt.dll (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [Search Protection] C:\ProgramData\Search Protection\SearchProtection.exe File not found
    O4 - HKCU..\Run: [DriverMax_RESTART] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Domains: noctibusiness.com ([testing] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: whitenergroup.com ([]* in Trusted sites)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downlo...eckControl.cab (Reg Error: Key error.)
    O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadblocker.com/activex/sabspx.cab (SABScanProcesses Class)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3F47479F-5584-44C1-A78F-C5D9638A92BD}: DhcpNameServer = 192.168.1.1
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2010/11/20 09:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) - C:\autochk.exe -- [ NTFS ]
    O32 - AutoRun File - [2010/11/20 09:24:26 | 000,793,088 | ---- | M] (Microsoft Corporation) - C:\autoconv.exe -- [ NTFS ]
    O33 - MountPoints2\{7fe7bd75-1302-11e2-b39e-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{7fe7bd75-1302-11e2-b39e-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

    ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
    ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
    ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
    ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
    ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
    ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
    ActiveX:64bit: >{a4a68f1d-91f9-4be8-aa32-f2212f9777b6} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX: {56A879C8-1BEC-427D-9294-2A57096F591D} - EIEDPLauncher
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
    ActiveX: >{508EA017-F442-49FB-8A8E-DF3AE997817C} - Browser Customizations
    ActiveX: >{f0ba3a7a-a6bb-46a9-a2c3-e35a4b51c194} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

    Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/08/31 19:07:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\mrr107i\Desktop\OTL.exe
    [2013/08/31 18:15:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon
    [2013/08/29 19:15:22 | 000,000,000 | ---D | C] -- C:\AdwCleaner
    [2013/08/28 19:37:58 | 000,000,000 | ---D | C] -- C:\Users\mrr107i\AppData\Local\AVG SafeGuard toolbar
    [2013/08/28 19:37:29 | 000,045,856 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
    [2013/08/28 19:37:21 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG SafeGuard toolbar
    [2013/08/28 19:37:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar
    [2013/08/28 19:36:49 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
    [2013/08/20 18:06:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
    [2013/08/20 18:06:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
    [2013/08/16 23:00:23 | 000,000,000 | ---D | C] -- C:\Users\mrr107i\AppData\Roaming\vlc
    [2013/08/16 22:58:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    [2013/08/16 20:51:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
    [2013/08/05 11:27:49 | 003,979,776 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
    [2013/08/05 11:25:27 | 000,398,816 | ---- | C] (Marvell) -- C:\Windows\SysNative\drivers\yk62x64.sys
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2013/08/31 19:07:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mrr107i\Desktop\OTL.exe
    [2013/08/31 19:00:04 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2013/08/31 19:00:01 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2013/08/31 18:33:01 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2911081205-3221290127-895880306-1000UA.job
    [2013/08/31 18:22:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2013/08/31 18:14:18 | 000,021,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/08/31 18:14:18 | 000,021,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/08/31 18:05:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013/08/31 18:05:28 | 2213,105,664 | -HS- | M] () -- C:\hiberfil.sys
    [2013/08/30 19:33:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2911081205-3221290127-895880306-1000Core.job
    [2013/08/29 21:11:08 | 000,003,725 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
    [2013/08/29 21:10:51 | 000,045,856 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
    [2013/08/28 17:37:47 | 000,001,868 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
    [2013/08/25 19:37:32 | 000,275,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2013/08/24 15:39:02 | 000,000,514 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 56d50113-2f4e-4f6e-bc2d-d5cf672b9bb8.job
    [2013/08/24 15:37:10 | 000,847,156 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2013/08/24 15:37:10 | 000,708,684 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2013/08/24 15:37:10 | 000,138,312 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2013/08/20 18:06:34 | 000,002,074 | ---- | M] () -- C:\Users\mrr107i\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
    [2013/08/20 18:06:34 | 000,002,050 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
    [2013/08/16 22:58:20 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
    [2013/08/16 22:58:14 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2013/08/13 07:34:00 | 000,015,652 | ---- | M] () -- C:\Users\mrr107i\Music\Documents\Important Info.rtf
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2013/08/28 19:37:17 | 000,003,725 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
    [2013/08/25 19:37:19 | 000,275,712 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2013/08/20 18:06:34 | 000,002,074 | ---- | C] () -- C:\Users\mrr107i\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
    [2013/08/20 18:06:34 | 000,002,050 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
    [2013/08/20 18:06:32 | 000,216,064 | ---- | C] () -- C:\Windows\SysWow64\gcapi_dll.dll
    [2013/08/16 22:58:20 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
    [2013/07/02 15:27:29 | 000,102,248 | ---- | C] () -- C:\Users\mrr107i\GoToAssistDownloadHelper.exe
    [2013/05/16 16:11:04 | 000,841,372 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2013/05/09 16:26:49 | 000,000,017 | ---- | C] () -- C:\Users\mrr107i\AppData\Local\resmon.resmoncfg
    [2013/04/21 13:48:55 | 000,000,430 | RHS- | C] () -- C:\Users\mrr107i\ntuser.pol
    [2013/04/01 14:54:41 | 000,004,608 | ---- | C] () -- C:\Users\mrr107i\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2013/02/22 11:18:23 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
    [2012/12/23 18:04:56 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI

    ========== ZeroAccess Check ==========

    [2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    ========== LOP Check ==========

    [2013/06/25 00:26:13 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Ad-Aware Antivirus
    [2013/05/19 13:16:49 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\BatteryBar
    [2013/07/07 22:49:07 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\com.Shutterfly.ExpressUploader
    [2013/06/05 18:40:00 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Foxit Software
    [2013/02/22 11:41:39 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\OverDrive
    [2013/02/22 11:41:39 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\PeaZip
    [2013/04/29 16:28:51 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\player
    [2013/04/29 16:28:16 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Strongvault
    [2013/02/22 11:41:41 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Windows Live Writer

    ========== Purity Check ==========



    ========== Custom Scans ==========

    < c:\windows\*. /SL >
    [2009/07/14 01:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
    [2009/07/14 01:08:49 | 000,032,586 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
    [2013/01/21 11:33:21 | 000,000,896 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    [2013/01/21 11:33:25 | 000,000,900 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    [2013/02/10 09:12:16 | 000,000,864 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2911081205-3221290127-895880306-1000Core.job
    [2013/02/10 09:12:19 | 000,000,916 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2911081205-3221290127-895880306-1000UA.job
    [2013/03/17 09:32:21 | 000,000,514 | ---- | C] () -- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 56d50113-2f4e-4f6e-bc2d-d5cf672b9bb8.job
    [2013/04/25 16:12:01 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

    < c:\windows\*. /RP >

    < %ALLUSERSPROFILE%\Application Data\*. >

    < %ALLUSERSPROFILE%\Application Data\*.exe /s >

    < %APPDATA%\*. >
    [2013/06/25 00:26:13 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Ad-Aware Antivirus
    [2013/07/07 22:48:11 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Adobe
    [2013/02/22 11:41:33 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Apple Computer
    [2013/05/19 13:16:49 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\BatteryBar
    [2013/02/25 16:34:15 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\CodeBlocks
    [2013/07/07 22:49:07 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\com.Shutterfly.ExpressUploader
    [2013/06/05 18:40:00 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Foxit Software
    [2013/02/22 11:41:33 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Google
    [2013/02/22 11:41:33 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Identities
    [2013/06/24 17:53:30 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\LavasoftStatistics
    [2013/02/22 11:41:33 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Macromedia
    [2013/02/22 11:41:33 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Malwarebytes
    [2010/11/21 03:16:58 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Media Center Programs
    [2013/03/23 12:00:33 | 000,000,000 | --SD | M] -- C:\Users\mrr107i\AppData\Roaming\Microsoft
    [2013/08/28 16:34:43 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Mozilla
    [2013/02/22 11:41:39 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\OverDrive
    [2013/02/22 11:41:39 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\PeaZip
    [2013/04/29 16:28:51 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\player
    [2013/06/06 18:10:40 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Real
    [2013/05/26 14:40:19 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\RealNetworks
    [2013/08/03 15:31:19 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Skype
    [2013/04/29 16:28:16 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Strongvault
    [2013/02/22 11:41:40 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\SUPERAntiSpyware.com
    [2013/08/16 23:00:44 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\vlc
    [2013/02/22 11:41:40 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Winamp
    [2013/02/22 11:41:41 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Windows Live Writer
    [2013/03/26 21:31:35 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Yahoo!

    < %APPDATA%\*.exe /s >
    [2013/07/07 22:48:04 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\mrr107i\AppData\Roaming\Macromedia\Flash Player\http://www.macromedia.com\bin\airapp...pinstaller.exe

    < %SYSTEMDRIVE%\*.exe >
    [2009/07/13 21:38:55 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\ARP.EXE
    [2009/07/13 21:38:55 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\attrib.exe
    [2010/11/20 09:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) -- C:\autochk.exe
    [2010/11/20 09:24:26 | 000,793,088 | ---- | M] (Microsoft Corporation) -- C:\autoconv.exe
    [2010/11/20 09:24:27 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\bcdboot.exe
    [2010/11/20 09:24:27 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\bcdedit.exe
    [2009/07/13 21:38:56 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\BdeUnlockWizard.exe
    [2009/07/13 21:38:57 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\BitLockerWizard.exe
    [2009/07/13 21:38:57 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\BitLockerWizardElev.exe
    [2010/11/20 12:15:50 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\bmrui.exe
    [2009/07/13 21:38:57 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\bootcfg.exe
    [2010/11/20 12:15:50 | 000,365,056 | ---- | M] (Microsoft Corporation) -- C:\BootRec.exe
    [2010/11/20 09:24:27 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\bootsect.exe
    [2009/07/13 21:38:59 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\chkdsk.exe
    [2009/07/13 21:38:59 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\chkntfs.exe
    [2010/11/20 09:24:33 | 000,345,088 | ---- | M] (Microsoft Corporation) -- C:\cmd.exe
    [2010/11/20 09:24:33 | 000,337,920 | ---- | M] (Microsoft Corporation) -- C:\conhost.exe
    [2009/07/13 21:39:01 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\convert.exe
    [2010/11/20 12:16:14 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\cscript.exe
    [2009/07/13 21:39:06 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\dinotify.exe
    [2010/11/20 09:24:39 | 000,166,400 | ---- | M] (Microsoft Corporation) -- C:\diskpart.exe
    [2010/11/20 09:24:39 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\diskraid.exe
    [2009/07/13 21:39:06 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Dism.exe
    [2009/07/13 21:39:06 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\dllhst3g.exe
    [2009/07/13 21:39:07 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\dnscacheugc.exe
    [2009/07/13 21:39:07 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\doskey.exe
    [2009/07/13 21:39:07 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\dpapimig.exe
    [2009/07/13 21:39:07 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\drvinst.exe
    [2009/07/13 21:39:07 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\drvload.exe
    [2009/07/13 21:39:08 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Eap3Host.exe
    [2009/07/13 21:39:09 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\esentutl.exe
    [2009/07/13 21:39:09 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\expand.exe
    [2009/07/13 21:39:10 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\find.exe
    [2009/07/13 21:39:10 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\finger.exe
    [2010/11/20 09:24:46 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\fixmapi.exe
    [2009/07/13 21:39:10 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\fltMC.exe
    [2010/11/20 09:24:46 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\ftp.exe
    [2009/07/13 21:39:12 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\HOSTNAME.EXE
    [2010/11/20 12:15:50 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\icacls.exe
    [2013/05/08 16:42:13 | 032,828,818 | ---- | M] (Google Inc.) -- C:\installer_r09-windows.exe
    [2009/07/13 21:39:13 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\ipconfig.exe
    [2009/07/13 21:39:15 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\lodctr.exe
    [2010/11/20 09:24:52 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\LogonUI.exe
    [2010/11/20 09:24:53 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\lsm.exe
    [2010/11/20 09:24:53 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\manage-bde.exe
    [2010/11/20 09:24:53 | 000,272,896 | ---- | M] (Microsoft Corporation) -- C:\mcbuilder.exe
    [2010/11/20 12:15:50 | 000,146,944 | ---- | M] (Microsoft Corporation) -- C:\MdSched.exe
    [2009/07/13 21:39:20 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\mountvol.exe
    [2009/07/13 21:39:20 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\MRINFO.EXE
    [2009/07/13 21:39:24 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\MuiUnattend.exe
    [2009/07/13 21:39:25 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\nbtstat.exe
    [2009/07/13 21:39:25 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\ndadmin.exe
    [2009/07/13 21:39:25 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\net.exe
    [2010/11/20 09:25:00 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\net1.exe
    [2009/07/13 21:39:25 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\netbtugc.exe
    [2009/07/13 21:39:25 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\netcfg.exe
    [2009/07/13 21:39:25 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\netiougc.exe
    [2009/07/13 21:39:25 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\netsh.exe
    [2009/07/13 21:39:25 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\NETSTAT.EXE
    [2009/07/13 21:39:25 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\newdev.exe
    [2009/07/13 21:39:25 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\notepad.exe
    [2010/11/20 09:33:46 | 005,563,776 | ---- | M] (Microsoft Corporation) -- C:\ntoskrnl.exe
    [2009/07/13 21:39:26 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\ntprint.exe
    [2009/07/13 21:39:26 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\PATHPING.EXE
    [2009/07/13 21:39:26 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\PING.EXE
    [2010/11/20 09:25:02 | 000,199,168 | ---- | M] (Microsoft Corporation) -- C:\PkgMgr.exe
    [2009/07/13 21:39:27 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\poqexec.exe
    [2009/07/13 21:39:27 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\print.exe
    [2009/07/13 21:39:28 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\rasautou.exe
    [2010/11/20 12:15:50 | 000,238,080 | ---- | M] (Microsoft Corporation) -- C:\recdisc.exe
    [2009/07/13 21:39:29 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\recover.exe
    [2009/07/13 21:39:29 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\reg.exe
    [2009/07/13 21:39:29 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\regedt32.exe
    [2009/07/13 21:39:29 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\regsvr32.exe
    [2010/11/20 09:25:06 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\repair-bde.exe
    [2009/07/13 21:39:30 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\replace.exe
    [2010/11/20 09:25:07 | 000,128,000 | ---- | M] (Microsoft) -- C:\Robocopy.exe
    [2009/07/13 21:39:31 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\ROUTE.EXE
    [2010/11/20 12:15:50 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\rstrui.exe
    [2010/11/20 09:25:08 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\sacsess.exe
    [2009/07/13 21:39:39 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\sfc.exe
    [2009/07/13 21:39:46 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\subst.exe
    [2009/07/13 21:39:46 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\sxstrace.exe
    [2010/11/20 09:25:22 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\takeown.exe
    [2010/11/20 09:25:23 | 000,257,024 | ---- | M] (Microsoft Corporation) -- C:\taskmgr.exe
    [2009/07/13 21:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\TCPSVCS.EXE
    [2012/04/11 09:49:44 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\TFC.exe
    [2009/07/13 21:39:48 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\TRACERT.EXE
    [2009/07/13 21:39:48 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\ucsvc.exe
    [2009/07/13 21:39:48 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\unlodctr.exe
    [2010/11/20 09:25:25 | 000,533,504 | ---- | M] (Microsoft Corporation) -- C:\vds.exe
    [2009/07/13 21:39:49 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\vdsldr.exe
    [2009/07/13 21:39:49 | 000,155,648 | ---- | M] (Microsoft Corporation) -- C:\verifier.exe
    [2010/11/20 12:00:37 | 000,244,224 | ---- | M] (Microsoft Corporation) -- C:\vmicsvc.exe
    [2010/11/20 12:15:50 | 001,600,512 | ---- | M] (Microsoft Corporation) -- C:\VSSVC.exe
    [2009/07/13 21:39:50 | 000,265,728 | ---- | M] (Microsoft Corporation) -- C:\wbadmin.exe
    [2010/11/20 09:25:28 | 001,504,256 | ---- | M] (Microsoft Corporation) -- C:\wbengine.exe
    [2010/11/20 12:16:54 | 000,541,696 | ---- | M] (Microsoft Corporation) -- C:\wdscapture.exe
    [2010/11/20 12:15:50 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\wermgr.exe
    [2009/07/13 21:39:51 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\wevtutil.exe
    [2009/07/13 21:39:52 | 000,403,968 | ---- | M] (Microsoft Corporation) -- C:\wimserv.exe
    [2009/07/13 21:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\wininit.exe
    [2010/11/20 09:28:59 | 000,605,552 | ---- | M] (Microsoft Corporation) -- C:\winload.exe
    [2009/07/13 21:39:53 | 000,571,392 | ---- | M] (Microsoft Corporation) -- C:\winpeshl.exe
    [2010/11/20 09:28:59 | 000,518,672 | ---- | M] (Microsoft Corporation) -- C:\winresume.exe
    [2009/07/13 21:39:57 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\wowreg32.exe
    [2009/07/13 21:39:57 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\wpeinit.exe
    [2009/07/13 21:39:57 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\wpeutil.exe
    [2010/11/20 12:16:14 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\wscript.exe
    [2009/07/13 21:39:58 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\xcopy.exe

    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles >

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\system32\drivers\*.sys /lockedfiles >

    < %systemroot%\System32\config\*.sav >

    < %systemroot%\system32\drivers\*.sys /90 >

    < End of report >

    OTL Extras logfile created on: 8/31/2013 7:08:19 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mrr107i\Desktop
    64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16660)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.75 Gb Total Physical Memory | 1.39 Gb Available Physical Memory | 50.64% Memory free
    5.49 Gb Paging File | 3.73 Gb Available in Paging File | 67.93% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 149.05 Gb Total Space | 106.95 Gb Free Space | 71.75% Space Free | Partition Type: NTFS

    Computer Name: MY-ACER | User Name: mrr107i | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- "%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL" "%1"
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [cmd] -- cmd.exe /s /k pushd "%V"
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
    Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
    Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- "%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL" "%1"
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [cmd] -- cmd.exe /s /k pushd "%V"
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
    Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
    Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{001BC93D-5B9C-437C-A8C2-378EC8141247}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{0831DD80-C91F-4EB2-B617-0B3250081078}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{0C79FDD0-F5F0-4567-8723-BD4E6DC3B0E1}" = lport=50001 | protocol=17 | dir=in | name=iha_messagecenter |
    "{219C5D8B-7672-4956-9454-524E1AAB6DF6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{32C18157-70D1-4E7E-80F5-EB6CBCC162CD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{47DEF4EC-B655-426E-A807-9620C7745A1A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{72A0A13C-1400-4202-95ED-2177365EC2EE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{7FC3A2E4-199E-45FD-8E58-27A0D0156AD8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{989BF44E-9C10-480D-B1FF-EF41309C365F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{B2D270FB-B6B3-4CDB-A127-046BC0D7BA00}" = lport=50001 | protocol=17 | dir=in | name=iha_messagecenter |
    "{C3B4B0D6-A52A-480A-B5BC-07DE14616CF1}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{DD4A0834-6D28-44D4-B2B1-9D378A71D469}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{E41FDE9A-F4C5-4841-B469-2335D24E6245}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{F57F7793-11E2-4A99-A305-CB69976DAA16}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{F609D71A-C16E-4D53-BAFD-A9B2BE617FD4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{00169B85-539B-4B92-AA24-3E18C279C4B1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{0EE14802-4360-43F1-B1B0-AC7C6816CC3C}" = protocol=6 | dir=out | app=system |
    "{11DC0820-F2F2-4C7E-A138-44C9A2DFC0B3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{13E73D9A-976F-4C86-8594-670BD27A2FE5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{19F73BD2-CFD7-4CCA-B04E-17284554DBB7}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{26943E3D-6343-45B6-9C1B-375386C61981}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
    "{26BAE66E-1587-4AB9-BACF-3C5DA8FA988D}" = protocol=17 | dir=in | app=c:\users\mrr107i\appdata\local\google\google talk plugin\googletalkplugin.exe |
    "{280FF24A-D8BC-4C36-ADAF-F1F80E7BE8BF}" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
    "{385DF004-6E2E-41E2-89D6-921D377649B3}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
    "{43BA8D8E-0C52-4394-B97C-B81868169EA2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{4811F642-D211-4AAE-8612-DE41E6E06D39}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
    "{4B2EE96C-4B48-4CD5-AD9E-22C7C435C7D8}" = protocol=17 | dir=in | app=c:\program files (x86)\adawaretb\dtuser.exe |
    "{4EFD7992-4203-44A0-92FA-7CDF598070A6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "{63D5C79E-F355-4C88-BC10-C676FBB40219}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{6B5D238A-EBCB-4090-ABFC-273DD690E6F3}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
    "{6C7F44BF-DF4C-46BA-AB7B-EB8DFB44E534}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{72D6FA1B-8D2A-4E72-B13C-15CF66143894}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
    "{9046468A-75F9-4B29-8ABC-D0B9FBE24A42}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{9EF53FED-3D95-4667-8ADD-E09A444A973C}" = protocol=6 | dir=in | app=c:\users\mrr107i\appdata\local\google\google talk plugin\googletalkplugin.exe |
    "{9F32C751-AB59-4848-9215-B3243C0E8C78}" = protocol=6 | dir=in | app=c:\users\mrr107i\appdata\local\google\google talk plugin\googletalkplugin.exe |
    "{A5B3756A-2EEA-43B3-BF67-094EC3361349}" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
    "{A69BB037-8D79-46D2-BA45-3057D3803895}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{B124CF52-19B3-4348-813F-B074901A409B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{BD908D84-1DE8-49CA-AEFF-2FFA8FCC16EB}" = protocol=17 | dir=in | app=c:\users\mrr107i\appdata\local\google\google talk plugin\googletalkplugin.exe |
    "{BE9CC748-7DB2-43AB-BAE9-8FC6DDC8F9AF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{C249CD07-0557-412C-86D6-7D6465B7D457}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{D05AA52E-AF33-4B5B-9E18-4DF2A7FDA6EC}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
    "{E0F2939A-4718-4C97-8A47-D051AD900E94}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{E3FE4E90-F7C7-41A7-B584-C0F18E7F4997}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{E8BD0BEE-EA6D-4D8B-A0B2-84D024305A62}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{E9707BAE-224C-4507-9CAF-FA66A989DD86}" = protocol=6 | dir=in | app=c:\program files (x86)\adawaretb\dtuser.exe |
    "{F4F39682-0E9D-4203-B0CB-6997FD30A4FD}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
    "{F8A40AA8-7BB2-442E-AF3C-0CAF212193D2}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
    "TCP Query User{BB5F8B1F-583A-49DE-A73D-2A3962351AA5}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "TCP Query User{E6B67D9F-4CA9-4423-A0A6-2FD5C909775B}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
    "TCP Query User{F0B0959F-53ED-4A40-88ED-2D90D6A17B03}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
    "TCP Query User{F7C0AB56-B08D-409D-B312-20738027EBF7}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
    "UDP Query User{41D741C0-3C1B-4780-A72B-12CA5DE18E5B}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "UDP Query User{9D2A149C-36F3-4E19-B97C-33C54D82DCE5}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
    "UDP Query User{C928DD45-31AC-4E92-8F17-6B14AB08CED9}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
    "UDP Query User{F19470EC-7207-465B-880A-C59B2E149F04}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{290329c4-a276-3aec-b633-9f5a39d8dd96}" = Python 3.3.0 (64-bit)
    "{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1" = PeaZip 4.8.1 (WIN64)
    "{7F2E5C3B-DBDF-469D-AD8D-F686D3B71176}" = Debugging Tools for Windows (x64)
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{AD735182-26CD-42A6-B3F2-4544B23243AF}" = Oracle VM VirtualBox 4.2.14
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
    "{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
    "CCleaner" = CCleaner
    "CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
    "Defraggler" = Defraggler
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "PDF Creator" = PDF Creator

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
    "{0A5B39D2-7ED6-4779-BCC9-37F381139DB3}" = Adobe AIR
    "{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
    "{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources
    "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
    "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
    "{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
    "{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}" = RealDownloader
    "{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
    "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
    "{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
    "{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
    "{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
    "{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{7CD0118B-FE1C-6513-7FCC-2D4BC220DD1F}" = Shutterfly Express Uploader
    "{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}" = Bing Desktop
    "{834265C4-CDF4-44D3-BD24-31531617EFB8}" = IHA_MessageCenter
    "{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer
    "{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
    "{8C14F524-451D-467D-9B84-FD653D790902}" = Bing Bar
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
    "{944167EA-7F89-4705-8DCD-1D63B53141B0}" = Ad-Aware Antivirus
    "{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
    "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
    "{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail
    "{BA45BD32-4DF8-4BE8-8558-83A0280CEE8E}" = Vz In Home Agent
    "{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
    "{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
    "{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
    "{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{EB38C3E0-4863-3123-9114-5BE86EC8E5C7}" = Google Talk Plugin
    "{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
    "{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
    "{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
    "1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = mail.com Software Updater
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Advanced PDF Repair v2.0" = Advanced PDF Repair v2.0
    "avast" = avast! Free Antivirus
    "AVG SafeGuard toolbar" = AVG SafeGuard toolbar
    "com.Shutterfly.ExpressUploader" = Shutterfly Express Uploader
    "DMX5_is1" = DriverMax 7
    "Duplicate Cleaner Free" = Duplicate Cleaner Free 3.0.1
    "Flash Player Pro_is1" = Flash Player Pro V5.4
    "FormatFactory" = FormatFactory 3.0.1
    "Foxit Reader_is1" = Foxit Reader
    "FrostWire 5" = FrostWire 5.5.3
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
    "Mozilla Firefox 23.0.1 (x86 en-US)" = Mozilla Firefox 23.0.1 (x86 en-US)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "RealPlayer 16.0" = RealPlayer
    "Scratch" = Scratch
    "Secunia PSI" = Secunia PSI (3.0.0.2004)
    "VLC media player" = VLC media player 2.0.8
    "WinLiveSuite" = Windows Live Essentials
    "Yahoo! Messenger" = Yahoo! Messenger
    "Yahoo! Software Update" = Yahoo! Software Update

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "SkyDriveSetup.exe" = Microsoft SkyDrive

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 7/9/2013 6:19:43 PM | Computer Name = My-Acer | Source = MsiInstaller | ID = 11001
    Description =

    Error - 7/9/2013 7:33:12 PM | Computer Name = My-Acer | Source = WinMgmt | ID = 10
    Description =

    Error - 7/10/2013 12:21:54 AM | Computer Name = My-Acer | Source = WinMgmt | ID = 10
    Description =

    Error - 7/10/2013 3:08:21 PM | Computer Name = My-Acer | Source = WinMgmt | ID = 10
    Description =

    Error - 7/10/2013 5:08:25 PM | Computer Name = My-Acer | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "c:\program files (x86)\innovative
    solutions\drivermax\DPInst\ia64\dpinst.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 7/10/2013 5:09:07 PM | Computer Name = My-Acer | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe".
    Dependent
    Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 7/10/2013 6:57:29 PM | Computer Name = My-Acer | Source = Application Hang | ID = 1002
    Description = The program IEXPLORE.EXE version 10.0.9200.16635 stopped interacting
    with Windows and was closed. To see if more information about the problem is available,
    check the problem history in the Action Center control panel. Process ID: 52f0 Start
    Time: 01ce7dc0c863b7c0 Termination Time: 47 Application Path: C:\Program Files (x86)\Internet
    Explorer\IEXPLORE.EXE Report Id:

    Error - 7/11/2013 6:58:06 AM | Computer Name = My-Acer | Source = WinMgmt | ID = 10
    Description =

    Error - 7/11/2013 10:17:50 AM | Computer Name = My-Acer | Source = WinMgmt | ID = 10
    Description =

    Error - 7/11/2013 8:15:17 PM | Computer Name = My-Acer | Source = WinMgmt | ID = 10
    Description =

    [ Media Center Events ]
    Error - 12/8/2012 9:21:17 PM | Computer Name = My-Acer | Source = MCUpdate | ID = 0
    Description = 8:21:16 PM - Failed to retrieve Directory (Error: The operation has
    timed out)

    Error - 12/8/2012 10:24:06 PM | Computer Name = My-Acer | Source = MCUpdate | ID = 0
    Description = 9:24:06 PM - Failed to retrieve Directory (Error: The operation has
    timed out)

    [ System Events ]
    Error - 8/31/2013 12:57:40 AM | Computer Name = My-Acer | Source = SNMP | ID = 16713180
    Description = The SNMP Service encountered an error while accessing the registry
    key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

    Error - 8/31/2013 12:57:46 AM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7000
    Description = The vToolbarUpdater15.5.0 service failed to start due to the following
    error: %%2

    Error - 8/31/2013 12:57:57 AM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    amdkmafd

    Error - 8/31/2013 6:05:54 PM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7009
    Description = A timeout was reached (30000 milliseconds) while waiting for the Bing
    Desktop Update service service to connect.

    Error - 8/31/2013 6:06:22 PM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7001
    Description = The Net.Msmq Listener Adapter service depends on the Windows Process
    Activation Service service which failed to start because of the following error:
    %%1058

    Error - 8/31/2013 6:06:22 PM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7001
    Description = The Net.Pipe Listener Adapter service depends on the Windows Process
    Activation Service service which failed to start because of the following error:
    %%1058

    Error - 8/31/2013 6:06:22 PM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7001
    Description = The Net.Tcp Listener Adapter service depends on the Windows Process
    Activation Service service which failed to start because of the following error:
    %%1058

    Error - 8/31/2013 6:06:53 PM | Computer Name = My-Acer | Source = SNMP | ID = 16713180
    Description = The SNMP Service encountered an error while accessing the registry
    key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

    Error - 8/31/2013 6:06:55 PM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7000
    Description = The vToolbarUpdater15.5.0 service failed to start due to the following
    error: %%2

    Error - 8/31/2013 6:07:05 PM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    amdkmafd


    < End of report >
    I used IE this time instead of Firefox.
    Thank You

  8. #8
    Member mrr107i's Avatar
    Join Date
    Sep 2003
    Location
    Pittsfield, MA
    Posts
    40
    Points
    0

    Default

    Here are the two scans:

    OTL logfile created on: 8/31/2013 7:08:19 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mrr107i\Desktop
    64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16660)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.75 Gb Total Physical Memory | 1.39 Gb Available Physical Memory | 50.64% Memory free
    5.49 Gb Paging File | 3.73 Gb Available in Paging File | 67.93% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 149.05 Gb Total Space | 106.95 Gb Free Space | 71.75% Space Free | Partition Type: NTFS

    Computer Name: MY-ACER | User Name: mrr107i | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2013/08/31 19:07:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mrr107i\Desktop\OTL.exe
    PRC - [2013/07/23 02:45:26 | 000,240,288 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE
    PRC - [2013/06/13 02:27:38 | 001,236,336 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
    PRC - [2013/05/09 04:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
    PRC - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    PRC - [2013/04/16 03:09:06 | 000,233,048 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
    PRC - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    PRC - [2012/09/20 05:39:12 | 003,677,000 | ---- | M] (GFI Software) -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
    PRC - [2012/06/27 03:25:04 | 000,681,056 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
    PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


    ========== Modules (No Company Name) ==========


    ========== Services (SafeList) ==========

    SRV:64bit: - [2013/06/15 23:39:39 | 000,143,120 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
    SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
    SRV:64bit: - [2012/06/01 01:36:12 | 000,350,720 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\inetsrv\ftpsvc.dll -- (ftpsvc)
    SRV:64bit: - [2010/11/20 23:24:51 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\snmp.exe -- (SNMP)
    SRV:64bit: - [2010/11/20 23:24:38 | 000,189,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqtgsvc.exe -- (MSMQTriggers)
    SRV:64bit: - [2010/11/20 23:24:38 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)
    SRV:64bit: - [2009/07/13 21:41:19 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lpdsvc.dll -- (LPDSVC)
    SRV:64bit: - [2009/07/13 21:41:10 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iprip.dll -- (iprip)
    SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
    SRV:64bit: - [2009/07/13 21:39:56 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\WMSvc.exe -- (WMSVC)
    SRV:64bit: - [2009/07/13 21:39:47 | 000,081,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tlntsvr.exe -- (TlntSvr)
    SRV:64bit: - [2009/07/13 21:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)
    SRV:64bit: - [2009/07/13 21:39:20 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
    SRV:64bit: - [2009/07/13 21:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
    SRV:64bit: - [2008/12/01 23:45:18 | 000,932,864 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
    SRV - [2013/08/16 20:51:17 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2013/07/23 02:45:26 | 000,240,288 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE -- (BBUpdate)
    SRV - [2013/07/23 02:45:26 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.EXE -- (BBSvc)
    SRV - [2013/07/12 18:52:41 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013/06/21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2013/06/13 02:27:38 | 001,236,336 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service)
    SRV - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
    SRV - [2013/01/25 11:34:04 | 000,166,408 | ---- | M] (Microsoft Corp.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
    SRV - [2012/09/20 05:39:12 | 003,677,000 | ---- | M] (GFI Software) [Auto | Running] -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc)
    SRV - [2012/08/03 20:22:18 | 000,352,248 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
    SRV - [2012/06/27 03:25:06 | 001,326,176 | ---- | M] (Secunia) [On_Demand | Stopped] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
    SRV - [2012/06/27 03:25:04 | 000,681,056 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
    SRV - [2010/11/20 23:25:10 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP)
    SRV - [2010/11/20 23:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
    SRV - [2010/11/20 23:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
    SRV - [2010/11/20 23:24:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
    SRV - [2010/11/20 09:27:28 | 000,444,416 | ---- | M] () [On_Demand | Stopped] -- \winhttp.dll -- (WinHttpAutoProxySvc)
    SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/02/10 16:11:44 | 000,443,448 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
    SRV - [2009/07/13 21:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)
    SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2013/08/29 21:10:51 | 000,045,856 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
    DRV:64bit: - [2013/06/27 16:56:46 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
    DRV:64bit: - [2013/06/27 16:56:45 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
    DRV:64bit: - [2013/06/27 16:56:45 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
    DRV:64bit: - [2013/06/24 22:56:16 | 003,979,776 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
    DRV:64bit: - [2013/06/24 17:38:40 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
    DRV:64bit: - [2013/06/21 16:00:16 | 000,131,856 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
    DRV:64bit: - [2013/05/09 04:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
    DRV:64bit: - [2013/05/09 04:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
    DRV:64bit: - [2013/05/09 04:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
    DRV:64bit: - [2013/05/09 04:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV:64bit: - [2013/05/09 04:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV:64bit: - [2013/04/30 04:51:09 | 000,040,616 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
    DRV:64bit: - [2013/03/14 22:17:46 | 000,021,600 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdkmafd.sys -- (amdkmafd)
    DRV:64bit: - [2013/01/31 05:50:58 | 000,028,160 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
    DRV:64bit: - [2013/01/21 08:53:42 | 000,398,816 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
    DRV:64bit: - [2012/12/03 23:49:38 | 000,011,944 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdide64.sys -- (amdide64)
    DRV:64bit: - [2012/10/24 10:32:15 | 000,035,456 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gfiark.sys -- (gfiark)
    DRV:64bit: - [2012/10/10 23:08:10 | 000,044,928 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam)
    DRV:64bit: - [2012/10/05 15:26:20 | 000,132,608 | ---- | M] (Unibrain) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ubohci.sys -- (ubohci)
    DRV:64bit: - [2012/10/05 10:57:02 | 000,092,160 | ---- | M] (Unibrain) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\UBUMAPI.sys -- (ubumapi)
    DRV:64bit: - [2012/10/05 10:56:40 | 000,024,064 | ---- | M] (Unibrain) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\UBSBM.sys -- (ubsbm)
    DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
    DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
    DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2012/08/02 16:50:48 | 000,031,024 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
    DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011/12/16 10:20:10 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
    DRV:64bit: - [2011/10/20 12:24:06 | 000,157,696 | ---- | M] (Matrox Graphics Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\MxEFUF64.sys -- (MxEFUF)
    DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
    DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
    DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010/11/20 23:24:15 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
    DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/04/27 17:42:00 | 000,056,040 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2sdx64.sys -- (O2SDRDR)
    DRV:64bit: - [2010/02/10 16:12:30 | 001,492,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV)
    DRV:64bit: - [2010/02/10 16:12:28 | 000,747,576 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf)
    DRV:64bit: - [2010/02/10 16:12:28 | 000,299,576 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWAZL.sys -- (CAXHWAZL)
    DRV:64bit: - [2010/02/10 16:11:44 | 000,016,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)
    DRV:64bit: - [2010/02/10 16:11:40 | 000,023,736 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)
    DRV:64bit: - [2009/09/12 16:24:52 | 000,057,376 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2mdx64.sys -- (O2MDRDR)
    DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/13 20:26:13 | 000,189,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
    DRV:64bit: - [2009/07/13 20:09:02 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
    DRV:64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
    DRV:64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
    DRV:64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
    DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2008/12/02 01:15:04 | 005,000,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
    DRV:64bit: - [2008/01/19 09:36:14 | 000,036,352 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nscirda.sys -- (NSCIRDA)
    DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{4B51C980-C6B0-11E1-9136-AED16088709B}: "URL" = http://www.safesearch.net/search?q={searchTerms}&utm_medium=ie&utm_campaign=21&utm_source=sm&utm_content=1&utm_term=5EDBBE5459F7448B

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A3 9A 9D B4 9A A6 CE 01 [binary data]
    IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
    FF - prefs.js..keyword.URL: ""
    FF - user.js - File not found

    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
    FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
    FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
    FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\mrr107i\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\mrr107i\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\mrr107i\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\mrr107i\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\mrr107i\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

    64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/05/13 10:57:23 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/05/26 14:39:22 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/05/26 14:39:22 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/08/16 20:51:02 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

    [2013/05/26 14:32:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mrr107i\AppData\Roaming\Mozilla\Extensions
    [2013/08/16 20:51:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
    [2013/08/16 20:51:19 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

    ========== Chrome ==========


    O1 HOSTS File: ([2013/01/21 22:04:17 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
    O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O4:64bit: - HKLM..\Run: [MsmqIntCert] C:\Windows\SysNative\mqrt.dll (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [Search Protection] C:\ProgramData\Search Protection\SearchProtection.exe File not found
    O4 - HKCU..\Run: [DriverMax_RESTART] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Domains: noctibusiness.com ([testing] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: whitenergroup.com ([]* in Trusted sites)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downlo...eckControl.cab (Reg Error: Key error.)
    O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadblocker.com/activex/sabspx.cab (SABScanProcesses Class)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3F47479F-5584-44C1-A78F-C5D9638A92BD}: DhcpNameServer = 192.168.1.1
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2010/11/20 09:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) - C:\autochk.exe -- [ NTFS ]
    O32 - AutoRun File - [2010/11/20 09:24:26 | 000,793,088 | ---- | M] (Microsoft Corporation) - C:\autoconv.exe -- [ NTFS ]
    O33 - MountPoints2\{7fe7bd75-1302-11e2-b39e-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{7fe7bd75-1302-11e2-b39e-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

    ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
    ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
    ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
    ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
    ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
    ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
    ActiveX:64bit: >{a4a68f1d-91f9-4be8-aa32-f2212f9777b6} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX: {56A879C8-1BEC-427D-9294-2A57096F591D} - EIEDPLauncher
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
    ActiveX: >{508EA017-F442-49FB-8A8E-DF3AE997817C} - Browser Customizations
    ActiveX: >{f0ba3a7a-a6bb-46a9-a2c3-e35a4b51c194} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

    Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/08/31 19:07:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\mrr107i\Desktop\OTL.exe
    [2013/08/31 18:15:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon
    [2013/08/29 19:15:22 | 000,000,000 | ---D | C] -- C:\AdwCleaner
    [2013/08/28 19:37:58 | 000,000,000 | ---D | C] -- C:\Users\mrr107i\AppData\Local\AVG SafeGuard toolbar
    [2013/08/28 19:37:29 | 000,045,856 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
    [2013/08/28 19:37:21 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG SafeGuard toolbar
    [2013/08/28 19:37:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar
    [2013/08/28 19:36:49 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
    [2013/08/20 18:06:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
    [2013/08/20 18:06:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
    [2013/08/16 23:00:23 | 000,000,000 | ---D | C] -- C:\Users\mrr107i\AppData\Roaming\vlc
    [2013/08/16 22:58:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    [2013/08/16 20:51:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
    [2013/08/05 11:27:49 | 003,979,776 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
    [2013/08/05 11:25:27 | 000,398,816 | ---- | C] (Marvell) -- C:\Windows\SysNative\drivers\yk62x64.sys
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2013/08/31 19:07:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mrr107i\Desktop\OTL.exe
    [2013/08/31 19:00:04 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2013/08/31 19:00:01 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2013/08/31 18:33:01 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2911081205-3221290127-895880306-1000UA.job
    [2013/08/31 18:22:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2013/08/31 18:14:18 | 000,021,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/08/31 18:14:18 | 000,021,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/08/31 18:05:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013/08/31 18:05:28 | 2213,105,664 | -HS- | M] () -- C:\hiberfil.sys
    [2013/08/30 19:33:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2911081205-3221290127-895880306-1000Core.job
    [2013/08/29 21:11:08 | 000,003,725 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
    [2013/08/29 21:10:51 | 000,045,856 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
    [2013/08/28 17:37:47 | 000,001,868 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
    [2013/08/25 19:37:32 | 000,275,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2013/08/24 15:39:02 | 000,000,514 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 56d50113-2f4e-4f6e-bc2d-d5cf672b9bb8.job
    [2013/08/24 15:37:10 | 000,847,156 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2013/08/24 15:37:10 | 000,708,684 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2013/08/24 15:37:10 | 000,138,312 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2013/08/20 18:06:34 | 000,002,074 | ---- | M] () -- C:\Users\mrr107i\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
    [2013/08/20 18:06:34 | 000,002,050 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
    [2013/08/16 22:58:20 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
    [2013/08/16 22:58:14 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2013/08/13 07:34:00 | 000,015,652 | ---- | M] () -- C:\Users\mrr107i\Music\Documents\Important Info.rtf
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2013/08/28 19:37:17 | 000,003,725 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
    [2013/08/25 19:37:19 | 000,275,712 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2013/08/20 18:06:34 | 000,002,074 | ---- | C] () -- C:\Users\mrr107i\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
    [2013/08/20 18:06:34 | 000,002,050 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
    [2013/08/20 18:06:32 | 000,216,064 | ---- | C] () -- C:\Windows\SysWow64\gcapi_dll.dll
    [2013/08/16 22:58:20 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
    [2013/07/02 15:27:29 | 000,102,248 | ---- | C] () -- C:\Users\mrr107i\GoToAssistDownloadHelper.exe
    [2013/05/16 16:11:04 | 000,841,372 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2013/05/09 16:26:49 | 000,000,017 | ---- | C] () -- C:\Users\mrr107i\AppData\Local\resmon.resmoncfg
    [2013/04/21 13:48:55 | 000,000,430 | RHS- | C] () -- C:\Users\mrr107i\ntuser.pol
    [2013/04/01 14:54:41 | 000,004,608 | ---- | C] () -- C:\Users\mrr107i\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2013/02/22 11:18:23 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
    [2012/12/23 18:04:56 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI

    ========== ZeroAccess Check ==========

    [2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    ========== LOP Check ==========

    [2013/06/25 00:26:13 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Ad-Aware Antivirus
    [2013/05/19 13:16:49 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\BatteryBar
    [2013/07/07 22:49:07 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\com.Shutterfly.ExpressUploader
    [2013/06/05 18:40:00 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Foxit Software
    [2013/02/22 11:41:39 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\OverDrive
    [2013/02/22 11:41:39 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\PeaZip
    [2013/04/29 16:28:51 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\player
    [2013/04/29 16:28:16 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Strongvault
    [2013/02/22 11:41:41 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Windows Live Writer

    ========== Purity Check ==========



    ========== Custom Scans ==========

    < c:\windows\*. /SL >
    [2009/07/14 01:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
    [2009/07/14 01:08:49 | 000,032,586 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
    [2013/01/21 11:33:21 | 000,000,896 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    [2013/01/21 11:33:25 | 000,000,900 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    [2013/02/10 09:12:16 | 000,000,864 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2911081205-3221290127-895880306-1000Core.job
    [2013/02/10 09:12:19 | 000,000,916 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2911081205-3221290127-895880306-1000UA.job
    [2013/03/17 09:32:21 | 000,000,514 | ---- | C] () -- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 56d50113-2f4e-4f6e-bc2d-d5cf672b9bb8.job
    [2013/04/25 16:12:01 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

    < c:\windows\*. /RP >

    < %ALLUSERSPROFILE%\Application Data\*. >

    < %ALLUSERSPROFILE%\Application Data\*.exe /s >

    < %APPDATA%\*. >
    [2013/06/25 00:26:13 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Ad-Aware Antivirus
    [2013/07/07 22:48:11 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Adobe
    [2013/02/22 11:41:33 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Apple Computer
    [2013/05/19 13:16:49 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\BatteryBar
    [2013/02/25 16:34:15 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\CodeBlocks
    [2013/07/07 22:49:07 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\com.Shutterfly.ExpressUploader
    [2013/06/05 18:40:00 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Foxit Software
    [2013/02/22 11:41:33 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Google
    [2013/02/22 11:41:33 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Identities
    [2013/06/24 17:53:30 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\LavasoftStatistics
    [2013/02/22 11:41:33 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Macromedia
    [2013/02/22 11:41:33 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Malwarebytes
    [2010/11/21 03:16:58 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Media Center Programs
    [2013/03/23 12:00:33 | 000,000,000 | --SD | M] -- C:\Users\mrr107i\AppData\Roaming\Microsoft
    [2013/08/28 16:34:43 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Mozilla
    [2013/02/22 11:41:39 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\OverDrive
    [2013/02/22 11:41:39 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\PeaZip
    [2013/04/29 16:28:51 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\player
    [2013/06/06 18:10:40 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Real
    [2013/05/26 14:40:19 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\RealNetworks
    [2013/08/03 15:31:19 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Skype
    [2013/04/29 16:28:16 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Strongvault
    [2013/02/22 11:41:40 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\SUPERAntiSpyware.com
    [2013/08/16 23:00:44 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\vlc
    [2013/02/22 11:41:40 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Winamp
    [2013/02/22 11:41:41 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Windows Live Writer
    [2013/03/26 21:31:35 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Yahoo!

    < %APPDATA%\*.exe /s >
    [2013/07/07 22:48:04 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\mrr107i\AppData\Roaming\Macromedia\Flash Player\http://www.macromedia.com\bin\airapp...pinstaller.exe

    < %SYSTEMDRIVE%\*.exe >
    [2009/07/13 21:38:55 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\ARP.EXE
    [2009/07/13 21:38:55 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\attrib.exe
    [2010/11/20 09:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) -- C:\autochk.exe
    [2010/11/20 09:24:26 | 000,793,088 | ---- | M] (Microsoft Corporation) -- C:\autoconv.exe
    [2010/11/20 09:24:27 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\bcdboot.exe
    [2010/11/20 09:24:27 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\bcdedit.exe
    [2009/07/13 21:38:56 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\BdeUnlockWizard.exe
    [2009/07/13 21:38:57 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\BitLockerWizard.exe
    [2009/07/13 21:38:57 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\BitLockerWizardElev.exe
    [2010/11/20 12:15:50 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\bmrui.exe
    [2009/07/13 21:38:57 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\bootcfg.exe
    [2010/11/20 12:15:50 | 000,365,056 | ---- | M] (Microsoft Corporation) -- C:\BootRec.exe
    [2010/11/20 09:24:27 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\bootsect.exe
    [2009/07/13 21:38:59 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\chkdsk.exe
    [2009/07/13 21:38:59 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\chkntfs.exe
    [2010/11/20 09:24:33 | 000,345,088 | ---- | M] (Microsoft Corporation) -- C:\cmd.exe
    [2010/11/20 09:24:33 | 000,337,920 | ---- | M] (Microsoft Corporation) -- C:\conhost.exe
    [2009/07/13 21:39:01 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\convert.exe
    [2010/11/20 12:16:14 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\cscript.exe
    [2009/07/13 21:39:06 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\dinotify.exe
    [2010/11/20 09:24:39 | 000,166,400 | ---- | M] (Microsoft Corporation) -- C:\diskpart.exe
    [2010/11/20 09:24:39 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\diskraid.exe
    [2009/07/13 21:39:06 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Dism.exe
    [2009/07/13 21:39:06 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\dllhst3g.exe
    [2009/07/13 21:39:07 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\dnscacheugc.exe
    [2009/07/13 21:39:07 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\doskey.exe
    [2009/07/13 21:39:07 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\dpapimig.exe
    [2009/07/13 21:39:07 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\drvinst.exe
    [2009/07/13 21:39:07 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\drvload.exe
    [2009/07/13 21:39:08 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Eap3Host.exe
    [2009/07/13 21:39:09 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\esentutl.exe
    [2009/07/13 21:39:09 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\expand.exe
    [2009/07/13 21:39:10 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\find.exe
    [2009/07/13 21:39:10 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\finger.exe
    [2010/11/20 09:24:46 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\fixmapi.exe
    [2009/07/13 21:39:10 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\fltMC.exe
    [2010/11/20 09:24:46 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\ftp.exe
    [2009/07/13 21:39:12 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\HOSTNAME.EXE
    [2010/11/20 12:15:50 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\icacls.exe
    [2013/05/08 16:42:13 | 032,828,818 | ---- | M] (Google Inc.) -- C:\installer_r09-windows.exe
    [2009/07/13 21:39:13 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\ipconfig.exe
    [2009/07/13 21:39:15 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\lodctr.exe
    [2010/11/20 09:24:52 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\LogonUI.exe
    [2010/11/20 09:24:53 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\lsm.exe
    [2010/11/20 09:24:53 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\manage-bde.exe
    [2010/11/20 09:24:53 | 000,272,896 | ---- | M] (Microsoft Corporation) -- C:\mcbuilder.exe
    [2010/11/20 12:15:50 | 000,146,944 | ---- | M] (Microsoft Corporation) -- C:\MdSched.exe
    [2009/07/13 21:39:20 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\mountvol.exe
    [2009/07/13 21:39:20 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\MRINFO.EXE
    [2009/07/13 21:39:24 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\MuiUnattend.exe
    [2009/07/13 21:39:25 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\nbtstat.exe
    [2009/07/13 21:39:25 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\ndadmin.exe
    [2009/07/13 21:39:25 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\net.exe
    [2010/11/20 09:25:00 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\net1.exe
    [2009/07/13 21:39:25 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\netbtugc.exe
    [2009/07/13 21:39:25 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\netcfg.exe
    [2009/07/13 21:39:25 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\netiougc.exe
    [2009/07/13 21:39:25 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\netsh.exe
    [2009/07/13 21:39:25 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\NETSTAT.EXE
    [2009/07/13 21:39:25 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\newdev.exe
    [2009/07/13 21:39:25 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\notepad.exe
    [2010/11/20 09:33:46 | 005,563,776 | ---- | M] (Microsoft Corporation) -- C:\ntoskrnl.exe
    [2009/07/13 21:39:26 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\ntprint.exe
    [2009/07/13 21:39:26 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\PATHPING.EXE
    [2009/07/13 21:39:26 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\PING.EXE
    [2010/11/20 09:25:02 | 000,199,168 | ---- | M] (Microsoft Corporation) -- C:\PkgMgr.exe
    [2009/07/13 21:39:27 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\poqexec.exe
    [2009/07/13 21:39:27 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\print.exe
    [2009/07/13 21:39:28 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\rasautou.exe
    [2010/11/20 12:15:50 | 000,238,080 | ---- | M] (Microsoft Corporation) -- C:\recdisc.exe
    [2009/07/13 21:39:29 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\recover.exe
    [2009/07/13 21:39:29 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\reg.exe
    [2009/07/13 21:39:29 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\regedt32.exe
    [2009/07/13 21:39:29 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\regsvr32.exe
    [2010/11/20 09:25:06 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\repair-bde.exe
    [2009/07/13 21:39:30 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\replace.exe
    [2010/11/20 09:25:07 | 000,128,000 | ---- | M] (Microsoft) -- C:\Robocopy.exe
    [2009/07/13 21:39:31 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\ROUTE.EXE
    [2010/11/20 12:15:50 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\rstrui.exe
    [2010/11/20 09:25:08 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\sacsess.exe
    [2009/07/13 21:39:39 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\sfc.exe
    [2009/07/13 21:39:46 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\subst.exe
    [2009/07/13 21:39:46 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\sxstrace.exe
    [2010/11/20 09:25:22 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\takeown.exe
    [2010/11/20 09:25:23 | 000,257,024 | ---- | M] (Microsoft Corporation) -- C:\taskmgr.exe
    [2009/07/13 21:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\TCPSVCS.EXE
    [2012/04/11 09:49:44 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\TFC.exe
    [2009/07/13 21:39:48 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\TRACERT.EXE
    [2009/07/13 21:39:48 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\ucsvc.exe
    [2009/07/13 21:39:48 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\unlodctr.exe
    [2010/11/20 09:25:25 | 000,533,504 | ---- | M] (Microsoft Corporation) -- C:\vds.exe
    [2009/07/13 21:39:49 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\vdsldr.exe
    [2009/07/13 21:39:49 | 000,155,648 | ---- | M] (Microsoft Corporation) -- C:\verifier.exe
    [2010/11/20 12:00:37 | 000,244,224 | ---- | M] (Microsoft Corporation) -- C:\vmicsvc.exe
    [2010/11/20 12:15:50 | 001,600,512 | ---- | M] (Microsoft Corporation) -- C:\VSSVC.exe
    [2009/07/13 21:39:50 | 000,265,728 | ---- | M] (Microsoft Corporation) -- C:\wbadmin.exe
    [2010/11/20 09:25:28 | 001,504,256 | ---- | M] (Microsoft Corporation) -- C:\wbengine.exe
    [2010/11/20 12:16:54 | 000,541,696 | ---- | M] (Microsoft Corporation) -- C:\wdscapture.exe
    [2010/11/20 12:15:50 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\wermgr.exe
    [2009/07/13 21:39:51 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\wevtutil.exe
    [2009/07/13 21:39:52 | 000,403,968 | ---- | M] (Microsoft Corporation) -- C:\wimserv.exe
    [2009/07/13 21:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\wininit.exe
    [2010/11/20 09:28:59 | 000,605,552 | ---- | M] (Microsoft Corporation) -- C:\winload.exe
    [2009/07/13 21:39:53 | 000,571,392 | ---- | M] (Microsoft Corporation) -- C:\winpeshl.exe
    [2010/11/20 09:28:59 | 000,518,672 | ---- | M] (Microsoft Corporation) -- C:\winresume.exe
    [2009/07/13 21:39:57 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\wowreg32.exe
    [2009/07/13 21:39:57 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\wpeinit.exe
    [2009/07/13 21:39:57 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\wpeutil.exe
    [2010/11/20 12:16:14 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\wscript.exe
    [2009/07/13 21:39:58 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\xcopy.exe

    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles >

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\system32\drivers\*.sys /lockedfiles >

    < %systemroot%\System32\config\*.sav >

    < %systemroot%\system32\drivers\*.sys /90 >

    < End of report >

    OTL Extras logfile created on: 8/31/2013 7:08:19 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mrr107i\Desktop
    64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16660)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.75 Gb Total Physical Memory | 1.39 Gb Available Physical Memory | 50.64% Memory free
    5.49 Gb Paging File | 3.73 Gb Available in Paging File | 67.93% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 149.05 Gb Total Space | 106.95 Gb Free Space | 71.75% Space Free | Partition Type: NTFS

    Computer Name: MY-ACER | User Name: mrr107i | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- "%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL" "%1"
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [cmd] -- cmd.exe /s /k pushd "%V"
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
    Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
    Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- "%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL" "%1"
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [cmd] -- cmd.exe /s /k pushd "%V"
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
    Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
    Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{001BC93D-5B9C-437C-A8C2-378EC8141247}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{0831DD80-C91F-4EB2-B617-0B3250081078}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{0C79FDD0-F5F0-4567-8723-BD4E6DC3B0E1}" = lport=50001 | protocol=17 | dir=in | name=iha_messagecenter |
    "{219C5D8B-7672-4956-9454-524E1AAB6DF6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{32C18157-70D1-4E7E-80F5-EB6CBCC162CD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{47DEF4EC-B655-426E-A807-9620C7745A1A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{72A0A13C-1400-4202-95ED-2177365EC2EE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{7FC3A2E4-199E-45FD-8E58-27A0D0156AD8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{989BF44E-9C10-480D-B1FF-EF41309C365F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{B2D270FB-B6B3-4CDB-A127-046BC0D7BA00}" = lport=50001 | protocol=17 | dir=in | name=iha_messagecenter |
    "{C3B4B0D6-A52A-480A-B5BC-07DE14616CF1}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{DD4A0834-6D28-44D4-B2B1-9D378A71D469}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{E41FDE9A-F4C5-4841-B469-2335D24E6245}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{F57F7793-11E2-4A99-A305-CB69976DAA16}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{F609D71A-C16E-4D53-BAFD-A9B2BE617FD4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{00169B85-539B-4B92-AA24-3E18C279C4B1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{0EE14802-4360-43F1-B1B0-AC7C6816CC3C}" = protocol=6 | dir=out | app=system |
    "{11DC0820-F2F2-4C7E-A138-44C9A2DFC0B3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{13E73D9A-976F-4C86-8594-670BD27A2FE5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{19F73BD2-CFD7-4CCA-B04E-17284554DBB7}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{26943E3D-6343-45B6-9C1B-375386C61981}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
    "{26BAE66E-1587-4AB9-BACF-3C5DA8FA988D}" = protocol=17 | dir=in | app=c:\users\mrr107i\appdata\local\google\google talk plugin\googletalkplugin.exe |
    "{280FF24A-D8BC-4C36-ADAF-F1F80E7BE8BF}" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
    "{385DF004-6E2E-41E2-89D6-921D377649B3}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
    "{43BA8D8E-0C52-4394-B97C-B81868169EA2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{4811F642-D211-4AAE-8612-DE41E6E06D39}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
    "{4B2EE96C-4B48-4CD5-AD9E-22C7C435C7D8}" = protocol=17 | dir=in | app=c:\program files (x86)\adawaretb\dtuser.exe |
    "{4EFD7992-4203-44A0-92FA-7CDF598070A6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "{63D5C79E-F355-4C88-BC10-C676FBB40219}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{6B5D238A-EBCB-4090-ABFC-273DD690E6F3}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
    "{6C7F44BF-DF4C-46BA-AB7B-EB8DFB44E534}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{72D6FA1B-8D2A-4E72-B13C-15CF66143894}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
    "{9046468A-75F9-4B29-8ABC-D0B9FBE24A42}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{9EF53FED-3D95-4667-8ADD-E09A444A973C}" = protocol=6 | dir=in | app=c:\users\mrr107i\appdata\local\google\google talk plugin\googletalkplugin.exe |
    "{9F32C751-AB59-4848-9215-B3243C0E8C78}" = protocol=6 | dir=in | app=c:\users\mrr107i\appdata\local\google\google talk plugin\googletalkplugin.exe |
    "{A5B3756A-2EEA-43B3-BF67-094EC3361349}" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
    "{A69BB037-8D79-46D2-BA45-3057D3803895}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{B124CF52-19B3-4348-813F-B074901A409B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{BD908D84-1DE8-49CA-AEFF-2FFA8FCC16EB}" = protocol=17 | dir=in | app=c:\users\mrr107i\appdata\local\google\google talk plugin\googletalkplugin.exe |
    "{BE9CC748-7DB2-43AB-BAE9-8FC6DDC8F9AF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{C249CD07-0557-412C-86D6-7D6465B7D457}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{D05AA52E-AF33-4B5B-9E18-4DF2A7FDA6EC}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
    "{E0F2939A-4718-4C97-8A47-D051AD900E94}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{E3FE4E90-F7C7-41A7-B584-C0F18E7F4997}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{E8BD0BEE-EA6D-4D8B-A0B2-84D024305A62}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{E9707BAE-224C-4507-9CAF-FA66A989DD86}" = protocol=6 | dir=in | app=c:\program files (x86)\adawaretb\dtuser.exe |
    "{F4F39682-0E9D-4203-B0CB-6997FD30A4FD}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
    "{F8A40AA8-7BB2-442E-AF3C-0CAF212193D2}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
    "TCP Query User{BB5F8B1F-583A-49DE-A73D-2A3962351AA5}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "TCP Query User{E6B67D9F-4CA9-4423-A0A6-2FD5C909775B}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
    "TCP Query User{F0B0959F-53ED-4A40-88ED-2D90D6A17B03}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
    "TCP Query User{F7C0AB56-B08D-409D-B312-20738027EBF7}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
    "UDP Query User{41D741C0-3C1B-4780-A72B-12CA5DE18E5B}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "UDP Query User{9D2A149C-36F3-4E19-B97C-33C54D82DCE5}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
    "UDP Query User{C928DD45-31AC-4E92-8F17-6B14AB08CED9}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
    "UDP Query User{F19470EC-7207-465B-880A-C59B2E149F04}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{290329c4-a276-3aec-b633-9f5a39d8dd96}" = Python 3.3.0 (64-bit)
    "{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1" = PeaZip 4.8.1 (WIN64)
    "{7F2E5C3B-DBDF-469D-AD8D-F686D3B71176}" = Debugging Tools for Windows (x64)
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{AD735182-26CD-42A6-B3F2-4544B23243AF}" = Oracle VM VirtualBox 4.2.14
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
    "{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
    "CCleaner" = CCleaner
    "CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
    "Defraggler" = Defraggler
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "PDF Creator" = PDF Creator

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
    "{0A5B39D2-7ED6-4779-BCC9-37F381139DB3}" = Adobe AIR
    "{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
    "{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources
    "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
    "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
    "{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
    "{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}" = RealDownloader
    "{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
    "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
    "{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
    "{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
    "{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
    "{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{7CD0118B-FE1C-6513-7FCC-2D4BC220DD1F}" = Shutterfly Express Uploader
    "{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}" = Bing Desktop
    "{834265C4-CDF4-44D3-BD24-31531617EFB8}" = IHA_MessageCenter
    "{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer
    "{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
    "{8C14F524-451D-467D-9B84-FD653D790902}" = Bing Bar
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
    "{944167EA-7F89-4705-8DCD-1D63B53141B0}" = Ad-Aware Antivirus
    "{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
    "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
    "{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail
    "{BA45BD32-4DF8-4BE8-8558-83A0280CEE8E}" = Vz In Home Agent
    "{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
    "{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
    "{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
    "{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{EB38C3E0-4863-3123-9114-5BE86EC8E5C7}" = Google Talk Plugin
    "{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
    "{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
    "{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
    "1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = mail.com Software Updater
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Advanced PDF Repair v2.0" = Advanced PDF Repair v2.0
    "avast" = avast! Free Antivirus
    "AVG SafeGuard toolbar" = AVG SafeGuard toolbar
    "com.Shutterfly.ExpressUploader" = Shutterfly Express Uploader
    "DMX5_is1" = DriverMax 7
    "Duplicate Cleaner Free" = Duplicate Cleaner Free 3.0.1
    "Flash Player Pro_is1" = Flash Player Pro V5.4
    "FormatFactory" = FormatFactory 3.0.1
    "Foxit Reader_is1" = Foxit Reader
    "FrostWire 5" = FrostWire 5.5.3
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
    "Mozilla Firefox 23.0.1 (x86 en-US)" = Mozilla Firefox 23.0.1 (x86 en-US)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "RealPlayer 16.0" = RealPlayer
    "Scratch" = Scratch
    "Secunia PSI" = Secunia PSI (3.0.0.2004)
    "VLC media player" = VLC media player 2.0.8
    "WinLiveSuite" = Windows Live Essentials
    "Yahoo! Messenger" = Yahoo! Messenger
    "Yahoo! Software Update" = Yahoo! Software Update

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "SkyDriveSetup.exe" = Microsoft SkyDrive

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 7/9/2013 6:19:43 PM | Computer Name = My-Acer | Source = MsiInstaller | ID = 11001
    Description =

    Error - 7/9/2013 7:33:12 PM | Computer Name = My-Acer | Source = WinMgmt | ID = 10
    Description =

    Error - 7/10/2013 12:21:54 AM | Computer Name = My-Acer | Source = WinMgmt | ID = 10
    Description =

    Error - 7/10/2013 3:08:21 PM | Computer Name = My-Acer | Source = WinMgmt | ID = 10
    Description =

    Error - 7/10/2013 5:08:25 PM | Computer Name = My-Acer | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "c:\program files (x86)\innovative
    solutions\drivermax\DPInst\ia64\dpinst.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 7/10/2013 5:09:07 PM | Computer Name = My-Acer | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe".
    Dependent
    Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 7/10/2013 6:57:29 PM | Computer Name = My-Acer | Source = Application Hang | ID = 1002
    Description = The program IEXPLORE.EXE version 10.0.9200.16635 stopped interacting
    with Windows and was closed. To see if more information about the problem is available,
    check the problem history in the Action Center control panel. Process ID: 52f0 Start
    Time: 01ce7dc0c863b7c0 Termination Time: 47 Application Path: C:\Program Files (x86)\Internet
    Explorer\IEXPLORE.EXE Report Id:

    Error - 7/11/2013 6:58:06 AM | Computer Name = My-Acer | Source = WinMgmt | ID = 10
    Description =

    Error - 7/11/2013 10:17:50 AM | Computer Name = My-Acer | Source = WinMgmt | ID = 10
    Description =

    Error - 7/11/2013 8:15:17 PM | Computer Name = My-Acer | Source = WinMgmt | ID = 10
    Description =

    [ Media Center Events ]
    Error - 12/8/2012 9:21:17 PM | Computer Name = My-Acer | Source = MCUpdate | ID = 0
    Description = 8:21:16 PM - Failed to retrieve Directory (Error: The operation has
    timed out)

    Error - 12/8/2012 10:24:06 PM | Computer Name = My-Acer | Source = MCUpdate | ID = 0
    Description = 9:24:06 PM - Failed to retrieve Directory (Error: The operation has
    timed out)

    [ System Events ]
    Error - 8/31/2013 12:57:40 AM | Computer Name = My-Acer | Source = SNMP | ID = 16713180
    Description = The SNMP Service encountered an error while accessing the registry
    key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

    Error - 8/31/2013 12:57:46 AM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7000
    Description = The vToolbarUpdater15.5.0 service failed to start due to the following
    error: %%2

    Error - 8/31/2013 12:57:57 AM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    amdkmafd

    Error - 8/31/2013 6:05:54 PM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7009
    Description = A timeout was reached (30000 milliseconds) while waiting for the Bing
    Desktop Update service service to connect.

    Error - 8/31/2013 6:06:22 PM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7001
    Description = The Net.Msmq Listener Adapter service depends on the Windows Process
    Activation Service service which failed to start because of the following error:
    %%1058

    Error - 8/31/2013 6:06:22 PM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7001
    Description = The Net.Pipe Listener Adapter service depends on the Windows Process
    Activation Service service which failed to start because of the following error:
    %%1058

    Error - 8/31/2013 6:06:22 PM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7001
    Description = The Net.Tcp Listener Adapter service depends on the Windows Process
    Activation Service service which failed to start because of the following error:
    %%1058

    Error - 8/31/2013 6:06:53 PM | Computer Name = My-Acer | Source = SNMP | ID = 16713180
    Description = The SNMP Service encountered an error while accessing the registry
    key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

    Error - 8/31/2013 6:06:55 PM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7000
    Description = The vToolbarUpdater15.5.0 service failed to start due to the following
    error: %%2

    Error - 8/31/2013 6:07:05 PM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    amdkmafd


    < End of report >
    I used IE this time instead of Firefox.
    Thank You

  9. #9
    Member mrr107i's Avatar
    Join Date
    Sep 2003
    Location
    Pittsfield, MA
    Posts
    40
    Points
    0

    Default

    Here are the two scans from OTL, (Used IE this time):

    OTL logfile created on: 8/31/2013 7:08:19 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mrr107i\Desktop
    64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16660)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.75 Gb Total Physical Memory | 1.39 Gb Available Physical Memory | 50.64% Memory free
    5.49 Gb Paging File | 3.73 Gb Available in Paging File | 67.93% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 149.05 Gb Total Space | 106.95 Gb Free Space | 71.75% Space Free | Partition Type: NTFS

    Computer Name: MY-ACER | User Name: mrr107i | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2013/08/31 19:07:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mrr107i\Desktop\OTL.exe
    PRC - [2013/07/23 02:45:26 | 000,240,288 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE
    PRC - [2013/06/13 02:27:38 | 001,236,336 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
    PRC - [2013/05/09 04:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
    PRC - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    PRC - [2013/04/16 03:09:06 | 000,233,048 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
    PRC - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    PRC - [2012/09/20 05:39:12 | 003,677,000 | ---- | M] (GFI Software) -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
    PRC - [2012/06/27 03:25:04 | 000,681,056 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
    PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


    ========== Modules (No Company Name) ==========


    ========== Services (SafeList) ==========

    SRV:64bit: - [2013/06/15 23:39:39 | 000,143,120 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
    SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
    SRV:64bit: - [2012/06/01 01:36:12 | 000,350,720 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\inetsrv\ftpsvc.dll -- (ftpsvc)
    SRV:64bit: - [2010/11/20 23:24:51 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\snmp.exe -- (SNMP)
    SRV:64bit: - [2010/11/20 23:24:38 | 000,189,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqtgsvc.exe -- (MSMQTriggers)
    SRV:64bit: - [2010/11/20 23:24:38 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)
    SRV:64bit: - [2009/07/13 21:41:19 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lpdsvc.dll -- (LPDSVC)
    SRV:64bit: - [2009/07/13 21:41:10 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iprip.dll -- (iprip)
    SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
    SRV:64bit: - [2009/07/13 21:39:56 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\WMSvc.exe -- (WMSVC)
    SRV:64bit: - [2009/07/13 21:39:47 | 000,081,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tlntsvr.exe -- (TlntSvr)
    SRV:64bit: - [2009/07/13 21:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)
    SRV:64bit: - [2009/07/13 21:39:20 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
    SRV:64bit: - [2009/07/13 21:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
    SRV:64bit: - [2008/12/01 23:45:18 | 000,932,864 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
    SRV - [2013/08/16 20:51:17 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2013/07/23 02:45:26 | 000,240,288 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE -- (BBUpdate)
    SRV - [2013/07/23 02:45:26 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.EXE -- (BBSvc)
    SRV - [2013/07/12 18:52:41 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013/06/21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2013/06/13 02:27:38 | 001,236,336 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service)
    SRV - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
    SRV - [2013/01/25 11:34:04 | 000,166,408 | ---- | M] (Microsoft Corp.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
    SRV - [2012/09/20 05:39:12 | 003,677,000 | ---- | M] (GFI Software) [Auto | Running] -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc)
    SRV - [2012/08/03 20:22:18 | 000,352,248 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
    SRV - [2012/06/27 03:25:06 | 001,326,176 | ---- | M] (Secunia) [On_Demand | Stopped] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
    SRV - [2012/06/27 03:25:04 | 000,681,056 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
    SRV - [2010/11/20 23:25:10 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP)
    SRV - [2010/11/20 23:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
    SRV - [2010/11/20 23:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
    SRV - [2010/11/20 23:24:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
    SRV - [2010/11/20 09:27:28 | 000,444,416 | ---- | M] () [On_Demand | Stopped] -- \winhttp.dll -- (WinHttpAutoProxySvc)
    SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/02/10 16:11:44 | 000,443,448 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
    SRV - [2009/07/13 21:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)
    SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2013/08/29 21:10:51 | 000,045,856 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
    DRV:64bit: - [2013/06/27 16:56:46 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
    DRV:64bit: - [2013/06/27 16:56:45 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
    DRV:64bit: - [2013/06/27 16:56:45 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
    DRV:64bit: - [2013/06/24 22:56:16 | 003,979,776 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
    DRV:64bit: - [2013/06/24 17:38:40 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
    DRV:64bit: - [2013/06/21 16:00:16 | 000,131,856 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
    DRV:64bit: - [2013/05/09 04:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
    DRV:64bit: - [2013/05/09 04:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
    DRV:64bit: - [2013/05/09 04:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
    DRV:64bit: - [2013/05/09 04:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV:64bit: - [2013/05/09 04:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV:64bit: - [2013/04/30 04:51:09 | 000,040,616 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
    DRV:64bit: - [2013/03/14 22:17:46 | 000,021,600 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdkmafd.sys -- (amdkmafd)
    DRV:64bit: - [2013/01/31 05:50:58 | 000,028,160 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
    DRV:64bit: - [2013/01/21 08:53:42 | 000,398,816 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
    DRV:64bit: - [2012/12/03 23:49:38 | 000,011,944 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdide64.sys -- (amdide64)
    DRV:64bit: - [2012/10/24 10:32:15 | 000,035,456 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gfiark.sys -- (gfiark)
    DRV:64bit: - [2012/10/10 23:08:10 | 000,044,928 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam)
    DRV:64bit: - [2012/10/05 15:26:20 | 000,132,608 | ---- | M] (Unibrain) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ubohci.sys -- (ubohci)
    DRV:64bit: - [2012/10/05 10:57:02 | 000,092,160 | ---- | M] (Unibrain) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\UBUMAPI.sys -- (ubumapi)
    DRV:64bit: - [2012/10/05 10:56:40 | 000,024,064 | ---- | M] (Unibrain) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\UBSBM.sys -- (ubsbm)
    DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
    DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
    DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2012/08/02 16:50:48 | 000,031,024 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
    DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011/12/16 10:20:10 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
    DRV:64bit: - [2011/10/20 12:24:06 | 000,157,696 | ---- | M] (Matrox Graphics Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\MxEFUF64.sys -- (MxEFUF)
    DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
    DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
    DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010/11/20 23:24:15 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
    DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/04/27 17:42:00 | 000,056,040 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2sdx64.sys -- (O2SDRDR)
    DRV:64bit: - [2010/02/10 16:12:30 | 001,492,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV)
    DRV:64bit: - [2010/02/10 16:12:28 | 000,747,576 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf)
    DRV:64bit: - [2010/02/10 16:12:28 | 000,299,576 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWAZL.sys -- (CAXHWAZL)
    DRV:64bit: - [2010/02/10 16:11:44 | 000,016,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)
    DRV:64bit: - [2010/02/10 16:11:40 | 000,023,736 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)
    DRV:64bit: - [2009/09/12 16:24:52 | 000,057,376 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2mdx64.sys -- (O2MDRDR)
    DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/13 20:26:13 | 000,189,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
    DRV:64bit: - [2009/07/13 20:09:02 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
    DRV:64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
    DRV:64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
    DRV:64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
    DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2008/12/02 01:15:04 | 005,000,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
    DRV:64bit: - [2008/01/19 09:36:14 | 000,036,352 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nscirda.sys -- (NSCIRDA)
    DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{4B51C980-C6B0-11E1-9136-AED16088709B}: "URL" = http://www.safesearch.net/search?q={searchTerms}&utm_medium=ie&utm_campaign=21&utm_source=sm&utm_content=1&utm_term=5EDBBE5459F7448B

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A3 9A 9D B4 9A A6 CE 01 [binary data]
    IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
    FF - prefs.js..keyword.URL: ""
    FF - user.js - File not found

    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
    FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
    FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
    FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\mrr107i\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\mrr107i\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\mrr107i\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\mrr107i\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\mrr107i\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

    64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/05/13 10:57:23 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/05/26 14:39:22 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/05/26 14:39:22 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/08/16 20:51:02 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

    [2013/05/26 14:32:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mrr107i\AppData\Roaming\Mozilla\Extensions
    [2013/08/16 20:51:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
    [2013/08/16 20:51:19 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

    ========== Chrome ==========


    O1 HOSTS File: ([2013/01/21 22:04:17 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
    O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O4:64bit: - HKLM..\Run: [MsmqIntCert] C:\Windows\SysNative\mqrt.dll (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [Search Protection] C:\ProgramData\Search Protection\SearchProtection.exe File not found
    O4 - HKCU..\Run: [DriverMax_RESTART] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Domains: noctibusiness.com ([testing] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: whitenergroup.com ([]* in Trusted sites)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downlo...eckControl.cab (Reg Error: Key error.)
    O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadblocker.com/activex/sabspx.cab (SABScanProcesses Class)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3F47479F-5584-44C1-A78F-C5D9638A92BD}: DhcpNameServer = 192.168.1.1
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2010/11/20 09:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) - C:\autochk.exe -- [ NTFS ]
    O32 - AutoRun File - [2010/11/20 09:24:26 | 000,793,088 | ---- | M] (Microsoft Corporation) - C:\autoconv.exe -- [ NTFS ]
    O33 - MountPoints2\{7fe7bd75-1302-11e2-b39e-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{7fe7bd75-1302-11e2-b39e-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

    ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
    ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
    ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
    ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
    ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
    ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
    ActiveX:64bit: >{a4a68f1d-91f9-4be8-aa32-f2212f9777b6} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX: {56A879C8-1BEC-427D-9294-2A57096F591D} - EIEDPLauncher
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
    ActiveX: >{508EA017-F442-49FB-8A8E-DF3AE997817C} - Browser Customizations
    ActiveX: >{f0ba3a7a-a6bb-46a9-a2c3-e35a4b51c194} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

    Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/08/31 19:07:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\mrr107i\Desktop\OTL.exe
    [2013/08/31 18:15:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon
    [2013/08/29 19:15:22 | 000,000,000 | ---D | C] -- C:\AdwCleaner
    [2013/08/28 19:37:58 | 000,000,000 | ---D | C] -- C:\Users\mrr107i\AppData\Local\AVG SafeGuard toolbar
    [2013/08/28 19:37:29 | 000,045,856 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
    [2013/08/28 19:37:21 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG SafeGuard toolbar
    [2013/08/28 19:37:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar
    [2013/08/28 19:36:49 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
    [2013/08/20 18:06:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
    [2013/08/20 18:06:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
    [2013/08/16 23:00:23 | 000,000,000 | ---D | C] -- C:\Users\mrr107i\AppData\Roaming\vlc
    [2013/08/16 22:58:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    [2013/08/16 20:51:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
    [2013/08/05 11:27:49 | 003,979,776 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
    [2013/08/05 11:25:27 | 000,398,816 | ---- | C] (Marvell) -- C:\Windows\SysNative\drivers\yk62x64.sys
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2013/08/31 19:07:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mrr107i\Desktop\OTL.exe
    [2013/08/31 19:00:04 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2013/08/31 19:00:01 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2013/08/31 18:33:01 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2911081205-3221290127-895880306-1000UA.job
    [2013/08/31 18:22:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2013/08/31 18:14:18 | 000,021,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/08/31 18:14:18 | 000,021,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/08/31 18:05:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013/08/31 18:05:28 | 2213,105,664 | -HS- | M] () -- C:\hiberfil.sys
    [2013/08/30 19:33:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2911081205-3221290127-895880306-1000Core.job
    [2013/08/29 21:11:08 | 000,003,725 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
    [2013/08/29 21:10:51 | 000,045,856 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
    [2013/08/28 17:37:47 | 000,001,868 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
    [2013/08/25 19:37:32 | 000,275,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2013/08/24 15:39:02 | 000,000,514 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 56d50113-2f4e-4f6e-bc2d-d5cf672b9bb8.job
    [2013/08/24 15:37:10 | 000,847,156 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2013/08/24 15:37:10 | 000,708,684 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2013/08/24 15:37:10 | 000,138,312 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2013/08/20 18:06:34 | 000,002,074 | ---- | M] () -- C:\Users\mrr107i\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
    [2013/08/20 18:06:34 | 000,002,050 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
    [2013/08/16 22:58:20 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
    [2013/08/16 22:58:14 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2013/08/13 07:34:00 | 000,015,652 | ---- | M] () -- C:\Users\mrr107i\Music\Documents\Important Info.rtf
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2013/08/28 19:37:17 | 000,003,725 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
    [2013/08/25 19:37:19 | 000,275,712 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2013/08/20 18:06:34 | 000,002,074 | ---- | C] () -- C:\Users\mrr107i\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
    [2013/08/20 18:06:34 | 000,002,050 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
    [2013/08/20 18:06:32 | 000,216,064 | ---- | C] () -- C:\Windows\SysWow64\gcapi_dll.dll
    [2013/08/16 22:58:20 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
    [2013/07/02 15:27:29 | 000,102,248 | ---- | C] () -- C:\Users\mrr107i\GoToAssistDownloadHelper.exe
    [2013/05/16 16:11:04 | 000,841,372 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2013/05/09 16:26:49 | 000,000,017 | ---- | C] () -- C:\Users\mrr107i\AppData\Local\resmon.resmoncfg
    [2013/04/21 13:48:55 | 000,000,430 | RHS- | C] () -- C:\Users\mrr107i\ntuser.pol
    [2013/04/01 14:54:41 | 000,004,608 | ---- | C] () -- C:\Users\mrr107i\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2013/02/22 11:18:23 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
    [2012/12/23 18:04:56 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI

    ========== ZeroAccess Check ==========

    [2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    ========== LOP Check ==========

    [2013/06/25 00:26:13 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Ad-Aware Antivirus
    [2013/05/19 13:16:49 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\BatteryBar
    [2013/07/07 22:49:07 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\com.Shutterfly.ExpressUploader
    [2013/06/05 18:40:00 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Foxit Software
    [2013/02/22 11:41:39 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\OverDrive
    [2013/02/22 11:41:39 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\PeaZip
    [2013/04/29 16:28:51 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\player
    [2013/04/29 16:28:16 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Strongvault
    [2013/02/22 11:41:41 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Windows Live Writer

    ========== Purity Check ==========



    ========== Custom Scans ==========

    < c:\windows\*. /SL >
    [2009/07/14 01:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
    [2009/07/14 01:08:49 | 000,032,586 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
    [2013/01/21 11:33:21 | 000,000,896 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    [2013/01/21 11:33:25 | 000,000,900 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    [2013/02/10 09:12:16 | 000,000,864 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2911081205-3221290127-895880306-1000Core.job
    [2013/02/10 09:12:19 | 000,000,916 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2911081205-3221290127-895880306-1000UA.job
    [2013/03/17 09:32:21 | 000,000,514 | ---- | C] () -- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 56d50113-2f4e-4f6e-bc2d-d5cf672b9bb8.job
    [2013/04/25 16:12:01 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

    < c:\windows\*. /RP >

    < %ALLUSERSPROFILE%\Application Data\*. >

    < %ALLUSERSPROFILE%\Application Data\*.exe /s >

    < %APPDATA%\*. >
    [2013/06/25 00:26:13 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Ad-Aware Antivirus
    [2013/07/07 22:48:11 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Adobe
    [2013/02/22 11:41:33 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Apple Computer
    [2013/05/19 13:16:49 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\BatteryBar
    [2013/02/25 16:34:15 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\CodeBlocks
    [2013/07/07 22:49:07 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\com.Shutterfly.ExpressUploader
    [2013/06/05 18:40:00 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Foxit Software
    [2013/02/22 11:41:33 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Google
    [2013/02/22 11:41:33 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Identities
    [2013/06/24 17:53:30 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\LavasoftStatistics
    [2013/02/22 11:41:33 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Macromedia
    [2013/02/22 11:41:33 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Malwarebytes
    [2010/11/21 03:16:58 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Media Center Programs
    [2013/03/23 12:00:33 | 000,000,000 | --SD | M] -- C:\Users\mrr107i\AppData\Roaming\Microsoft
    [2013/08/28 16:34:43 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Mozilla
    [2013/02/22 11:41:39 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\OverDrive
    [2013/02/22 11:41:39 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\PeaZip
    [2013/04/29 16:28:51 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\player
    [2013/06/06 18:10:40 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Real
    [2013/05/26 14:40:19 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\RealNetworks
    [2013/08/03 15:31:19 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Skype
    [2013/04/29 16:28:16 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Strongvault
    [2013/02/22 11:41:40 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\SUPERAntiSpyware.com
    [2013/08/16 23:00:44 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\vlc
    [2013/02/22 11:41:40 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Winamp
    [2013/02/22 11:41:41 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Windows Live Writer
    [2013/03/26 21:31:35 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Yahoo!

    < %APPDATA%\*.exe /s >
    [2013/07/07 22:48:04 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\mrr107i\AppData\Roaming\Macromedia\Flash Player\http://www.macromedia.com\bin\airapp...pinstaller.exe

    < %SYSTEMDRIVE%\*.exe >
    [2009/07/13 21:38:55 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\ARP.EXE
    [2009/07/13 21:38:55 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\attrib.exe
    [2010/11/20 09:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) -- C:\autochk.exe
    [2010/11/20 09:24:26 | 000,793,088 | ---- | M] (Microsoft Corporation) -- C:\autoconv.exe
    [2010/11/20 09:24:27 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\bcdboot.exe
    [2010/11/20 09:24:27 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\bcdedit.exe
    [2009/07/13 21:38:56 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\BdeUnlockWizard.exe
    [2009/07/13 21:38:57 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\BitLockerWizard.exe
    [2009/07/13 21:38:57 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\BitLockerWizardElev.exe
    [2010/11/20 12:15:50 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\bmrui.exe
    [2009/07/13 21:38:57 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\bootcfg.exe
    [2010/11/20 12:15:50 | 000,365,056 | ---- | M] (Microsoft Corporation) -- C:\BootRec.exe
    [2010/11/20 09:24:27 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\bootsect.exe
    [2009/07/13 21:38:59 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\chkdsk.exe
    [2009/07/13 21:38:59 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\chkntfs.exe
    [2010/11/20 09:24:33 | 000,345,088 | ---- | M] (Microsoft Corporation) -- C:\cmd.exe
    [2010/11/20 09:24:33 | 000,337,920 | ---- | M] (Microsoft Corporation) -- C:\conhost.exe
    [2009/07/13 21:39:01 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\convert.exe
    [2010/11/20 12:16:14 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\cscript.exe
    [2009/07/13 21:39:06 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\dinotify.exe
    [2010/11/20 09:24:39 | 000,166,400 | ---- | M] (Microsoft Corporation) -- C:\diskpart.exe
    [2010/11/20 09:24:39 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\diskraid.exe
    [2009/07/13 21:39:06 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Dism.exe
    [2009/07/13 21:39:06 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\dllhst3g.exe
    [2009/07/13 21:39:07 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\dnscacheugc.exe
    [2009/07/13 21:39:07 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\doskey.exe
    [2009/07/13 21:39:07 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\dpapimig.exe
    [2009/07/13 21:39:07 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\drvinst.exe
    [2009/07/13 21:39:07 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\drvload.exe
    [2009/07/13 21:39:08 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Eap3Host.exe
    [2009/07/13 21:39:09 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\esentutl.exe
    [2009/07/13 21:39:09 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\expand.exe
    [2009/07/13 21:39:10 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\find.exe
    [2009/07/13 21:39:10 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\finger.exe
    [2010/11/20 09:24:46 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\fixmapi.exe
    [2009/07/13 21:39:10 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\fltMC.exe
    [2010/11/20 09:24:46 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\ftp.exe
    [2009/07/13 21:39:12 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\HOSTNAME.EXE
    [2010/11/20 12:15:50 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\icacls.exe
    [2013/05/08 16:42:13 | 032,828,818 | ---- | M] (Google Inc.) -- C:\installer_r09-windows.exe
    [2009/07/13 21:39:13 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\ipconfig.exe
    [2009/07/13 21:39:15 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\lodctr.exe
    [2010/11/20 09:24:52 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\LogonUI.exe
    [2010/11/20 09:24:53 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\lsm.exe
    [2010/11/20 09:24:53 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\manage-bde.exe
    [2010/11/20 09:24:53 | 000,272,896 | ---- | M] (Microsoft Corporation) -- C:\mcbuilder.exe
    [2010/11/20 12:15:50 | 000,146,944 | ---- | M] (Microsoft Corporation) -- C:\MdSched.exe
    [2009/07/13 21:39:20 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\mountvol.exe
    [2009/07/13 21:39:20 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\MRINFO.EXE
    [2009/07/13 21:39:24 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\MuiUnattend.exe
    [2009/07/13 21:39:25 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\nbtstat.exe
    [2009/07/13 21:39:25 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\ndadmin.exe
    [2009/07/13 21:39:25 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\net.exe
    [2010/11/20 09:25:00 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\net1.exe
    [2009/07/13 21:39:25 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\netbtugc.exe
    [2009/07/13 21:39:25 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\netcfg.exe
    [2009/07/13 21:39:25 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\netiougc.exe
    [2009/07/13 21:39:25 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\netsh.exe
    [2009/07/13 21:39:25 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\NETSTAT.EXE
    [2009/07/13 21:39:25 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\newdev.exe
    [2009/07/13 21:39:25 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\notepad.exe
    [2010/11/20 09:33:46 | 005,563,776 | ---- | M] (Microsoft Corporation) -- C:\ntoskrnl.exe
    [2009/07/13 21:39:26 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\ntprint.exe
    [2009/07/13 21:39:26 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\PATHPING.EXE
    [2009/07/13 21:39:26 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\PING.EXE
    [2010/11/20 09:25:02 | 000,199,168 | ---- | M] (Microsoft Corporation) -- C:\PkgMgr.exe
    [2009/07/13 21:39:27 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\poqexec.exe
    [2009/07/13 21:39:27 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\print.exe
    [2009/07/13 21:39:28 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\rasautou.exe
    [2010/11/20 12:15:50 | 000,238,080 | ---- | M] (Microsoft Corporation) -- C:\recdisc.exe
    [2009/07/13 21:39:29 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\recover.exe
    [2009/07/13 21:39:29 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\reg.exe
    [2009/07/13 21:39:29 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\regedt32.exe
    [2009/07/13 21:39:29 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\regsvr32.exe
    [2010/11/20 09:25:06 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\repair-bde.exe
    [2009/07/13 21:39:30 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\replace.exe
    [2010/11/20 09:25:07 | 000,128,000 | ---- | M] (Microsoft) -- C:\Robocopy.exe
    [2009/07/13 21:39:31 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\ROUTE.EXE
    [2010/11/20 12:15:50 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\rstrui.exe
    [2010/11/20 09:25:08 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\sacsess.exe
    [2009/07/13 21:39:39 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\sfc.exe
    [2009/07/13 21:39:46 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\subst.exe
    [2009/07/13 21:39:46 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\sxstrace.exe
    [2010/11/20 09:25:22 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\takeown.exe
    [2010/11/20 09:25:23 | 000,257,024 | ---- | M] (Microsoft Corporation) -- C:\taskmgr.exe
    [2009/07/13 21:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\TCPSVCS.EXE
    [2012/04/11 09:49:44 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\TFC.exe
    [2009/07/13 21:39:48 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\TRACERT.EXE
    [2009/07/13 21:39:48 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\ucsvc.exe
    [2009/07/13 21:39:48 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\unlodctr.exe
    [2010/11/20 09:25:25 | 000,533,504 | ---- | M] (Microsoft Corporation) -- C:\vds.exe
    [2009/07/13 21:39:49 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\vdsldr.exe
    [2009/07/13 21:39:49 | 000,155,648 | ---- | M] (Microsoft Corporation) -- C:\verifier.exe
    [2010/11/20 12:00:37 | 000,244,224 | ---- | M] (Microsoft Corporation) -- C:\vmicsvc.exe
    [2010/11/20 12:15:50 | 001,600,512 | ---- | M] (Microsoft Corporation) -- C:\VSSVC.exe
    [2009/07/13 21:39:50 | 000,265,728 | ---- | M] (Microsoft Corporation) -- C:\wbadmin.exe
    [2010/11/20 09:25:28 | 001,504,256 | ---- | M] (Microsoft Corporation) -- C:\wbengine.exe
    [2010/11/20 12:16:54 | 000,541,696 | ---- | M] (Microsoft Corporation) -- C:\wdscapture.exe
    [2010/11/20 12:15:50 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\wermgr.exe
    [2009/07/13 21:39:51 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\wevtutil.exe
    [2009/07/13 21:39:52 | 000,403,968 | ---- | M] (Microsoft Corporation) -- C:\wimserv.exe
    [2009/07/13 21:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\wininit.exe
    [2010/11/20 09:28:59 | 000,605,552 | ---- | M] (Microsoft Corporation) -- C:\winload.exe
    [2009/07/13 21:39:53 | 000,571,392 | ---- | M] (Microsoft Corporation) -- C:\winpeshl.exe
    [2010/11/20 09:28:59 | 000,518,672 | ---- | M] (Microsoft Corporation) -- C:\winresume.exe
    [2009/07/13 21:39:57 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\wowreg32.exe
    [2009/07/13 21:39:57 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\wpeinit.exe
    [2009/07/13 21:39:57 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\wpeutil.exe
    [2010/11/20 12:16:14 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\wscript.exe
    [2009/07/13 21:39:58 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\xcopy.exe

    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles >

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\system32\drivers\*.sys /lockedfiles >

    < %systemroot%\System32\config\*.sav >

    < %systemroot%\system32\drivers\*.sys /90 >

    < End of report >

    Next scan:

    OTL Extras logfile created on: 8/31/2013 7:08:19 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mrr107i\Desktop
    64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16660)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.75 Gb Total Physical Memory | 1.39 Gb Available Physical Memory | 50.64% Memory free
    5.49 Gb Paging File | 3.73 Gb Available in Paging File | 67.93% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 149.05 Gb Total Space | 106.95 Gb Free Space | 71.75% Space Free | Partition Type: NTFS

    Computer Name: MY-ACER | User Name: mrr107i | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- "%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL" "%1"
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [cmd] -- cmd.exe /s /k pushd "%V"
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
    Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
    Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- "%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL" "%1"
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [cmd] -- cmd.exe /s /k pushd "%V"
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
    Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
    Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{001BC93D-5B9C-437C-A8C2-378EC8141247}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{0831DD80-C91F-4EB2-B617-0B3250081078}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{0C79FDD0-F5F0-4567-8723-BD4E6DC3B0E1}" = lport=50001 | protocol=17 | dir=in | name=iha_messagecenter |
    "{219C5D8B-7672-4956-9454-524E1AAB6DF6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{32C18157-70D1-4E7E-80F5-EB6CBCC162CD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{47DEF4EC-B655-426E-A807-9620C7745A1A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{72A0A13C-1400-4202-95ED-2177365EC2EE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{7FC3A2E4-199E-45FD-8E58-27A0D0156AD8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{989BF44E-9C10-480D-B1FF-EF41309C365F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{B2D270FB-B6B3-4CDB-A127-046BC0D7BA00}" = lport=50001 | protocol=17 | dir=in | name=iha_messagecenter |
    "{C3B4B0D6-A52A-480A-B5BC-07DE14616CF1}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{DD4A0834-6D28-44D4-B2B1-9D378A71D469}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{E41FDE9A-F4C5-4841-B469-2335D24E6245}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{F57F7793-11E2-4A99-A305-CB69976DAA16}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{F609D71A-C16E-4D53-BAFD-A9B2BE617FD4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{00169B85-539B-4B92-AA24-3E18C279C4B1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{0EE14802-4360-43F1-B1B0-AC7C6816CC3C}" = protocol=6 | dir=out | app=system |
    "{11DC0820-F2F2-4C7E-A138-44C9A2DFC0B3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{13E73D9A-976F-4C86-8594-670BD27A2FE5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{19F73BD2-CFD7-4CCA-B04E-17284554DBB7}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{26943E3D-6343-45B6-9C1B-375386C61981}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
    "{26BAE66E-1587-4AB9-BACF-3C5DA8FA988D}" = protocol=17 | dir=in | app=c:\users\mrr107i\appdata\local\google\google talk plugin\googletalkplugin.exe |
    "{280FF24A-D8BC-4C36-ADAF-F1F80E7BE8BF}" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
    "{385DF004-6E2E-41E2-89D6-921D377649B3}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
    "{43BA8D8E-0C52-4394-B97C-B81868169EA2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{4811F642-D211-4AAE-8612-DE41E6E06D39}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
    "{4B2EE96C-4B48-4CD5-AD9E-22C7C435C7D8}" = protocol=17 | dir=in | app=c:\program files (x86)\adawaretb\dtuser.exe |
    "{4EFD7992-4203-44A0-92FA-7CDF598070A6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "{63D5C79E-F355-4C88-BC10-C676FBB40219}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{6B5D238A-EBCB-4090-ABFC-273DD690E6F3}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
    "{6C7F44BF-DF4C-46BA-AB7B-EB8DFB44E534}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{72D6FA1B-8D2A-4E72-B13C-15CF66143894}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
    "{9046468A-75F9-4B29-8ABC-D0B9FBE24A42}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{9EF53FED-3D95-4667-8ADD-E09A444A973C}" = protocol=6 | dir=in | app=c:\users\mrr107i\appdata\local\google\google talk plugin\googletalkplugin.exe |
    "{9F32C751-AB59-4848-9215-B3243C0E8C78}" = protocol=6 | dir=in | app=c:\users\mrr107i\appdata\local\google\google talk plugin\googletalkplugin.exe |
    "{A5B3756A-2EEA-43B3-BF67-094EC3361349}" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
    "{A69BB037-8D79-46D2-BA45-3057D3803895}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{B124CF52-19B3-4348-813F-B074901A409B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{BD908D84-1DE8-49CA-AEFF-2FFA8FCC16EB}" = protocol=17 | dir=in | app=c:\users\mrr107i\appdata\local\google\google talk plugin\googletalkplugin.exe |
    "{BE9CC748-7DB2-43AB-BAE9-8FC6DDC8F9AF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{C249CD07-0557-412C-86D6-7D6465B7D457}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{D05AA52E-AF33-4B5B-9E18-4DF2A7FDA6EC}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
    "{E0F2939A-4718-4C97-8A47-D051AD900E94}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{E3FE4E90-F7C7-41A7-B584-C0F18E7F4997}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{E8BD0BEE-EA6D-4D8B-A0B2-84D024305A62}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{E9707BAE-224C-4507-9CAF-FA66A989DD86}" = protocol=6 | dir=in | app=c:\program files (x86)\adawaretb\dtuser.exe |
    "{F4F39682-0E9D-4203-B0CB-6997FD30A4FD}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
    "{F8A40AA8-7BB2-442E-AF3C-0CAF212193D2}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
    "TCP Query User{BB5F8B1F-583A-49DE-A73D-2A3962351AA5}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "TCP Query User{E6B67D9F-4CA9-4423-A0A6-2FD5C909775B}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
    "TCP Query User{F0B0959F-53ED-4A40-88ED-2D90D6A17B03}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
    "TCP Query User{F7C0AB56-B08D-409D-B312-20738027EBF7}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
    "UDP Query User{41D741C0-3C1B-4780-A72B-12CA5DE18E5B}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "UDP Query User{9D2A149C-36F3-4E19-B97C-33C54D82DCE5}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
    "UDP Query User{C928DD45-31AC-4E92-8F17-6B14AB08CED9}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
    "UDP Query User{F19470EC-7207-465B-880A-C59B2E149F04}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{290329c4-a276-3aec-b633-9f5a39d8dd96}" = Python 3.3.0 (64-bit)
    "{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1" = PeaZip 4.8.1 (WIN64)
    "{7F2E5C3B-DBDF-469D-AD8D-F686D3B71176}" = Debugging Tools for Windows (x64)
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{AD735182-26CD-42A6-B3F2-4544B23243AF}" = Oracle VM VirtualBox 4.2.14
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
    "{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
    "CCleaner" = CCleaner
    "CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
    "Defraggler" = Defraggler
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "PDF Creator" = PDF Creator

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
    "{0A5B39D2-7ED6-4779-BCC9-37F381139DB3}" = Adobe AIR
    "{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
    "{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources
    "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
    "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
    "{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
    "{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}" = RealDownloader
    "{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
    "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
    "{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
    "{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
    "{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
    "{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{7CD0118B-FE1C-6513-7FCC-2D4BC220DD1F}" = Shutterfly Express Uploader
    "{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}" = Bing Desktop
    "{834265C4-CDF4-44D3-BD24-31531617EFB8}" = IHA_MessageCenter
    "{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer
    "{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
    "{8C14F524-451D-467D-9B84-FD653D790902}" = Bing Bar
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
    "{944167EA-7F89-4705-8DCD-1D63B53141B0}" = Ad-Aware Antivirus
    "{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
    "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
    "{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail
    "{BA45BD32-4DF8-4BE8-8558-83A0280CEE8E}" = Vz In Home Agent
    "{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
    "{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
    "{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
    "{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{EB38C3E0-4863-3123-9114-5BE86EC8E5C7}" = Google Talk Plugin
    "{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
    "{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
    "{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
    "1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = mail.com Software Updater
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Advanced PDF Repair v2.0" = Advanced PDF Repair v2.0
    "avast" = avast! Free Antivirus
    "AVG SafeGuard toolbar" = AVG SafeGuard toolbar
    "com.Shutterfly.ExpressUploader" = Shutterfly Express Uploader
    "DMX5_is1" = DriverMax 7
    "Duplicate Cleaner Free" = Duplicate Cleaner Free 3.0.1
    "Flash Player Pro_is1" = Flash Player Pro V5.4
    "FormatFactory" = FormatFactory 3.0.1
    "Foxit Reader_is1" = Foxit Reader
    "FrostWire 5" = FrostWire 5.5.3
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
    "Mozilla Firefox 23.0.1 (x86 en-US)" = Mozilla Firefox 23.0.1 (x86 en-US)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "RealPlayer 16.0" = RealPlayer
    "Scratch" = Scratch
    "Secunia PSI" = Secunia PSI (3.0.0.2004)
    "VLC media player" = VLC media player 2.0.8
    "WinLiveSuite" = Windows Live Essentials
    "Yahoo! Messenger" = Yahoo! Messenger
    "Yahoo! Software Update" = Yahoo! Software Update

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "SkyDriveSetup.exe" = Microsoft SkyDrive

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 7/9/2013 6:19:43 PM | Computer Name = My-Acer | Source = MsiInstaller | ID = 11001
    Description =

    Error - 7/9/2013 7:33:12 PM | Computer Name = My-Acer | Source = WinMgmt | ID = 10
    Description =

    Error - 7/10/2013 12:21:54 AM | Computer Name = My-Acer | Source = WinMgmt | ID = 10
    Description =

    Error - 7/10/2013 3:08:21 PM | Computer Name = My-Acer | Source = WinMgmt | ID = 10
    Description =

    Error - 7/10/2013 5:08:25 PM | Computer Name = My-Acer | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "c:\program files (x86)\innovative
    solutions\drivermax\DPInst\ia64\dpinst.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 7/10/2013 5:09:07 PM | Computer Name = My-Acer | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe".
    Dependent
    Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 7/10/2013 6:57:29 PM | Computer Name = My-Acer | Source = Application Hang | ID = 1002
    Description = The program IEXPLORE.EXE version 10.0.9200.16635 stopped interacting
    with Windows and was closed. To see if more information about the problem is available,
    check the problem history in the Action Center control panel. Process ID: 52f0 Start
    Time: 01ce7dc0c863b7c0 Termination Time: 47 Application Path: C:\Program Files (x86)\Internet
    Explorer\IEXPLORE.EXE Report Id:

    Error - 7/11/2013 6:58:06 AM | Computer Name = My-Acer | Source = WinMgmt | ID = 10
    Description =

    Error - 7/11/2013 10:17:50 AM | Computer Name = My-Acer | Source = WinMgmt | ID = 10
    Description =

    Error - 7/11/2013 8:15:17 PM | Computer Name = My-Acer | Source = WinMgmt | ID = 10
    Description =

    [ Media Center Events ]
    Error - 12/8/2012 9:21:17 PM | Computer Name = My-Acer | Source = MCUpdate | ID = 0
    Description = 8:21:16 PM - Failed to retrieve Directory (Error: The operation has
    timed out)

    Error - 12/8/2012 10:24:06 PM | Computer Name = My-Acer | Source = MCUpdate | ID = 0
    Description = 9:24:06 PM - Failed to retrieve Directory (Error: The operation has
    timed out)

    [ System Events ]
    Error - 8/31/2013 12:57:40 AM | Computer Name = My-Acer | Source = SNMP | ID = 16713180
    Description = The SNMP Service encountered an error while accessing the registry
    key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

    Error - 8/31/2013 12:57:46 AM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7000
    Description = The vToolbarUpdater15.5.0 service failed to start due to the following
    error: %%2

    Error - 8/31/2013 12:57:57 AM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    amdkmafd

    Error - 8/31/2013 6:05:54 PM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7009
    Description = A timeout was reached (30000 milliseconds) while waiting for the Bing
    Desktop Update service service to connect.

    Error - 8/31/2013 6:06:22 PM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7001
    Description = The Net.Msmq Listener Adapter service depends on the Windows Process
    Activation Service service which failed to start because of the following error:
    %%1058

    Error - 8/31/2013 6:06:22 PM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7001
    Description = The Net.Pipe Listener Adapter service depends on the Windows Process
    Activation Service service which failed to start because of the following error:
    %%1058

    Error - 8/31/2013 6:06:22 PM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7001
    Description = The Net.Tcp Listener Adapter service depends on the Windows Process
    Activation Service service which failed to start because of the following error:
    %%1058

    Error - 8/31/2013 6:06:53 PM | Computer Name = My-Acer | Source = SNMP | ID = 16713180
    Description = The SNMP Service encountered an error while accessing the registry
    key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

    Error - 8/31/2013 6:06:55 PM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7000
    Description = The vToolbarUpdater15.5.0 service failed to start due to the following
    error: %%2

    Error - 8/31/2013 6:07:05 PM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    amdkmafd


    < End of report >

    Thank You.

  10. #10
    Member mrr107i's Avatar
    Join Date
    Sep 2003
    Location
    Pittsfield, MA
    Posts
    40
    Points
    0

    Default

    Here are the two scans from OTL, (Used IE this time):

    OTL logfile created on: 8/31/2013 7:08:19 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mrr107i\Desktop
    64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16660)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.75 Gb Total Physical Memory | 1.39 Gb Available Physical Memory | 50.64% Memory free
    5.49 Gb Paging File | 3.73 Gb Available in Paging File | 67.93% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 149.05 Gb Total Space | 106.95 Gb Free Space | 71.75% Space Free | Partition Type: NTFS

    Computer Name: MY-ACER | User Name: mrr107i | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2013/08/31 19:07:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mrr107i\Desktop\OTL.exe
    PRC - [2013/07/23 02:45:26 | 000,240,288 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE
    PRC - [2013/06/13 02:27:38 | 001,236,336 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
    PRC - [2013/05/09 04:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
    PRC - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    PRC - [2013/04/16 03:09:06 | 000,233,048 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
    PRC - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    PRC - [2012/09/20 05:39:12 | 003,677,000 | ---- | M] (GFI Software) -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
    PRC - [2012/06/27 03:25:04 | 000,681,056 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
    PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


    ========== Modules (No Company Name) ==========


    ========== Services (SafeList) ==========

    SRV:64bit: - [2013/06/15 23:39:39 | 000,143,120 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
    SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
    SRV:64bit: - [2012/06/01 01:36:12 | 000,350,720 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\inetsrv\ftpsvc.dll -- (ftpsvc)
    SRV:64bit: - [2010/11/20 23:24:51 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\snmp.exe -- (SNMP)
    SRV:64bit: - [2010/11/20 23:24:38 | 000,189,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqtgsvc.exe -- (MSMQTriggers)
    SRV:64bit: - [2010/11/20 23:24:38 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)
    SRV:64bit: - [2009/07/13 21:41:19 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lpdsvc.dll -- (LPDSVC)
    SRV:64bit: - [2009/07/13 21:41:10 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iprip.dll -- (iprip)
    SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
    SRV:64bit: - [2009/07/13 21:39:56 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\WMSvc.exe -- (WMSVC)
    SRV:64bit: - [2009/07/13 21:39:47 | 000,081,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tlntsvr.exe -- (TlntSvr)
    SRV:64bit: - [2009/07/13 21:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)
    SRV:64bit: - [2009/07/13 21:39:20 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ)
    SRV:64bit: - [2009/07/13 21:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
    SRV:64bit: - [2008/12/01 23:45:18 | 000,932,864 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
    SRV - [2013/08/16 20:51:17 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2013/07/23 02:45:26 | 000,240,288 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE -- (BBUpdate)
    SRV - [2013/07/23 02:45:26 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.EXE -- (BBSvc)
    SRV - [2013/07/12 18:52:41 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013/06/21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2013/06/13 02:27:38 | 001,236,336 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service)
    SRV - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
    SRV - [2013/01/25 11:34:04 | 000,166,408 | ---- | M] (Microsoft Corp.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
    SRV - [2012/09/20 05:39:12 | 003,677,000 | ---- | M] (GFI Software) [Auto | Running] -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc)
    SRV - [2012/08/03 20:22:18 | 000,352,248 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
    SRV - [2012/06/27 03:25:06 | 001,326,176 | ---- | M] (Secunia) [On_Demand | Stopped] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
    SRV - [2012/06/27 03:25:04 | 000,681,056 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
    SRV - [2010/11/20 23:25:10 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP)
    SRV - [2010/11/20 23:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
    SRV - [2010/11/20 23:24:51 | 000,397,824 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
    SRV - [2010/11/20 23:24:51 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
    SRV - [2010/11/20 09:27:28 | 000,444,416 | ---- | M] () [On_Demand | Stopped] -- \winhttp.dll -- (WinHttpAutoProxySvc)
    SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/02/10 16:11:44 | 000,443,448 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
    SRV - [2009/07/13 21:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)
    SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2013/08/29 21:10:51 | 000,045,856 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
    DRV:64bit: - [2013/06/27 16:56:46 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
    DRV:64bit: - [2013/06/27 16:56:45 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
    DRV:64bit: - [2013/06/27 16:56:45 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
    DRV:64bit: - [2013/06/24 22:56:16 | 003,979,776 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
    DRV:64bit: - [2013/06/24 17:38:40 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
    DRV:64bit: - [2013/06/21 16:00:16 | 000,131,856 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
    DRV:64bit: - [2013/05/09 04:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
    DRV:64bit: - [2013/05/09 04:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
    DRV:64bit: - [2013/05/09 04:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
    DRV:64bit: - [2013/05/09 04:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV:64bit: - [2013/05/09 04:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV:64bit: - [2013/04/30 04:51:09 | 000,040,616 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
    DRV:64bit: - [2013/03/14 22:17:46 | 000,021,600 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdkmafd.sys -- (amdkmafd)
    DRV:64bit: - [2013/01/31 05:50:58 | 000,028,160 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
    DRV:64bit: - [2013/01/21 08:53:42 | 000,398,816 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
    DRV:64bit: - [2012/12/03 23:49:38 | 000,011,944 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdide64.sys -- (amdide64)
    DRV:64bit: - [2012/10/24 10:32:15 | 000,035,456 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gfiark.sys -- (gfiark)
    DRV:64bit: - [2012/10/10 23:08:10 | 000,044,928 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam)
    DRV:64bit: - [2012/10/05 15:26:20 | 000,132,608 | ---- | M] (Unibrain) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ubohci.sys -- (ubohci)
    DRV:64bit: - [2012/10/05 10:57:02 | 000,092,160 | ---- | M] (Unibrain) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\UBUMAPI.sys -- (ubumapi)
    DRV:64bit: - [2012/10/05 10:56:40 | 000,024,064 | ---- | M] (Unibrain) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\UBSBM.sys -- (ubsbm)
    DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
    DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
    DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2012/08/02 16:50:48 | 000,031,024 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
    DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011/12/16 10:20:10 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
    DRV:64bit: - [2011/10/20 12:24:06 | 000,157,696 | ---- | M] (Matrox Graphics Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\MxEFUF64.sys -- (MxEFUF)
    DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
    DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
    DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010/11/20 23:24:15 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
    DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/04/27 17:42:00 | 000,056,040 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2sdx64.sys -- (O2SDRDR)
    DRV:64bit: - [2010/02/10 16:12:30 | 001,492,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV)
    DRV:64bit: - [2010/02/10 16:12:28 | 000,747,576 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf)
    DRV:64bit: - [2010/02/10 16:12:28 | 000,299,576 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWAZL.sys -- (CAXHWAZL)
    DRV:64bit: - [2010/02/10 16:11:44 | 000,016,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)
    DRV:64bit: - [2010/02/10 16:11:40 | 000,023,736 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)
    DRV:64bit: - [2009/09/12 16:24:52 | 000,057,376 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2mdx64.sys -- (O2MDRDR)
    DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/13 20:26:13 | 000,189,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mqac.sys -- (MQAC)
    DRV:64bit: - [2009/07/13 20:09:02 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
    DRV:64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
    DRV:64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
    DRV:64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
    DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2008/12/02 01:15:04 | 005,000,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
    DRV:64bit: - [2008/01/19 09:36:14 | 000,036,352 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nscirda.sys -- (NSCIRDA)
    DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{4B51C980-C6B0-11E1-9136-AED16088709B}: "URL" = http://www.safesearch.net/search?q={searchTerms}&utm_medium=ie&utm_campaign=21&utm_source=sm&utm_content=1&utm_term=5EDBBE5459F7448B

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A3 9A 9D B4 9A A6 CE 01 [binary data]
    IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
    FF - prefs.js..keyword.URL: ""
    FF - user.js - File not found

    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
    FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
    FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
    FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\mrr107i\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\mrr107i\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\mrr107i\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\mrr107i\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\mrr107i\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

    64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/05/13 10:57:23 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/05/26 14:39:22 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/05/26 14:39:22 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/08/16 20:51:02 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

    [2013/05/26 14:32:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mrr107i\AppData\Roaming\Mozilla\Extensions
    [2013/08/16 20:51:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
    [2013/08/16 20:51:19 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

    ========== Chrome ==========


    O1 HOSTS File: ([2013/01/21 22:04:17 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
    O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O4:64bit: - HKLM..\Run: [MsmqIntCert] C:\Windows\SysNative\mqrt.dll (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [Search Protection] C:\ProgramData\Search Protection\SearchProtection.exe File not found
    O4 - HKCU..\Run: [DriverMax_RESTART] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Domains: noctibusiness.com ([testing] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: whitenergroup.com ([]* in Trusted sites)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downlo...eckControl.cab (Reg Error: Key error.)
    O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} http://www.superadblocker.com/activex/sabspx.cab (SABScanProcesses Class)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3F47479F-5584-44C1-A78F-C5D9638A92BD}: DhcpNameServer = 192.168.1.1
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2010/11/20 09:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) - C:\autochk.exe -- [ NTFS ]
    O32 - AutoRun File - [2010/11/20 09:24:26 | 000,793,088 | ---- | M] (Microsoft Corporation) - C:\autoconv.exe -- [ NTFS ]
    O33 - MountPoints2\{7fe7bd75-1302-11e2-b39e-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{7fe7bd75-1302-11e2-b39e-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

    ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
    ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
    ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
    ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
    ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
    ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
    ActiveX:64bit: >{a4a68f1d-91f9-4be8-aa32-f2212f9777b6} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX: {56A879C8-1BEC-427D-9294-2A57096F591D} - EIEDPLauncher
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
    ActiveX: >{508EA017-F442-49FB-8A8E-DF3AE997817C} - Browser Customizations
    ActiveX: >{f0ba3a7a-a6bb-46a9-a2c3-e35a4b51c194} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

    Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/08/31 19:07:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\mrr107i\Desktop\OTL.exe
    [2013/08/31 18:15:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon
    [2013/08/29 19:15:22 | 000,000,000 | ---D | C] -- C:\AdwCleaner
    [2013/08/28 19:37:58 | 000,000,000 | ---D | C] -- C:\Users\mrr107i\AppData\Local\AVG SafeGuard toolbar
    [2013/08/28 19:37:29 | 000,045,856 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
    [2013/08/28 19:37:21 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG SafeGuard toolbar
    [2013/08/28 19:37:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar
    [2013/08/28 19:36:49 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
    [2013/08/20 18:06:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
    [2013/08/20 18:06:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
    [2013/08/16 23:00:23 | 000,000,000 | ---D | C] -- C:\Users\mrr107i\AppData\Roaming\vlc
    [2013/08/16 22:58:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    [2013/08/16 20:51:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
    [2013/08/05 11:27:49 | 003,979,776 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
    [2013/08/05 11:25:27 | 000,398,816 | ---- | C] (Marvell) -- C:\Windows\SysNative\drivers\yk62x64.sys
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2013/08/31 19:07:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\mrr107i\Desktop\OTL.exe
    [2013/08/31 19:00:04 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2013/08/31 19:00:01 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2013/08/31 18:33:01 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2911081205-3221290127-895880306-1000UA.job
    [2013/08/31 18:22:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2013/08/31 18:14:18 | 000,021,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/08/31 18:14:18 | 000,021,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/08/31 18:05:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013/08/31 18:05:28 | 2213,105,664 | -HS- | M] () -- C:\hiberfil.sys
    [2013/08/30 19:33:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2911081205-3221290127-895880306-1000Core.job
    [2013/08/29 21:11:08 | 000,003,725 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
    [2013/08/29 21:10:51 | 000,045,856 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
    [2013/08/28 17:37:47 | 000,001,868 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
    [2013/08/25 19:37:32 | 000,275,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2013/08/24 15:39:02 | 000,000,514 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 56d50113-2f4e-4f6e-bc2d-d5cf672b9bb8.job
    [2013/08/24 15:37:10 | 000,847,156 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2013/08/24 15:37:10 | 000,708,684 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2013/08/24 15:37:10 | 000,138,312 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2013/08/20 18:06:34 | 000,002,074 | ---- | M] () -- C:\Users\mrr107i\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
    [2013/08/20 18:06:34 | 000,002,050 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
    [2013/08/16 22:58:20 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
    [2013/08/16 22:58:14 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2013/08/13 07:34:00 | 000,015,652 | ---- | M] () -- C:\Users\mrr107i\Music\Documents\Important Info.rtf
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2013/08/28 19:37:17 | 000,003,725 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
    [2013/08/25 19:37:19 | 000,275,712 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2013/08/20 18:06:34 | 000,002,074 | ---- | C] () -- C:\Users\mrr107i\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk
    [2013/08/20 18:06:34 | 000,002,050 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
    [2013/08/20 18:06:32 | 000,216,064 | ---- | C] () -- C:\Windows\SysWow64\gcapi_dll.dll
    [2013/08/16 22:58:20 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
    [2013/07/02 15:27:29 | 000,102,248 | ---- | C] () -- C:\Users\mrr107i\GoToAssistDownloadHelper.exe
    [2013/05/16 16:11:04 | 000,841,372 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2013/05/09 16:26:49 | 000,000,017 | ---- | C] () -- C:\Users\mrr107i\AppData\Local\resmon.resmoncfg
    [2013/04/21 13:48:55 | 000,000,430 | RHS- | C] () -- C:\Users\mrr107i\ntuser.pol
    [2013/04/01 14:54:41 | 000,004,608 | ---- | C] () -- C:\Users\mrr107i\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2013/02/22 11:18:23 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
    [2012/12/23 18:04:56 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI

    ========== ZeroAccess Check ==========

    [2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    ========== LOP Check ==========

    [2013/06/25 00:26:13 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Ad-Aware Antivirus
    [2013/05/19 13:16:49 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\BatteryBar
    [2013/07/07 22:49:07 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\com.Shutterfly.ExpressUploader
    [2013/06/05 18:40:00 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Foxit Software
    [2013/02/22 11:41:39 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\OverDrive
    [2013/02/22 11:41:39 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\PeaZip
    [2013/04/29 16:28:51 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\player
    [2013/04/29 16:28:16 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Strongvault
    [2013/02/22 11:41:41 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Windows Live Writer

    ========== Purity Check ==========



    ========== Custom Scans ==========

    < c:\windows\*. /SL >
    [2009/07/14 01:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
    [2009/07/14 01:08:49 | 000,032,586 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
    [2013/01/21 11:33:21 | 000,000,896 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    [2013/01/21 11:33:25 | 000,000,900 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    [2013/02/10 09:12:16 | 000,000,864 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2911081205-3221290127-895880306-1000Core.job
    [2013/02/10 09:12:19 | 000,000,916 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2911081205-3221290127-895880306-1000UA.job
    [2013/03/17 09:32:21 | 000,000,514 | ---- | C] () -- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 56d50113-2f4e-4f6e-bc2d-d5cf672b9bb8.job
    [2013/04/25 16:12:01 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

    < c:\windows\*. /RP >

    < %ALLUSERSPROFILE%\Application Data\*. >

    < %ALLUSERSPROFILE%\Application Data\*.exe /s >

    < %APPDATA%\*. >
    [2013/06/25 00:26:13 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Ad-Aware Antivirus
    [2013/07/07 22:48:11 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Adobe
    [2013/02/22 11:41:33 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Apple Computer
    [2013/05/19 13:16:49 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\BatteryBar
    [2013/02/25 16:34:15 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\CodeBlocks
    [2013/07/07 22:49:07 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\com.Shutterfly.ExpressUploader
    [2013/06/05 18:40:00 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Foxit Software
    [2013/02/22 11:41:33 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Google
    [2013/02/22 11:41:33 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Identities
    [2013/06/24 17:53:30 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\LavasoftStatistics
    [2013/02/22 11:41:33 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Macromedia
    [2013/02/22 11:41:33 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Malwarebytes
    [2010/11/21 03:16:58 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Media Center Programs
    [2013/03/23 12:00:33 | 000,000,000 | --SD | M] -- C:\Users\mrr107i\AppData\Roaming\Microsoft
    [2013/08/28 16:34:43 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Mozilla
    [2013/02/22 11:41:39 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\OverDrive
    [2013/02/22 11:41:39 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\PeaZip
    [2013/04/29 16:28:51 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\player
    [2013/06/06 18:10:40 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Real
    [2013/05/26 14:40:19 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\RealNetworks
    [2013/08/03 15:31:19 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Skype
    [2013/04/29 16:28:16 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Strongvault
    [2013/02/22 11:41:40 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\SUPERAntiSpyware.com
    [2013/08/16 23:00:44 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\vlc
    [2013/02/22 11:41:40 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Winamp
    [2013/02/22 11:41:41 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Windows Live Writer
    [2013/03/26 21:31:35 | 000,000,000 | ---D | M] -- C:\Users\mrr107i\AppData\Roaming\Yahoo!

    < %APPDATA%\*.exe /s >
    [2013/07/07 22:48:04 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\mrr107i\AppData\Roaming\Macromedia\Flash Player\http://www.macromedia.com\bin\airapp...pinstaller.exe

    < %SYSTEMDRIVE%\*.exe >
    [2009/07/13 21:38:55 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\ARP.EXE
    [2009/07/13 21:38:55 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\attrib.exe
    [2010/11/20 09:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) -- C:\autochk.exe
    [2010/11/20 09:24:26 | 000,793,088 | ---- | M] (Microsoft Corporation) -- C:\autoconv.exe
    [2010/11/20 09:24:27 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\bcdboot.exe
    [2010/11/20 09:24:27 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\bcdedit.exe
    [2009/07/13 21:38:56 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\BdeUnlockWizard.exe
    [2009/07/13 21:38:57 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\BitLockerWizard.exe
    [2009/07/13 21:38:57 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\BitLockerWizardElev.exe
    [2010/11/20 12:15:50 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\bmrui.exe
    [2009/07/13 21:38:57 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\bootcfg.exe
    [2010/11/20 12:15:50 | 000,365,056 | ---- | M] (Microsoft Corporation) -- C:\BootRec.exe
    [2010/11/20 09:24:27 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\bootsect.exe
    [2009/07/13 21:38:59 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\chkdsk.exe
    [2009/07/13 21:38:59 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\chkntfs.exe
    [2010/11/20 09:24:33 | 000,345,088 | ---- | M] (Microsoft Corporation) -- C:\cmd.exe
    [2010/11/20 09:24:33 | 000,337,920 | ---- | M] (Microsoft Corporation) -- C:\conhost.exe
    [2009/07/13 21:39:01 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\convert.exe
    [2010/11/20 12:16:14 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\cscript.exe
    [2009/07/13 21:39:06 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\dinotify.exe
    [2010/11/20 09:24:39 | 000,166,400 | ---- | M] (Microsoft Corporation) -- C:\diskpart.exe
    [2010/11/20 09:24:39 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\diskraid.exe
    [2009/07/13 21:39:06 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Dism.exe
    [2009/07/13 21:39:06 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\dllhst3g.exe
    [2009/07/13 21:39:07 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\dnscacheugc.exe
    [2009/07/13 21:39:07 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\doskey.exe
    [2009/07/13 21:39:07 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\dpapimig.exe
    [2009/07/13 21:39:07 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\drvinst.exe
    [2009/07/13 21:39:07 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\drvload.exe
    [2009/07/13 21:39:08 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Eap3Host.exe
    [2009/07/13 21:39:09 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\esentutl.exe
    [2009/07/13 21:39:09 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\expand.exe
    [2009/07/13 21:39:10 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\find.exe
    [2009/07/13 21:39:10 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\finger.exe
    [2010/11/20 09:24:46 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\fixmapi.exe
    [2009/07/13 21:39:10 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\fltMC.exe
    [2010/11/20 09:24:46 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\ftp.exe
    [2009/07/13 21:39:12 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\HOSTNAME.EXE
    [2010/11/20 12:15:50 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\icacls.exe
    [2013/05/08 16:42:13 | 032,828,818 | ---- | M] (Google Inc.) -- C:\installer_r09-windows.exe
    [2009/07/13 21:39:13 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\ipconfig.exe
    [2009/07/13 21:39:15 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\lodctr.exe
    [2010/11/20 09:24:52 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\LogonUI.exe
    [2010/11/20 09:24:53 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\lsm.exe
    [2010/11/20 09:24:53 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\manage-bde.exe
    [2010/11/20 09:24:53 | 000,272,896 | ---- | M] (Microsoft Corporation) -- C:\mcbuilder.exe
    [2010/11/20 12:15:50 | 000,146,944 | ---- | M] (Microsoft Corporation) -- C:\MdSched.exe
    [2009/07/13 21:39:20 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\mountvol.exe
    [2009/07/13 21:39:20 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\MRINFO.EXE
    [2009/07/13 21:39:24 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\MuiUnattend.exe
    [2009/07/13 21:39:25 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\nbtstat.exe
    [2009/07/13 21:39:25 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\ndadmin.exe
    [2009/07/13 21:39:25 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\net.exe
    [2010/11/20 09:25:00 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\net1.exe
    [2009/07/13 21:39:25 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\netbtugc.exe
    [2009/07/13 21:39:25 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\netcfg.exe
    [2009/07/13 21:39:25 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\netiougc.exe
    [2009/07/13 21:39:25 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\netsh.exe
    [2009/07/13 21:39:25 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\NETSTAT.EXE
    [2009/07/13 21:39:25 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\newdev.exe
    [2009/07/13 21:39:25 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\notepad.exe
    [2010/11/20 09:33:46 | 005,563,776 | ---- | M] (Microsoft Corporation) -- C:\ntoskrnl.exe
    [2009/07/13 21:39:26 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\ntprint.exe
    [2009/07/13 21:39:26 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\PATHPING.EXE
    [2009/07/13 21:39:26 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\PING.EXE
    [2010/11/20 09:25:02 | 000,199,168 | ---- | M] (Microsoft Corporation) -- C:\PkgMgr.exe
    [2009/07/13 21:39:27 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\poqexec.exe
    [2009/07/13 21:39:27 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\print.exe
    [2009/07/13 21:39:28 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\rasautou.exe
    [2010/11/20 12:15:50 | 000,238,080 | ---- | M] (Microsoft Corporation) -- C:\recdisc.exe
    [2009/07/13 21:39:29 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\recover.exe
    [2009/07/13 21:39:29 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\reg.exe
    [2009/07/13 21:39:29 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\regedt32.exe
    [2009/07/13 21:39:29 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\regsvr32.exe
    [2010/11/20 09:25:06 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\repair-bde.exe
    [2009/07/13 21:39:30 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\replace.exe
    [2010/11/20 09:25:07 | 000,128,000 | ---- | M] (Microsoft) -- C:\Robocopy.exe
    [2009/07/13 21:39:31 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\ROUTE.EXE
    [2010/11/20 12:15:50 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\rstrui.exe
    [2010/11/20 09:25:08 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\sacsess.exe
    [2009/07/13 21:39:39 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\sfc.exe
    [2009/07/13 21:39:46 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\subst.exe
    [2009/07/13 21:39:46 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\sxstrace.exe
    [2010/11/20 09:25:22 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\takeown.exe
    [2010/11/20 09:25:23 | 000,257,024 | ---- | M] (Microsoft Corporation) -- C:\taskmgr.exe
    [2009/07/13 21:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\TCPSVCS.EXE
    [2012/04/11 09:49:44 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\TFC.exe
    [2009/07/13 21:39:48 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\TRACERT.EXE
    [2009/07/13 21:39:48 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\ucsvc.exe
    [2009/07/13 21:39:48 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\unlodctr.exe
    [2010/11/20 09:25:25 | 000,533,504 | ---- | M] (Microsoft Corporation) -- C:\vds.exe
    [2009/07/13 21:39:49 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\vdsldr.exe
    [2009/07/13 21:39:49 | 000,155,648 | ---- | M] (Microsoft Corporation) -- C:\verifier.exe
    [2010/11/20 12:00:37 | 000,244,224 | ---- | M] (Microsoft Corporation) -- C:\vmicsvc.exe
    [2010/11/20 12:15:50 | 001,600,512 | ---- | M] (Microsoft Corporation) -- C:\VSSVC.exe
    [2009/07/13 21:39:50 | 000,265,728 | ---- | M] (Microsoft Corporation) -- C:\wbadmin.exe
    [2010/11/20 09:25:28 | 001,504,256 | ---- | M] (Microsoft Corporation) -- C:\wbengine.exe
    [2010/11/20 12:16:54 | 000,541,696 | ---- | M] (Microsoft Corporation) -- C:\wdscapture.exe
    [2010/11/20 12:15:50 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\wermgr.exe
    [2009/07/13 21:39:51 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\wevtutil.exe
    [2009/07/13 21:39:52 | 000,403,968 | ---- | M] (Microsoft Corporation) -- C:\wimserv.exe
    [2009/07/13 21:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\wininit.exe
    [2010/11/20 09:28:59 | 000,605,552 | ---- | M] (Microsoft Corporation) -- C:\winload.exe
    [2009/07/13 21:39:53 | 000,571,392 | ---- | M] (Microsoft Corporation) -- C:\winpeshl.exe
    [2010/11/20 09:28:59 | 000,518,672 | ---- | M] (Microsoft Corporation) -- C:\winresume.exe
    [2009/07/13 21:39:57 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\wowreg32.exe
    [2009/07/13 21:39:57 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\wpeinit.exe
    [2009/07/13 21:39:57 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\wpeutil.exe
    [2010/11/20 12:16:14 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\wscript.exe
    [2009/07/13 21:39:58 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\xcopy.exe

    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles >

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\system32\drivers\*.sys /lockedfiles >

    < %systemroot%\System32\config\*.sav >

    < %systemroot%\system32\drivers\*.sys /90 >

    < End of report >

    Next scan:

    OTL Extras logfile created on: 8/31/2013 7:08:19 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\mrr107i\Desktop
    64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16660)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.75 Gb Total Physical Memory | 1.39 Gb Available Physical Memory | 50.64% Memory free
    5.49 Gb Paging File | 3.73 Gb Available in Paging File | 67.93% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 149.05 Gb Total Space | 106.95 Gb Free Space | 71.75% Space Free | Partition Type: NTFS

    Computer Name: MY-ACER | User Name: mrr107i | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- "%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL" "%1"
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [cmd] -- cmd.exe /s /k pushd "%V"
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
    Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
    Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- "%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL" "%1"
    Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [cmd] -- cmd.exe /s /k pushd "%V"
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
    Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
    Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{001BC93D-5B9C-437C-A8C2-378EC8141247}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{0831DD80-C91F-4EB2-B617-0B3250081078}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{0C79FDD0-F5F0-4567-8723-BD4E6DC3B0E1}" = lport=50001 | protocol=17 | dir=in | name=iha_messagecenter |
    "{219C5D8B-7672-4956-9454-524E1AAB6DF6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{32C18157-70D1-4E7E-80F5-EB6CBCC162CD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{47DEF4EC-B655-426E-A807-9620C7745A1A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{72A0A13C-1400-4202-95ED-2177365EC2EE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{7FC3A2E4-199E-45FD-8E58-27A0D0156AD8}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{989BF44E-9C10-480D-B1FF-EF41309C365F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{B2D270FB-B6B3-4CDB-A127-046BC0D7BA00}" = lport=50001 | protocol=17 | dir=in | name=iha_messagecenter |
    "{C3B4B0D6-A52A-480A-B5BC-07DE14616CF1}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{DD4A0834-6D28-44D4-B2B1-9D378A71D469}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{E41FDE9A-F4C5-4841-B469-2335D24E6245}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{F57F7793-11E2-4A99-A305-CB69976DAA16}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{F609D71A-C16E-4D53-BAFD-A9B2BE617FD4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{00169B85-539B-4B92-AA24-3E18C279C4B1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{0EE14802-4360-43F1-B1B0-AC7C6816CC3C}" = protocol=6 | dir=out | app=system |
    "{11DC0820-F2F2-4C7E-A138-44C9A2DFC0B3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{13E73D9A-976F-4C86-8594-670BD27A2FE5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{19F73BD2-CFD7-4CCA-B04E-17284554DBB7}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{26943E3D-6343-45B6-9C1B-375386C61981}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
    "{26BAE66E-1587-4AB9-BACF-3C5DA8FA988D}" = protocol=17 | dir=in | app=c:\users\mrr107i\appdata\local\google\google talk plugin\googletalkplugin.exe |
    "{280FF24A-D8BC-4C36-ADAF-F1F80E7BE8BF}" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
    "{385DF004-6E2E-41E2-89D6-921D377649B3}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
    "{43BA8D8E-0C52-4394-B97C-B81868169EA2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{4811F642-D211-4AAE-8612-DE41E6E06D39}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
    "{4B2EE96C-4B48-4CD5-AD9E-22C7C435C7D8}" = protocol=17 | dir=in | app=c:\program files (x86)\adawaretb\dtuser.exe |
    "{4EFD7992-4203-44A0-92FA-7CDF598070A6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "{63D5C79E-F355-4C88-BC10-C676FBB40219}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{6B5D238A-EBCB-4090-ABFC-273DD690E6F3}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
    "{6C7F44BF-DF4C-46BA-AB7B-EB8DFB44E534}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{72D6FA1B-8D2A-4E72-B13C-15CF66143894}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
    "{9046468A-75F9-4B29-8ABC-D0B9FBE24A42}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{9EF53FED-3D95-4667-8ADD-E09A444A973C}" = protocol=6 | dir=in | app=c:\users\mrr107i\appdata\local\google\google talk plugin\googletalkplugin.exe |
    "{9F32C751-AB59-4848-9215-B3243C0E8C78}" = protocol=6 | dir=in | app=c:\users\mrr107i\appdata\local\google\google talk plugin\googletalkplugin.exe |
    "{A5B3756A-2EEA-43B3-BF67-094EC3361349}" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
    "{A69BB037-8D79-46D2-BA45-3057D3803895}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{B124CF52-19B3-4348-813F-B074901A409B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{BD908D84-1DE8-49CA-AEFF-2FFA8FCC16EB}" = protocol=17 | dir=in | app=c:\users\mrr107i\appdata\local\google\google talk plugin\googletalkplugin.exe |
    "{BE9CC748-7DB2-43AB-BAE9-8FC6DDC8F9AF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{C249CD07-0557-412C-86D6-7D6465B7D457}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{D05AA52E-AF33-4B5B-9E18-4DF2A7FDA6EC}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
    "{E0F2939A-4718-4C97-8A47-D051AD900E94}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{E3FE4E90-F7C7-41A7-B584-C0F18E7F4997}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{E8BD0BEE-EA6D-4D8B-A0B2-84D024305A62}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{E9707BAE-224C-4507-9CAF-FA66A989DD86}" = protocol=6 | dir=in | app=c:\program files (x86)\adawaretb\dtuser.exe |
    "{F4F39682-0E9D-4203-B0CB-6997FD30A4FD}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
    "{F8A40AA8-7BB2-442E-AF3C-0CAF212193D2}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire 5\frostwire.exe |
    "TCP Query User{BB5F8B1F-583A-49DE-A73D-2A3962351AA5}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "TCP Query User{E6B67D9F-4CA9-4423-A0A6-2FD5C909775B}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
    "TCP Query User{F0B0959F-53ED-4A40-88ED-2D90D6A17B03}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
    "TCP Query User{F7C0AB56-B08D-409D-B312-20738027EBF7}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
    "UDP Query User{41D741C0-3C1B-4780-A72B-12CA5DE18E5B}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "UDP Query User{9D2A149C-36F3-4E19-B97C-33C54D82DCE5}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
    "UDP Query User{C928DD45-31AC-4E92-8F17-6B14AB08CED9}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
    "UDP Query User{F19470EC-7207-465B-880A-C59B2E149F04}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{290329c4-a276-3aec-b633-9f5a39d8dd96}" = Python 3.3.0 (64-bit)
    "{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1" = PeaZip 4.8.1 (WIN64)
    "{7F2E5C3B-DBDF-469D-AD8D-F686D3B71176}" = Debugging Tools for Windows (x64)
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{AD735182-26CD-42A6-B3F2-4544B23243AF}" = Oracle VM VirtualBox 4.2.14
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
    "{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
    "CCleaner" = CCleaner
    "CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
    "Defraggler" = Defraggler
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "PDF Creator" = PDF Creator

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
    "{0A5B39D2-7ED6-4779-BCC9-37F381139DB3}" = Adobe AIR
    "{18272881-CFC0-434D-A975-E5BE44206AA0}" = Windows Live UX Platform Language Pack
    "{1EA7C505-E6DA-4B85-9432-EBD3C70D510D}" = Windows Live Messenger
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{23A3E560-069F-4CFC-8F6C-1B526EC735FC}" = Windows Live Writer Resources
    "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
    "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
    "{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
    "{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}" = RealDownloader
    "{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
    "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
    "{5BABDA39-61CF-41EE-992D-4054B6649A9B}" = Movie Maker
    "{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
    "{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
    "{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{7CD0118B-FE1C-6513-7FCC-2D4BC220DD1F}" = Shutterfly Express Uploader
    "{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}" = Bing Desktop
    "{834265C4-CDF4-44D3-BD24-31531617EFB8}" = IHA_MessageCenter
    "{86C40513-B5A4-476E-9EAB-EC118DCF4502}" = Windows Live Writer
    "{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
    "{8C14F524-451D-467D-9B84-FD653D790902}" = Bing Bar
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
    "{944167EA-7F89-4705-8DCD-1D63B53141B0}" = Ad-Aware Antivirus
    "{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
    "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
    "{B80D3EA9-A252-4AE5-AC51-81729F5C586F}" = Windows Live Mail
    "{BA45BD32-4DF8-4BE8-8558-83A0280CEE8E}" = Vz In Home Agent
    "{C034A6F9-6569-491B-B3BF-F5D15221A708}" = Windows Live Essentials
    "{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
    "{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
    "{D888F114-7537-4D48-AF03-5DA9C82D7540}" = Photo Common
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{EB38C3E0-4863-3123-9114-5BE86EC8E5C7}" = Google Talk Plugin
    "{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
    "{FC6C7107-7D72-41A1-A031-3CE751159BAB}" = Photo Gallery
    "{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
    "1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = mail.com Software Updater
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Advanced PDF Repair v2.0" = Advanced PDF Repair v2.0
    "avast" = avast! Free Antivirus
    "AVG SafeGuard toolbar" = AVG SafeGuard toolbar
    "com.Shutterfly.ExpressUploader" = Shutterfly Express Uploader
    "DMX5_is1" = DriverMax 7
    "Duplicate Cleaner Free" = Duplicate Cleaner Free 3.0.1
    "Flash Player Pro_is1" = Flash Player Pro V5.4
    "FormatFactory" = FormatFactory 3.0.1
    "Foxit Reader_is1" = Foxit Reader
    "FrostWire 5" = FrostWire 5.5.3
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
    "Mozilla Firefox 23.0.1 (x86 en-US)" = Mozilla Firefox 23.0.1 (x86 en-US)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "RealPlayer 16.0" = RealPlayer
    "Scratch" = Scratch
    "Secunia PSI" = Secunia PSI (3.0.0.2004)
    "VLC media player" = VLC media player 2.0.8
    "WinLiveSuite" = Windows Live Essentials
    "Yahoo! Messenger" = Yahoo! Messenger
    "Yahoo! Software Update" = Yahoo! Software Update

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "SkyDriveSetup.exe" = Microsoft SkyDrive

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 7/9/2013 6:19:43 PM | Computer Name = My-Acer | Source = MsiInstaller | ID = 11001
    Description =

    Error - 7/9/2013 7:33:12 PM | Computer Name = My-Acer | Source = WinMgmt | ID = 10
    Description =

    Error - 7/10/2013 12:21:54 AM | Computer Name = My-Acer | Source = WinMgmt | ID = 10
    Description =

    Error - 7/10/2013 3:08:21 PM | Computer Name = My-Acer | Source = WinMgmt | ID = 10
    Description =

    Error - 7/10/2013 5:08:25 PM | Computer Name = My-Acer | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "c:\program files (x86)\innovative
    solutions\drivermax\DPInst\ia64\dpinst.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 7/10/2013 5:09:07 PM | Computer Name = My-Acer | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe".
    Dependent
    Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 7/10/2013 6:57:29 PM | Computer Name = My-Acer | Source = Application Hang | ID = 1002
    Description = The program IEXPLORE.EXE version 10.0.9200.16635 stopped interacting
    with Windows and was closed. To see if more information about the problem is available,
    check the problem history in the Action Center control panel. Process ID: 52f0 Start
    Time: 01ce7dc0c863b7c0 Termination Time: 47 Application Path: C:\Program Files (x86)\Internet
    Explorer\IEXPLORE.EXE Report Id:

    Error - 7/11/2013 6:58:06 AM | Computer Name = My-Acer | Source = WinMgmt | ID = 10
    Description =

    Error - 7/11/2013 10:17:50 AM | Computer Name = My-Acer | Source = WinMgmt | ID = 10
    Description =

    Error - 7/11/2013 8:15:17 PM | Computer Name = My-Acer | Source = WinMgmt | ID = 10
    Description =

    [ Media Center Events ]
    Error - 12/8/2012 9:21:17 PM | Computer Name = My-Acer | Source = MCUpdate | ID = 0
    Description = 8:21:16 PM - Failed to retrieve Directory (Error: The operation has
    timed out)

    Error - 12/8/2012 10:24:06 PM | Computer Name = My-Acer | Source = MCUpdate | ID = 0
    Description = 9:24:06 PM - Failed to retrieve Directory (Error: The operation has
    timed out)

    [ System Events ]
    Error - 8/31/2013 12:57:40 AM | Computer Name = My-Acer | Source = SNMP | ID = 16713180
    Description = The SNMP Service encountered an error while accessing the registry
    key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

    Error - 8/31/2013 12:57:46 AM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7000
    Description = The vToolbarUpdater15.5.0 service failed to start due to the following
    error: %%2

    Error - 8/31/2013 12:57:57 AM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    amdkmafd

    Error - 8/31/2013 6:05:54 PM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7009
    Description = A timeout was reached (30000 milliseconds) while waiting for the Bing
    Desktop Update service service to connect.

    Error - 8/31/2013 6:06:22 PM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7001
    Description = The Net.Msmq Listener Adapter service depends on the Windows Process
    Activation Service service which failed to start because of the following error:
    %%1058

    Error - 8/31/2013 6:06:22 PM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7001
    Description = The Net.Pipe Listener Adapter service depends on the Windows Process
    Activation Service service which failed to start because of the following error:
    %%1058

    Error - 8/31/2013 6:06:22 PM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7001
    Description = The Net.Tcp Listener Adapter service depends on the Windows Process
    Activation Service service which failed to start because of the following error:
    %%1058

    Error - 8/31/2013 6:06:53 PM | Computer Name = My-Acer | Source = SNMP | ID = 16713180
    Description = The SNMP Service encountered an error while accessing the registry
    key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

    Error - 8/31/2013 6:06:55 PM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7000
    Description = The vToolbarUpdater15.5.0 service failed to start due to the following
    error: %%2

    Error - 8/31/2013 6:07:05 PM | Computer Name = My-Acer | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
    amdkmafd


    < End of report >

    Thank You.

Page 1 of 2 12 LastLast