Need help with this computer

[MCL]

Kevin helped me immensely with my laptop last week and it runs beautifully now. My desktop has been used by my son for a few years, seems to have a lot of junk on it, and runs rather slowly.

If someone can take a look at these texts and advise me what to do, I would much appreciate it.

Any programs that slow things down, please advise me and I'll delete them.

 

FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-04-2014
Ran by Mike (administrator) on MIKE-PC on 17-04-2014 04:54:08
Running from C:\Users\Mike\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgchsvx.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgemcx.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgtray.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Logitech Inc.) C:\Program Files\Logitech\Logitech Vid\Vid.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
() C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
(Hewlett-Packard) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\KBD\kbd.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgcsrvx.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil32_12_0_0_77_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgscanx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgcsrvx.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company)
HKLM\...\Run: [KBD] => C:\Program Files\Hewlett-Packard\KBD\KbdStub.EXE [12288 2008-07-21] (Microsoft)
HKLM\...\Run: [NvCplDaemon] => C:\Windows\system32\NvCpl.dll [13539872 2008-09-27] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] => C:\Windows\system32\NvMcTray.dll [92704 2008-09-27] (NVIDIA Corporation)
HKLM\...\Run: [HP Health Check Scheduler] => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-10-09] (Hewlett-Packard)
HKLM\...\Run: [updateP2GoShortCut] => c:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [updatePDIRShortCut] => c:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [updatePSTShortCut] => c:\Program Files\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe [210216 2008-09-11] (CyberLink Corp.)
HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2780432 2009-05-08] ()
HKLM\...\Run: [Malwarebytes Anti-Malware (reboot)] => "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
HKLM\...\Run: [AVG_TRAY] => C:\Program Files\AVG\AVG10\avgtray.exe [2345592 2012-08-01] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3355873940-1936811483-3858538058-1000\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5625624 2014-01-15] (SUPERAntiSpyware)
HKU\S-1-5-21-3355873940-1936811483-3858538058-1000\...\Run: [Logitech Vid] => C:\Program Files\Logitech\Logitech Vid\vid.exe [5451536 2009-06-02] (Logitech Inc.)
HKU\S-1-5-21-3355873940-1936811483-3858538058-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-3355873940-1936811483-3858538058-1000\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_12_0_0_77_ActiveX.exe [841096 2014-03-24] (Adobe Systems Incorporated)
HKU\S-1-5-21-3355873940-1936811483-3858538058-1000\...\MountPoints2: {260f07bd-5bbf-11df-9283-002354a49754} - J:\system\viewer\Viewer.exe
HKU\S-1-5-21-3355873940-1936811483-3858538058-1000\...\MountPoints2: {e33ffc47-394f-11de-8a03-002354a49754} - .\Encryption Tool\MaxtorEncryption.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.coupons.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=bestbuy&pf=cndt
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM - {256DBC0A-6867-4511-B430-96D26BA7A778} URL = http://search.live.com/results.aspx?q={searchTerms}&FORM=HPDTDF
SearchScopes: HKLM - {AA2BE316-DC4D-4562-BB53-A9DCF6897679} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?gd=&ctid=CT3325805&octid=EB_ORIGINAL_CTID&ISID=M9B08BCA3-CBDB-4226-8A1B-22F3307FD056&SearchSource=58&CUI=&UM=5&UP=SP207BFE61-5B37-4B42-BB7B-7829399D917E&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?gd=&ctid=CT3325805&octid=EB_ORIGINAL_CTID&ISID=M9B08BCA3-CBDB-4226-8A1B-22F3307FD056&SearchSource=58&CUI=&UM=5&UP=SP207BFE61-5B37-4B42-BB7B-7829399D917E&q={searchTerms}&SSPV=
SearchScopes: HKCU - {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = http://search.coupons.com/search.asp?p=df&q={searchTerms}
SearchScopes: HKCU - {AA2BE316-DC4D-4562-BB53-A9DCF6897679} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKCU - {D5FA7D58-16FE-4C12-B641-6D2FFE7EEE1B} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7ADBF_en
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
BHO: No Name - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: TBSB07898 Class - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Coupons.com CouponBar\tbcore3.dll No File
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKLM - Coupons.com CouponBar - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files\Coupons.com CouponBar\tbcore3.dll No File
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} https://www.gameofficials.net/utility/smsx.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-10-05] (SuperAdBlocker.com)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\4wg2i6lx.default
FF user.js: detected! => C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\4wg2i6lx.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @bittorrent.com/BitTorrentDNA - C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\npctrl.1.0.30716.0.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 - C:\Users\Mike\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF Plugin HKCU: @octoshape.com/Octoshape Streaming Services,version=1.0 - C:\Users\Mike\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npbittorrent.dll (BitTorrent, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Mike\AppData\Roaming\mozilla\plugins\npoctoshape.dll (Octoshape ApS)
FF SearchPlugin: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\4wg2i6lx.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\answers.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\4wg2i6lx.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012-05-14]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-11-27]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009-07-02]
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG10\Firefox4\
FF Extension: AVG Safe Search - C:\Program Files\AVG\AVG10\Firefox4\ []
FF HKLM\...\Firefox\Extensions: [{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}] - C:\Program Files\Coupons.com CouponBar\firefox\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}\Coupons.com.xpi
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009-07-02]

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-09-09] (SUPERAntiSpyware.com)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [7391072 2012-01-31] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG10\avgwdsvc.exe [269520 2011-02-08] (AVG Technologies CZ, s.r.o.)
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard)
S2 Norton Internet Security; "C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1

==================== Drivers (Whitelisted) ====================

R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys [134480 2011-05-27] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSEH; C:\Windows\System32\DRIVERS\AVGIDSEH.Sys [22992 2011-02-22] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys [24144 2011-02-10] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSShim; C:\Windows\System32\DRIVERS\AVGIDSShim.Sys [28624 2011-02-10] (AVG Technologies CZ, s.r.o. )
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [255968 2012-11-12] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [34896 2011-03-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [32592 2011-03-16] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [297168 2011-04-05] (AVG Technologies CZ, s.r.o.)
R1 DVDHelp; C:\Windows\System32\drivers\DVDHelp.sys [25624 2014-04-07] ()
S3 GSVDRIVE; C:\Windows\System32\DRIVERS\GSVDRIVE.sys [18688 2014-04-07] (GiliSoft International LLC.)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25624 2009-04-30] ()
S3 PID_0928; C:\Windows\System32\DRIVERS\LV561AV.SYS [495768 2009-04-30] (Logitech Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-10-05] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SASENUM; C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [12872 2010-07-02] ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [67664 2011-10-05] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 tStLibG; C:\Windows\System32\drivers\tStLibG.sys [55224 2014-04-08] (StdLib)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files\Hewlett-Packard\Media\DVD\000.fcl [59376 2008-09-26] (Cyberlink Corp.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081022.006\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081022.006\NAVEX15.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms [X]
S1 SRTSP; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS [X]
S1 SRTSPX; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-17 04:54 - 2014-04-17 04:54 - 00019832 _____ () C:\Users\Mike\Desktop\FRST.txt
2014-04-17 04:53 - 2014-04-17 04:54 - 00000000 ____D () C:\FRST
2014-04-17 04:52 - 2014-04-17 04:53 - 01146880 _____ (Farbar) C:\Users\Mike\Desktop\FRST.exe
2014-04-17 04:48 - 2014-04-17 04:48 - 01146880 _____ (Farbar) C:\Users\Mike\Downloads\FRST.exe
2014-04-09 03:03 - 2014-03-07 19:51 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 03:03 - 2014-03-07 19:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-09 03:03 - 2014-03-07 19:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-09 03:03 - 2014-03-07 19:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-09 03:03 - 2014-03-07 19:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-09 03:03 - 2014-03-07 19:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-09 03:03 - 2014-03-07 19:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-09 03:03 - 2014-03-07 18:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-09 03:03 - 2014-03-07 18:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-09 03:03 - 2014-03-07 18:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-09 03:03 - 2014-03-07 18:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-09 03:03 - 2014-03-07 18:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-09 03:03 - 2014-03-07 18:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-09 03:03 - 2014-03-07 18:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 03:03 - 2014-03-07 18:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-09 03:03 - 2014-03-07 18:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-08 20:33 - 2014-04-08 20:33 - 00000000 ____D () C:\SUPERDelete
2014-04-08 16:15 - 2014-02-05 21:56 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-08 15:53 - 2014-04-08 15:53 - 00055224 _____ (StdLib) C:\Windows\system32\Drivers\tStLibG.sys
2014-04-07 20:25 - 2014-04-07 20:25 - 02040451 _____ (LIGHTNING UK!) C:\Users\Mike\Downloads\SetupImgBurn_2.4.4.0.exe
2014-04-07 20:22 - 2014-04-07 20:23 - 79454760 _____ () C:\Users\Mike\Downloads\imgburn-setup.exe
2014-04-07 20:19 - 2014-04-07 20:19 - 00025624 _____ () C:\Windows\system32\Drivers\DVDHelp.sys
2014-04-07 20:19 - 2014-04-07 20:19 - 00018688 _____ (GiliSoft International LLC.) C:\Windows\system32\Drivers\GSVDRIVE.sys
2014-04-07 20:19 - 2014-04-07 20:19 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\idoo
2014-04-07 20:18 - 2014-04-07 20:18 - 13541264 _____ (idoodvd.com ) C:\Users\Mike\Downloads\idooDVDRipper_setup.exe
2014-04-07 20:03 - 2014-04-07 20:03 - 00681272 _____ (ClientConnect) C:\Users\Mike\Downloads\Video_Converter_TSV47P3EI.exe
2014-04-07 17:25 - 2014-04-07 17:29 - 00002048 _____ () C:\Users\Mike\Documents\Laukhart's Home Movies.iso
2014-04-07 17:23 - 2014-04-07 19:26 - 00000420 _____ () C:\Users\Mike\AppData\Roaming\burnaware.ini
2014-04-07 17:22 - 2014-04-07 17:22 - 11460640 _____ (Burnaware ) C:\Users\Mike\Downloads\burnaware_free.exe
2014-03-31 20:42 - 2014-03-31 20:42 - 00000000 ____D () C:\Users\Mike\Downloads\AdwCleaner_TSV47G455
2014-03-31 20:40 - 2014-03-31 20:40 - 00681504 _____ (ClientConnect) C:\Users\Mike\Downloads\AdwCleaner_TSV47G455.exe
2014-03-31 20:25 - 2014-04-17 04:43 - 00002481 _____ () C:\Users\Mike\Desktop\HiJackThis.lnk
2014-03-31 20:25 - 2014-03-31 20:25 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-03-31 20:25 - 2014-03-31 20:25 - 00000000 ____D () C:\Program Files\Trend Micro
2014-03-31 20:24 - 2014-03-31 20:24 - 01402880 _____ () C:\Users\Mike\Downloads\HijackThis.msi

==================== One Month Modified Files and Folders =======

2014-04-17 04:54 - 2014-04-17 04:54 - 00019832 _____ () C:\Users\Mike\Desktop\FRST.txt
2014-04-17 04:54 - 2014-04-17 04:53 - 00000000 ____D () C:\FRST
2014-04-17 04:53 - 2014-04-17 04:52 - 01146880 _____ (Farbar) C:\Users\Mike\Desktop\FRST.exe
2014-04-17 04:53 - 2009-05-04 22:41 - 01566718 _____ () C:\Windows\WindowsUpdate.log
2014-04-17 04:53 - 2006-11-02 08:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-17 04:53 - 2006-11-02 08:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-17 04:48 - 2014-04-17 04:48 - 01146880 _____ (Farbar) C:\Users\Mike\Downloads\FRST.exe
2014-04-17 04:44 - 2012-09-09 20:06 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-17 04:44 - 2010-12-07 20:32 - 00000000 ____D () C:\Windows\system32\Drivers\AVG
2014-04-17 04:43 - 2014-03-31 20:25 - 00002481 _____ () C:\Users\Mike\Desktop\HiJackThis.lnk
2014-04-09 07:04 - 2006-11-02 06:33 - 00759582 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-09 06:58 - 2006-11-02 09:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-09 06:57 - 2008-01-20 22:47 - 00295008 _____ () C:\Windows\PFRO.log
2014-04-09 06:56 - 2006-11-02 09:01 - 00032624 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-09 03:03 - 2013-07-24 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 03:00 - 2006-11-02 06:24 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-04-08 20:33 - 2014-04-08 20:33 - 00000000 ____D () C:\SUPERDelete
2014-04-08 20:33 - 2008-11-06 20:26 - 00000000 ____D () C:\Program Files\AWS
2014-04-08 15:53 - 2014-04-08 15:53 - 00055224 _____ (StdLib) C:\Windows\system32\Drivers\tStLibG.sys
2014-04-07 20:25 - 2014-04-07 20:25 - 02040451 _____ (LIGHTNING UK!) C:\Users\Mike\Downloads\SetupImgBurn_2.4.4.0.exe
2014-04-07 20:23 - 2014-04-07 20:22 - 79454760 _____ () C:\Users\Mike\Downloads\imgburn-setup.exe
2014-04-07 20:23 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\Resources
2014-04-07 20:19 - 2014-04-07 20:19 - 00025624 _____ () C:\Windows\system32\Drivers\DVDHelp.sys
2014-04-07 20:19 - 2014-04-07 20:19 - 00018688 _____ (GiliSoft International LLC.) C:\Windows\system32\Drivers\GSVDRIVE.sys
2014-04-07 20:19 - 2014-04-07 20:19 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\idoo
2014-04-07 20:18 - 2014-04-07 20:18 - 13541264 _____ (idoodvd.com ) C:\Users\Mike\Downloads\idooDVDRipper_setup.exe
2014-04-07 20:03 - 2014-04-07 20:03 - 00681272 _____ (ClientConnect) C:\Users\Mike\Downloads\Video_Converter_TSV47P3EI.exe
2014-04-07 19:34 - 2010-02-05 16:02 - 00000000 ____D () C:\ProgramData\WinZip
2014-04-07 19:34 - 2009-05-04 22:41 - 00000000 ____D () C:\Users\Mike
2014-04-07 19:26 - 2014-04-07 17:23 - 00000420 _____ () C:\Users\Mike\AppData\Roaming\burnaware.ini
2014-04-07 17:29 - 2014-04-07 17:25 - 00002048 _____ () C:\Users\Mike\Documents\Laukhart's Home Movies.iso
2014-04-07 17:22 - 2014-04-07 17:22 - 11460640 _____ (Burnaware ) C:\Users\Mike\Downloads\burnaware_free.exe
2014-04-07 16:15 - 2009-05-11 21:33 - 00000052 _____ () C:\Windows\system32\DOErrors.log
2014-03-31 21:01 - 2010-02-08 16:09 - 00000000 ____D () C:\Program Files\Steam
2014-03-31 20:52 - 2009-05-21 23:55 - 00000000 ____D () C:\Program Files\Google
2014-03-31 20:47 - 2009-08-23 00:10 - 00000000 ____D () C:\Program Files\ooVoo
2014-03-31 20:47 - 2008-11-06 20:08 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-03-31 20:46 - 2011-05-31 15:00 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\go
2014-03-31 20:46 - 2010-01-18 21:43 - 00000000 ____D () C:\Program Files\Image-Line
2014-03-31 20:46 - 2009-05-22 06:30 - 00000000 ____D () C:\Users\Mike\AppData\Local\Google
2014-03-31 20:42 - 2014-03-31 20:42 - 00000000 ____D () C:\Users\Mike\Downloads\AdwCleaner_TSV47G455
2014-03-31 20:40 - 2014-03-31 20:40 - 00681504 _____ (ClientConnect) C:\Users\Mike\Downloads\AdwCleaner_TSV47G455.exe
2014-03-31 20:25 - 2014-03-31 20:25 - 00000000 ____D () C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-03-31 20:25 - 2014-03-31 20:25 - 00000000 ____D () C:\Program Files\Trend Micro
2014-03-31 20:24 - 2014-03-31 20:24 - 01402880 _____ () C:\Users\Mike\Downloads\HijackThis.msi
2014-03-24 18:45 - 2012-06-04 20:27 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-24 18:45 - 2011-06-25 22:15 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-04-09 07:05

==================== End Of Log ============================

 

 

And the Addition:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 17-04-2014
Ran by Mike at 2014-04-17 04:55:58
Running from C:\Users\Mike\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: AVG Anti-Virus Free Edition 2011 (Enabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: AVG Anti-Virus Free Edition 2011 (Enabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
6000E609_eDocs (Version: 1.00.0000 - Hewlett-Packard) Hidden
6000E609_Help (Version: 1.00.0000 - Hewlett-Packard) Hidden
6000E609n (Version: 50.0.165.000 - Hewlett-Packard) Hidden
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
AIM 6 (HKLM\...\AIM_6) (Version:  - )
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2011 (HKLM\...\AVG) (Version: 10.0.1432 - AVG Technologies)
AVG 2011 (Version: 10.0.1432 - AVG Technologies) Hidden
AVG 2011 (Version: 10.0.3722 - AVG Technologies) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BPDSoftware (Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (Version: 120.0.194.000 - Hewlett-Packard) Hidden
CleanUp! (HKLM\...\CleanUp!) (Version:  - )
CyberLink DVD Suite Deluxe (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2111 - CyberLink Corp.)
CyberLink DVD Suite Deluxe (Version: 6.0.2111 - CyberLink Corp.) Hidden
DeviceDiscovery (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Enhanced Multimedia Keyboard Solution (HKLM\...\KBD) (Version: 1.0.9.2 - Hewlett-Packard)
Facebook Plug-In (HKCU\...\Facebook Plug-In) (Version:  - Facebook, Inc.)
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 5.1.4976.17 - PC-Doctor, Inc.)
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HP Active Support Library (HKLM\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM\...\{64B9E2F5-558E-4C56-B419-A1679518F6E7}) (Version: 5.7.0.2784 - Hewlett-Packard)
HP Customer Participation Program 12.0 (HKLM\...\HPExtendedCapabilities) (Version: 12.0 - HP)
HP Demo (HKLM\...\{A2016015-8323-4AF8-8B3E-F56239D7D59D}) (Version: 1.00.0000 - Hewlett-Packard)
HP Imaging Device Functions 12.0 (HKLM\...\HP Imaging Device Functions) (Version: 12.0 - HP)
HP MediaSmart DVD (HKLM\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 2.0.2213 - Hewlett-Packard)
HP MediaSmart DVD (Version: 2.0.2213 - Hewlett-Packard) Hidden
HP MediaSmart Music/Photo/Video (HKLM\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 2.0.2217 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (Version: 2.0.2217 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{EFC5939F-470F-454E-B3DA-F51FDD83F6CE}) (Version: 2.0.8 - Hewlett-Packard)
HP Officejet 6000 E609 Series (HKLM\...\{716F4A62-0548-42b3-BAEA-44BC4F8E187C}) (Version: 12.0 - HP)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Picasso Media Center Add-In (Version: 9.1.7.0 - Hewlett-Packard Development Company, L.P.) Hidden
HP Recovery Manager RSS (Version: 91.0.0.10 - Hewlet Packard Company) Hidden
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 4.05 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Total Care Setup (HKLM\...\{38058455-8C21-4C2F-B2F6-14ED166039CB}) (Version: 1.1.1983.2818 - Hewlett-Packard Company)
HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
iPhone Configuration Utility (HKLM\...\{FA54AFB1-5745-4389-B8C1-9F7509672ED1}) (Version: 2.1.0.163 - Apple Inc.)
iTunes (HKLM\...\{C197BC08-3D82-4651-8886-E68C21578A38}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.0904 - CyberLink Corp.)
LabelPrint (Version: 2.5.0904 - CyberLink Corp.) Hidden
LAME v3.98.2 for Audacity (HKLM\...\LAME for Audacity_is1) (Version:  - )
LightScribe System Software (HKLM\...\{7F10292C-A190-4176-A665-A1ED3478DF86}) (Version: 1.18.3.2 - LightScribe)
LightScribe Template Labeler (HKLM\...\{5BD0CB24-11AF-4BA8-A198-38D25257C656}) (Version: 1.14.25.1 - LightScribe)
Logitech Vid (HKLM\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.01.1015 - Logitech Inc.)
Logitech Webcam Software (HKLM\...\{AC96671C-2001-432C-9826-5266D84EF1DC}) (Version: 12.00.1280 - Logitech Inc.)
MarketResearch (Version: 120.0.226.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office XP Professional with FrontPage (HKLM\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 1.0.30716.0 - Microsoft Corporation)
Microsoft VC9 runtime libraries (Version: 1.0.0 - AOL LLC) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 25.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 25.0.1 (x86 en-US)) (Version: 25.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 25.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Rescue (HKLM\...\{3364BD16-5A28-4862-86A1-A8FF5FD23919}) (Version: 4.0.4.14 - KennettNet Software Ltd)
muvee Reveal (HKLM\...\{19506BDB-4EA7-491F-E8AB-E97109FDB296}) (Version: 7.0.35.7315 - muvee Technologies Pte Ltd)
Network (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Norton Internet Security (Version: 16.0.0.125 - Symantec Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
Octoshape Streaming Services (HKCU\...\Octoshape Streaming Services) (Version:  - )
PictureMover (HKLM\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.7 - Hewlett-Packard Company)
Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2112 - CyberLink Corp.)
Power2Go (Version: 6.0.2112 - CyberLink Corp.) Hidden
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2202 - CyberLink Corp.)
PowerDirector (Version: 7.0.2202 - CyberLink Corp.) Hidden
PrimoPDF -- by Nitro PDF Software (HKLM\...\PrimoPDF) (Version: 5.0.0.19 - Nitro PDF Software)
ProductContext (Version: 50.0.165.000 - Hewlett-Packard) Hidden
Python 2.5.2 (HKLM\...\{6B976ADF-8AE8-434E-B282-A06C7F624D2F}) (Version: 2.5.2150 - Python Software Foundation)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5708 - Realtek Semiconductor Corp.)
Skype web features (HKLM\...\{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}) (Version: 1.0.3810 - Skype Technologies S.A.)
Skype™ 4.1 (HKLM\...\{D103C4BA-F905-437A-8049-DB24763BBE36}) (Version: 4.1.141 - Skype Technologies S.A.)
SmartWebPrinting (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1) (Version: 7.80.0.0 - Conexant Systems)
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SUPERAntiSpyware Free Edition (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 4.27.0.1002 - SUPERAntiSpyware.com)
Toolbox (Version: 120.0.194.000 - Hewlett-Packard) Hidden
TrayApp (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
WebReg (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Xvid 1.2.1 final uninstall (HKLM\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
Zero Gear Demo (HKLM\...\Steam App 18800) (Version:  - Nimblebit)

==================== Restore Points  =========================

08-03-2014 05:05:16 Scheduled Checkpoint
09-03-2014 05:58:24 Scheduled Checkpoint
10-03-2014 05:41:53 Scheduled Checkpoint
11-03-2014 04:00:02 Scheduled Checkpoint
12-03-2014 05:43:58 Scheduled Checkpoint
12-03-2014 07:00:22 Windows Update
26-03-2014 07:00:19 Windows Update
26-03-2014 19:17:02 Scheduled Checkpoint
28-03-2014 18:46:19 Scheduled Checkpoint
29-03-2014 17:10:02 Scheduled Checkpoint
30-03-2014 10:00:02 Scheduled Checkpoint
31-03-2014 06:56:22 Scheduled Checkpoint
01-04-2014 00:24:52 Installed HiJackThis
01-04-2014 00:44:00 Removed Catalina Savings Printer.
01-04-2014 00:47:35 Removed ooVoo
01-04-2014 00:49:44 Removed Network Magic
07-04-2014 22:12:56 Scheduled Checkpoint
07-04-2014 23:33:52 Removed WinZip 14.0
08-04-2014 22:15:24 Scheduled Checkpoint
09-04-2014 07:00:20 Windows Update

==================== Hosts content: ==========================

2006-11-02 06:23 - 2006-09-18 17:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0FAEE55F-A35E-4A8A-BBEB-7AB5B003E92A} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
Task: {5AE411D1-DBC0-44FD-9EAC-8C993AC00567} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-24] (Adobe Systems Incorporated)
Task: {64BEDA15-8072-4889-A4DE-AFA85BDA088D} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {95EB2D10-7F4A-4DBF-886D-162E3898831E} - System32\Tasks\{DE0DC653-1C00-4CB4-8274-CC96551999A5} => C:\Program Files\Skype\Phone\Skype.exe [2009-07-16] (Skype Technologies S.A.)
Task: {9D47C2CF-B899-4C4C-AD53-CBA87E607109} - System32\Tasks\Go to RoboForm Install page => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMNMNJHMKJJJNJKJKMCNHMKMKJIMCNLMLJLJJMCNHMJMMMHMCNHMGMNJJJNJLMIMMJIMJJGMJJJNJICMJMCNGMCNGMLMFMIMCNPMCNJMPMPMOMFMJMCNPMCNJMPMPMOMCNNMJNPICMLMFMEKMICNJJCKFMPMJNHICMEKMICNJJCKJNBJCMFLAJHJBJJNKJCMJNNICMJNDJCMKJBJ"
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
Task: {A828F403-38DD-4D00-AAD1-6EB17D0CE9EB} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [2008-09-10] (PC-Doctor, Inc.)
Task: {B40D989F-9AC7-4F6C-98D5-085920CA69D2} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2009-06-06] (Siber Systems)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()
Task: {FDB456D4-C608-4902-8FD2-21F99F94A4B3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe

==================== Loaded Modules (whitelisted) =============

2010-04-05 16:59 - 2009-07-30 21:44 - 00176235 _____ () C:\Windows\System32\Primomonnt.dll
2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-05-08 10:35 - 2009-05-08 10:35 - 02780432 _____ () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
2009-06-02 08:58 - 2009-06-02 08:58 - 02140944 _____ () C:\Program Files\Logitech\Logitech Vid\QtCore4.dll
2009-06-02 08:58 - 2009-06-02 08:58 - 07704336 _____ () C:\Program Files\Logitech\Logitech Vid\QtGui4.dll
2009-06-02 08:58 - 2009-06-02 08:58 - 00968976 _____ () C:\Program Files\Logitech\Logitech Vid\QtNetwork4.dll
2009-06-02 08:58 - 2009-06-02 08:58 - 00475408 _____ () C:\Program Files\Logitech\Logitech Vid\QtOpenGL4.dll
2009-06-02 08:59 - 2009-06-02 08:59 - 00363792 _____ () C:\Program Files\Logitech\Logitech Vid\QtXml4.dll
2009-06-02 08:59 - 2009-06-02 08:59 - 00199952 _____ () C:\Program Files\Logitech\Logitech Vid\QtSql4.dll
2009-06-02 08:59 - 2009-06-02 08:59 - 00027408 _____ () C:\Program Files\Logitech\Logitech Vid\SDL.dll
2009-06-02 08:59 - 2009-06-02 08:59 - 11311888 _____ () C:\Program Files\Logitech\Logitech Vid\QtWebKit4.dll
2009-06-02 08:58 - 2009-06-02 08:58 - 00291600 _____ () C:\Program Files\Logitech\Logitech Vid\phonon4.dll
2009-06-02 09:00 - 2009-06-02 09:00 - 00028944 _____ () C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qgif4.dll
2009-06-02 09:00 - 2009-06-02 09:00 - 00035088 _____ () C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qico4.dll
2009-06-02 09:00 - 2009-06-02 09:00 - 00138000 _____ () C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qjpeg4.dll
2009-05-08 10:34 - 2009-05-08 10:34 - 00559888 _____ () C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
2011-02-10 07:55 - 2011-02-10 07:55 - 01148256 _____ () C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\Windows\pss\Microsoft Office.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PictureMover.lnk => C:\Windows\pss\PictureMover.lnk.CommonStartup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: CLMLServer for HP TouchSmart => "c:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
MSCONFIG\startupreg: DVDAgent => "c:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
MSCONFIG\startupreg: HPAdvisor => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Octoshape Streaming Services => "C:\Users\Mike\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SmartMenu => %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: TSMAgent => "c:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (04/09/2014 07:30:39 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11169

Error: (04/09/2014 07:30:39 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11169

Error: (04/09/2014 07:30:39 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/09/2014 07:30:38 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10171

Error: (04/09/2014 07:30:38 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10171

Error: (04/09/2014 07:30:38 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/09/2014 07:30:37 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9173

Error: (04/09/2014 07:30:37 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9173

Error: (04/09/2014 07:30:37 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/09/2014 07:30:36 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8174

System errors:
=============
Error: (04/09/2014 06:59:42 AM) (Source: Service Control Manager) (User: )
Description: i8042prt
SRTSP
SRTSPX

Error: (04/09/2014 06:59:42 AM) (Source: Service Control Manager) (User: )
Description: Norton Internet Security%%3

Error: (04/09/2014 06:59:42 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (04/09/2014 06:56:28 AM) (Source: Service Control Manager) (User: )
Description: Windows Modules Installer

Error: (04/08/2014 11:08:09 PM) (Source: Service Control Manager) (User: )
Description: i8042prt
SRTSP
SRTSPX

Error: (04/08/2014 11:08:09 PM) (Source: Service Control Manager) (User: )
Description: Norton Internet Security%%3

Error: (04/08/2014 11:08:09 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (04/08/2014 08:24:44 PM) (Source: Service Control Manager) (User: )
Description: i8042prt
SRTSP
SRTSPX

Error: (04/08/2014 08:24:44 PM) (Source: Service Control Manager) (User: )
Description: Norton Internet Security%%3

Error: (04/08/2014 08:24:44 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Microsoft Office Sessions:
=========================
Error: (04/09/2014 07:30:39 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11169

Error: (04/09/2014 07:30:39 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11169

Error: (04/09/2014 07:30:39 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/09/2014 07:30:38 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10171

Error: (04/09/2014 07:30:38 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10171

Error: (04/09/2014 07:30:38 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/09/2014 07:30:37 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9173

Error: (04/09/2014 07:30:37 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9173

Error: (04/09/2014 07:30:37 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/09/2014 07:30:36 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8174

CodeIntegrity Errors:
===================================
  Date: 2014-04-17 04:54:29.696
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-17 04:54:29.084
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-17 04:54:28.455
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-17 04:54:27.801
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-17 04:43:48.733
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-17 04:43:48.168
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-17 04:43:47.599
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-17 04:43:47.013
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-17 04:43:17.408
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-17 04:43:16.846
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 62%
Total physical RAM: 2941.83 MB
Available physical RAM: 1103.07 MB
Total Pagefile: 6104.14 MB
Available Pagefile: 4193.87 MB
Total Virtual: 2047.88 MB
Available Virtual: 1923.98 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:286.43 GB) (Free:47.99 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.66 GB) (Free:1.56 GB) NTFS ==>[system with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 0F048DAE)
Partition 1: (Active) - (Size=286 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=12 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

 

[kevinf80]

Hello and

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Please download Malwarebytes Anti-Malware to your desktop.

• 
  

Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to the following:
Launch Malwarebytes Anti-Malware
A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
Click Finish.
On the Dashboard, click the 'Update Now >>' link
After the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.
If an update is available, click the Update Now button.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.

 

How to get logs:

(Export log to save as txt)

 

• 
  

After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the scan log which shows the Date and time of the scan just performed.
Click 'Export'.
Click 'Text file (*.txt)'
In the Save File dialog box which appears, click on Desktop.
In the File name: box type a name for your scan log.
A message box named 'File Saved' should appear stating "Your file has been successfully exported".
Click Ok
Attach that saved log to your next reply.

 

Next,

 

Download AdwCleaner by Xplode onto your Desktop.

• 
  

Double click on Adwcleaner.exe to run the tool.
Click on Scan
Once the scan is done, click on the Clean button.
You will get a prompt asking to close all programs. Click OK.
Click OK again to reboot your computer.
A text file will open after the restart. Please post the content of that logfile in your reply.
You can also find the logfile at C:\AdwCleaner[sn].txt.

 

Next,

 

Please download Junkware Removal Tool to your desktop.

• 
  

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

 

Next,

 

• Download OTL to your desktop.
  
• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  
• Under the Standard Registry box change it to All.
  
• Check the boxes beside LOP Check and Purity Check.
  
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
    

   

  Thank you,

   

  Kevin....

[MCL]

Well, great, I have Kevin on the job again!

 

Here's what I have:

MalwareBytes log:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4/17/2014
Scan Time: 4:50:04 PM
Logfile: malwarebytes 4-17-14.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.17.06
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: Mike

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 263555
Time Elapsed: 11 min, 44 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

 

AdW:

# AdwCleaner v3.023 - Report created 17/04/2014 at 16:57:37
# Updated 01/04/2014 by Xplode
# Operating System : Windows Vista Home Premium Service Pack 2 (32 bits)
# Username : Mike - MIKE-PC
# Running from : C:\Users\Mike\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Mike\AppData\LocalLow\Toolbar4
File Deleted : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\4wg2i6lx.default\user.js

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.EasyHideBtn
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.EasyHideBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.Localizer
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.Localizer.1
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighter
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighter.1
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighterStatistics
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighterStatistics.1
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.SkypeIEHelper
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.SkypeIEHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.SNameProxy
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.SNameProxy.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{937936AF-28CA-4973-B8AE-F250406149A2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16545

-\\ Mozilla Firefox v25.0.1 (en-US)

[ File : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\4wg2i6lx.default\prefs.js ]

[ File : C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\fp1619ta.default\prefs.js ]

*************************

AdwCleaner[R0].txt - [8256 octets] - [17/04/2014 16:51:35]
AdwCleaner[R1].txt - [8275 octets] - [17/04/2014 16:56:28]
AdwCleaner[s0].txt - [449 octets] - [17/04/2014 16:53:11]
AdwCleaner[s1].txt - [8276 octets] - [17/04/2014 16:57:37]

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [8336 octets] ##########

 

JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows Vista Home Premium x86
Ran by Mike on Thu 04/17/2014 at 17:14:17.85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{256DBC0A-6867-4511-B430-96D26BA7A778}

 

~~~ Files

 

~~~ Folders

 

~~~ FireFox

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{1c43baf1-00c2-40a8-a09e-f84cfd79546d}

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 04/17/2014 at 17:21:50.35
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

OJT:

OTL logfile created on: 4/17/2014 5:24:35 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Mike\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.87 Gb Total Physical Memory | 1.78 Gb Available Physical Memory | 61.91% Memory free
5.97 Gb Paging File | 4.64 Gb Available in Paging File | 77.71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.43 Gb Total Space | 47.58 Gb Free Space | 16.61% Space Free | Partition Type: NTFS
Drive D: | 11.66 Gb Total Space | 1.56 Gb Free Space | 13.37% Space Free | Partition Type: NTFS
 
Computer Name: MIKE-PC | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/04/17 17:23:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
PRC - [2014/01/15 21:59:32 | 005,625,624 | ---- | M] (SUPERAntiSpyware) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2012/09/09 20:05:50 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2012/08/01 04:48:54 | 002,345,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2012/01/31 16:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/09/09 03:10:56 | 001,082,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/08/18 01:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/23 14:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/03/28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/03/16 16:05:20 | 001,025,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2009/06/02 08:59:46 | 005,451,536 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Logitech Vid\Vid.exe
PRC - [2009/05/08 10:35:50 | 002,780,432 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/05/08 10:34:08 | 000,559,888 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2009/04/30 16:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/04/18 11:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2009/06/02 09:00:22 | 000,138,000 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qjpeg4.dll
MOD - [2009/06/02 09:00:22 | 000,035,088 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qico4.dll
MOD - [2009/06/02 09:00:20 | 000,028,944 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\plugins\imageformats\qgif4.dll
MOD - [2009/06/02 08:59:34 | 000,027,408 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\SDL.dll
MOD - [2009/06/02 08:59:24 | 000,363,792 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\qtxml4.dll
MOD - [2009/06/02 08:59:12 | 011,311,888 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtWebKit4.dll
MOD - [2009/06/02 08:59:00 | 000,199,952 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\qtsql4.dll
MOD - [2009/06/02 08:58:50 | 000,475,408 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtOpenGL4.dll
MOD - [2009/06/02 08:58:38 | 007,704,336 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtGui4.dll
MOD - [2009/06/02 08:58:38 | 000,968,976 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtNetwork4.dll
MOD - [2009/06/02 08:58:26 | 002,140,944 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\QtCore4.dll
MOD - [2009/06/02 08:58:16 | 000,291,600 | ---- | M] () -- C:\Program Files\Logitech\Logitech Vid\phonon4.dll
MOD - [2009/05/08 10:35:50 | 002,780,432 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009/05/08 10:34:08 | 000,559,888 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe /s Norton Internet Security /m C:\Program Files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll /prefetch:1 -- (Norton Internet Security)
SRV - [2014/03/24 18:45:08 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/27 03:13:37 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/09 20:05:50 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2012/01/31 16:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/16 20:49:14 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2009/04/30 16:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS -- (SRTSPX)
DRV - File not found [File_System | System | Stopped] -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS -- (SRTSP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081022.006\NAVEX15.SYS -- (NAVEX15)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081022.006\NAVENG.SYS -- (NAVENG)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2014/04/17 16:38:20 | 000,107,736 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2014/04/08 15:53:32 | 000,055,224 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\System32\drivers\tStLibG.sys -- (tStLibG)
DRV - [2014/04/07 20:19:17 | 000,025,624 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\DVDHelp.sys -- (DVDHelp)
DRV - [2014/04/07 20:19:13 | 000,018,688 | ---- | M] (GiliSoft International LLC.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GSVDRIVE.sys -- (GSVDRIVE)
DRV - [2012/11/12 05:47:48 | 000,255,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/10/05 06:14:47 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/10/05 06:14:47 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011/05/27 19:05:18 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:12:38 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:30 | 000,028,624 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:28 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/07/02 11:02:38 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/04/30 22:56:32 | 000,495,768 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV561AV.SYS -- (PID_0928)
DRV - [2009/04/30 16:00:12 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/09/27 02:51:00 | 007,478,496 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/09/26 06:36:34 | 000,059,376 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- c:\Program Files\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
DRV - [2008/09/10 08:48:20 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/09/10 08:46:22 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2008/09/09 20:58:08 | 000,020,640 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\PC-Doctor for Windows\pcd5srvc.pkms -- (PCD5SRVC{BD6912E3-AC9D80E8-05040000})
DRV - [2008/09/04 07:34:34 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2008/08/01 08:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/07/21 12:12:50 | 000,133,152 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008/07/21 12:12:22 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008/05/22 05:39:34 | 000,015,360 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2005/12/12 13:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)
 
 
========== Standard Registry (All) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{AA2BE316-DC4D-4562-BB53-A9DCF6897679}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {256DBC0A-6867-4511-B430-96D26BA7A778}
IE - HKCU\..\SearchScopes\{256DBC0A-6867-4511-B430-96D26BA7A778}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{D5FA7D58-16FE-4C12-B641-6D2FFE7EEE1B}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7ADBF_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1209
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.19
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\npctrl.1.0.30716.0.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Mike\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Mike\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/07/19 11:00:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009/07/02 18:56:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2013/05/06 16:13:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/11/27 03:13:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/27 03:13:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009/07/02 18:56:32 | 000,000,000 | ---D | M]
 
[2009/06/13 22:53:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Extensions
[2009/06/13 22:53:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2014/04/08 16:46:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\4wg2i6lx.default\extensions
[2012/05/14 13:28:56 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\4wg2i6lx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2013/11/27 03:13:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/11/27 03:13:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/11/27 03:13:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013/11/27 03:13:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/11/27 03:13:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/12/20 03:36:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\extensions
[2013/12/20 03:36:33 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/12/20 03:36:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013/12/20 03:36:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions
[2013/12/20 03:36:56 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/09/03 20:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2011/06/06 12:55:30 | 000,183,696 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2012/06/12 05:25:54 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2012/06/12 05:25:54 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2012/06/12 05:25:54 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2012/06/12 05:25:54 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2012/06/12 05:25:55 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2012/06/12 05:25:55 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2012/06/12 05:25:55 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2011/05/10 15:49:22 | 000,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2011/05/10 15:49:22 | 000,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
 
O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Reg Error: Value error.) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (no name) -  - No CLSID value found.
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [KBD] C:\Program Files\Hewlett-Packard\KBD\KbdStub.exe (Microsoft)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [updateP2GoShortCut] c:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [updatePDIRShortCut] c:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [updatePSTShortCut] c:\Program Files\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Logitech Vid\vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} https://www.gameofficials.net/utility/smsx.cab (MeadCo ScriptX)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 10.45.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0674107A-2CD4-4F44-868E-9E5F828F0DC8}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\clouds_2650x1600.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\clouds_2650x1600.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{260f07bd-5bbf-11df-9283-002354a49754}\Shell\AutoRun\command - "" = J:\system\viewer\Viewer.exe
O33 - MountPoints2\{260f07bd-5bbf-11df-9283-002354a49754}\Shell\View your videos\command - "" = J:\system\viewer\Viewer.exe
O33 - MountPoints2\{e33ffc47-394f-11de-8a03-002354a49754}\Shell\AutoRun\command - "" = .\Encryption Tool\MaxtorEncryption.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/04/17 17:23:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
[2014/04/17 17:11:11 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/04/17 17:10:58 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\Mike\Desktop\JRT.exe
[2014/04/17 16:51:21 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/04/17 16:36:46 | 000,107,736 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/04/17 04:59:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/04/17 04:59:44 | 000,073,432 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/04/17 04:59:44 | 000,051,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/04/17 04:59:44 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/04/17 04:59:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/04/17 04:53:26 | 000,000,000 | ---D | C] -- C:\FRST
[2014/04/17 04:52:33 | 001,146,880 | ---- | C] (Farbar) -- C:\Users\Mike\Desktop\FRST.exe
[2014/04/09 03:03:37 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/04/09 03:03:36 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/04/09 03:03:36 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/04/09 03:03:36 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/04/09 03:03:35 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/04/09 03:03:35 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/04/09 03:03:35 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014/04/09 03:03:34 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/04/08 20:33:06 | 000,000,000 | ---D | C] -- C:\SUPERDelete
[2014/04/08 15:53:32 | 000,055,224 | ---- | C] (StdLib) -- C:\Windows\System32\drivers\tStLibG.sys
[2014/04/07 20:19:29 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\idoo
[2014/04/07 20:19:13 | 000,018,688 | ---- | C] (GiliSoft International LLC.) -- C:\Windows\System32\drivers\GSVDRIVE.sys
[2014/03/31 20:25:29 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2014/03/31 20:25:29 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
 
========== Files - Modified Within 30 Days ==========
 
[2014/04/17 17:23:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
[2014/04/17 17:19:49 | 000,642,740 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/04/17 17:19:49 | 000,119,932 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/04/17 17:13:28 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/17 17:13:28 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/17 17:13:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/17 17:13:17 | 3085,484,032 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/17 17:11:02 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\Mike\Desktop\JRT.exe
[2014/04/17 16:51:09 | 001,426,178 | ---- | M] () -- C:\Users\Mike\Desktop\AdwCleaner.exe
[2014/04/17 16:44:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/04/17 16:40:53 | 159,850,720 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2014/04/17 16:38:20 | 000,107,736 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/04/17 04:59:51 | 000,000,861 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/17 04:53:14 | 001,146,880 | ---- | M] (Farbar) -- C:\Users\Mike\Desktop\FRST.exe
[2014/04/17 04:44:31 | 000,468,388 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2014/04/17 04:43:00 | 000,002,481 | ---- | M] () -- C:\Users\Mike\Desktop\HiJackThis.lnk
[2014/04/08 15:53:32 | 000,055,224 | ---- | M] (StdLib) -- C:\Windows\System32\drivers\tStLibG.sys
[2014/04/07 20:19:17 | 000,025,624 | ---- | M] () -- C:\Windows\System32\drivers\DVDHelp.sys
[2014/04/07 20:19:13 | 000,018,688 | ---- | M] (GiliSoft International LLC.) -- C:\Windows\System32\drivers\GSVDRIVE.sys
[2014/04/07 19:26:34 | 000,000,420 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\burnaware.ini
[2014/04/07 17:29:10 | 000,002,048 | ---- | M] () -- C:\Users\Mike\Documents\Laukhart's Home Movies.iso
[2014/04/03 09:51:10 | 000,051,416 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/04/03 09:51:00 | 000,073,432 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/04/03 09:50:56 | 000,023,256 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/03/24 18:45:07 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/03/24 18:45:07 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
 
========== Files Created - No Company Name ==========
 
[2014/04/17 16:51:03 | 001,426,178 | ---- | C] () -- C:\Users\Mike\Desktop\AdwCleaner.exe
[2014/04/17 04:59:51 | 000,000,861 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/07 20:19:17 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\DVDHelp.sys
[2014/04/07 17:25:45 | 000,002,048 | ---- | C] () -- C:\Users\Mike\Documents\Laukhart's Home Movies.iso
[2014/04/07 17:23:51 | 000,000,420 | ---- | C] () -- C:\Users\Mike\AppData\Roaming\burnaware.ini
[2014/03/31 20:25:30 | 000,002,481 | ---- | C] () -- C:\Users\Mike\Desktop\HiJackThis.lnk
[2012/07/27 15:30:58 | 000,008,359 | ---- | C] () -- C:\Users\Mike\Last Day Form 2012.pdf
[2012/04/12 20:24:33 | 000,078,831 | ---- | C] () -- C:\Users\Mike\frogmath.pdf
[2011/11/12 18:58:27 | 000,004,262 | ---- | C] () -- C:\Users\Mike\AppData\Roaming\com.kennettnet.MusicRescue4.plist
[2010/02/12 10:20:38 | 000,000,680 | ---- | C] () -- C:\Users\Mike\AppData\Local\d3d9caps.dat
[2009/08/22 18:03:07 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/08/20 16:10:33 | 000,000,100 | ---- | C] () -- C:\Users\Mike\AppData\Roaming\wklnhst.dat
[2009/05/30 12:20:18 | 000,038,400 | ---- | C] () -- C:\Users\Mike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006/11/02 08:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 02:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2011/11/12 19:27:13 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Ashampoo
[2010/12/07 20:35:40 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\AVG10
[2010/12/31 12:55:27 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\BitTorrent
[2010/04/06 18:01:36 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Facebook
[2014/03/31 20:46:02 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\go
[2014/04/07 20:19:32 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\idoo
[2010/08/27 22:49:32 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Octoshape
[2010/10/02 18:51:33 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\ooVoo Details
[2013/10/23 06:11:13 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Oracle
[2009/05/04 19:50:57 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\PictureMover
[2010/04/05 17:01:28 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\PrimoPDF
[2009/08/20 16:10:35 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Template
[2012/12/15 10:14:31 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\TuneUp Software
[2010/05/18 19:55:31 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\WinBatch
 
========== Purity Check ==========
 
 

< End of report >

 

Extras:

OTL Extras logfile created on: 4/17/2014 5:24:35 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Mike\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.87 Gb Total Physical Memory | 1.78 Gb Available Physical Memory | 61.91% Memory free
5.97 Gb Paging File | 4.64 Gb Available in Paging File | 77.71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.43 Gb Total Space | 47.58 Gb Free Space | 16.61% Space Free | Partition Type: NTFS
Drive D: | 11.66 Gb Total Space | 1.56 Gb Free Space | 13.37% Space Free | Partition Type: NTFS
 
Computer Name: MIKE-PC | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C6A2595-A9AB-4EB6-9E99-3DA99B80AA83}" = lport=443 | protocol=17 | dir=in | name=oovoo udp port 443 |
"{3C6D1511-44A0-4689-B11D-553FAF649EF3}" = lport=37674 | protocol=17 | dir=in | name=oovoo udp port 37674 |
"{5376257A-B5CA-4C1D-B605-C927D22C988A}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6229D6CC-E2E9-49B4-9F11-8A64309BB750}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{73FA9172-B6E7-40E4-849B-24A35F83BF05}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{79A89424-EE1C-4138-B1F3-BF6D954BE723}" = lport=37674 | protocol=6 | dir=in | name=oovoo tcp port 37674 |
"{979A3803-6236-4742-83B5-1E92B086D259}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A4388670-0396-40E3-978F-D38630344A49}" = lport=37675 | protocol=17 | dir=in | name=oovoo udp port 37675 |
"{B750BAA8-285A-4719-9765-EB3D8FDC77FA}" = lport=443 | protocol=6 | dir=in | name=oovoo tcp port 443 |
"{CE147E9A-D8C9-418D-85D2-2B6B9DEE7CF4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D9A7598B-6C34-4FCC-8720-A47A783BD016}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DF812D81-FC79-4135-95BA-17DEAF5DD25D}" = lport=67 | protocol=17 | dir=in | name=dhcp discovery service |
"{E08F6306-0E06-4FBD-A315-DB4EF1F74B7C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{EC8DC1F3-63CE-47F2-A89D-1524719675C9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{054EFFC1-1019-4DF7-B647-44051537A900}" = dir=in | app=c:\program files\avg\avg8\avgnsx.exe |
"{15EE21C5-BCB5-4F46-A431-6CB7872B954B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{17DE7C5A-5791-426E-982F-9FBA618DB382}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{1FEE750D-3744-4F41-95CF-4DA4B3690420}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{23A5EE76-A761-4C46-B7B2-9D5C5308D19F}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{276B6651-0274-45F3-9D40-2FB5B43A00E0}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{2E04A711-6400-4852-A9A6-EF334E9D5A83}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{3A6EDA17-6893-41CC-BC2E-519145F48B7B}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{3CCDEC5C-AB57-4373-9AC8-1EE15C2D4F89}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{3ED01A3F-7DAA-4BA2-B9A9-3C8F4314B558}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{430EFDCA-5E12-491C-9CB8-C669775D5387}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{466BB61A-8ACD-42F6-8A12-D22F9EDCC5EA}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4FBE44FC-B2DD-44E3-B58A-D9CC2C8F8647}" = protocol=17 | dir=in | app=c:\program files\pure networks\network magic\nmsrvc.exe |
"{510F08CE-B384-403A-899A-CFA21D4161D3}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{5DEFBEC8-250F-459D-8F09-57748C541C60}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\tsmagent.exe |
"{6A31F05F-4F4F-4E6E-819A-362C3716679D}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{6F183148-268B-4B22-8341-29E7AA7C95BE}" = protocol=6 | dir=in | app=c:\program files\pure networks\network magic\nmsrvc.exe |
"{70239F12-7920-43DD-A6A2-DFE7B8BE900B}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\zero gear\zerogear.bat |
"{74709F86-F748-4B0A-864C-B83612F5F306}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{83EF7053-5244-47C5-8997-A1345D157684}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{87974D71-2018-477D-9227-4596C0CADD3C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8CB2CF23-F001-425E-89DC-99D0DEDC4455}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\zero gear\zerogear.bat |
"{92C50C74-9699-4DA1-9CF8-F981A05AC98C}" = dir=in | app=c:\program files\avg\avg8\avgemc.exe |
"{94A8CA92-24DE-44E0-ABA1-B22DA02ABC6A}" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{94EE0AAF-5122-42CF-A42C-C63A741DB973}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{96512E87-8937-4279-83B8-3624B556656D}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{969C8E96-7992-4379-AE44-49FA3CCC966C}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{9DE4246B-8509-4670-B890-2CE842DD3375}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{A2120952-E198-451B-B3E4-83CE239808EE}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{A77DF239-FCB2-4747-824F-C0C65F26846F}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{A89355CA-092A-40E7-BF13-14030092BEF9}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{A8FBAD9D-FE18-4AC5-8002-22FE014CC08B}" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{AA20B389-289A-4D1E-8ED3-BF2A041A5BA6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{AEAC3628-FF8C-4895-ABA9-582E825148EE}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{B7881F80-B6AE-4344-AC4C-7098324553AD}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{B8128013-FA54-45EE-99A9-AB00B8B1B10B}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{B8523CDC-0B05-40AB-ABAF-83F6498BFEF3}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{C1A8A17B-3E27-46F1-8FE0-337B6E59EF2F}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{D692524E-86EB-44F3-A1C4-63C357487192}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{DF12C053-A543-4039-889D-46E13EDBA30E}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{E2D42963-986E-43F2-B490-902BADF25ED4}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{EFD8ADDE-C0FF-4218-B143-423CB5B1B2A8}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{F9A29FB7-BD22-40ED-B5FB-BB2E052C97A6}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{F9A4B55A-F9BE-4276-BD57-EFEF9EE2E748}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe |
"{FA37B27C-8F68-4F06-ADE6-39BFBC4F4C66}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{FD0C3760-113D-4A18-9B86-74EA012D0856}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\tsmagent.exe |
"TCP Query User{2B1E2B0E-2240-41D9-A83A-A4CEBA43F3F9}C:\users\mike\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\mike\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"TCP Query User{40A9AD38-F5D7-45A4-A00D-53FB218050FD}C:\program files\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files\oovoo\oovoo.exe |
"TCP Query User{86B0A239-97C5-48C0-91FD-D25DDBB4D188}C:\users\john\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\john\program files\dna\btdna.exe |
"TCP Query User{AA022D98-9AE3-435A-8A0E-48712A956FBA}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{B8DE5476-98A9-4C19-8BF0-75784E4EADDB}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{CF12F552-3417-4AE6-BBB2-1BF4AC1C283D}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{07295C49-0EF8-412C-8994-7847B0F063CD}C:\program files\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files\oovoo\oovoo.exe |
"UDP Query User{743437BC-8558-4453-9355-0EBA34C534DD}C:\users\mike\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\mike\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"UDP Query User{9734E3FF-17D9-4C8A-AC4F-0EB2E8730918}C:\users\john\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\john\program files\dna\btdna.exe |
"UDP Query User{B9BB5A6C-1105-4848-A1CF-C30EF3925A29}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{F1F3A7B5-309C-489D-BD2D-4DEBF9F30F78}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{FF45FD50-67A8-43CB-8C83-9C738AACCB06}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}" = Status
"{03BF5CB1-B72E-4CA6-A278-F65680F05420}" = HP Picasso Media Center Add-In
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}" = Apple Mobile Device Support
"{087A66B8-1F0F-4a8d-A649-0CFE276AA7C0}" = WebReg
"{0D471171-70BF-459B-AF06-9C34329295E7}" = 6000E609_Help
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1896E712-2B3D-45eb-BCE9-542742A51032}" = PictureMover
"{19506BDB-4EA7-491F-E8AB-E97109FDB296}" = muvee Reveal
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2A329FB6-389D-4396-A974-29656D6864AE}" = MarketResearch
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3364BD16-5A28-4862-86A1-A8FF5FD23919}" = Music Rescue
"{38058455-8C21-4C2F-B2F6-14ED166039CB}" = HP Total Care Setup
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4D304678-738E-42a0-931A-2B022F49DEB8}" = TrayApp
"{4F57C27B-EDF4-4009-BEBA-EA7AA5C7A02D}" = ProductContext
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{551845DB-2D33-474E-B591-0831F0F2FAF6}" = BPDSoftware_Ini
"{56504C77-8B9F-4EB2-B33B-C5B9F50B5D64}" = AVG 2011
"{5BD0CB24-11AF-4BA8-A198-38D25257C656}" = LightScribe Template Labeler
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64B9E2F5-558E-4C56-B419-A1679518F6E7}" = HP Customer Experience Enhancements
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{691FCAD9-4A3F-43B9-8EC6-F7EE608D3772}" = 6000E609_eDocs
"{6B976ADF-8AE8-434E-B282-A06C7F624D2F}" = Python 2.5.2
"{716F4A62-0548-42b3-BAEA-44BC4F8E187C}" = HP Officejet 6000 E609 Series
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
"{800E784D-53E3-4948-B491-9E7FA5EACBDC}" = SmartWebPrinting
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{87A9A9A9-FAB7-4224-9328-0FA2058C0FD5}" = Network
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{A2016015-8323-4AF8-8B3E-F56239D7D59D}" = HP Demo
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{AB0E8288-5759-4961-905B-DAC431093BDD}" = 6000E609n
"{AC13BA3A-336B-45a4-B3FE-2D3058A7B533}" = Toolbox
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{AC96671C-2001-432C-9826-5266D84EF1DC}" = Logitech Webcam Software
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{C1338693-C4BE-48C4-8A32-88B818EB439B}" = AVG 2011
"{C197BC08-3D82-4651-8886-E68C21578A38}" = iTunes
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CBE7EB3D-FBD9-4c74-8156-082D055C0354}" = BPDSoftware
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{EFC5939F-470F-454E-B3DA-F51FDD83F6CE}" = HP MediaSmart SmartMenu
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F769B78E-FF0E-4db5-95E2-9F4C8D6352FE}" = DeviceDiscovery
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"AIM_6" = AIM 6
"AVG" = AVG 2011
"CleanUp!" = CleanUp!
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Soft Data Fax Modem with SmartCP
"HP Imaging Device Functions" = HP Imaging Device Functions 12.0
"HP Photo Creations" = HP Photo Creations
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 12.0
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.1.1004
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 25.0.1 (x86 en-US)" = Mozilla Firefox 25.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"PC-Doctor for Windows" = Hardware Diagnostic Tools
"PrimoPDF" = PrimoPDF -- by Nitro PDF Software
"Steam App 18800" = Zero Gear Demo
"Xvid_is1" = Xvid 1.2.1 final uninstall
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Octoshape Streaming Services" = Octoshape Streaming Services
 
< End of report >
 

Thanks a bunch, Kevin!

[kevinf80]

Yes is good to work with you again, continue please:

 

Re-Run   by double left click, Vista and Widows 7 users accept UAC alert. if applicable.

• Under the box at the bottom, paste in the following, start with and include the colon plus OTL . :OTL
  
  

  :OTLSRV - File not found [Auto | Stopped] -- C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe /s Norton Internet Security /m C:\Program Files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll /prefetch:1 -- (Norton Internet Security)DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081022.006\NAVEX15.SYS -- (NAVEX15)DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081022.006\NAVENG.SYS -- (NAVENG)IE - HKLM\..\SearchScopes\{AA2BE316-DC4D-4562-BB53-A9DCF6897679}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpdFF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)[2008/09/03 20:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dllO3 - HKLM\..\Toolbar: (no name) -  - No CLSID value found.O33 - MountPoints2\{260f07bd-5bbf-11df-9283-002354a49754}\Shell\AutoRun\command - "" = J:\system\viewer\Viewer.exeO33 - MountPoints2\{260f07bd-5bbf-11df-9283-002354a49754}\Shell\View your videos\command - "" = J:\system\viewer\Viewer.exeO33 - MountPoints2\{e33ffc47-394f-11de-8a03-002354a49754}\Shell\AutoRun\command - "" = .\Encryption Tool\MaxtorEncryption.exe:Reg[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]"C:\Program Files\BitTorrent\bittorrent.exe"=-:FilesC:\Program Files\Norton Internet SecurityC:\Program Files\DNAC:\Users\Mike\AppData\Roaming\BitTorrent:Commands[emptytemp][CREATERESTOREPOINT]

• Then click button at the top
• Let the program run unhindered, when done it will say "Fix Complete press ok to open the log"
• Please post that log in your next reply.
  

 

Next.

 

We need to run an online AV scan to ensure there are no remnants of any infection left on your system that may have been missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete:

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and Windows 7/8 right click on IE shortcut and run as admin

 

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

 

• 
  

Turn off the real time scanner of any existing antivirus program while performing the online scan
click on the Run ESET Online Scanner button
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the add/on to be installed
Click Start
Make sure that the option "Remove found threats"  is unticked
Click on Advanced Settings, ensure the options
Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
Click Scan
wait for the virus definitions to be downloaded
Wait for the scan to finish

 

When the scan is complete

 

• 
  

If no threats were found
put a checkmark in "Uninstall application on close"
close program
report to me that nothing was found

 

If threats were found

 

• 
  

click on "list of threats found"
click on "export to text file" and save it as ESET SCAN and save to the desktop
Click on back
put a checkmark in "Uninstall application on close"
click on finish

 

close program

 

Copy and paste the report in next reply.

 

Let me know if any remaining issues or concerns...

 

Kevin

[MCL]

Hi Kevin,

Here's the OJT log:

All processes killed
========== OTL ==========
Service Norton Internet Security stopped successfully!
Service Norton Internet Security deleted successfully!
File C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe /s Norton Internet Security /m C:\Program Files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll /prefetch:1 not found.
Service NAVEX15 stopped successfully!
Service NAVEX15 deleted successfully!
File C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081022.006\NAVEX15.SYS not found.
Service NAVENG stopped successfully!
Service NAVENG deleted successfully!
File C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081022.006\NAVENG.SYS not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA2BE316-DC4D-4562-BB53-A9DCF6897679}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA2BE316-DC4D-4562-BB53-A9DCF6897679}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA\ deleted successfully.
C:\Program Files\DNA\plugins\npbtdna.dll moved successfully.
C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{260f07bd-5bbf-11df-9283-002354a49754}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{260f07bd-5bbf-11df-9283-002354a49754}\ not found.
File J:\system\viewer\Viewer.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{260f07bd-5bbf-11df-9283-002354a49754}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{260f07bd-5bbf-11df-9283-002354a49754}\ not found.
File J:\system\viewer\Viewer.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e33ffc47-394f-11de-8a03-002354a49754}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e33ffc47-394f-11de-8a03-002354a49754}\ not found.
File .\Encryption Tool\MaxtorEncryption.exe not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\BitTorrent\bittorrent.exe deleted successfully.
========== FILES ==========
File\Folder C:\Program Files\Norton Internet Security not found.
C:\Program Files\DNA\plugins folder moved successfully.
C:\Program Files\DNA folder moved successfully.
C:\Users\Mike\AppData\Roaming\BitTorrent folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: John
->Temp folder emptied: 125273582 bytes
->Temporary Internet Files folder emptied: 675921370 bytes
->Java cache emptied: 70851346 bytes
->FireFox cache emptied: 538762294 bytes
->Flash cache emptied: 505920 bytes
 
User: Mike
->Temp folder emptied: 3609455 bytes
->Temporary Internet Files folder emptied: 230047673 bytes
->Java cache emptied: 20634059 bytes
->FireFox cache emptied: 560377503 bytes
->Flash cache emptied: 56219 bytes
 
User: Public
 

I couldn't get the Eset to install the add-on.

I have seen all the stuff that has been deleted, so I'm sure things are going to be better,

If you think it's right, tell me that program that deletes all the anti-malware programs and we'll be done.

You are really good at this. Thanks so much.

[MCL]

Hey Kevin,

The Eset started up after a while.

I'll post what it says in the morning.

[kevinf80]

Thanks for the update, I guess you already know the ESET scan will be extensive. Post log anytime you`re ready, also give an update on any remaining issues or concerns...

 

Cheers,

 

Kevin

[MCL]

No threats found!

[kevinf80]

What is the status of the system, any issues or concerns.

[MCL]

It's working great, Kevin.

Do you want to tell me that program that uninstalls everything?

[kevinf80]

Yes certainly, first Java needs updating;

 

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.

Please follow these steps to remove older version of Java components and upgrade the application.

 

Upgrading Java:

 

Go to http://java.com/en/ and click on "Do I have Java"

It will check your current version and then offer to update to the latest version

Watch for and make sure you untick the box next to whatever free program they prompt you to install during the installation, unless you want it.

 

***Note: Check in Programs and Features (or Add/Remove Programs if you are an XP user) to make certain there are no old versions of Java still installed, if so - remove them.

 

Finally:

 

Download "Delfix by Xplode" and save it to your desktop.

 

"Delfix link mirror"

 

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

 

Make Sure the following items are checked:

 

• 
  

    Activate UAC
    Remove disinfection tools
    Create registry backup
    Purge System Restore
    Reset system settings

 

Now click on "Run" and wait patiently until the tool has completed.

 

The tool will create a log when it has completed. Also read the following link to fully understand PC security and best practices, you may find it useful....

 

http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry2316629

 

Kevin...

[MCL]

Clean as a whistle!

Thanks so much Kevin.

I really appreciate your time and smarts!

[kevinf80]

It was a pleasure to work with you, Part of the routine od Delfix was to create a registry back up with ERUNT,  the back up will be created here:

 

C:\Windows\ERUNT

 

When all is known to be well with your system you can delete that back up folder if you consider it as not needed...

 

Take care,

 

Kevin...

[AdvancedSetup]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!