1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

HELP! Randomly Freezing!!

Discussion in 'Virus & Other Malware Removal' started by jake12, Jan 5, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. jake12

    jake12 Thread Starter

    Joined:
    Sep 25, 2010
    Messages:
    10
    Hi! My computer is just freezing and I can't seem to determine a cause. At best, when I come back after being away for a couple hours I know it happens every time. But there are also times when it just feezes when I am using Chrome.

    I have Bitdefender total security running, did a full system scan and it found nothing.

    I also downloaded a lot of spyware programs but they didn't help either.

    I am running Windows 7 Home Premium. 64 bit. SP 1

    Intel Core i7 2.0Ghz

    8GB Ram


    Thank you so very much!!
     
  2. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    37,198
    Hiya

    Can you run the following programs, and we'll go from there :)


    Download Security Check from here.
    • Save it to your Desktop.
    • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



    Please download Malwarebytes' Anti-Malware from Here

    Double Click mbam-setup.exe to install the application.
    • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Perform Quick Scan", then click Scan.
    • The scan may take some time to finish, so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the entire report in your next reply.
    Extra Note:
    If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediatly.






    Download and scan with SUPERAntiSpyware Free Edition for Home Users
    • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
    • An icon will be created on your desktop. Double-click that icon to launch the program.
    • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
    • Under "Configuration and Preferences", click the Preferences button.
    • Click the Scanning Control tab.
    • Under Scanner Options make sure the following are checked (leave all others unchecked):
      • Close browsers before scanning.
      • Scan for tracking cookies.
      • Terminate memory threats before quarantining.
    • Click the "Home" button to leave the control center screen.
    • On the right, under "Complete Scan", choose Perform Complete Scan.
    • Click Scan your computer.
    • On the left, select all fixed drives.
    • Click "Start Complete Scan" to start the scan. Please be patient while it scans your computer.
    • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "Continue".
    • Make sure everything has a checkmark next to it and click "Next".
    • A notification will appear that "Quarantine and Removal is Complete". Click "Remove Threats" and then click the "Finish" button to return to the main menu.
    • If asked if you want to reboot, click "Yes".
    • To retrieve the removal information after reboot, launch SUPERAntispyware again.
      • Click View Scan Logs.
        [*]Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
        [*]If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
        [*]Please copy and paste the Scan Log results in your next reply.
      [*]Click Close to exit the program.





    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.



    Please download AdwCleaner by Xplode onto your desktop.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Search.
    • A logfile will automatically open after the scan has finished.
    • Please post the contents of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[R1].txt as well.




    Please include the MBAM log, SUPERAntiSpyware Scan Log, checkup.txt, JRT.txt and dwCleaner[R1].txt in your next reply

    eddie
     
  3. jake12

    jake12 Thread Starter

    Joined:
    Sep 25, 2010
    Messages:
    10
    Hey Eddie! Thank you so very much for helping me :) Here are the files you requested. I could not run the junkware removal tool. It would freeze my computer. Tried a few times and left it overnight too.

    Please advise as to my next step!! Thank you very very much.

    My Best,
    Jake

    Results of screen317's Security Check version 0.99.57
    Windows 7 Service Pack 1 x64 (UAC is enabled)
    Internet Explorer 8 Out of date!
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Disabled!
    Bitdefender Antivirus
    Antivirus up to date!
    `````````Anti-malware/Other Utilities Check:`````````
    Spybot - Search & Destroy
    Malwarebytes Anti-Malware version 1.70.0.1100
    JavaFX 2.1.1
    Java(TM) 6 Update 29
    Java 7 Update 9
    Java version out of Date!
    Adobe Flash Player 11.5.502.146
    Mozilla Firefox (18.0)
    Google Chrome 23.0.1271.97
    Google Chrome 24.0.1312.52
    ````````Process Check: objlist.exe by Laurent````````
    Malwarebytes Anti-Malware mbamservice.exe
    Malwarebytes Anti-Malware mbamgui.exe
    Spybot Teatimer.exe is disabled!
    Malwarebytes' Anti-Malware mbamscheduler.exe
    Bitdefender Bitdefender 2012 vsserv.exe
    Bitdefender Bitdefender 2012 updatesrv.exe
    Bitdefender Bitdefender 2012 bdagent.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: 3%
    ````````````````````End of Log``````````````````````



    Malwarebytes Anti-Malware (Trial) 1.70.0.1100
    www.malwarebytes.org

    Database version: v2013.01.14.09

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 8.0.7601.17514
    Jake :: JAKE-VAIO [administrator]

    Protection: Enabled

    1/14/2013 12:40:48 PM
    mbam-log-2013-01-14 (12-40-48).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 288403
    Time elapsed: 4 minute(s), 30 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)



    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 01/14/2013 at 09:46 PM

    Application Version : 5.6.1014

    Core Rules Database Version : 9867
    Trace Rules Database Version: 7679

    Scan type : Quick Scan
    Total Scan Time : 01:14:04

    Operating System Information
    Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
    UAC On - Limited User

    Memory items scanned : 930
    Memory threats detected : 0
    Registry items scanned : 65563
    Registry threats detected : 0
    File items scanned : 27198
    File threats detected : 163

    Adware.Tracking Cookie
    accounts.youtube.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    accounts.youtube.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    accounts.youtube.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    C:\USERS\JAKE\AppData\Roaming\Microsoft\Windows\Cookies\Low\W136ZY0W.txt [ Cookie:[email protected]/accounts/ ]
    .questionmarket.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .questionmarket.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .xiti.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .kontera.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .tribalfusion.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .tacoda.net [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .ar.atwola.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .atwola.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .atwola.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .adbrite.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .at.atwola.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .at.atwola.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .lucidmedia.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    accounts.youtube.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .technoratimedia.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .technoratimedia.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .technoratimedia.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .technoratimedia.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    accounts.youtube.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    accounts.youtube.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .accounts.google.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .accounts.google.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .accounts.google.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    accounts.google.com [ C:\USERS\JAKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VNZD7NMS.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .legolas-media.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .imrworldwide.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .imrworldwide.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .subwayfranchiseeadvertising.122.2o7.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    insight.torbit.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    pulse-analytics-beacon.reutersmedia.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .arkansasonline.112.2o7.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .csc.112.2o7.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tripod.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tripod.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tripod.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tripod.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tripod.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .liveperson.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .dmtracker.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .histats.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .histats.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .stats.slashgear.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .stats.slashgear.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .stats.slashgear.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .stats.slashgear.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .stats.slashgear.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .legolas-media.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .liveperson.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .rambler.ru [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .rambler.ru [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .openstat.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .spylog.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    media.vfmii.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .usatoday1.112.2o7.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .liveperson.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    www.googleadservices.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .buycom.122.2o7.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .apmebf.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .apmebf.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .statcounter.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .linksynergy.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .linksynergy.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .linksynergy.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .linksynergy.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .2o7.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    cn.clickable.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .doubleclick.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .gmchevrolet.112.2o7.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media.vfmii.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media.vfmii.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media.vfmii.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    statse.webtrendslive.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .sparknetworks.112.2o7.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .legolas-media.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .kanoodle.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adbrite.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .lucidmedia.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adbrite.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .specificclick.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .steelhousemedia.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .px.steelhousemedia.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .steelhousemedia.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .hammacher.112.2o7.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .liveperson.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    sales.liveperson.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .liveperson.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .2o7.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .xiti.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .msnbc.112.2o7.net [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .legolas-media.com [ C:\USERS\JAKE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]



    # AdwCleaner v2.105 - Logfile created 01/14/2013 at 23:41:37
    # Updated 08/01/2013 by Xplode
    # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
    # User : Jake - JAKE-VAIO
    # Boot Mode : Normal
    # Running from : C:\Users\Jake\Downloads\adwcleaner.exe
    # Option [Search]


    ***** [Services] *****


    ***** [Files / Folders] *****

    File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
    Folder Found : C:\Program Files (x86)\AVG Secure Search
    Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
    Folder Found : C:\ProgramData\~0
    Folder Found : C:\ProgramData\Ask
    Folder Found : C:\ProgramData\AVG Secure Search
    Folder Found : C:\Users\Jake\AppData\Local\APN
    Folder Found : C:\Users\Jake\AppData\Local\AVG Secure Search
    Folder Found : C:\Users\Jake\AppData\LocalLow\AskToolbar
    Folder Found : C:\Users\Jake\AppData\LocalLow\AVG Secure Search
    Folder Found : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

    ***** [Registry] *****

    Key Found : HKCU\Software\APN
    Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
    Key Found : HKCU\Software\Ask.com
    Key Found : HKCU\Software\AVG Secure Search
    Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKLM\Software\APN
    Key Found : HKLM\Software\AVG Secure Search
    Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
    Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
    Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
    Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
    Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
    Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
    Key Found : HKU\S-1-5-21-3484849143-420229048-3217101452-1005\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
    Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
    Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
    Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v8.0.7601.17514

    [OK] Registry is clean.

    -\\ Mozilla Firefox v18.0 (en-US)

    File : C:\Users\Jake\AppData\Roaming\Mozilla\Firefox\Profiles\vnzd7nms.default\prefs.js

    Found : user_pref("extensions.crossriderapp3491.3491.InstallationThankYouPage", true);
    Found : user_pref("extensions.crossriderapp3491.3491.InstallationTime", 1348887814);
    Found : user_pref("extensions.crossriderapp3491.3491.InstallationUserSettings.searchUserConifrmation", false[...]
    Found : user_pref("extensions.crossriderapp3491.3491.InstallationUserSettings.setHomepage", false);
    Found : user_pref("extensions.crossriderapp3491.3491.InstallationUserSettings.setNewTab", false);
    Found : user_pref("extensions.crossriderapp3491.3491.InstallationUserSettings.setSearch", false);
    Found : user_pref("extensions.crossriderapp3491.3491.active", true);
    Found : user_pref("extensions.crossriderapp3491.3491.addressbar", "");
    Found : user_pref("extensions.crossriderapp3491.3491.addressbarenhanced", "");
    Found : user_pref("extensions.crossriderapp3491.3491.backgroundjs", "\n\n\"undefined\"!=typeof _GPL_BG_NEW&&[...]
    Found : user_pref("extensions.crossriderapp3491.3491.backgroundver", 12);
    Found : user_pref("extensions.crossriderapp3491.3491.can_run_bg_code", true);
    Found : user_pref("extensions.crossriderapp3491.3491.certdomaininstaller", "");
    Found : user_pref("extensions.crossriderapp3491.3491.changeprevious", false);
    Found : user_pref("extensions.crossriderapp3491.3491.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]
    Found : user_pref("extensions.crossriderapp3491.3491.cookie.InstallationTime.value", "1348887814");
    Found : user_pref("extensions.crossriderapp3491.3491.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00[...]
    Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...]
    Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_aoi.value", "1348887814");
    Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_blocklist.expiration", "Sat Jan 12 2013 17:[...]
    Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_blocklist.value", "%22nonexistantdomain.com[...]
    Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_country_code.expiration", "Tue Jan 15 2013 [...]
    Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_country_code.value", "%22US%22");
    Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...]
    Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_crr.value", "1358033065");
    Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030 0[...]
    Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_currenttime.value", "%221357677939%22");
    Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...]
    Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_hotfix20111102645.value", "%221%22");
    Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...]
    Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_installer_params.value", "%7B%22source_id%2[...]
    Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...]
    Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_parent_zoneid.value", "%2214019%22");
    Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 0[...]
    Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_pc_20120828.value", "1349139838816");
    Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...]
    Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_product_id.value", "%221140%22");
    Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...]
    Found : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_zoneid.value", "%2287426%22");
    Found : user_pref("extensions.crossriderapp3491.3491.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
    Found : user_pref("extensions.crossriderapp3491.3491.cookie.dbtest.value", "1349139825939");
    Found : user_pref("extensions.crossriderapp3491.3491.cookie.lastrequest.expiration", "Fri Feb 01 2030 00:00:[...]
    Found : user_pref("extensions.crossriderapp3491.3491.cookie.lastrequest.value", "%7B%22path%22%3A%22/threads[...]
    Found : user_pref("extensions.crossriderapp3491.3491.description", "Vid-Saver allows you to download your fa[...]
    Found : user_pref("extensions.crossriderapp3491.3491.domain", "");
    Found : user_pref("extensions.crossriderapp3491.3491.enablesearch", false);
    Found : user_pref("extensions.crossriderapp3491.3491.fbremoteurl", "");
    Found : user_pref("extensions.crossriderapp3491.3491.group", 0);
    Found : user_pref("extensions.crossriderapp3491.3491.homepage", "");
    Found : user_pref("extensions.crossriderapp3491.3491.iframe", false);
    Found : user_pref("extensions.crossriderapp3491.3491.internaldb.InstallerIdentifiers.expiration", "Fri Feb 0[...]
    Found : user_pref("extensions.crossriderapp3491.3491.internaldb.InstallerIdentifiers.value", "%7B%22installe[...]
    Found : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...]
    Found : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_appVer.value", "66");
    Found : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_lastVersion.expiration", "Fri Feb [...]
    Found : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_lastVersion.value", "0");
    Found : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...]
    Found : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_meta.value", "%7B%7D");
    Found : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_nextCheck.expiration", "Sat Jan 12[...]
    Found : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_nextCheck.value", "true");
    Found : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...]
    Found : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_queue.value", "%7B%7D");
    Found : user_pref("extensions.crossriderapp3491.3491.internaldb.SoftwareDetected.expiration", "Fri Feb 01 20[...]
    Found : user_pref("extensions.crossriderapp3491.3491.internaldb.SoftwareDetected.value", "%7B%22AnySoftware%[...]
    Found : user_pref("extensions.crossriderapp3491.3491.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GP[...]
    Found : user_pref("extensions.crossriderapp3491.3491.manifesturl", "");
    Found : user_pref("extensions.crossriderapp3491.3491.name", "Vid-Saver");
    Found : user_pref("extensions.crossriderapp3491.3491.newtab", "");
    Found : user_pref("extensions.crossriderapp3491.3491.opensearch", "");
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_1000014.code", "Array.prototype.indexOf|[...]
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_1000014.ver", 10);
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_1000015.code", "var _GPL_BG={vars:{},rul[...]
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_1000015.name", "GPL Background (BG)");
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_1000015.ver", 4);
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_13.code", "(function(a){a.selectedText=f[...]
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_13.name", "CrossriderAppUtils");
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_13.ver", 2);
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...]
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_14.name", "CrossriderUtils");
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_14.ver", 2);
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_15.code", "(function(f){var u={};var e=M[...]
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_15.name", "FacebookFFIE");
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_15.ver", 1);
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_16.code", "if((typeof isBackground===\"u[...]
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_16.name", "FFAppAPIWrapper");
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_16.ver", 4);
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_17.code", "if(typeof window!==\"undefine[...]
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_17.name", "jQuery");
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_17.ver", 3);
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_47.code", "(function(){appAPI.ready=func[...]
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_47.name", "resources_background");
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_47.ver", 1);
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPT[...]
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_64.name", "appApiMessage");
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_64.ver", 1);
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_72.code", "if(appAPI.__should_activate_v[...]
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_72.name", "appApiValidation");
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_72.ver", 1);
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_78.code", "(function(a){if(typeof a===\"[...]
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_78.name", "CrossriderInfo");
    Found : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_78.ver", 2);
    Found : user_pref("extensions.crossriderapp3491.3491.plugins_lists.plugins_0", "17,14,16,64,47,72,1000015");
    Found : user_pref("extensions.crossriderapp3491.3491.plugins_lists.plugins_1", "17,14,78,13,16,15,64,72,1000[...]
    Found : user_pref("extensions.crossriderapp3491.3491.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...]
    Found : user_pref("extensions.crossriderapp3491.3491.pluginsversion", 23);
    Found : user_pref("extensions.crossriderapp3491.3491.publisher", "215 Apps");
    Found : user_pref("extensions.crossriderapp3491.3491.searchstatus", 0);
    Found : user_pref("extensions.crossriderapp3491.3491.setnewtab", false);
    Found : user_pref("extensions.crossriderapp3491.3491.settingsurl", "");
    Found : user_pref("extensions.crossriderapp3491.3491.thankyou", "hxxp://vid-saver.com/thankyou.html");
    Found : user_pref("extensions.crossriderapp3491.3491.updateinterval", 360);
    Found : user_pref("extensions.crossriderapp3491.3491.ver", 66);
    Found : user_pref("extensions.crossriderapp3491.adsOldValue", -1);
    Found : user_pref("extensions.crossriderapp3491.apps", "3491");
    Found : user_pref("extensions.crossriderapp3491.bic", "13a1effa5afbee2d0b8c713f311d4511");
    Found : user_pref("extensions.crossriderapp3491.cid", 3491);
    Found : user_pref("extensions.crossriderapp3491.firstrun", false);
    Found : user_pref("extensions.crossriderapp3491.hadappinstalled", true);
    Found : user_pref("extensions.crossriderapp3491.installationdate", 1349139802);
    Found : user_pref("extensions.crossriderapp3491.lastcheck", 22633884);
    Found : user_pref("extensions.crossriderapp3491.lastcheckitem", 22633886);
    Found : user_pref("extensions.crossriderapp3491.modetype", "production");
    Found : user_pref("extensions.crossriderapp3491.reportInstall", true);
    Found : user_pref("[email protected]", true);
    Found : user_pref("extensions.enabledAddons", "testpilot%40labs.mozilla.com:1.2.2,%7Ba0d7ccb3-214d-498b-b4aa[...]

    -\\ Google Chrome v24.0.1312.52

    File : C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    -\\ Opera v12.12.1707.0

    File : C:\Users\Jake\AppData\Roaming\Opera\Opera\operaprefs.ini

    [OK] File is clean.

    *************************

    AdwCleaner[R1].txt - [18889 octets] - [14/01/2013 23:41:37]

    ########## EOF - C:\AdwCleaner[R1].txt - [18950 octets] ##########
     
  4. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    37,198
    That's okay, we'll leave that tool for now, but thanks for trying it anyway. It should only take around 10 mins at the most, so overnight means something was causing it to freeze :(


    • Close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click on Delete.
    • Confirm each time with Ok.
    • You will be prompted to restart your computer. A text file will open after the restart.
    • Please post the contents of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.



    -------------

    Now, your Java is out of date, so lets get that sorted out next:


    Upgrade Java : (32 bits)
    • Download the latest version of Java SE Runtime Environment (JRE) JRE 7 Update 11 .
    • Under the JAVA Platform Standard Edition, click the "Download JRE" button to the right.
    • Accept License Agreement.[/b]".
    • Click on the link to download Windows Offline Installation 32 bit ( jre-7u11-windows-i586.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
    • Close any programs you may have running - especially your web browser.
    • Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
    • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
    • Click the Remove or Change/Remove button.
    • Repeat as many times as necessary to remove each Java version.
    • Reboot your computer once all Java components are removed.
    • Then from your desktop double-click on the download to install the newest version.(Vista or Win 7 users, right click on the jre-7u11-windows-i586.exe and select "Run as an Administrator.")
    • Don't install any of the toolbars that are offered.


    After doing the above, for the remains of the Java, can you do this:

    Open Java in the Control Panel and under the General tab, under Temporary Internet Files, click the Settings button. Then click on Delete Files.

    Make sure both of these options are checked:

    • Applications and Applets
    • Trace and Log Files
    OK out of all the screens. :)


    ---------------

    Then, see if you can run the following tools.


    Please download aswMBR ( 4.5MB ) to your desktop.
    • Double click the aswMBR.exe icon, and click Run.
    • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
    • Click the Scan button to start the scan.
    • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.



    ----


    Delete any copies of Combofix that you have.

    Download ComboFix from one of these locations:

    Link 1
    Link 2


    * IMPORTANT !!! As you download it rename it to username123.exe and save it to your Desktop


    • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

      • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
      • Remember to re-enable the protection again afterwards before connecting to the Internet.
    • Double click on ComboFix.exe & follow the prompts.

    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


    [​IMG]


    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    [​IMG]


    Click on Yes, to continue scanning for malware.

    When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

    eddie
     
  5. jake12

    jake12 Thread Starter

    Joined:
    Sep 25, 2010
    Messages:
    10
    Hey Eddie! Here is what I have for ya. Thanks again!!

    # AdwCleaner v2.105 - Logfile created 01/16/2013 at 16:00:18
    # Updated 08/01/2013 by Xplode
    # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
    # User : Jake - JAKE-VAIO
    # Boot Mode : Normal
    # Running from : C:\Users\Jake\Downloads\adwcleaner.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****

    Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search
    File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
    Folder Deleted : C:\Program Files (x86)\AVG Secure Search
    Folder Deleted : C:\ProgramData\~0
    Folder Deleted : C:\ProgramData\Ask
    Folder Deleted : C:\ProgramData\AVG Secure Search
    Folder Deleted : C:\Users\Jake\AppData\Local\APN
    Folder Deleted : C:\Users\Jake\AppData\Local\AVG Secure Search
    Folder Deleted : C:\Users\Jake\AppData\LocalLow\AskToolbar
    Folder Deleted : C:\Users\Jake\AppData\LocalLow\AVG Secure Search
    Folder Deleted : C:\Users\Jake\AppData\Roaming\Mozilla\Firefox\Profiles\vnzd7nms.default\extensions\staged
    Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

    ***** [Registry] *****

    Key Deleted : HKCU\Software\APN
    Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
    Key Deleted : HKCU\Software\Ask.com
    Key Deleted : HKCU\Software\AVG Secure Search
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKLM\Software\APN
    Key Deleted : HKLM\Software\AVG Secure Search
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
    Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
    Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
    Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v8.0.7601.17514

    [OK] Registry is clean.

    -\\ Mozilla Firefox v18.0 (en-US)

    File : C:\Users\Jake\AppData\Roaming\Mozilla\Firefox\Profiles\vnzd7nms.default\prefs.js

    Deleted : user_pref("extensions.crossriderapp3491.3491.InstallationThankYouPage", true);
    Deleted : user_pref("extensions.crossriderapp3491.3491.InstallationTime", 1348887814);
    Deleted : user_pref("extensions.crossriderapp3491.3491.InstallationUserSettings.searchUserConifrmation", false[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.InstallationUserSettings.setHomepage", false);
    Deleted : user_pref("extensions.crossriderapp3491.3491.InstallationUserSettings.setNewTab", false);
    Deleted : user_pref("extensions.crossriderapp3491.3491.InstallationUserSettings.setSearch", false);
    Deleted : user_pref("extensions.crossriderapp3491.3491.active", true);
    Deleted : user_pref("extensions.crossriderapp3491.3491.addressbar", "");
    Deleted : user_pref("extensions.crossriderapp3491.3491.addressbarenhanced", "");
    Deleted : user_pref("extensions.crossriderapp3491.3491.backgroundjs", "\n\n\"undefined\"!=typeof _GPL_BG_NEW&&[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.backgroundver", 12);
    Deleted : user_pref("extensions.crossriderapp3491.3491.can_run_bg_code", true);
    Deleted : user_pref("extensions.crossriderapp3491.3491.certdomaininstaller", "");
    Deleted : user_pref("extensions.crossriderapp3491.3491.changeprevious", false);
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie.InstallationTime.value", "1348887814");
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_aoi.value", "1348887814");
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_blocklist.expiration", "Tue Jan 15 2013 23:[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_blocklist.value", "%22nonexistantdomain.com[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_country_code.expiration", "Tue Jan 22 2013 [...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_country_code.value", "%22US%22");
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_crr.value", "1358314781");
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030 0[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_currenttime.value", "%221357677771%22");
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_hotfix20111102645.value", "%221%22");
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_installer_params.value", "%7B%22source_id%2[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_parent_zoneid.value", "%2214019%22");
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 0[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_pc_20120828.value", "1349139838816");
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_product_id.value", "%221140%22");
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie._GPL_zoneid.value", "%2287426%22");
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie.dbtest.value", "1349139825939");
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie.lastrequest.expiration", "Fri Feb 01 2030 00:00:[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.cookie.lastrequest.value", "%7B%22path%22%3A%22/mail/%2[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.description", "Vid-Saver allows you to download your fa[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.domain", "");
    Deleted : user_pref("extensions.crossriderapp3491.3491.enablesearch", false);
    Deleted : user_pref("extensions.crossriderapp3491.3491.fbremoteurl", "");
    Deleted : user_pref("extensions.crossriderapp3491.3491.group", 0);
    Deleted : user_pref("extensions.crossriderapp3491.3491.homepage", "");
    Deleted : user_pref("extensions.crossriderapp3491.3491.iframe", false);
    Deleted : user_pref("extensions.crossriderapp3491.3491.internaldb.InstallerIdentifiers.expiration", "Fri Feb 0[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.internaldb.InstallerIdentifiers.value", "%7B%22installe[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_appVer.value", "66");
    Deleted : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_lastVersion.expiration", "Fri Feb [...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_lastVersion.value", "0");
    Deleted : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_meta.value", "%7B%7D");
    Deleted : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_nextCheck.expiration", "Wed Jan 16[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_nextCheck.value", "true");
    Deleted : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.internaldb.Resources_queue.value", "%7B%7D");
    Deleted : user_pref("extensions.crossriderapp3491.3491.internaldb.SoftwareDetected.expiration", "Fri Feb 01 20[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.internaldb.SoftwareDetected.value", "%7B%22AnySoftware%[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GP[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.manifesturl", "");
    Deleted : user_pref("extensions.crossriderapp3491.3491.name", "Vid-Saver");
    Deleted : user_pref("extensions.crossriderapp3491.3491.newtab", "");
    Deleted : user_pref("extensions.crossriderapp3491.3491.opensearch", "");
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_1000014.code", "Array.prototype.indexOf|[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_1000014.ver", 12);
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_1000015.code", "var _GPL_BG={vars:{},rul[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_1000015.name", "GPL Background (BG)");
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_1000015.ver", 4);
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_13.code", "(function(a){a.selectedText=f[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_13.name", "CrossriderAppUtils");
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_13.ver", 2);
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_14.name", "CrossriderUtils");
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_14.ver", 2);
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_15.code", "(function(f){var u={};var e=M[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_15.name", "FacebookFFIE");
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_15.ver", 1);
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_16.code", "if((typeof isBackground===\"u[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_16.name", "FFAppAPIWrapper");
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_16.ver", 4);
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_17.code", "if(typeof window!==\"undefine[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_17.name", "jQuery");
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_17.ver", 3);
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_47.code", "(function(){appAPI.ready=func[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_47.name", "resources_background");
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_47.ver", 1);
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPT[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_64.name", "appApiMessage");
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_64.ver", 1);
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_72.code", "if(appAPI.__should_activate_v[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_72.name", "appApiValidation");
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_72.ver", 1);
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_78.code", "(function(a){if(typeof a===\"[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_78.name", "CrossriderInfo");
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins.plugin_78.ver", 2);
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins_lists.plugins_0", "14,78,16,64,47,72,1000015");
    Deleted : user_pref("extensions.crossriderapp3491.3491.plugins_lists.plugins_1", "17,14,78,13,16,15,64,72,1000[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...]
    Deleted : user_pref("extensions.crossriderapp3491.3491.pluginsversion", 25);
    Deleted : user_pref("extensions.crossriderapp3491.3491.publisher", "215 Apps");
    Deleted : user_pref("extensions.crossriderapp3491.3491.searchstatus", 0);
    Deleted : user_pref("extensions.crossriderapp3491.3491.setnewtab", false);
    Deleted : user_pref("extensions.crossriderapp3491.3491.settingsurl", "");
    Deleted : user_pref("extensions.crossriderapp3491.3491.thankyou", "hxxp://vid-saver.com/thankyou.html");
    Deleted : user_pref("extensions.crossriderapp3491.3491.updateinterval", 360);
    Deleted : user_pref("extensions.crossriderapp3491.3491.ver", 68);
    Deleted : user_pref("extensions.crossriderapp3491.adsOldValue", -1);
    Deleted : user_pref("extensions.crossriderapp3491.apps", "3491");
    Deleted : user_pref("extensions.crossriderapp3491.bic", "13a1effa5afbee2d0b8c713f311d4511");
    Deleted : user_pref("extensions.crossriderapp3491.cid", 3491);
    Deleted : user_pref("extensions.crossriderapp3491.firstrun", false);
    Deleted : user_pref("extensions.crossriderapp3491.hadappinstalled", true);
    Deleted : user_pref("extensions.crossriderapp3491.installationdate", 1349139802);
    Deleted : user_pref("extensions.crossriderapp3491.lastcheck", 22638580);
    Deleted : user_pref("extensions.crossriderapp3491.lastcheckitem", 22638666);
    Deleted : user_pref("extensions.crossriderapp3491.modetype", "production");
    Deleted : user_pref("extensions.crossriderapp3491.reportInstall", true);
    Deleted : user_pref("[email protected]", true);
    Deleted : user_pref("extensions.enabledAddons", "testpilot%40labs.mozilla.com:1.2.2,%7Ba0d7ccb3-214d-498b-b4aa[...]

    -\\ Google Chrome v24.0.1312.52

    File : C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    -\\ Opera v12.12.1707.0

    File : C:\Users\Jake\AppData\Roaming\Opera\Opera\operaprefs.ini

    [OK] File is clean.

    *************************

    AdwCleaner[R1].txt - [19006 octets] - [14/01/2013 23:41:37]
    AdwCleaner[S1].txt - [19295 octets] - [16/01/2013 16:00:18]

    ########## EOF - C:\AdwCleaner[S1].txt - [19356 octets] ##########
    ComboFix 13-01-16.01 - Jake 01/16/2013 17:46:32.1.8 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8173.5025 [GMT -6:00]
    Running from: c:\users\Jake\Desktop\Jake123.exe
    AV: Bitdefender Antivirus *Disabled/Updated* {98CD50CE-5097-4098-9669-6C401FB3969C}
    FW: Bitdefender Firewall *Enabled* {A0F6D1EB-1AF8-41C0-BD36-C575E160D1E7}
    SP: Bitdefender Antispyware *Disabled/Updated* {23ACB12A-76AD-4F16-ACD9-57326434DC21}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\programdata\1317495561.bdinstall.bin
    c:\programdata\1339975472.bdinstall.bin
    c:\programdata\1339979638.bdinstall.bin
    c:\programdata\1339980704.bdinstall.bin
    c:\programdata\1339980777.bdinstall.bin
    c:\programdata\1339980889.bdinstall.bin
    c:\programdata\1339981154.bdinstall.bin
    c:\programdata\1339981624.bdinstall.bin
    c:\programdata\1339982482.bdinstall.bin
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-12-16 to 2013-01-16 )))))))))))))))))))))))))))))))
    .
    .
    2013-01-16 23:52 . 2013-01-16 23:52 -------- d-----w- c:\users\Default\AppData\Local\temp
    2013-01-16 23:52 . 2013-01-16 23:52 -------- d-----w- c:\users\boinc_master\AppData\Local\temp
    2013-01-16 23:42 . 2013-01-16 23:42 -------- d-----w- C:\Jake123
    2013-01-16 22:42 . 2013-01-16 22:42 -------- d-----w- c:\program files (x86)\Common Files\Java
    2013-01-16 22:41 . 2013-01-16 22:41 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
    2013-01-16 22:41 . 2013-01-16 22:41 -------- d-----w- c:\program files (x86)\Java
    2013-01-16 22:28 . 2013-01-16 22:28 -------- d-----w- c:\program files\Box Sync
    2013-01-15 16:40 . 2013-01-04 15:53 9060864 ----a-w- c:\windows\system32\mshtml.dll
    2013-01-15 04:13 . 2013-01-15 04:13 -------- d-----w- c:\windows\ERUNT
    2013-01-15 04:03 . 2013-01-15 06:25 -------- d-----w- C:\JRT
    2013-01-14 18:47 . 2013-01-14 18:47 -------- d-----w- c:\users\Jake\AppData\Roaming\SUPERAntiSpyware.com
    2013-01-14 18:47 . 2013-01-14 18:47 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
    2013-01-11 20:03 . 2013-01-11 20:03 -------- d-----w- c:\users\Jake\AppData\Roaming\Duality Software
    2013-01-11 19:23 . 2013-01-11 19:23 -------- d-----w- c:\program files (x86)\Mozilla Sunbird
    2013-01-09 16:15 . 2012-11-30 05:45 362496 ----a-w- c:\windows\system32\wow64win.dll
    2013-01-02 03:28 . 2013-01-02 03:28 -------- d-----w- C:\MGtools
    2013-01-02 03:14 . 2013-01-02 03:14 -------- d-----w- c:\program files\HitmanPro
    2013-01-02 02:53 . 2013-01-02 03:24 -------- d-----w- c:\programdata\HitmanPro
    2013-01-01 22:11 . 2013-01-01 22:11 -------- d-----w- c:\users\Jake\AppData\Roaming\Malwarebytes
    2013-01-01 22:11 . 2013-01-01 22:11 -------- d-----w- c:\programdata\Malwarebytes
    2012-12-31 22:56 . 2013-01-02 06:30 -------- d-----w- c:\programdata\Spybot - Search & Destroy
    2012-12-22 09:01 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
    2012-12-22 09:01 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
    2012-12-22 09:01 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
    2012-12-22 09:01 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2013-01-16 22:41 . 2012-05-08 23:11 859552 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
    2013-01-16 22:41 . 2011-09-23 03:46 780192 ----a-w- c:\windows\SysWow64\deployJava1.dll
    2013-01-10 07:32 . 2011-10-30 16:18 67599240 ----a-w- c:\windows\system32\MRT.exe
    2013-01-09 03:35 . 2012-04-04 15:02 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2013-01-09 03:35 . 2011-10-08 22:00 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-12-29 07:09 . 2011-10-09 00:52 952 --sha-w- c:\programdata\KGyGaAvL.sys
    2012-12-14 22:23 . 2012-12-14 22:23 30568 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
    2012-12-12 17:53 . 2012-12-12 17:53 261056 ----a-w- c:\windows\system32\drivers\avchv.sys
    2012-12-12 17:52 . 2012-12-12 17:52 587024 ----a-w- c:\windows\system32\drivers\avckf.sys
    2012-12-12 17:52 . 2012-03-21 01:22 705552 ----a-w- c:\windows\system32\drivers\avc3.sys
    2012-12-12 06:57 . 2012-12-12 06:57 0 ----a-w- c:\windows\SysWow64\shoE798.tmp
    2012-12-12 06:49 . 2012-12-12 06:49 255352 ----a-w- c:\windows\SysWow64\awrdscdc.ax
    2012-11-30 04:45 . 2013-01-09 16:15 44032 ----a-w- c:\windows\apppatch\acwow64.dll
    2012-11-12 12:28 . 2012-12-12 17:25 1638912 ----a-w- c:\windows\system32\mshtml.tlb
    2012-11-12 11:52 . 2012-12-12 17:25 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
    2012-11-09 05:45 . 2012-12-12 17:26 2048 ----a-w- c:\windows\system32\tzres.dll
    2012-11-09 04:42 . 2012-12-12 17:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
    2012-11-08 17:29 . 2012-11-08 17:29 1402312 ----a-w- c:\windows\SysWow64\msxml4.dll
    2012-11-02 05:59 . 2012-12-12 17:25 478208 ----a-w- c:\windows\system32\dpnet.dll
    2012-11-02 05:11 . 2012-12-12 17:25 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
    2012-10-27 06:26 . 2012-12-12 17:25 981504 ----a-w- c:\windows\SysWow64\wininet.dll
    2012-10-27 05:51 . 2012-12-12 17:25 1188864 ----a-w- c:\windows\system32\wininet.dll
    2012-10-27 05:51 . 2012-12-12 17:25 1494528 ----a-w- c:\windows\system32\urlmon.dll
    2012-10-27 05:51 . 2012-12-12 17:25 134144 ----a-w- c:\windows\system32\url.dll
    2012-10-27 05:49 . 2012-12-12 17:25 97792 ----a-w- c:\windows\system32\mshtmled.dll
    2012-10-27 05:49 . 2012-12-12 17:25 735744 ----a-w- c:\windows\system32\msfeeds.dll
    2012-10-27 05:49 . 2012-12-12 17:25 64512 ----a-w- c:\windows\system32\jsproxy.dll
    2012-10-27 05:49 . 2012-12-12 17:25 247808 ----a-w- c:\windows\system32\ieui.dll
    2012-10-27 05:49 . 2012-12-12 17:25 2453504 ----a-w- c:\windows\system32\iertutil.dll
    2012-10-27 05:49 . 2012-12-12 17:25 12295680 ----a-w- c:\windows\system32\ieframe.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 129272 ----a-w- c:\users\Jake\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 129272 ----a-w- c:\users\Jake\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 129272 ----a-w- c:\users\Jake\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 129272 ----a-w- c:\users\Jake\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2012-06-08 958392]
    "KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-06-08 21432]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
    "Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2010-09-23 38840]
    "Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2010-09-23 640440]
    "boincmgr"="c:\program files (x86)\BOINC\boincmgr.exe" [2010-05-27 4543232]
    "boinctray"="c:\program files (x86)\BOINC\boinctray.exe" [2010-05-27 58112]
    "ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
    "PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-27 648032]
    "googletalk"="c:\program files (x86)\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
    "KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-06-08 3521464]
    "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
    .
    c:\users\Jake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dropbox.lnk - c:\users\Jake\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-12-28 28539392]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Amazon Unbox.lnk - c:\program files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe [2011-11-23 97384]
    Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-3-24 1219360]
    Box Sync.lnk - c:\program files\Box Sync\BoxSync.exe [2012-12-19 8706560]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
    @=""
    .
    R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
    R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [2012-12-12 587024]
    R3 bdsandbox;bdsandbox;c:\windows\system32\drivers\bdsandbox.sys [2011-11-17 79952]
    R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [2011-05-18 47616]
    R3 DFX11_0;DFX Audio Enhancer 11;c:\windows\system32\drivers\dfx11_0x64.sys [2012-08-16 28008]
    R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
    R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-03 33736]
    R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
    R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys [2012-01-11 34304]
    R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys [2012-02-22 28160]
    R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
    R3 SafeBox;SafeBox;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [2012-08-23 75384]
    R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]
    R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-02-21 67232]
    R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
    R3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [2011-10-15 466736]
    R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
    R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-24 652016]
    R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-19 385336]
    R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-19 99104]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-05 1255736]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
    S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [2012-12-12 705552]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
    S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-12-14 30568]
    S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2012-08-23 93160]
    S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-11-15 103504]
    S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys [2010-01-20 103944]
    S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
    S2 BOINC;WORLDC~1|World Community Grid;c:\program files (x86)\BOINC\boinc.exe [2010-05-27 529152]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
    S2 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2012-11-13 60416]
    S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576]
    S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176]
    S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 14112]
    S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimssne64.sys [2011-03-01 102400]
    S2 risdsnpe;risdsnpe;c:\windows\system32\DRIVERS\risdsnxc64.sys [2011-03-01 98816]
    S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
    S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-03-20 378472]
    S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
    S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
    S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-03-07 2656280]
    S2 UPDATESRV;BitDefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2012\updatesrv.exe [2012-08-23 67904]
    S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2011-02-15 550080]
    S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2011-02-28 852160]
    S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-12-14 711112]
    S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
    S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [2012-12-12 261056]
    S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2011-04-01 436776]
    S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-04-01 39976]
    S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-05-21 99384]
    S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
    S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-03-07 413800]
    S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2010-04-26 12032]
    S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
    S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
    S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
    S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
    S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
    S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-05-21 203320]
    S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
    S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2011-03-30 1021112]
    .
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - ASWMBR
    *Deregistered* - aswMBR
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
    2013-01-13 17:11 1606760 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2013-01-16 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 03:35]
    .
    2013-01-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-05 16:05]
    .
    2013-01-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-05 16:05]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopFileLocked]
    @="{C253B817-3A00-475f-A5A3-6F2DD704B48D}"
    [HKEY_CLASSES_ROOT\CLSID\{C253B817-3A00-475f-A5A3-6F2DD704B48D}]
    2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSynced]
    @="{19ACC806-F7AA-46AA-A80A-726A07CA6637}"
    [HKEY_CLASSES_ROOT\CLSID\{19ACC806-F7AA-46AA-A80A-726A07CA6637}]
    2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSyncedCollabs]
    @="{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}"
    [HKEY_CLASSES_ROOT\CLSID\{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}]
    2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSynced]
    @="{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}"
    [HKEY_CLASSES_ROOT\CLSID\{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}]
    2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSyncedCollab]
    @="{9E48C232-F601-4E41-BB3E-16CBAF317AA4}"
    [HKEY_CLASSES_ROOT\CLSID\{9E48C232-F601-4E41-BB3E-16CBAF317AA4}]
    2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 162552 ----a-w- c:\users\Jake\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 162552 ----a-w- c:\users\Jake\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 162552 ----a-w- c:\users\Jake\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2012-11-13 23:32 162552 ----a-w- c:\users\Jake\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1]
    @="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}"
    [HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}]
    2012-08-23 17:02 266952 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2]
    @="{342DAA0B-D796-460D-8566-901E08A1CCAD}"
    [HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}]
    2012-08-23 17:02 266952 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3]
    @="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}"
    [HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}]
    2012-08-23 17:02 266952 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4]
    @="{33816773-98AE-4723-ADE0-EBE54C8B5A67}"
    [HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}]
    2012-08-23 17:02 266952 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-07 11776104]
    "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-07 2188904]
    "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-29 497648]
    "BDAgent"="c:\program files\Bitdefender\Bitdefender 2012\bdagent.exe" [2012-12-12 1091200]
    "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
    "BoxSyncHelper"="c:\program files\Box Sync\BoxSyncHelper.exe" [2012-12-20 393216]
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://sony.msn.com
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    TCP: DhcpNameServer = 192.168.1.254
    FF - ProfilePath - c:\users\Jake\AppData\Roaming\Mozilla\Firefox\Profiles\vnzd7nms.default\
    FF - ExtSQL: 2012-12-14 16:23; [email protected]; c:\programdata\AVG Secure Search\FireFoxExt\13.2.0.5
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Wow6432Node-HKLM-Run-<NO NAME> - (no file)
    Wow6432Node-HKLM-Run-vProt - c:\program files (x86)\AVG Secure Search\vprot.exe
    Wow6432Node-HKLM-Run-ROC_roc_ssl_v12 - c:\program files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe
    ShellIconOverlayIdentifiers-{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} - c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
    ShellIconOverlayIdentifiers-{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} - c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
    ShellIconOverlayIdentifiers-{A759AFF6-5851-457D-A540-F4ECED148351} - c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
    ShellIconOverlayIdentifiers-{1574C9EF-7D58-488F-B358-8B78C1538F51} - c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
    HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
    .
    .
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
    "ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2013-01-16 17:55:14
    ComboFix-quarantined-files.txt 2013-01-16 23:55
    .
    Pre-Run: 283,650,678,784 bytes free
    Post-Run: 284,988,346,368 bytes free
    .
    - - End Of File - - D1E0AF3D311FC23B0C6E078485BB584B
     
  6. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    37,198
    Thanks :)


    Download OTL to your Desktop

    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • When the window appears, underneath Output at the top change it to Minimal Output.
    • Select
      All Users
      LOP Check
      Purity Check
    • Under the Standard Registry box change it to All
    • Please copy the text in the code box below and paste it in the Custom Scans/Fixes box in OTL:

      Code:
      netsvcs
      activex
      msconfig
      %programdata%\*.*
      %windir%SysWow64\*.tmp
      %SYSTEMDRIVE%\*.
      %$Recycle.Bin\
      %PROGRAMFILES%\*.exe
      %LOCALAPPDATA%\*.exe
      %windir%\Installer\*.*
      %windir%\system32\tasks\*.*
      %windir%\system32\tasks\*.* /64
      %systemroot%\Fonts\*.exe
      %systemroot%\*. /mp /s
      /md5start
      consrv.dll
      explorer.exe
      winlogon.exe
      regedit.exe
      Userinit.exe
      svchost.exe
      services.exe
      user32.dll
      ATAPI.SYS
      /md5stop
      C:\Windows\assembly\tmp\U\*.* /s
      %Temp%\smtmp\1\*.*
      %Temp%\smtmp\2\*.*
      %Temp%\smtmp\3\*.*
      %Temp%\smtmp\4\*.*
      >C:\commands.txt echo list vol /raw /hide /c
      /wait
      >C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
      /wait
      type c:\diskreport.txt /c
      /wait
      erase c:\commands.txt /hide /c
      /wait
      erase c:\diskreport.txt /hide /c
      CREATERESTOREPOINT
      
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic
     
  7. jake12

    jake12 Thread Starter

    Joined:
    Sep 25, 2010
    Messages:
    10
    Hey Eddie! So I haven't been able to run that program with a busy weekend but... it stopped freezing and causing problems!! :)

    I do have another question if you don't mind. I tried to update a windows program by using the update function inside of the program. When I do, it keeps giving me an error 403 message. Do you know what that means?
     
  8. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    37,198
    Yep, I know about OTL freezing, many are reporting the same this weekend :(

    Just click on Quick Scan, leave the box at the bottom empty and it should work this time.

    Will look at the other stuff when I get home, but may be late as I have an audit.


    --

    Just re-read your reply, and are you saying the computer itself is not freezing as much?
     
  9. jake12

    jake12 Thread Starter

    Joined:
    Sep 25, 2010
    Messages:
    10
    Thanks Eddie! Here they are OTL and extras in that order :)

    OTL logfile created on: 1/21/2013 12:53:00 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jake\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7601.17514)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    7.98 Gb Total Physical Memory | 4.07 Gb Available Physical Memory | 51.03% Memory free
    15.96 Gb Paging File | 10.64 Gb Available in Paging File | 66.67% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 449.56 Gb Total Space | 264.85 Gb Free Space | 58.91% Space Free | Partition Type: NTFS
    Drive D: | 7.39 Gb Total Space | 4.83 Gb Free Space | 65.27% Space Free | Partition Type: FAT32
    Drive E: | 4.08 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

    Computer Name: JAKE-VAIO | User Name: Jake | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Users\Jake\Downloads\OTL (1).exe (OldTimer Tools)
    PRC - C:\Users\Jake\Desktop\Jake123.exe (Swearware)
    PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
    PRC - C:\Users\Jake\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe ()
    PRC - C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe (Digital Delivery Networks, Inc.)
    PRC - C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe (Digital Delivery Networks, Inc.)
    PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
    PRC - C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe (Amazon.com)
    PRC - C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe (Amazon.com)
    PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
    PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
    PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
    PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
    PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
    PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
    PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
    PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
    PRC - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
    PRC - C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation)
    PRC - C:\Program Files\Sony\VAIO Care\listener.exe (Sony of America Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
    PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
    PRC - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
    PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
    PRC - C:\Program Files (x86)\BOINC\boincmgr.exe (World Community Grid)
    PRC - C:\Program Files (x86)\BOINC\boinctray.exe (Space Sciences Laboratory)
    PRC - C:\Program Files (x86)\BOINC\boinc.exe (World Community Grid)
    PRC - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
    PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)


    ========== Modules (No Company Name) ==========

    MOD - C:\Users\Jake\AppData\Local\Temp\nsb210B.tmp\System.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7badd9a67b9f34f7222697c220dfa88b\System.DirectoryServices.AccountManagement.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\25cfdeaf091f16f3f3a7123a91a179ab\System.Xml.Linq.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\430cf827c8557371e5c5d5bc572a5759\System.Data.Linq.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\4e9a3b9427dae6b94cb5ae1d134282ac\System.AddIn.Contract.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\1149dca3c109f46c30cf25cb34873dd4\System.AddIn.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\27649bdc3da750e2e072dedbff56cc0b\IAStorUtil.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\09a468fb987e5a5f345346b0910c89ca\IAStorCommon.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0ac577a8ad6528ff03b50db5eeeac8be\System.Web.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\01c6cb58745f397c9b7ccf3ab7bfc9cd\System.EnterpriseServices.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\536d704e93ffec9b54e4a0312fb5b996\System.Transactions.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\abf5f0f6b5d995fb86b0529ac85e14ed\System.DirectoryServices.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\3abd733e8fa28fafbfc99458fdf691da\System.Security.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\520a80ddcdd1084993516f4d42a73e05\System.Xml.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
    MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ppgooglenaclpluginchrome.dll ()
    MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll ()
    MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\pdf.dll ()
    MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\libglesv2.dll ()
    MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\libegl.dll ()
    MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ffmpegsumo.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\System.Data.SqlServerCe\3.5.1.0__89845dcd8080cc91\System.Data.SqlServerCe.dll ()
    MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
    MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
    MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
    MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()


    ========== Services (SafeList) ==========

    SRV:64bit: - (VSSERV) -- C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe (Bitdefender)
    SRV:64bit: - (SafeBox) -- C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe (Bitdefender)
    SRV:64bit: - (UPDATESRV) -- C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe (Bitdefender)
    SRV:64bit: - (Update Server) -- C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe (BitDefender)
    SRV:64bit: - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
    SRV:64bit: - (VUAgent) -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe (Sony Corporation)
    SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
    SRV:64bit: - (VSNService) -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
    SRV:64bit: - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
    SRV:64bit: - (VcmINSMgr) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
    SRV:64bit: - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
    SRV:64bit: - (VCService) -- C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation)
    SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation)
    SRV:64bit: - (SpfService) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation)
    SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
    SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
    SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
    SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
    SRV - (vToolbarUpdater13.2.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe ()
    SRV - (Oasis2Service) -- C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe (Digital Delivery Networks, Inc.)
    SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
    SRV - (ADVService) -- C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe (Amazon.com)
    SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
    SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
    SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
    SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
    SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
    SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
    SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
    SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
    SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
    SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
    SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
    SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
    SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
    SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
    SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
    SRV - (AdobeActiveFileMonitor9.0) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
    SRV - (BOINC) -- C:\Program Files (x86)\BOINC\boinc.exe (World Community Grid)
    SRV - (IviRegMgr) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
    SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
    SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
    SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
    SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
    DRV:64bit: - (avchv) -- C:\Windows\SysNative\drivers\avchv.sys (BitDefender)
    DRV:64bit: - (avckf) -- C:\Windows\SysNative\drivers\avckf.sys (BitDefender)
    DRV:64bit: - (avc3) -- C:\Windows\SysNative\drivers\avc3.sys (BitDefender)
    DRV:64bit: - (BdfNdisf) -- c:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys (BitDefender LLC)
    DRV:64bit: - (DFX11_0) -- C:\Windows\SysNative\drivers\dfx11_0x64.sys (Windows (R) Win 7 DDK provider)
    DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
    DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
    DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
    DRV:64bit: - (mcaudrv_simple) -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys (ManyCam LLC)
    DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys (ManyCam LLC)
    DRV:64bit: - (bdsandbox) -- C:\Windows\SysNative\drivers\bdsandbox.sys (BitDefender SRL)
    DRV:64bit: - (bdfwfpf) -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys (BitDefender LLC)
    DRV:64bit: - (trufos) -- C:\Windows\SysNative\drivers\trufos.sys (BitDefender S.R.L.)
    DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
    DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
    DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
    DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
    DRV:64bit: - (bdfsfltr) -- C:\Windows\SysNative\drivers\bdfsfltr.sys (BitDefender)
    DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
    DRV:64bit: - (NuidFltr) -- C:\Windows\SysNative\drivers\nuidfltr.sys (Microsoft Corporation)
    DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
    DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
    DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
    DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
    DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
    DRV:64bit: - (BTWAMPFL) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
    DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
    DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
    DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
    DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
    DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
    DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
    DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
    DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
    DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsnxc64.sys (REDC)
    DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC)
    DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
    DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
    DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
    DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
    DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
    DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
    DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
    DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
    DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
    DRV:64bit: - (BDVEDISK) -- C:\Windows\SysNative\drivers\bdvedisk.sys (BitDefender)
    DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation)
    DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
    DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
    DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
    DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
    DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\drivers\e1y60x64.sys (Intel Corporation)
    DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
    DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
    DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
    DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
    DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
    DRV:64bit: - (regi) -- C:\Windows\SysNative\drivers\regi.sys (InterVideo)
    DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-21-3484849143-420229048-3217101452-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony.msn.com
    IE - HKU\S-1-5-21-3484849143-420229048-3217101452-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://sony.msn.com
    IE - HKU\S-1-5-21-3484849143-420229048-3217101452-1000\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-21-3484849143-420229048-3217101452-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-21-3484849143-420229048-3217101452-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://sony.msn.com
    IE - HKU\S-1-5-21-3484849143-420229048-3217101452-1005\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-21-3484849143-420229048-3217101452-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20120926
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0
    FF - user.js - File not found

    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
    FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10516.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)

    64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2012\BDTBEXT\ [2012/06/17 19:25:14 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/09/01 23:57:19 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\SearchPredict\PRFireFox
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files (x86)\SPEEDbit Video Downloader\SPFireFox
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/19 23:19:46 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/01/19 23:19:42 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: C:\Program Files (x86)\Mozilla Sunbird\components [2013/01/11 13:23:09 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Sunbird\plugins
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext\ [2012/06/17 19:25:14 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/19 23:19:46 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/01/19 23:19:42 | 000,000,000 | ---D | M]

    [2013/01/11 13:33:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jake\AppData\Roaming\Mozilla\Extensions
    [2013/01/11 13:33:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jake\AppData\Roaming\Mozilla\Extensions\{718e30fb-e89b-41dd-9da7-e25a45638b28}
    [2013/01/19 17:49:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jake\AppData\Roaming\Mozilla\Firefox\Profiles\vnzd7nms.default\extensions
    [2012/10/04 08:44:14 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Jake\AppData\Roaming\Mozilla\Firefox\Profiles\vnzd7nms.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
    [2013/01/11 13:33:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jake\AppData\Roaming\Mozilla\Sunbird\Profiles\lt3big9c.default\extensions
    [2013/01/19 23:19:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2013/01/19 23:19:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
    [2013/01/19 23:19:46 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
    [2012/12/15 15:29:28 | 000,003,571 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
    [2012/12/11 20:42:05 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
    [2013/01/16 00:11:27 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

    ========== Chrome ==========

    CHR - homepage: http://sony.msn.com/
    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:eek:riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
    CHR - homepage: http://sony.msn.com/
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll
    CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\pdf.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
    CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Users\Jake\AppData\Roaming\Mozilla\plugins\npatgpc.dll
    CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    CHR - plugin: AmazonMP3DownloaderPlugin (Enabled) = C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll
    CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll
    CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
    CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
    CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
    CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
    CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
    CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
    CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10516.0\npctrl.dll
    CHR - Extension: Google Drive = C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
    CHR - Extension: WOT = C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.6_0\
    CHR - Extension: YouTube = C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
    CHR - Extension: Google Search = C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
    CHR - Extension: Session Buddy = C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko\3.1.4_0\
    CHR - Extension: AdBlock = C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.55_0\
    CHR - Extension: Grass = C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiboiefncpfjihjdedpaoammipkilla\1.0_0\
    CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
    CHR - Extension: Gmail = C:\Users\Jake\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    O1 HOSTS File: ([2013/01/16 17:52:54 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
    O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3 - HKU\S-1-5-21-3484849143-420229048-3217101452-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3 - HKU\S-1-5-21-3484849143-420229048-3217101452-1005\..\Toolbar\WebBrowser: (no name) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - No CLSID value found.
    O3 - HKU\S-1-5-21-3484849143-420229048-3217101452-1005\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
    O4:64bit: - HKLM..\Run: [BDAgent] C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe (Bitdefender)
    O4:64bit: - HKLM..\Run: [BoxSyncHelper] C:\Program Files\Box Sync\BoxSyncHelper.exe (Box, Inc.)
    O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
    O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [boincmgr] C:\Program Files (x86)\BOINC\boincmgr.exe (World Community Grid)
    O4 - HKLM..\Run: [boinctray] C:\Program Files (x86)\BOINC\boinctray.exe (Space Sciences Laboratory)
    O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
    O4 - HKLM..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe (Google)
    O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
    O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
    O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
    O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
    O4 - HKU\S-1-5-21-3484849143-420229048-3217101452-1000..\Run: [chromium] C:\Users\boinc_master\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window File not found
    O4 - HKU\S-1-5-21-3484849143-420229048-3217101452-1000..\Run: [Google Update] "C:\Users\Jake\AppData\Local\Google\Update\GoogleUpdate.exe" /c File not found
    O4 - HKU\S-1-5-21-3484849143-420229048-3217101452-1000..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup File not found
    O4 - HKU\S-1-5-21-3484849143-420229048-3217101452-1000..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
    O4 - HKU\S-1-5-21-3484849143-420229048-3217101452-1000..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
    O4 - HKU\S-1-5-21-3484849143-420229048-3217101452-1000..\Run: [ManyCam] "C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe" /silent File not found
    O4 - HKU\S-1-5-21-3484849143-420229048-3217101452-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-3484849143-420229048-3217101452-1000..\Run: [SugarSync] "C:\Program Files (x86)\SugarSync\SugarSyncManager.exe" -startInTray -usedelay=true File not found
    O4 - HKU\S-1-5-21-3484849143-420229048-3217101452-1005..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
    O4 - HKU\S-1-5-21-3484849143-420229048-3217101452-1005..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
    O4 - HKU\S-1-5-21-3484849143-420229048-3217101452-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - Startup: C:\Users\Jake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Jake\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictRun = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-3484849143-420229048-3217101452-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-3484849143-420229048-3217101452-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-3484849143-420229048-3217101452-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKU\S-1-5-21-3484849143-420229048-3217101452-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictRun = 0
    O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
    O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
    O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O13 - gopher Prefix: missing
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{92C3B864-4665-4300-A93F-1EA0EC01A858}: DhcpNameServer = 10.100.18.2
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0DB9FAF-EAF1-49A7-83B2-7CFAF7099800}: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1B0DA69-9F48-4BE4-A6FF-1F253D2C67AE}: DhcpNameServer = 192.168.42.129
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/01/21 12:51:20 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
    [2013/01/19 23:19:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
    [2013/01/19 17:37:57 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallJammer Registry
    [2013/01/19 17:16:56 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
    [2013/01/19 17:16:55 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Speedbit
    [2013/01/19 17:16:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SpeedBit
    [2013/01/19 17:16:44 | 000,172,032 | ---- | C] (Jin Hui E-mail: [email protected] Web: http://www.jcomsoft.com) -- C:\Windows\SysWow64\AniGIF.ocx
    [2013/01/19 17:16:44 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedBit
    [2013/01/19 17:07:22 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Roaming\Real
    [2013/01/19 16:56:37 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Local\gtk-2.0
    [2013/01/17 10:27:41 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
    [2013/01/16 17:44:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
    [2013/01/16 17:44:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
    [2013/01/16 17:44:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
    [2013/01/16 17:42:39 | 000,000,000 | ---D | C] -- C:\Jake123
    [2013/01/16 17:42:25 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2013/01/16 17:41:59 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
    [2013/01/16 17:38:13 | 005,025,054 | ---- | C] (Swearware) -- C:\Users\Jake\Desktop\Jake123.exe
    [2013/01/16 16:42:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
    [2013/01/16 16:41:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
    [2013/01/16 16:28:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Box Sync
    [2013/01/16 16:28:13 | 000,000,000 | ---D | C] -- C:\Program Files\Box Sync
    [2013/01/14 22:13:21 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
    [2013/01/14 22:03:26 | 000,000,000 | ---D | C] -- C:\JRT
    [2013/01/14 12:47:21 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Roaming\SUPERAntiSpyware.com
    [2013/01/14 12:47:13 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
    [2013/01/11 14:03:48 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Roaming\Duality Software
    [2013/01/11 13:23:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Sunbird
    [2013/01/11 13:23:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Sunbird
    [2013/01/05 10:06:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    [2013/01/01 21:28:43 | 000,000,000 | ---D | C] -- C:\MGtools
    [2013/01/01 21:14:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
    [2013/01/01 21:14:04 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
    [2013/01/01 20:53:58 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
    [2013/01/01 20:45:42 | 000,000,000 | ---D | C] -- C:\Users\Jake\Desktop\RK_Quarantine
    [2013/01/01 16:11:51 | 000,000,000 | ---D | C] -- C:\Users\Jake\AppData\Roaming\Malwarebytes
    [2013/01/01 16:11:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2013/01/01 15:54:33 | 000,000,000 | ---D | C] -- C:\Users\Jake\Desktop\LV
    [2012/12/31 16:56:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
    [2012/12/25 15:52:17 | 000,000,000 | ---D | C] -- C:\Users\Jake\Desktop\MCAT To print
    [4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2013/01/21 12:52:37 | 000,779,724 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2013/01/21 12:52:37 | 000,660,770 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2013/01/21 12:52:37 | 000,121,408 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2013/01/21 12:51:38 | 005,025,054 | ---- | M] (Swearware) -- C:\Users\Jake\Desktop\Jake123.exe
    [2013/01/21 12:35:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2013/01/21 12:10:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2013/01/21 11:37:58 | 000,040,813 | ---- | M] () -- C:\test.xml
    [2013/01/21 10:41:35 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/01/21 10:41:35 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/01/21 10:32:58 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2013/01/21 10:32:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013/01/21 10:31:54 | 2132,713,471 | -HS- | M] () -- C:\hiberfil.sys
    [2013/01/19 19:09:31 | 000,000,952 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
    [2013/01/19 17:42:45 | 000,000,218 | ---- | M] () -- C:\Users\Jake\AppData\Local\recently-used.xbel
    [2013/01/19 17:39:10 | 000,000,090 | ---- | M] () -- C:\ProgramData\Facebook Video Downloader set
    [2013/01/19 17:14:08 | 000,109,256 | ---- | M] () -- C:\Windows\SysWow64\EasyHook64.dll
    [2013/01/19 17:14:08 | 000,090,824 | ---- | M] () -- C:\Windows\SysWow64\EasyHook32.dll
    [2013/01/17 21:10:00 | 007,507,367 | ---- | M] () -- C:\Users\Jake\Desktop\Boa go.pdf
    [2013/01/17 21:09:56 | 008,772,172 | ---- | M] () -- C:\Users\Jake\Desktop\BA - GmRGD (2011).pdf
    [2013/01/16 18:07:25 | 000,055,651 | ---- | M] () -- C:\Users\Jake\Desktop\308986_10150954680950131_1600746009_n.jpg
    [2013/01/16 17:52:54 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
    [2013/01/16 17:06:51 | 000,000,512 | ---- | M] () -- C:\Users\Jake\Desktop\MBR.dat
    [2013/01/16 16:31:24 | 000,001,472 | ---- | M] () -- C:\Users\Jake\Desktop\My Box Files.lnk
    [2013/01/16 16:28:13 | 000,001,854 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Box Sync.lnk
    [2013/01/13 12:42:41 | 000,002,215 | ---- | M] () -- C:\Users\Jake\Desktop\Google Chrome.lnk
    [2013/01/11 14:13:35 | 000,581,332 | ---- | M] () -- C:\Users\Jake\Desktop\Jan15mo4.ics
    [2013/01/11 13:53:35 | 000,671,653 | ---- | M] () -- C:\Users\Jake\Desktop\Jan25mo4.ics
    [2013/01/11 13:23:12 | 000,001,923 | ---- | M] () -- C:\Users\Jake\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Sunbird.lnk
    [2013/01/11 13:23:12 | 000,001,899 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Sunbird.lnk
    [2013/01/10 09:56:12 | 000,360,232 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2013/01/10 01:41:01 | 000,773,940 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2013/01/07 16:03:21 | 000,098,110 | ---- | M] () -- C:\Users\Jake\Desktop\268127_395665110521198_577540544_n.jpg
    [2013/01/04 22:28:55 | 000,001,107 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2013/01/04 15:30:15 | 000,065,491 | ---- | M] () -- C:\Users\Jake\Desktop\533382_3625615956573_56092681_n.jpg
    [2013/01/01 16:22:25 | 000,032,439 | ---- | M] () -- C:\Users\Jake\Desktop\523479_10151296752451257_992902164_n.jpg
    [2013/01/01 15:52:39 | 000,065,830 | ---- | M] () -- C:\Users\Jake\Desktop\407554_131369723690111_1428149538_n.jpg
    [2012/12/31 16:26:21 | 000,026,886 | ---- | M] () -- C:\Users\Jake\Documents\cc_20121231_162617.reg
    [2012/12/31 16:26:03 | 000,139,536 | ---- | M] () -- C:\Users\Jake\Documents\cc_20121231_162550.reg
    [2012/12/31 16:21:35 | 000,001,049 | ---- | M] () -- C:\Users\Jake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    [2012/12/24 20:27:51 | 155,582,130 | ---- | M] () -- C:\Users\Jake\Desktop\HIGH ENERGY TRANCE SET MAY 2012 DJ BOPY WHA.flv
    [2012/12/24 20:25:58 | 171,826,904 | ---- | M] () -- C:\Users\Jake\Desktop\HIGH ENERGY TRANCE SET MIX MAY 2012 DJ BOPY WHA.flv
    [2012/12/23 13:08:47 | 000,050,779 | ---- | M] () -- C:\Users\Jake\Desktop\156708_562133997149391_2122203506_n.jpg
    [4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2013/01/19 17:42:45 | 000,000,218 | ---- | C] () -- C:\Users\Jake\AppData\Local\recently-used.xbel
    [2013/01/19 17:39:10 | 000,000,090 | ---- | C] () -- C:\ProgramData\Facebook Video Downloader set
    [2013/01/19 17:16:47 | 000,109,256 | ---- | C] () -- C:\Windows\SysWow64\EasyHook64.dll
    [2013/01/19 17:16:47 | 000,090,824 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll
    [2013/01/17 21:09:51 | 007,507,367 | ---- | C] () -- C:\Users\Jake\Desktop\Boa go.pdf
    [2013/01/17 21:09:45 | 008,772,172 | ---- | C] () -- C:\Users\Jake\Desktop\BA - GmRGD (2011).pdf
    [2013/01/16 18:07:25 | 000,055,651 | ---- | C] () -- C:\Users\Jake\Desktop\308986_10150954680950131_1600746009_n.jpg
    [2013/01/16 17:44:30 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
    [2013/01/16 17:44:30 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
    [2013/01/16 17:44:30 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2013/01/16 17:44:30 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2013/01/16 17:44:30 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2013/01/16 17:06:51 | 000,000,512 | ---- | C] () -- C:\Users\Jake\Desktop\MBR.dat
    [2013/01/11 14:13:35 | 000,581,332 | ---- | C] () -- C:\Users\Jake\Desktop\Jan15mo4.ics
    [2013/01/11 13:23:12 | 000,001,923 | ---- | C] () -- C:\Users\Jake\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Sunbird.lnk
    [2013/01/11 13:23:12 | 000,001,899 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Sunbird.lnk
    [2013/01/11 13:04:22 | 000,671,653 | ---- | C] () -- C:\Users\Jake\Desktop\Jan25mo4.ics
    [2013/01/07 16:03:20 | 000,098,110 | ---- | C] () -- C:\Users\Jake\Desktop\268127_395665110521198_577540544_n.jpg
    [2013/01/05 10:06:49 | 000,002,215 | ---- | C] () -- C:\Users\Jake\Desktop\Google Chrome.lnk
    [2013/01/05 10:05:59 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2013/01/05 10:05:58 | 000,000,890 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2013/01/04 22:28:55 | 000,001,107 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2013/01/04 15:30:14 | 000,065,491 | ---- | C] () -- C:\Users\Jake\Desktop\533382_3625615956573_56092681_n.jpg
    [2013/01/01 16:22:24 | 000,032,439 | ---- | C] () -- C:\Users\Jake\Desktop\523479_10151296752451257_992902164_n.jpg
    [2013/01/01 15:52:39 | 000,065,830 | ---- | C] () -- C:\Users\Jake\Desktop\407554_131369723690111_1428149538_n.jpg
    [2012/12/31 16:26:19 | 000,026,886 | ---- | C] () -- C:\Users\Jake\Documents\cc_20121231_162617.reg
    [2012/12/31 16:25:53 | 000,139,536 | ---- | C] () -- C:\Users\Jake\Documents\cc_20121231_162550.reg
    [2012/12/24 19:39:23 | 155,582,130 | ---- | C] () -- C:\Users\Jake\Desktop\HIGH ENERGY TRANCE SET MAY 2012 DJ BOPY WHA.flv
    [2012/12/24 19:38:52 | 171,826,904 | ---- | C] () -- C:\Users\Jake\Desktop\HIGH ENERGY TRANCE SET MIX MAY 2012 DJ BOPY WHA.flv
    [2012/12/23 13:08:47 | 000,050,779 | ---- | C] () -- C:\Users\Jake\Desktop\156708_562133997149391_2122203506_n.jpg
    [2012/06/13 13:00:56 | 000,000,106 | ---- | C] () -- C:\Users\Jake\detectivestark.bz2
    [2012/05/23 17:49:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
    [2012/05/23 17:49:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
    [2012/05/23 17:49:32 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
    [2012/05/23 17:49:32 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
    [2012/05/23 17:49:32 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
    [2011/12/07 12:09:47 | 000,000,112 | ---- | C] () -- C:\Windows\wininit.ini
    [2011/10/08 18:52:47 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
    [2011/09/22 22:21:48 | 000,333,824 | ---- | C] () -- C:\Windows\SysWow64\SonyVideoProcessor.dll
    [2011/09/22 21:26:50 | 000,000,333 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
    [2011/03/07 18:53:48 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
    [2011/02/10 17:03:27 | 000,773,940 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

    ========== ZeroAccess Check ==========

    [2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 23:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 22:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    ========== LOP Check ==========

    [2012/07/05 08:06:06 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\Amazon
    [2011/11/30 15:20:09 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\AusLogics
    [2012/06/17 19:25:18 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\Bitdefender
    [2012/05/28 10:13:48 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\Box Desktop
    [2013/01/21 10:34:02 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\Box Sync
    [2012/12/15 20:01:07 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\ChessBase
    [2011/12/23 18:34:45 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
    [2013/01/21 10:34:07 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\Dropbox
    [2013/01/11 14:03:48 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\Duality Software
    [2011/12/25 10:21:21 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\DVDVideoSoft
    [2011/11/19 15:31:10 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\Foxit Software
    [2012/06/05 17:50:32 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\GetGo Software
    [2012/05/06 13:34:56 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\gtk-2.0
    [2012/06/08 19:31:57 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\ImgBurn
    [2012/04/05 22:55:17 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\Internet Chess Club
    [2011/10/25 21:17:17 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\OpenOffice.org
    [2011/10/07 21:09:31 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\Opera
    [2011/10/14 08:42:29 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\Participatory Culture Foundation
    [2012/12/14 16:24:03 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\PCF-VLC
    [2011/10/01 13:00:06 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\QuickScan
    [2012/06/29 19:43:35 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\Samsung
    [2013/01/16 16:09:28 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\SoftGrid Client
    [2012/09/24 23:06:56 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\Spotify
    [2012/06/17 17:21:51 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\Synaptics
    [2012/06/29 23:40:50 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\Temp
    [2011/11/17 18:27:52 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\TP
    [2012/08/01 16:55:56 | 000,000,000 | ---D | M] -- C:\Users\Jake\AppData\Roaming\webex

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 16 bytes -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk:BDU
    @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:862BDB1A

    < End of report >
    OTL Extras logfile created on: 1/21/2013 12:53:00 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jake\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7601.17514)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    7.98 Gb Total Physical Memory | 4.07 Gb Available Physical Memory | 51.03% Memory free
    15.96 Gb Paging File | 10.64 Gb Available in Paging File | 66.67% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 449.56 Gb Total Space | 264.85 Gb Free Space | 58.91% Space Free | Partition Type: NTFS
    Drive D: | 7.39 Gb Total Space | 4.83 Gb Free Space | 65.27% Space Free | Partition Type: FAT32
    Drive E: | 4.08 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

    Computer Name: JAKE-VAIO | User Name: Jake | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    [HKEY_USERS\S-1-5-21-3484849143-420229048-3217101452-1005\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    ========== Firewall Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 0
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 0
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{014F59A3-1C13-4B3D-8D94-6856060CDB38}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{197BDA68-B3B6-45C0-92FB-A4F1C857E259}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{1AE38D9C-4D97-4E6D-AF8A-E17058145A84}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
    "{2394DC02-F74F-49E3-9BF9-6F5AA247BF7F}" = lport=139 | protocol=6 | dir=in | app=system |
    "{2AC92619-A2DD-42B4-B488-EBBCDC989E47}" = rport=139 | protocol=6 | dir=out | app=system |
    "{2EEAAE20-0887-4E3E-9ECB-4F6CFCDBD55D}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
    "{3594EFB2-585A-464E-A004-8B278BBD39B3}" = lport=445 | protocol=6 | dir=in | app=system |
    "{3FBD5FDB-071B-4E3D-8DCF-463E7AEC7C3E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{4348346C-FC35-4FA7-A5BF-4625CB60C363}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{51CE0F3D-A9BA-49C7-BCD5-678AF1E9ECCD}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{56F4AA95-3FA3-4643-99B9-64E4B06B3C9A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{5749F4F5-89F3-4B7B-AB64-39588D3DE30D}" = rport=445 | protocol=6 | dir=out | app=system |
    "{5F767E99-F67F-452E-B0CF-C55634B66E10}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{68224F7C-95B6-4914-BC99-E0DCEDDA2D9E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{69FF38F4-198A-437D-B1D0-A2D6123C827A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{6A9A51B4-49B0-40C4-A5F7-6458CD670AB6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{AB21432F-2809-4231-8D72-55BC46C81CDE}" = rport=138 | protocol=17 | dir=out | app=system |
    "{B9ABA595-3933-4A25-809D-F55BD6FE7BBC}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{C4C2FD5C-A2FD-4B6E-BBCC-8A8BFB450B55}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{C694763E-BE90-48D0-92D8-AB96540D94D7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{C8DF6FF1-107E-4D25-944B-6C1E77CA7DD3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{DF7A7113-3678-4E8B-B1BF-B08B76E2718C}" = lport=138 | protocol=17 | dir=in | app=system |
    "{E08BBF0A-DAD6-4689-900D-F35B1D48BB4D}" = lport=137 | protocol=17 | dir=in | app=system |
    "{E1BFBB3A-F09B-4AAF-8EFF-9C65F7557B3C}" = rport=137 | protocol=17 | dir=out | app=system |
    "{F3389233-D2D1-461D-8DCA-C698676E5996}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{F57AAD8B-F48A-4C66-9AD1-E3E29951F35D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0FA9F0DA-1FB7-4B56-8DCF-D2AEF6D4851C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{13FC0702-83DD-420C-B86C-9E431F35561D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{2DDEF555-4A3B-4174-B2C0-EDC6C9DEFEBF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{2E8FF9B1-AE7C-48B0-B056-B9F3D8071382}" = protocol=6 | dir=in | app=c:\program files\sony\vaio care\selfhealupdate.exe |
    "{3267AFE3-62A1-4E67-81A6-2073EA21E014}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
    "{37A3010D-018C-4059-A6D8-3672263AE7BE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "{3F027F29-B3D4-4F70-9F7C-4BB9652152C3}" = protocol=17 | dir=in | app=c:\users\jake\appdata\roaming\dropbox\bin\dropbox.exe |
    "{40847BF6-C0F6-4CB8-B523-BF2CD1297447}" = protocol=17 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe |
    "{43EA13AD-0B70-4A15-B058-7D28499FDA51}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{4A1DFC0A-27EA-4065-84A5-D62AA77E550E}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
    "{4B18B443-E87D-46F0-AA8A-D574389E30C9}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
    "{4D9FF261-CF95-452D-B2A7-46C30AC12594}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{56DFE57F-5C11-49D8-9C40-DED2A2EA1CBA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{57D06E0F-E928-485F-9A3B-28C8D1060531}" = protocol=17 | dir=in | app=c:\program files\sony\vaio care\selfhealupdate.exe |
    "{5BFB8202-DD76-42DA-8787-FA145C9667ED}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
    "{5CA66B74-BB9B-472F-9EAD-083A8770732F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{5E22820E-B550-4C29-8103-3D72F51C6761}" = protocol=17 | dir=in | app=c:\program files\sony\vaio care\vaiocaremain.exe |
    "{6296E02D-11A8-4B01-9984-F5915559A1D6}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
    "{63636523-D23D-4A13-8950-394F43F44CD0}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
    "{65E2F63F-63C0-43C8-8148-6AD3D5BE4F3E}" = protocol=1 | dir=out | [email protected],-28544 |
    "{6CE03943-6F3D-45C3-B80D-FB6C2CD5D493}" = protocol=6 | dir=in | app=c:\users\jake\appdata\roaming\dropbox\bin\dropbox.exe |
    "{6F99ED32-0B91-4D31-BAB8-8EB7A38C45CB}" = protocol=58 | dir=out | [email protected],-28546 |
    "{7256E1B1-CFF4-4047-847B-73D4F4DEA270}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{7C51A3A3-6F4D-4A74-AF09-EA0008AD054E}" = protocol=6 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe |
    "{7CE8C423-E8F5-405E-8FEA-B70B4595A6D0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{82348AEA-0525-4937-BFA9-24E226792DE7}" = protocol=6 | dir=in | app=c:\program files\sony\vaio care\vcagent.exe |
    "{8A39A865-F434-4EB4-9E4D-DE0DF1D4E49C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{90AD3555-43F5-4673-B08F-7BC6B8175CA2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{982449F8-51E7-4AC8-B5E9-1C57775092CC}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
    "{99052E39-AF06-4521-95DE-AFB8E66068F2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{9F161F8E-D6F0-4B61-8160-DC009C3DFD58}" = protocol=17 | dir=in | app=c:\program files\sony\vaio care\vcagent.exe |
    "{A5B1C83D-19A9-44C8-BDDF-E03D36903E32}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{A96AE034-EAF2-468C-8ACD-539604263B9A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{BE26EE09-0921-4E48-B2CA-17D1FDA8E2C9}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
    "{CD771727-F7C2-40BB-860F-19902059C414}" = protocol=58 | dir=in | [email protected],-28545 |
    "{CD77E286-D475-4ED3-B5E4-EB612518B57B}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
    "{D8E939D6-35FA-417E-948C-F5C8AC4984BD}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
    "{DDB54734-1574-498D-9D17-7DD615B4E4AA}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{E192588D-D367-4657-B28C-6ACED56D2A5D}" = protocol=6 | dir=in | app=c:\program files\sony\vaio care\vaiocaremain.exe |
    "{E6693269-A323-42C5-A1C8-73716D62B098}" = protocol=6 | dir=out | app=system |
    "{F2DF960C-9260-4CAE-A195-281618112B9F}" = protocol=1 | dir=in | [email protected],-28543 |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
    "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery
    "{133D3F07-D558-46CE-80E8-F4D75DBBAD63}" = PMB VAIO Edition Plug-in
    "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
    "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
    "{26C8EF65-314F-4353-8329-69093AD325C6}" = ChessBase 12 64-bit
    "{2AB9289D-6432-4CC0-8869-A195C3F0CFCC}" = Bitdefender Total Security 2012
    "{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = Sony Corporation
    "{57DD35E9-D9BB-4089-BB05-EF933C586CB3}" = Broadcom InConcert Maestro
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
    "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
    "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
    "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
    "{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 267.80
    "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 267.80
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 267.80
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.22.1
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
    "{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
    "{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}" = WIDCOMM Bluetooth Software
    "{C9756801-C8EF-44FC-BD97-F2AE6728A432}" = Box Sync (64 bit)
    "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
    "{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}" = VPMx64
    "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
    "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
    "{F1DC5C16-9B1F-467B-85E3-CB48C27AC50D}" = VESx64
    "{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}" = VSNx64
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "Bitdefender" = Bitdefender Total Security 2012
    "CCleaner" = CCleaner
    "Defraggler" = Defraggler
    "HitmanPro37" = HitmanPro 3.7
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
    "Recuva" = Recuva
    "RegistryWasher_is1" = Registry Washer
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "WinDjView" = WinDjView 2.0.1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9
    "{07441A52-E208-478A-92B7-5C337CA8C131}" = VAIO - Remote Play with PlayStation®3
    "{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
    "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
    "{08D7BC86-7358-464C-8AD0-0D84B5F0A0C9}" = Remote Keyboard
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{18894D16-5448-4BF9-A128-F7E937322F91}" = OOBE
    "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9.6
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
    "{25175695-4B20-4298-9F34-C2C57CD277B3}" = Elements STI Installer
    "{26A24AE4-039D-4CA4-87B4-2F83217011FF}" = Java 7 Update 11
    "{270380EB-8812-42E1-8289-53700DB840D2}" = PMB VAIO Edition Plug-in
    "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
    "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
    "{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = PMB VAIO Edition Guide
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
    "{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
    "{3A94F54D-A8A4-4B82-B346-92B4D56A2708}" = VESx86
    "{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
    "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
    "{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
    "{456B239A-C1E0-4178-810E-8E8F09B06877}_is1" = Aidfile recovery software professional version 3.5.0.0
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
    "{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
    "{54A4839E-87F8-4BD1-9682-A349E9943F0A}" = Amazon Unbox Video
    "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
    "{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
    "{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}" = VAIO Quick Web Access
    "{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
    "{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
    "{5C784162-B9B2-4A32-AF18-3517D602AF33}" = ChessBase 11
    "{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO Transfer Support
    "{5FA51AAF-23FE-42F4-A724-D79F85F41D4B}" = Remote Play with PlayStation 3
    "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
    "{61438020-DDD4-42FA-99A2-50225441980A}" = ArcSoft Magic-i Visual Effects 2
    "{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
    "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
    "{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
    "{70991E0A-1108-437E-BA7D-085702C670C0}" =
    "{70EED410-697B-4193-A2CB-2F790F82B420}" = VAIO Data Restore Tool
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
    "{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}" = VAIO - Remote Keyboard
    "{73D8886A-D416-4687-B609-0D3836BA410C}" = VAIO Event Service
    "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
    "{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
    "{803E4FA5-A940-4420-B89D-A8BC2E160247}" =
    "{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
    "{8356CB97-A48F-44CB-837A-A12838DC4669}" = PMB VAIO Edition Plug-in
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
    "{91989CE7-EE83-4A53-8E06-D97887928119}" = VAIO Care
    "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
    "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
    "{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
    "{99563F3B-EDF8-403F-AF3E-96685CB9F49C}" = World Community Grid
    "{9B088046-8A01-4355-99DD-8530C022F682}" = VCCx86
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9CAF9762-B107-4E7B-A459-68F083298C58}" = Rybka 4
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
    "{AC76BA86-1033-0000-BA7E-000000000004}" = Adobe Acrobat 9 Standard
    "{AC76BA86-1033-0000-BA7E-000000000004}_941" = Adobe Acrobat 9.4.1 - CPSID_83708
    "{AC76BA86-1033-0000-BA7E-000000000004}{AC76BA86-1033-0000-BA7E-000000000004}" = Adobe Acrobat 9 Standard
    "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
    "{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
    "{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
    "{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
    "{B961CEE2-3519-424E-80C3-D7BB3DA2688F}" = Foxit Reader
    "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
    "{C14EAE86-C526-4E00-B245-CFF86233C3D2}" = VAIO 3D Portal
    "{C18A06A2-CF7B-4731-83DE-FF5FA6ABFF94}" = Houdini 3
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO Manual
    "{C72E35E5-C5C6-4328-AD9A-BBCCC816A2E6}" = VAIO Hardware Diagnostics
    "{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}" = ArcSoft WebCam Companion 4
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{CF652E2D-6128-49E9-833E-F131C4FC42CA}" = ChessBase 10
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
    "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
    "{D312F154-8455-45C1-A44E-1AED321E6E95}" = NVIDIA 3D Vision Video Player
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D4E7BB46-310E-4A21-B261-052A5997EA2F}" = V3DPX86
    "{D5B11428-F4C4-4FC2-AF89-4D2163BD1D28}" = ChessBase 10
    "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer
    "{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}" = Oasis2Service
    "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
    "{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype&#8482; 6.0
    "{EB9955F8-467C-47FC-90F8-12CD5DF684C3}" = Adobe Premiere Elements 9
    "{ED23E382-E5E3-4E21-B616-01FC59A40916}" = OpenOffice.org 3.3
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F302F4F0-588D-6501-1ACF-BE3FDCC9135D}" = Adobe Community Help
    "{F5248E24-F52C-4FD1-B76F-102460BAFD6B}" = VAIO Help and Support
    "{F8187D71-3BCE-4F8D-8C9F-535B4E2B726E}" = WebEx Recorder and Player
    "{F9683839-1A7F-4874-91B7-64CDF4AC4679}" = Rybka 4
    "{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}" = VAIO - Media Gallery
    "{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9
    "Adobe Shockwave Player" = Adobe Shockwave Player 11.6
    "Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.17
    "Application Manager for VAIO" = Application Manager for VAIO
    "Ashampoo Music Studio 2012_is1" = Ashampoo Music Studio 2012 v.1.0.0
    "Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
    "AudibleManager" = AudibleManager
    "BlitzIn 3.0" = BlitzIn 3.0
    "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
    "DivX Setup" = DivX Setup
    "Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 5.0.3.1206
    "Google Chrome" = Google Chrome
    "ImgBurn" = ImgBurn
    "InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}" = VAIO - PMB VAIO Edition Plug-in
    "InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = VAIO - PMB VAIO Edition Guide
    "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
    "InstallShield_{54A4839E-87F8-4BD1-9682-A349E9943F0A}" = Amazon Unbox Video
    "InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
    "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
    "Miro" = Miro
    "MozBackup" = MozBackup 1.5.1
    "Mozilla Firefox 19.0 (x86 en-US)" = Mozilla Firefox 19.0 (x86 en-US)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
    "Office14.Click2Run" = Microsoft Office Click-to-Run 2010
    "Opera 12.02.1578" = Opera 12.02
    "Opera 12.12.1707" = Opera 12.12
    "Picasa 3" = Picasa 3
    "PlayChess" = PlayChess
    "PremElem90" = Adobe Premiere Elements 9
    "PulsPlayer" = PulsPlayer
    "Revo Uninstaller" = Revo Uninstaller 1.93
    "splashtop" = VAIO Quick Web Access
    "TeamViewer 6" = TeamViewer 6
    "The KMPlayer" = The KMPlayer (remove only)
    "VAIO Messenger" = VAIO Messenger
    "VAIO Satisfaction Survey.3.0" = VAIO Satisfaction Survey.
    "WinLiveSuite" = Windows Live Essentials

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-3484849143-420229048-3217101452-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "ActiveTouchMeetingClient" = Cisco WebEx Meetings
    "Adobe Connect Add-in" = Adobe Connect Add-in
    "Amazon Kindle" = Amazon Kindle
    "Dropbox" = Dropbox
    "Google Chrome" = Google Chrome
    "Mozilla Firefox 16.0 (x86 en-US)" = Mozilla Firefox 16.0 (x86 en-US)
    "Spotify" = Spotify

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-3484849143-420229048-3217101452-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "ActiveTouchMeetingClient" = Cisco WebEx Meetings
    "Adobe Connect Add-in" = Adobe Connect Add-in
    "Amazon Kindle" = Amazon Kindle
    "Dropbox" = Dropbox
    "Spotify" = Spotify

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 5/16/2012 5:42:05 PM | Computer Name = Jake-VAIO | Source = Microsoft-Windows-CAPI2 | ID = 4107
    Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
    with error: A required certificate is not within its validity period when verifying
    against the current system clock or the timestamp in the signed file. .

    Error - 5/16/2012 5:42:40 PM | Computer Name = Jake-VAIO | Source = WinMgmt | ID = 10
    Description =

    Error - 5/16/2012 6:39:23 PM | Computer Name = Jake-VAIO | Source = Microsoft-Windows-CAPI2 | ID = 4107
    Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
    with error: A required certificate is not within its validity period when verifying
    against the current system clock or the timestamp in the signed file. .

    Error - 5/16/2012 10:26:23 PM | Computer Name = Jake-VAIO | Source = Microsoft-Windows-CAPI2 | ID = 4107
    Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
    with error: A required certificate is not within its validity period when verifying
    against the current system clock or the timestamp in the signed file. .

    Error - 5/16/2012 10:26:53 PM | Computer Name = Jake-VAIO | Source = WinMgmt | ID = 10
    Description =

    Error - 5/17/2012 6:58:50 AM | Computer Name = Jake-VAIO | Source = Customer Experience Improvement Program | ID = 1008
    Description =

    Error - 5/17/2012 7:19:28 AM | Computer Name = Jake-VAIO | Source = Customer Experience Improvement Program | ID = 1008
    Description =

    Error - 5/18/2012 2:33:41 AM | Computer Name = Jake-VAIO | Source = Customer Experience Improvement Program | ID = 1008
    Description =

    Error - 5/18/2012 8:38:39 PM | Computer Name = Jake-VAIO | Source = SampleCollector | ID = 131331
    Description = init_sstates_file:CreateFile:prev_SState: Failed with error 0x20:
    The process cannot access the file because it is being used by another process.

    Error - 5/18/2012 9:38:43 PM | Computer Name = Jake-VAIO | Source = Customer Experience Improvement Program | ID = 1008
    Description =

    [ System Events ]
    Error - 1/16/2013 7:49:40 PM | Computer Name = Jake-VAIO | Source = Service Control Manager | ID = 7030
    Description = The PEVSystemStart service is marked as an interactive service. However,
    the system is configured to not allow interactive services. This service may not
    function properly.

    Error - 1/16/2013 7:52:09 PM | Computer Name = Jake-VAIO | Source = Application Popup | ID = 1060
    Description = \??\C:\Jake1231323J\catchme.sys has been blocked from loading due
    to incompatibility with this system. Please contact your software vendor for a compatible
    version of the driver.

    Error - 1/16/2013 7:52:56 PM | Computer Name = Jake-VAIO | Source = Service Control Manager | ID = 7030
    Description = The PEVSystemStart service is marked as an interactive service. However,
    the system is configured to not allow interactive services. This service may not
    function properly.

    Error - 1/16/2013 11:06:30 PM | Computer Name = Jake-VAIO | Source = bowser | ID = 8003
    Description =

    Error - 1/18/2013 1:44:12 AM | Computer Name = Jake-VAIO | Source = bowser | ID = 8003
    Description =

    Error - 1/18/2013 2:01:19 AM | Computer Name = Jake-VAIO | Source = Service Control Manager | ID = 7034
    Description = The Oasis2Service service terminated unexpectedly. It has done this
    1 time(s).

    Error - 1/18/2013 12:24:21 PM | Computer Name = Jake-VAIO | Source = DCOM | ID = 10010
    Description =

    Error - 1/20/2013 3:05:43 AM | Computer Name = Jake-VAIO | Source = DCOM | ID = 10010
    Description =

    Error - 1/20/2013 11:54:29 PM | Computer Name = Jake-VAIO | Source = bowser | ID = 8003
    Description =

    Error - 1/21/2013 3:15:08 AM | Computer Name = Jake-VAIO | Source = DCOM | ID = 10010
    Description =


    < End of report >
     
  10. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    37,198
    Sorry for the wait, we've been having a major audit at work, so have had to stay late most nights, so come home shattered :(

    Playing catchup now :p


    Now, looking at the above logs, I can see one file that is definatly suspect, one I'm curious about, and the others I just need a bit of info, so I can see if they're okay :)


    Download suspicious file packer from http://www.safer-networking.org/en/tools/index.html (direct download http://www.safer-networking.org/files/sfp.zip )

    Unzip it to desktop, open it & paste in the contents of the quote box below, press next & it will create an archive (zip/cab file) on desktop

    please upload that to http://www.thespykiller.co.uk/index.php?board=1.0 so we can examine the files

    Just press new topic, fill in the needed details and just give a link to your post here & then press the browse button and then navigate to & select the files on your computer, When the file is listed in the windows press send to upload the file

    Let me know when they're uploaded :)


    -------------------

    Then, can you run this for me:


    Please download SystemLook from one of the links below and save it to your Desktop.
    Download Mirror #1
    Download Mirror #2

    • Double-click SystemLook.exe to run it.
    • Copy the content of the following codebox into the main textfield:
      Code:
      :file
      C:\Program Files (x86)\BOINC\boinc.exe
      C:\Windows\SysNative\drivers\dfx11_0x64.sys
      C:\Program Files\Box Sync\BoxSyncHelper.exe
      :folderfind
      *AskToolbar*
      *Ask.com*
      :filefind
      *AskToolbar*.*
      *Ask.com*.*
      :regfind
      AskToolbar
      Ask.com
      :dir
      c:\programdata
      
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
    Note: The log can also be found at on your Desktop entitled SystemLook.txt


    eddie
     
  11. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    37,198
    Whoops, forgot this part :(


    This explains about the error:

    http://support.microsoft.com/kb/245142

    But, I want to hopefully rule out the malware that may be causing this. Once its all gone and you're still having problems, we'll sort that out for you as well :)
     
  12. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1083855

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice