Jump to content

Doops

Honorary Members
  • Posts

    21
  • Joined

  • Last visited

Posts posted by Doops

  1. I just finished a scan with MB, turned out clean!

     

    Thank you very much! This is the second time you experts here in the forum have helped me out, and I'll donate again.

     

    Out of curiosity, may I ask what PUPs detected by MB usually are? They seem harmless, but I know they're security holes.

    Where are they usually coming from by the way (so I can practice better browsing habits)?

     

    (I'm using Firefox as my main browser, with NoScript)

  2. Hello,

     

    I've been doing my best to keep a computer I got last year clean, and within the past week, I've picked up some PUPs (opencandy).

     

    MB has detected at least five of them before (within the past week) but it seems to have removed them down to two particularly sticky ones that keep regenerating after each scan+delete by MB.

     

    Your experts have helped me once before, and I'm glad you guys are here. I ask for your help once more.

    Addition.txt

    FRST.txt

  3. I tried to reset IE and Chrome's homepages, and it worked!

    I haven't seen any search redirects in Firefox since the last OTL fix run either (granted, even before then, I only saw it three times).

     

    I think it's fine now! Thank you so much!

     

    Is there any way we can check for sure that there's no remaining Spigot data, rootkits, trojans, etc? Just to be sure.

  4. All processes killed
    ========== OTL ==========
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
    HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
    HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}\ not found.
    HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    HKU\S-1-5-21-825749163-974839105-3472330399-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
    HKU\S-1-5-21-825749163-974839105-3472330399-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
    Registry key HKEY_USERS\S-1-5-21-825749163-974839105-3472330399-1004\Software\Microsoft\Internet Explorer\SearchScopes\{6B46B519-F692-44CD-A626-23B2D48A9F47}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6B46B519-F692-44CD-A626-23B2D48A9F47}\ not found.
    Prefs.js: "Bing" removed from browser.search.defaultenginename
    Prefs.js: "Bing" removed from browser.search.selectedEngine
    Prefs.js: "msn.com" removed from browser.startup.homepage
    C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\adsremoval@adsremoval.net\lib folder moved successfully.
    C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\adsremoval@adsremoval.net\defaults folder moved successfully.
    C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\adsremoval@adsremoval.net\chrome\content\subscriptions folder moved successfully.
    C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\adsremoval@adsremoval.net\chrome\content\scripts folder moved successfully.
    C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\adsremoval@adsremoval.net\chrome\content\images folder moved successfully.
    C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\adsremoval@adsremoval.net\chrome\content folder moved successfully.
    C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\adsremoval@adsremoval.net\chrome folder moved successfully.
    C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\adsremoval@adsremoval.net\bin folder moved successfully.
    C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\adsremoval@adsremoval.net folder moved successfully.
    C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod\1.0.0_0\js folder moved successfully.
    C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod\1.0.0_0\img folder moved successfully.
    C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod\1.0.0_0\filtering folder moved successfully.
    C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod\1.0.0_0\dll folder moved successfully.
    C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod\1.0.0_0\db folder moved successfully.
    C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod\1.0.0_0 folder moved successfully.
    ========== FILES ==========
    < ipconfig /flushdns /c >
    Windows IP Configuration
    Successfully flushed the DNS Resolver Cache.
    C:\Users\MT\Desktop\Logs\cmd.bat deleted successfully.
    C:\Users\MT\Desktop\Logs\cmd.txt deleted successfully.
    ========== COMMANDS ==========
     
    [EMPTYTEMP]
     
    User: AdMin
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes
     
    User: All Users
     
    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes
     
    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes
     
    User: MT
    ->Temp folder emptied: 19690725 bytes
    ->Temporary Internet Files folder emptied: 3081516 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 394995801 bytes
    ->Google Chrome cache emptied: 0 bytes
    ->Flash cache emptied: 4020 bytes
     
    User: Public
     
    User: TT
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Java cache emptied: 0 bytes
    ->Google Chrome cache emptied: 0 bytes
    ->Flash cache emptied: 0 bytes
     
    User: Work
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes
     
    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 37184 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes
     
    Total Files Cleaned = 398.00 mb
     
     
    OTL by OldTimer - Version 3.2.69.0 log created on 01282014_014009

    Files\Folders moved on Reboot...
    C:\Users\MT\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    C:\Users\MT\AppData\Local\Temp\MMDUtl.log moved successfully.
    C:\Users\MT\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
    File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.
    File move failed. C:\Windows\temp\LMutilps32.log scheduled to be moved on reboot.

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...
     

  5. This is a new problem:

     

    Since yesterday, I've been getting some Bing search hit redirects. Only two incidents so far, but it's worrysome.

    When I click on a search link, I am sometimes taken to a different site, or a download prompt for some sort of file comes up (usually a zip file).

     

    When I am redirected, I click back immediately (though if anything happens, I suppose that the damage is too fast anyways).

    For the download prompts I deny them.

     

    I'm very scared by this.

  6. OTL logfile created on: 1/25/2014 9:03:58 PM - Run 2
    OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\MT\Desktop\Logs
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.16428)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
     
    3.86 Gb Total Physical Memory | 1.89 Gb Available Physical Memory | 48.94% Memory free
    9.63 Gb Paging File | 7.58 Gb Available in Paging File | 78.69% Paging File free
    Paging file location(s): c:\pagefile.sys 5920 5920 [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 447.66 Gb Total Space | 334.28 Gb Free Space | 74.67% Space Free | Partition Type: NTFS
     
    Computer Name: ASPIRE5755-9401 | User Name: MT | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Processes (SafeList) ==========
     
    PRC - [2014/01/21 21:06:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MT\Desktop\Logs\OTL.exe
    PRC - [2013/12/21 01:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2013/12/13 17:44:36 | 001,573,184 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
    PRC - [2013/12/09 15:02:00 | 002,285,344 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
    PRC - [2013/12/09 15:01:58 | 000,881,440 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
    PRC - [2013/12/03 16:10:24 | 000,775,968 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
    PRC - [2013/11/11 17:19:48 | 000,341,824 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
    PRC - [2013/10/25 12:07:12 | 000,469,280 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\DelayLoad.exe
    PRC - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    PRC - [2013/05/20 23:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe
    PRC - [2012/04/24 13:37:56 | 000,169,752 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
    PRC - [2012/04/05 14:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    PRC - [2011/11/29 18:16:12 | 000,109,984 | ---- | M] (CypherTec Inc.) -- C:\Program Files (x86)\Common Files\CypherTec\cgrdsrv32.exe
    PRC - [2011/06/30 21:51:14 | 000,418,896 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
    PRC - [2011/06/30 21:51:14 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
    PRC - [2011/06/30 21:51:12 | 001,103,440 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
    PRC - [2011/06/30 21:51:12 | 000,353,360 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
    PRC - [2011/05/29 21:54:14 | 000,036,456 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
    PRC - [2011/05/20 13:13:06 | 000,120,104 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
    PRC - [2011/05/20 13:13:04 | 000,169,352 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
    PRC - [2011/05/09 20:41:56 | 000,177,448 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
    PRC - [2011/04/30 02:32:54 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
    PRC - [2011/04/23 20:29:20 | 000,256,832 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
    PRC - [2011/04/23 20:28:38 | 000,297,280 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
    PRC - [2011/04/20 16:58:02 | 001,204,224 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
    PRC - [2011/04/20 16:53:10 | 000,335,872 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
    PRC - [2011/02/01 16:41:24 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
    PRC - [2011/02/01 16:41:20 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    PRC - [2010/11/16 20:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    PRC - [2010/09/30 05:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
    PRC - [2010/06/10 12:42:44 | 002,621,440 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
    PRC - [2010/03/08 23:42:02 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
    PRC - [2010/03/08 23:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
    PRC - [2010/03/05 19:11:30 | 000,636,192 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
    PRC - [2010/01/25 07:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe
     
     
    ========== Modules (No Company Name) ==========
     
    MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\madexcept_.bpl
    MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\maddisAsm_.bpl
    MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\madbasic_.bpl
    MOD - [2013/01/15 18:47:56 | 000,893,248 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll
    MOD - [2012/05/30 09:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\wincfi39.dll
    MOD - [2011/05/20 13:13:04 | 000,206,216 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
    MOD - [2011/05/20 13:13:04 | 000,169,352 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
    MOD - [2011/04/23 20:29:56 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
    MOD - [2009/02/27 15:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
     
     
    ========== Services (SafeList) ==========
     
    SRV:64bit: - [2013/11/26 04:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
    SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2012/04/05 14:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
    SRV:64bit: - [2011/11/29 18:48:06 | 000,131,000 | ---- | M] (CypherTec Inc.) [Auto | Running] -- C:\Program Files\Common Files\CypherTec\cthwsrv64.exe -- (CypherGuard Info Service)
    SRV:64bit: - [2011/11/29 18:26:28 | 000,127,416 | ---- | M] (CypherTec Inc.) [Auto | Running] -- C:\Program Files\Common Files\CypherTec\cgrdsrv64.exe -- (CypherGuard cguard Service 64bit Edition)
    SRV:64bit: - [2011/08/02 13:59:46 | 000,872,552 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
    SRV:64bit: - [2011/05/02 16:27:50 | 001,517,328 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
    SRV:64bit: - [2011/05/02 16:13:54 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
    SRV:64bit: - [2011/05/02 16:10:26 | 000,844,560 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
    SRV:64bit: - [2010/11/29 17:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
    SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
    SRV - [2013/12/21 01:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2013/12/20 05:26:05 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2013/12/16 16:51:38 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013/12/09 15:01:58 | 000,881,440 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe -- (AdvancedSystemCareService7)
    SRV - [2013/12/03 16:10:24 | 002,151,200 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
    SRV - [2013/11/11 17:19:48 | 000,341,824 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
    SRV - [2013/11/07 01:52:56 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
    SRV - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
    SRV - [2013/10/07 14:19:22 | 000,240,736 | ---- | M] (WildTangent) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe -- (GamesAppIntegrationService)
    SRV - [2013/10/07 13:30:47 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2013/09/05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2013/05/20 23:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe -- (NIS)
    SRV - [2012/04/24 13:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
    SRV - [2011/11/29 18:16:12 | 000,109,984 | ---- | M] (CypherTec Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\CypherTec\cgrdsrv32.exe -- (CypherGuard cguard Service 32bit Edition)
    SRV - [2011/06/30 21:51:12 | 000,353,360 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
    SRV - [2011/05/29 21:54:14 | 000,036,456 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
    SRV - [2011/04/30 02:32:54 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
    SRV - [2011/04/23 20:29:20 | 000,256,832 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
    SRV - [2011/02/01 16:41:24 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
    SRV - [2011/02/01 16:41:20 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
    SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
    SRV - [2010/09/30 05:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
    SRV - [2010/03/08 23:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
    SRV - [2010/01/25 07:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
    SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
     
     
    ========== Driver Services (SafeList) ==========
     
    DRV:64bit: - [2013/11/13 13:23:49 | 000,435,512 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
    DRV:64bit: - [2013/11/07 01:52:44 | 005,363,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2013/10/09 09:16:27 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
    DRV:64bit: - [2013/10/08 10:43:55 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
    DRV:64bit: - [2013/05/23 00:25:28 | 001,139,800 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symefa64.sys -- (SymEFA)
    DRV:64bit: - [2013/05/22 17:49:32 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
    DRV:64bit: - [2013/05/21 00:02:00 | 000,493,656 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symds64.sys -- (SymDS)
    DRV:64bit: - [2013/05/16 00:02:14 | 000,796,760 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtsp64.sys -- (SRTSP)
    DRV:64bit: - [2013/04/24 19:43:56 | 000,433,752 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symnets.sys -- (SymNetS)
    DRV:64bit: - [2013/04/15 21:41:14 | 000,169,048 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\ccsetx64.sys -- (ccSet_NIS)
    DRV:64bit: - [2013/03/04 20:21:35 | 000,036,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtspx64.sys -- (SRTSPX)
    DRV:64bit: - [2012/12/14 16:40:22 | 000,123,832 | ---- | M] (CypherTec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cymon.sys -- (Cymon)
    DRV:64bit: - [2012/09/06 20:48:08 | 000,224,416 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\ironx64.sys -- (SymIRON)
    DRV:64bit: - [2012/08/23 09:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
    DRV:64bit: - [2012/08/23 09:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
    DRV:64bit: - [2012/08/23 09:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011/07/14 00:35:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/07/14 00:35:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2011/06/21 17:19:14 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
    DRV:64bit: - [2011/06/21 17:19:12 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
    DRV:64bit: - [2011/06/19 09:35:09 | 000,196,704 | ---- | M] (SysProgs.org) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BazisVirtualCDBus.sys -- (BazisVirtualCDBus)
    DRV:64bit: - [2011/05/16 16:57:32 | 000,051,240 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa)
    DRV:64bit: - [2011/05/06 12:11:12 | 000,086,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa)
    DRV:64bit: - [2011/05/01 16:33:06 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
    DRV:64bit: - [2011/04/26 13:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
    DRV:64bit: - [2011/04/05 06:26:26 | 000,142,632 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
    DRV:64bit: - [2011/03/09 23:01:45 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
    DRV:64bit: - [2011/03/09 23:01:45 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
    DRV:64bit: - [2011/02/10 01:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
    DRV:64bit: - [2011/02/10 01:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
    DRV:64bit: - [2011/01/20 20:15:30 | 000,019,496 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp)
    DRV:64bit: - [2011/01/20 20:15:28 | 000,067,624 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdbd.sys -- (b57xdbd)
    DRV:64bit: - [2010/11/29 17:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
    DRV:64bit: - [2010/11/20 22:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
    DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
    DRV:64bit: - [2010/10/15 03:28:18 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
    DRV:64bit: - [2010/03/19 05:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
    DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
    DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV - [2014/01/23 13:35:22 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20140125.005\ex64.sys -- (NAVEX15)
    DRV - [2014/01/23 13:35:22 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20140125.005\eng64.sys -- (NAVENG)
    DRV - [2014/01/20 18:45:57 | 000,521,944 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20140124.001\IDSviA64.sys -- (IDSVia64)
    DRV - [2013/12/17 19:32:10 | 001,526,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20140121.001\BHDrvx64.sys -- (BHDrvx64)
    DRV - [2013/11/21 00:07:51 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
    DRV - [2013/11/21 00:07:51 | 000,137,648 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
    DRV - [2013/11/19 16:10:34 | 000,034,848 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
    DRV - [2013/11/19 16:10:34 | 000,023,016 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
    DRV - [2013/03/23 15:48:48 | 000,023,048 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
    DRV - [2012/12/14 16:40:24 | 000,110,136 | ---- | M] (CypherTec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\cymon.sys -- (Cymon)
    DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
     
     
    ========== Standard Registry (SafeList) ==========
     
     
    ========== Internet Explorer ==========
     
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
    IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
     
     
    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
    IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKU\.DEFAULT\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=US&ver=20&locale=en_US&gct=kwd&qsrc=2869
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
     
    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKU\S-1-5-18\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=US&ver=20&locale=en_US&gct=kwd&qsrc=2869
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
     
    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
     
    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
     
    IE - HKU\S-1-5-21-825749163-974839105-3472330399-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com/?type=198484&fr=spigot-yhp-ie
    IE - HKU\S-1-5-21-825749163-974839105-3472330399-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
    IE - HKU\S-1-5-21-825749163-974839105-3472330399-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
    IE - HKU\S-1-5-21-825749163-974839105-3472330399-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 73 5B 45 94 2D C4 CE 01  [binary data]
    IE - HKU\S-1-5-21-825749163-974839105-3472330399-1004\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKU\S-1-5-21-825749163-974839105-3472330399-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFD_enUS557
    IE - HKU\S-1-5-21-825749163-974839105-3472330399-1004\..\SearchScopes\{6B46B519-F692-44CD-A626-23B2D48A9F47}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
    IE - HKU\S-1-5-21-825749163-974839105-3472330399-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
     
    ========== FireFox ==========
     
    FF - prefs.js..browser.search.defaultenginename: "Bing"
    FF - prefs.js..browser.search.selectedEngine: "Bing"
    FF - prefs.js..browser.startup.homepage: "msn.com"
    FF - prefs.js..extensions.enabledAddons: rikaichan-jpen%40polarcloud.com:2.01.130701
    FF - prefs.js..extensions.enabledAddons: %7B0AA9101C-D3C1-4129-A9B7-D778C6A17F82%7D:2.07
    FF - prefs.js..extensions.enabledAddons: %7B59c81df5-4b7a-477b-912d-4e0fdf64e5f2%7D:0.9.90.1
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
    FF - user.js - File not found
     
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@nullsoft.com/winampDetector;version=1: C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\MT\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
     
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\IPSFF [2013/10/09 11:17:18 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\coFFPlgn\ [2014/01/25 20:57:32 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/10/10 15:55:39 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/15 22:59:14 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/10/10 15:55:39 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/15 22:59:14 | 000,000,000 | ---D | M]
     
    [2013/10/20 12:58:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MT\AppData\Roaming\Mozilla\Extensions
    [2014/01/24 21:28:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions
    [2013/10/20 13:05:13 | 000,000,000 | ---D | M] (Rikaichan) -- C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\{0AA9101C-D3C1-4129-A9B7-D778C6A17F82}
    [2013/10/20 13:05:13 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
    [2013/12/13 13:27:49 | 000,000,000 | ---D | M] (Ads Removal) -- C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\adsremoval@adsremoval.net
    [2013/10/20 13:14:44 | 000,000,000 | ---D | M] (Rikaichan Japanese-English Dictionary File) -- C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\rikaichan-jpen@polarcloud.com
    [2014/01/16 12:09:38 | 000,940,775 | ---- | M] () (No name found) -- C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    [2014/01/04 19:03:59 | 000,000,905 | ---- | M] () -- C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\searchplugins\yahoo_ff.xml
    [2013/12/20 05:25:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
    [2013/12/20 05:26:07 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    File not found (No name found) -- C:\PROGRAM FILES (X86)\IOBIT APPS TOOLBAR\FF
    File not found (No name found) -- C:\USERS\MT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EZZ5BZ6N.DEFAULT\EXTENSIONS\ASCSURFINGPROTECTION@IOBIT.COM
    [2013/11/15 03:32:00 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
     
    ========== Chrome  ==========
     
    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
    CHR - Extension: Google Docs = C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
    CHR - Extension: Google Drive = C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
    CHR - Extension: YouTube = C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
    CHR - Extension: Google Search = C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
    CHR - Extension: Ads Removal = C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod\1.0.0_0\
    CHR - Extension: avast! Online Security = C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2011.70_0\
    CHR - Extension: Skype Click to Call = C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\
    CHR - Extension: Norton Identity Protection = C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.5.2_0\
    CHR - Extension: Store = C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
    CHR - Extension: Google Wallet = C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
    CHR - Extension: Gmail = C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
     
    O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
    O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
    O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
    O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
    O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
    O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3:64bit: - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
    O3:64bit: - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
    O3:64bit: - HKU\S-1-5-21-825749163-974839105-3472330399-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3 - HKU\S-1-5-21-825749163-974839105-3472330399-1004\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
    O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
    O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
    O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [intelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
    O4:64bit: - HKLM..\Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
    O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
    O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [backupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
    O4 - HKLM..\Run: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
    O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
    O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.)
    O4 - HKLM..\Run: [indexSearch] C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
    O4 - HKLM..\Run: [iObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
    O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
    O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
    O4 - HKLM..\Run: [NWEReboot]  File not found
    O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
    O4 - HKLM..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe (Nuance Communications, Inc.)
    O4 - HKLM..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Nuance Communications, Inc.)
    O4 - HKLM..\Run: [PPort12reminder] C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
    O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-825749163-974839105-3472330399-1004..\Run: [Advanced SystemCare 7] C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe (IObit)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O8:64bit: - Extra context menu item: Open with PDF Viewer Plus - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
    O8 - Extra context menu item: Open with PDF Viewer Plus - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
    O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B0BCF2FB-1545-4F42-9C6F-8160A8B30C5C}: DhcpNameServer = 75.75.75.75 75.75.76.76
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F9B0643F-BDCE-4FE4-8860-BF102ADAAB91}: DhcpNameServer = 75.75.75.75 75.75.76.76
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\ms-help - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O33 - MountPoints2\{6c7c70cb-545e-11e3-b0b5-b870f4ee7158}\Shell - "" = AutoRun
    O33 - MountPoints2\{6c7c70cb-545e-11e3-b0b5-b870f4ee7158}\Shell\AutoRun\command - "" = V:\setup.exe
    O33 - MountPoints2\{7a1d30ab-4118-11e3-8e84-b870f4ee7158}\Shell - "" = AutoRun
    O33 - MountPoints2\{7a1d30ab-4118-11e3-8e84-b870f4ee7158}\Shell\AutoRun\command - "" = V:\setup.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
     
    ========== Files/Folders - Created Within 30 Days ==========
     
    [2014/01/24 22:13:08 | 000,000,000 | ---D | C] -- C:\Windows\Migration
    [2014/01/24 22:13:06 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2014/01/24 21:28:14 | 000,000,000 | ---D | C] -- C:\_OTL
    [2014/01/21 20:50:55 | 000,000,000 | ---D | C] -- C:\Users\MT\Desktop\Logs
    [2014/01/21 20:50:15 | 000,000,000 | ---D | C] -- C:\Users\MT\Documents\Black Crusade
    [2014/01/20 10:50:57 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
    [2014/01/20 10:49:05 | 000,000,000 | ---D | C] -- C:\AdwCleaner
    [2014/01/17 21:26:49 | 000,000,000 | ---D | C] -- C:\Users\MT\Desktop\NUIP
    [2014/01/17 19:36:22 | 000,000,000 | ---D | C] -- C:\Users\MT\AppData\Roaming\Unity
    [2014/01/15 14:02:04 | 000,000,000 | ---D | C] -- C:\Users\MT\AppData\Local\Unity
    [2014/01/15 11:03:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
    [2014/01/13 09:08:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UVa Network Setup Tool
    [2014/01/13 09:08:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\University of Virginia
    [2014/01/07 01:02:55 | 000,000,000 | ---D | C] -- C:\Users\MT\Documents\GuP Motto Love Love Sakusen Desu C08
    [2014/01/05 10:46:36 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
    [2014/01/04 19:12:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
    [2014/01/04 19:12:35 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
    [2014/01/04 19:12:34 | 000,000,000 | ---D | C] -- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
    [2014/01/04 19:12:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
    [2014/01/03 20:52:08 | 000,000,000 | ---D | C] -- C:\Users\MT\AppData\Roaming\SPSSInc
    [2014/01/03 20:51:18 | 000,000,000 | ---D | C] -- C:\Users\MT\.spss
    [2014/01/03 20:50:52 | 000,000,000 | ---D | C] -- C:\Users\MT\AppData\Local\javasharedresources
    [2014/01/03 19:34:29 | 000,000,000 | ---D | C] -- C:\Users\MT\Desktop\Job
    [2014/01/03 19:26:33 | 000,000,000 | ---D | C] -- C:\Users\MT\AppData\Local\IBM
    [2014/01/03 19:26:25 | 000,000,000 | ---D | C] -- C:\ProgramData\SafeNet Sentinel
    [2014/01/03 19:26:17 | 000,000,000 | ---D | C] -- C:\Users\MT\Desktop\MedEssays
    [2014/01/03 19:24:51 | 000,000,000 | ---D | C] -- C:\ProgramData\SPSS
    [2014/01/03 19:24:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics
    [2014/01/03 19:23:46 | 000,000,000 | ---D | C] -- C:\SysWOW64
    [2014/01/03 19:23:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\IBM
    [2014/01/03 19:22:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IBM
    [2014/01/02 22:06:03 | 000,000,000 | ---D | C] -- C:\Users\MT\AppData\Roaming\e-academy Inc
    [2014/01/02 22:06:03 | 000,000,000 | ---D | C] -- C:\Users\MT\AppData\Local\e-academy Inc
     
    ========== Files - Modified Within 30 Days ==========
     
    [2014/01/25 21:03:35 | 000,000,278 | ---- | M] () -- C:\Windows\tasks\Driver Booster Update.job
    [2014/01/25 21:03:20 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2014/01/25 21:03:20 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2014/01/25 21:02:19 | 000,781,298 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2014/01/25 21:02:19 | 000,653,724 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2014/01/25 21:02:19 | 000,121,596 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2014/01/25 20:59:14 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2014/01/25 20:55:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2014/01/25 20:55:36 | 3104,722,944 | -HS- | M] () -- C:\hiberfil.sys
    [2014/01/25 20:45:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2014/01/25 20:14:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2014/01/24 22:15:45 | 000,762,252 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2014/01/24 13:43:41 | 503,663,545 | ---- | M] () -- C:\Users\MT\Documents\[underwater] KILL la KILL - 15 (720p) [9FE2481B].mkv
    [2014/01/23 00:34:40 | 429,702,335 | ---- | M] () -- C:\Users\MT\Documents\[Vivid] D-Frag! - 02 [3570BC9C].mkv
    [2014/01/23 00:33:28 | 402,262,665 | ---- | M] () -- C:\Users\MT\Documents\[Vivid] D-Frag! - 03 [47F4A5C7].mkv
    [2014/01/22 04:56:53 | 000,158,109 | ---- | M] () -- C:\Users\MT\Desktop\FacultyStaff Discount Program _3_.pdf
    [2014/01/16 22:36:44 | 349,278,301 | ---- | M] () -- C:\Users\MT\Documents\[HorribleSubs] Kill la Kill - 14 [720p].mkv
    [2014/01/15 22:52:54 | 000,464,640 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2014/01/15 11:04:24 | 000,003,719 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
    [2014/01/14 15:19:37 | 318,472,067 | ---- | M] () -- C:\Users\MT\Documents\[FFF] Sekai Seifuku ~Bouryaku no Zvezda~ - 01 [043C6B38].mkv
    [2014/01/13 09:08:51 | 000,001,371 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CertChecker.lnk
    [2014/01/09 23:37:10 | 445,342,059 | ---- | M] () -- C:\Users\MT\Documents\[AOI] Kyousougiga Music Collection [flac+scans].zip
    [2014/01/09 23:36:01 | 181,547,899 | ---- | M] () -- C:\Users\MT\Documents\[AOI] Kyousougiga Music Collection [320k+scans].zip
    [2014/01/09 21:40:14 | 375,854,580 | ---- | M] () -- C:\Users\MT\Documents\[HorribleSubs] Kyousougiga - 10.5 [720p].mkv
    [2014/01/09 21:38:01 | 376,281,091 | ---- | M] () -- C:\Users\MT\Documents\[HorribleSubs] Kyousougiga - 10 [720p].mkv
    [2014/01/09 21:37:19 | 524,318,219 | ---- | M] () -- C:\Users\MT\Documents\[Commie] Kyousougiga - 09 [4D1C06C5].mkv
    [2014/01/09 14:59:08 | 348,459,256 | ---- | M] () -- C:\Users\MT\Documents\[HorribleSubs] Kill la Kill - 13 [720p].mkv
    [2014/01/07 21:06:09 | 432,938,492 | ---- | M] () -- C:\Users\MT\Documents\[Vivid] D-Frag! - 01 [F0D3C74F].mkv
    [2014/01/07 12:01:24 | 000,506,084 | ---- | M] () -- C:\Users\MT\Desktop\010.jpg
    [2014/01/04 19:19:53 | 000,011,054 | ---- | M] () -- C:\Users\MT\Documents\cc_20140104_191934.reg
    [2014/01/03 19:22:13 | 000,000,219 | ---- | M] () -- C:\Windows\SysWow64\lsprst7.tgz
    [2014/01/03 19:22:13 | 000,000,205 | ---- | M] () -- C:\Windows\SysWow64\lsprst7.dll
    [2014/01/03 19:22:13 | 000,000,016 | -H-- | M] () -- C:\Windows\SysWow64\servdat.slm
    [2014/01/03 19:22:12 | 000,001,025 | ---- | M] () -- C:\Windows\SysWow64\sysprs7.tgz
    [2014/01/03 19:22:12 | 000,001,025 | ---- | M] () -- C:\Windows\SysWow64\sysprs7.dll
    [2014/01/02 16:38:43 | 001,922,012 | ---- | M] () -- C:\Users\MT\Documents\Devil Vs Goddess (Pixiv 40638995) - Imgur.zip
     
    ========== Files Created - No Company Name ==========
     
    [2014/01/24 22:15:45 | 000,762,252 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2014/01/24 13:40:42 | 503,663,545 | ---- | C] () -- C:\Users\MT\Documents\[underwater] KILL la KILL - 15 (720p) [9FE2481B].mkv
    [2014/01/23 00:30:46 | 429,702,335 | ---- | C] () -- C:\Users\MT\Documents\[Vivid] D-Frag! - 02 [3570BC9C].mkv
    [2014/01/23 00:30:15 | 402,262,665 | ---- | C] () -- C:\Users\MT\Documents\[Vivid] D-Frag! - 03 [47F4A5C7].mkv
    [2014/01/22 04:57:01 | 000,158,109 | ---- | C] () -- C:\Users\MT\Desktop\FacultyStaff Discount Program _3_.pdf
    [2014/01/16 22:33:12 | 349,278,301 | ---- | C] () -- C:\Users\MT\Documents\[HorribleSubs] Kill la Kill - 14 [720p].mkv
    [2014/01/15 11:04:24 | 000,003,719 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
    [2014/01/14 15:17:28 | 318,472,067 | ---- | C] () -- C:\Users\MT\Documents\[FFF] Sekai Seifuku ~Bouryaku no Zvezda~ - 01 [043C6B38].mkv
    [2014/01/13 09:08:51 | 000,001,371 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CertChecker.lnk
    [2014/01/09 23:31:36 | 445,342,059 | ---- | C] () -- C:\Users\MT\Documents\[AOI] Kyousougiga Music Collection [flac+scans].zip
    [2014/01/09 23:31:25 | 181,547,899 | ---- | C] () -- C:\Users\MT\Documents\[AOI] Kyousougiga Music Collection [320k+scans].zip
    [2014/01/09 21:34:20 | 375,854,580 | ---- | C] () -- C:\Users\MT\Documents\[HorribleSubs] Kyousougiga - 10.5 [720p].mkv
    [2014/01/09 21:32:47 | 376,281,091 | ---- | C] () -- C:\Users\MT\Documents\[HorribleSubs] Kyousougiga - 10 [720p].mkv
    [2014/01/09 21:32:42 | 524,318,219 | ---- | C] () -- C:\Users\MT\Documents\[Commie] Kyousougiga - 09 [4D1C06C5].mkv
    [2014/01/09 14:52:03 | 348,459,256 | ---- | C] () -- C:\Users\MT\Documents\[HorribleSubs] Kill la Kill - 13 [720p].mkv
    [2014/01/07 20:59:27 | 432,938,492 | ---- | C] () -- C:\Users\MT\Documents\[Vivid] D-Frag! - 01 [F0D3C74F].mkv
    [2014/01/07 12:01:24 | 000,506,084 | ---- | C] () -- C:\Users\MT\Desktop\010.jpg
    [2014/01/04 19:19:38 | 000,011,054 | ---- | C] () -- C:\Users\MT\Documents\cc_20140104_191934.reg
    [2014/01/03 19:22:12 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.tgz
    [2014/01/03 19:22:12 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
    [2014/01/03 19:22:12 | 000,000,219 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.tgz
    [2014/01/03 19:22:12 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
    [2014/01/03 19:22:12 | 000,000,016 | -H-- | C] () -- C:\Windows\SysWow64\servdat.slm
    [2014/01/02 16:38:51 | 001,922,012 | ---- | C] () -- C:\Users\MT\Documents\Devil Vs Goddess (Pixiv 40638995) - Imgur.zip
    [2013/11/07 01:52:42 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
    [2013/10/31 23:23:55 | 000,087,040 | ---- | C] () -- C:\Windows\UnGins.exe
    [2013/10/26 01:12:31 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
    [2013/10/26 01:12:24 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
    [2013/10/10 15:48:49 | 000,210,391 | ---- | C] () -- C:\Windows\hpwins19.dat
    [2013/10/10 15:48:49 | 000,000,673 | ---- | C] () -- C:\Windows\hpwmdl19.dat
    [2013/10/08 08:03:00 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
    [2013/10/08 08:02:49 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
     
    ========== ZeroAccess Check ==========
     
    [2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
     
    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
     
    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
     
    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
     
    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
     
    ========== LOP Check ==========
     
    [2014/01/13 08:56:20 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit
    [2014/01/13 08:56:20 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit
    [2013/10/08 08:45:34 | 000,000,000 | ---D | M] -- C:\Users\MT\AppData\Roaming\ControlCenter4
    [2013/10/26 01:07:03 | 000,000,000 | ---D | M] -- C:\Users\MT\AppData\Roaming\CypherTec
    [2013/10/08 10:43:45 | 000,000,000 | ---D | M] -- C:\Users\MT\AppData\Roaming\DAEMON Tools Lite
    [2013/10/26 01:36:16 | 000,000,000 | ---D | M] -- C:\Users\MT\AppData\Roaming\DLsite
    [2014/01/02 22:06:03 | 000,000,000 | ---D | M] -- C:\Users\MT\AppData\Roaming\e-academy Inc
    [2014/01/04 19:12:51 | 000,000,000 | ---D | M] -- C:\Users\MT\AppData\Roaming\IObit
    [2013/10/08 11:23:43 | 000,000,000 | ---D | M] -- C:\Users\MT\AppData\Roaming\Nuance
    [2013/10/23 20:26:32 | 000,000,000 | ---D | M] -- C:\Users\MT\AppData\Roaming\PowerCinema
    [2014/01/03 20:52:08 | 000,000,000 | ---D | M] -- C:\Users\MT\AppData\Roaming\SPSSInc
    [2013/10/10 08:08:31 | 000,000,000 | ---D | M] -- C:\Users\MT\AppData\Roaming\Stardock
    [2014/01/17 19:36:22 | 000,000,000 | ---D | M] -- C:\Users\MT\AppData\Roaming\Unity
    [2013/10/09 08:57:50 | 000,000,000 | ---D | M] -- C:\Users\MT\AppData\Roaming\WildTangent
    [2013/10/08 08:23:08 | 000,000,000 | ---D | M] -- C:\Users\TT\AppData\Roaming\ControlCenter4
    [2013/10/09 20:11:04 | 000,000,000 | ---D | M] -- C:\Users\TT\AppData\Roaming\e-academy Inc
    [2013/10/17 20:37:49 | 000,000,000 | ---D | M] -- C:\Users\TT\AppData\Roaming\ImgBurn
    [2014/01/12 12:13:37 | 000,000,000 | ---D | M] -- C:\Users\TT\AppData\Roaming\IObit
    [2013/10/08 08:14:54 | 000,000,000 | ---D | M] -- C:\Users\TT\AppData\Roaming\Nuance
    [2013/10/08 07:19:39 | 000,000,000 | ---D | M] -- C:\Users\TT\AppData\Roaming\TeraCopy
    [2013/10/08 08:15:10 | 000,000,000 | ---D | M] -- C:\Users\TT\AppData\Roaming\Zeon
    [2014/01/13 08:57:49 | 000,000,000 | ---D | M] -- C:\Users\Work\AppData\Roaming\ControlCenter4
    [2014/01/13 08:57:54 | 000,000,000 | ---D | M] -- C:\Users\Work\AppData\Roaming\IObit
    [2014/01/13 09:00:45 | 000,000,000 | ---D | M] -- C:\Users\Work\AppData\Roaming\SPSSInc
     
    ========== Purity Check ==========
     
     
     
    ========== Files - Unicode (All) ==========
    [2013/11/25 01:01:10 | 442,453,349 | ---- | M] ()(C:\Users\MT\Documents\SAINT☆YOUNG MEN THE MOVIEEiga Saint☆Oniisan映画 聖☆おにいさん 「聖☆おにいさん ネ申話 ?降臨前夜?」 (BD 1280x720 x264 AAC 中国語字幕).mp4) -- C:\Users\MT\Documents\SAINT☆YOUNG MEN THE MOVIEEiga Saint☆Oniisan映画 聖☆おにいさん 「聖☆おにいさん ネ申話 〜降臨前夜〜」 (BD 1280x720 x264 AAC 中国語字幕).mp4
    [2013/11/25 00:55:17 | 442,453,349 | ---- | C] ()(C:\Users\MT\Documents\SAINT☆YOUNG MEN THE MOVIEEiga Saint☆Oniisan映画 聖☆おにいさん 「聖☆おにいさん ネ申話 ?降臨前夜?」 (BD 1280x720 x264 AAC 中国語字幕).mp4) -- C:\Users\MT\Documents\SAINT☆YOUNG MEN THE MOVIEEiga Saint☆Oniisan映画 聖☆おにいさん 「聖☆おにいさん ネ申話 〜降臨前夜〜」 (BD 1280x720 x264 AAC 中国語字幕).mp4

    < End of report >
     

  7. All processes killed
    ========== OTL ==========
    HKU\S-1-5-21-825749163-974839105-3472330399-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
    C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\ascsurfingprotection@iobit.com\chrome\content folder moved successfully.
    C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\ascsurfingprotection@iobit.com\chrome folder moved successfully.
    C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\ascsurfingprotection@iobit.com folder moved successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}\ deleted successfully.
    C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll moved successfully.
    C:\Users\MT\AppData\Roaming\uTorrent\updates folder moved successfully.
    C:\Users\MT\AppData\Roaming\uTorrent\share folder moved successfully.
    C:\Users\MT\AppData\Roaming\uTorrent\ie folder moved successfully.
    C:\Users\MT\AppData\Roaming\uTorrent\dlimagecache folder moved successfully.
    C:\Users\MT\AppData\Roaming\uTorrent\apps folder moved successfully.
    C:\Users\MT\AppData\Roaming\uTorrent folder moved successfully.
    ========== FILES ==========
    < ipconfig /flushdns /c >
    Windows IP Configuration
    Successfully flushed the DNS Resolver Cache.
    C:\Users\MT\Desktop\Logs\cmd.bat deleted successfully.
    C:\Users\MT\Desktop\Logs\cmd.txt deleted successfully.
    ========== COMMANDS ==========
     
    [EMPTYTEMP]
     
    User: AdMin
    ->Temp folder emptied: 4786586 bytes
    ->Temporary Internet Files folder emptied: 64985118 bytes
    ->Flash cache emptied: 42424 bytes
     
    User: All Users
     
    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 57472 bytes
     
    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes
     
    User: MT
    ->Temp folder emptied: 1115889 bytes
    ->Temporary Internet Files folder emptied: 12811254 bytes
    ->Java cache emptied: 42293 bytes
    ->FireFox cache emptied: 379222121 bytes
    ->Google Chrome cache emptied: 14044730 bytes
    ->Flash cache emptied: 73131 bytes
     
    User: Public
     
    User: TT
    ->Temp folder emptied: 595921 bytes
    ->Temporary Internet Files folder emptied: 128 bytes
    ->Java cache emptied: 49090 bytes
    ->Google Chrome cache emptied: 0 bytes
    ->Flash cache emptied: 57983 bytes
     
    User: Work
    ->Temp folder emptied: 789390 bytes
    ->Temporary Internet Files folder emptied: 7198691 bytes
    ->Flash cache emptied: 57547 bytes
     
    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 994314 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42240976 bytes
    RecycleBin emptied: 717109287 bytes
     
    Total Files Cleaned = 1,189.00 mb
     
     
    OTL by OldTimer - Version 3.2.69.0 log created on 01242014_212814

    Files\Folders moved on Reboot...
    C:\Users\MT\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    C:\Users\MT\AppData\Local\Temp\MMDUtl.log moved successfully.
    C:\Users\MT\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
    File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.
    File move failed. C:\Windows\temp\LMutilps32.log scheduled to be moved on reboot.

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...
     

  8. Extras.txt

    OTL Extras logfile created on: 1/22/2014 12:46:40 AM - Run 1
    OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\MT\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.16428)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
     
    3.86 Gb Total Physical Memory | 1.82 Gb Available Physical Memory | 47.19% Memory free
    9.63 Gb Paging File | 7.43 Gb Available in Paging File | 77.12% Paging File free
    Paging file location(s): c:\pagefile.sys 5920 5920 [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 447.66 Gb Total Space | 336.28 Gb Free Space | 75.12% Space Free | Partition Type: NTFS
     
    Computer Name: ASPIRE5755-9401 | User Name: MT | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Extra Registry (SafeList) ==========
     
     
    ========== File Associations ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
     
    [HKEY_USERS\S-1-5-21-825749163-974839105-3472330399-1004\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
     
    ========== Shell Spawning ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- C:\Program Files (x86)\File Type Helper\FileTypeHelper.exe "%1"
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- C:\Program Files (x86)\File Type Helper\FileTypeHelper.exe "%1"
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
     
    ========== Security Center Settings ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
     
    ========== Firewall Settings ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0
     
    ========== Authorized Applications List ==========
     
     
    ========== Vista Active Open Ports Exception List ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{27DBA220-9122-476B-B4AF-21BE0B96DE71}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe |
    "{4296F753-A53E-47FB-8CF8-2A187EA38CFA}" = rport=445 | protocol=6 | dir=out | app=system |
    "{527BF00E-F5C6-46B5-80AF-92FEF8750E58}" = rport=137 | protocol=17 | dir=out | app=system |
    "{618274DA-4BB2-47F3-B619-6E0E52467D0E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{61838BBC-7166-4F8B-8470-DE6075F63508}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{6A4D7EB5-2CB3-42E9-8541-9208C3911024}" = lport=137 | protocol=17 | dir=in | app=system |
    "{7514E482-B479-4D8F-B5DC-02E42D7AF6B2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{76C7F152-A783-4288-B58C-51CA0F7FA246}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{7D911053-BE63-41DE-AA19-1108DE01AC9B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{81AD360E-816B-4658-AEEA-DF62C013A4F2}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{83651B15-88AE-4B56-9B7B-84FF10BDE76E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{8879D10C-9206-464C-BDC0-63FF19A7E88B}" = rport=139 | protocol=6 | dir=out | app=system |
    "{9280B1D8-039A-4222-9A63-A59B3E42AEBA}" = lport=445 | protocol=6 | dir=in | app=system |
    "{96B8D625-EEB4-4C8D-B7FC-06CD7C5D4AA8}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{A7C8B67A-674D-4557-804C-0B6A8CFED7D6}" = rport=138 | protocol=17 | dir=out | app=system |
    "{AB7276B5-355B-4AB8-A889-386DF9252B82}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{B1FEA02E-AD54-488F-A4BD-12AD394B12DB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{B91C8AEB-7497-457C-8545-E5F2348BEF37}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{C375A13D-8311-4DD7-A567-5EC3D63D7918}" = lport=139 | protocol=6 | dir=in | app=system |
    "{C8BF8E3C-E25C-4502-AD93-D665A5596FD8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{D3A6B657-3951-42FC-B594-44DA0392DA17}" = lport=138 | protocol=17 | dir=in | app=system |
    "{D8EC3F43-1FFB-46FD-A27D-0121BFBB3296}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{D99A53DA-F2E3-4FB3-BC80-5529034C41A2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{DD415292-6900-4A47-9E99-5B7FE54EBC71}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
    "{F747A27D-6326-42C1-99C0-90E2890650D8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
     
    ========== Vista Active Application Exception List ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{15462950-B164-4CA2-86F9-DA0AA3B8DFCC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{164CCA09-39A4-4CF3-ABCA-E6AB9525FD4C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
    "{1AEB288A-B780-4D0D-978F-4F358EA437C5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
    "{1AF60F84-9B7C-4F89-9686-28D306BFA705}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{1C0DBD59-D40C-45C0-97D2-F6AFF1CD28C0}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
    "{1F3B538D-3D50-4D0C-BF9D-3499B9378E4A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
    "{2097B56B-D93D-4FA0-98C9-275DCF51D798}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
    "{23F15CB6-CB8B-4C6A-9A2F-20F0C18AE6F8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
    "{27DC5022-FD18-4F2A-995B-DD43202CD9F1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
    "{27DD7C63-441D-4429-A6B3-1FD98895A3DC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{287B5FE3-1602-4285-8BE4-2272F1FE022E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{29CA7291-B6A7-417C-B7DE-BE553E7E5D6E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
    "{2E9880EB-5E74-45F0-9E30-4132C16E43C7}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe |
    "{314716B8-122B-42BD-8E37-4E3BC117E97B}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\clear.fiagent.exe |
    "{3334006E-04B8-4A6E-8325-C2E64ABB3A9A}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
    "{35FD00D7-4DC9-46EC-ACB9-C7991B0D490F}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\clear.fi.exe |
    "{3D9EB480-1D38-45F7-8B03-C26C73CEDD95}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{40D92468-0419-47C8-8B68-E3AB99F3F458}" = protocol=6 | dir=out | app=system |
    "{42B713FD-52EE-4DBF-B1A3-A4473D1951CC}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{4520CBB9-F5A9-4645-BDE9-A65C09CB6C20}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
    "{505DB397-FE61-43D5-A2DF-7085BB4CF7BF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{53FBBF7D-95FF-4376-A7CB-E426483E9A3B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{577D64B1-C453-4575-92DA-0450B1BB5320}" = protocol=17 | dir=in | app=c:\users\mt\appdata\roaming\utorrent\utorrent.exe |
    "{6343150F-E36E-4D9A-B81B-6CC8849D99D9}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
    "{7FDFFA98-1A35-4AC6-A538-843EF9E51980}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{867BE5DC-1FB1-4781-845F-62CE4A5C35B5}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{882EE9C6-207F-40C8-8C0C-64F2A6AAD24A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{89AA6A7F-3857-4856-A86F-79C2A8C914D1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
    "{904D29CE-0011-4E80-BA67-915D04BA9B03}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
    "{9487C9C4-E1A1-4771-BF95-BE53CD992C85}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{97F75185-3A84-459C-B07B-1CD257F576DB}" = protocol=6 | dir=in | app=c:\users\mt\appdata\roaming\utorrent\utorrent.exe |
    "{9A4FA2D5-48DB-45AA-A207-FB04B06033C6}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
    "{9DFDDF22-FE30-4B87-93FF-3CD667F924DD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
    "{A5884C01-683A-44D7-B254-77D1DF81A89F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
    "{A5ABD09A-F2F5-4B32-B99D-CE6C3A25E2FF}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{A7B4E5D0-4499-44D1-86BE-8B468AAEE276}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
    "{A9F7607E-F604-4E07-A36F-1DEBDF58158E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{AD639B34-4C96-40EB-B964-3497FB6AE893}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{B01C1C90-2B56-484E-8442-D5109F0F8ACD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
    "{B0B6CC60-6D34-4849-96EB-B8140C3C774B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
    "{B0CD2A7D-0FA9-4E72-80ED-9D396E7B3F16}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
    "{B76F1F44-3518-477F-A5AE-70E82A056E98}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
    "{BB07C6D4-2186-4250-8A93-D9787C775B02}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{BF7A9A4B-37F6-446C-8478-62D2C62F404A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
    "{BFB9ADC5-C3A1-4AFC-8E4D-7BCDCC154829}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{C1CDAB75-77EC-4DD1-9B5E-29CEE7C2CE8A}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
    "{C22FA43E-724D-47D5-A354-5D2A825DE658}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
    "{C2B7D509-9402-41A9-9D48-4CD88E5A162D}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\clml\clmlsvc.exe |
    "{C304FB7A-3643-4075-9F4B-9492940EA5F4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{CB69EE29-55AC-49B2-A30B-D3AE7E1CDF28}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe |
    "{CBB0B887-71B3-4BD7-8071-ACE025A2F98A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "{D0E826C7-AA0B-4459-B0B1-9765AC55C5FF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
    "{DAB1E255-2EB7-4B42-948D-EA689E09CC58}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
    "{DD24A5A9-0294-4661-A2CB-57411F537835}" = dir=in | app=c:\program files (x86)\acer\clear.fi\mvp\kernel\dmr\dmrengine.exe |
    "{E0A69DFE-EC46-462D-9D7F-D43AB3C7C6DB}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
    "{E9DB3E1D-4219-4085-B8FC-8F08E62A5F0D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
    "{EC08510F-5B03-4A41-B924-382732EA3E9B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{F5B5107E-2777-444A-A028-B66189114C58}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
    "{FEB9E829-D080-4138-B9E0-528D4573C320}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
     
    ========== HKEY_LOCAL_MACHINE Uninstall List ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
    "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
    "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
    "{26A24AE4-039D-4CA4-87B4-2F86417045FF}" = Java 7 Update 45 (64-bit)
    "{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel® Wireless Display
    "{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Intel® PROSet/Wireless WiFi Software
    "{4710662C-8204-4334-A977-B1AC9E547819}" = Broadcom Card Reader Driver Installer
    "{5208CEC4-308D-44C0-BFEA-FE9D32B043F5}" = CypherGuard Browser for x64
    "{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
    "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}" = PaperPort Image Printer 64-bit
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{90150000-0015-0409-1000-0000000FF1CE}" = Microsoft Access MUI (English) 2013
    "{90150000-0016-0409-1000-0000000FF1CE}" = Microsoft Excel MUI (English) 2013
    "{90150000-0018-0409-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (English) 2013
    "{90150000-0019-0409-1000-0000000FF1CE}" = Microsoft Publisher MUI (English) 2013
    "{90150000-001A-0409-1000-0000000FF1CE}" = Microsoft Outlook MUI (English) 2013
    "{90150000-001B-0409-1000-0000000FF1CE}" = Microsoft Word MUI (English) 2013
    "{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
    "{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français
    "{90150000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Español
    "{90150000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2013
    "{90150000-0044-0409-1000-0000000FF1CE}" = Microsoft InfoPath MUI (English) 2013
    "{90150000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2013
    "{90150000-0090-0409-1000-0000000FF1CE}" = Microsoft DCF MUI (English) 2013
    "{90150000-00A1-0409-1000-0000000FF1CE}" = Microsoft OneNote MUI (English) 2013
    "{90150000-00BA-0409-1000-0000000FF1CE}" = Microsoft Groove MUI (English) 2013
    "{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
    "{90150000-00C1-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2013
    "{90150000-00E1-0409-1000-0000000FF1CE}" = Microsoft Office OSM MUI (English) 2013
    "{90150000-00E2-0409-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (English) 2013
    "{90150000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2013
    "{90150000-0117-0409-1000-0000000FF1CE}" = Microsoft Access Setup Metadata MUI (English) 2013
    "{90150000-012B-0409-1000-0000000FF1CE}" = Microsoft Lync MUI (English) 2013
    "{91150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{B220B4C6-869C-4081-AC6D-1A65FFCF874F}" = CypherGuard for Movie x64 Edition
    "{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
    "{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel® Turbo Boost Technology Monitor 2.0
    "{BB19952F-77FE-4877-A570-79C150EE6CE4}" = CypherGuard for PDF x64 Edition
    "{C624E231-8799-43A9-B8C5-FE3FDD2B318B}" = DLsite Viewer 64bit Edition
    "{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom NetLink Controller
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
    "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
    "{E11448F2-0B44-4239-B04E-D88FE743E929}" = Officejet J4500 Series
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
    "CCleaner" = CCleaner
    "Elantech" = ETDWare PS/2-X64 8.0.6.3_WHQL
    "HP Document Manager" = HP Document Manager 2.0
    "HP Imaging Device Functions" = HP Imaging Device Functions 13.0
    "HP Photosmart Essential" = HP Photosmart Essential 3.5
    "HP Smart Web Printing" = HP Smart Web Printing 4.51
    "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
    "HPOCR" = OCR Software by I.R.I.S. 13.0
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Office15.PROPLUSR" = Microsoft Office Professional Plus 2013
    "ProInst" = Intel PROSet Wireless
    "Shop for HP Supplies" = Shop for HP Supplies
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9
    "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
    "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
    "{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}" = Scansoft PDF Professional
    "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
    "{0A5825FD-0FB7-4e45-9037-858D463F2943}" = BPDSoftware
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3
    "{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
    "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
    "{104875A1-D083-4A34-BC4F-3F635B7F8EF7}" = IBM SPSS Statistics 22
    "{14C4C3B6-F1F4-401F-8C86-03E8E19AAC8C}" = clear.fi
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = clear.fi
    "{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 51
    "{28656860-4728-433C-8AD4-D1A930437BC8}" = Nuance PDF Viewer Plus
    "{2951A232-69BA-4925-BB9A-CEEB72B18B4F}" = BPDSoftware_Ini
    "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
    "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
    "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
    "{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{33F7A957-A66D-45A1-BADF-6576083B14E2}" = RPGツクール2000 ランタイムパッケージ
    "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}" = Brother MFL-Pro Suite DCP-7065DN
    "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
    "{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
    "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
    "{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
    "{43AAE145-83CF-4C96-9A5E-756CEFCE879F}" = clear.fi Client
    "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
    "{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
    "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
    "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
    "{52E225FC-FCB4-41F7-837B-6E37FB05BD7B}" = Adobe AIR
    "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
    "{572F2A62-70CD-4429-8758-6D4D6DC696E1}" = 4500_Help
    "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
    "{5BB4D7C1-52F2-4BFD-9E40-0D419E2E3021}" = bpd_scan
    "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
    "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
    "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
    "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
    "{6697D99E-E550-4498-B793-4A8DD8A1821F}" = ProductContext
    "{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
    "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
    "{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}" = Nuance PaperPort 12
    "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
    "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{7682DFED-23C6-44C9-B9FD-109E0B630277}" = Secure Download Manager
    "{781A93CD-1608-427D-B7F0-D05C07795B25}" = Intel® WiDi
    "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
    "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
    "{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
    "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
    "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
    "{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
    "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.06)
    "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
    "{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = clear.fi
    "{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2
    "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
    "{BD7825E5-6B37-4514-B470-C9E5C9E05B89}_is1" = UVa Network Setup Tool version 2.1.0.0
    "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
    "{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
    "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
    "{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer
    "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
    "{E86B07AE-9F94-44D5-AD47-DC2716EA90D2}" = Secure Download Manager
    "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F302F4F0-588D-6501-1ACF-BE3FDCC9135D}" = Adobe Community Help
    "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
    "{FDEC11CC-4BD6-4a8c-A398-3CCD8E43EACA}" = J4500
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "Acer Registration" = Acer Registration
    "Acer Screensaver" = Acer ScreenSaver
    "Acer Welcome Center" = Welcome Center
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9
    "Adobe Shockwave Player" = Adobe Shockwave Player 12.0
    "Advanced SystemCare 7_is1" = Advanced SystemCare 7
    "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
    "Combined Community Codec Pack_is1" = Combined Community Codec Pack 2013-10-17
    "Driver Booster_is1" = Driver Booster
    "Identity Card" = Identity Card
    "ImgBurn" = ImgBurn
    "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
    "InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Acer Backup Manager
    "InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = clear.fi
    "InstallShield_{5208CEC4-308D-44C0-BFEA-FE9D32B043F5}" = CypherGuard Browser for x64
    "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
    "InstallShield_{B220B4C6-869C-4081-AC6D-1A65FFCF874F}" = CypherGuard for Movie x64 Edition
    "InstallShield_{BB19952F-77FE-4877-A570-79C150EE6CE4}" = CypherGuard for PDF x64 Edition
    "InstallShield_{C624E231-8799-43A9-B8C5-FE3FDD2B318B}" = DLsite Viewer 64bit Edition
    "InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
    "IObit Malware Fighter_is1" = IObit Malware Fighter
    "IObit Surfing Protection_is1" = Surfing Protection
    "IObitUninstall" = IObit Uninstaller
    "LManager" = Launch Manager
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
    "Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "NIS" = Norton Internet Security
    "ProInst" = Intel PROSet Wireless
    "Revo Uninstaller" = Revo Uninstaller 1.95
    "Smart Defrag 2_is1" = Smart Defrag 2
    "WildTangent acer Master Uninstall" = Acer Games
    "Winamp" = Winamp
    "WinCDEmu" = WinCDEmu
    "WinLiveSuite" = Windows Live Essentials
    "WinRAR archiver" = WinRAR 5.00 (32-bit)
    "WTA-0ffc9fa0-fbc2-464b-a6bb-f1e43d3be4a6" = Penguins!
    "WTA-1c5bb5fc-0928-422f-a4d5-d24444c34970" = Bejeweled 2 Deluxe
    "WTA-5d0c63a0-ef1d-4bd7-91ef-b3789c3a74a7" = FATE: The Cursed King
    "WTA-76c6c72d-70e0-474c-a7ba-342259050e1f" = Plants vs. Zombies - Game of the Year
    "WTA-7ebbfa45-efc5-4b21-a6b1-71c8a2e695db" = Torchlight
    "WTA-84f6763d-870d-4f78-94a6-60481fe04f58" = Build-a-lot 4 - Power Source
    "WTA-892d759d-bed4-4e11-88cb-13f70c1e8106" = Jewel Match 3
    "WTA-8a42c684-e050-4dd7-8c7e-34bfbc19c209" = Zuma's Revenge
    "WTA-8d8c4623-9157-42b4-8dab-42bd7479bf4c" = Virtual Villagers 5 - New Believers
    "WTA-919fac9d-a111-46f8-b113-9edf165b3041" = Cradle of Rome 2
    "WTA-9ac53bad-5b7a-4112-915d-4938ede47fde" = Agatha Christie - Death on the Nile
    "WTA-aa9f3e87-47e7-45b9-8fc9-0aea69610ff8" = Chronicles of Albian
    "WTA-ab14a37b-3ffd-45e4-8d7a-e98d4abe8739" = Governor of Poker 2 Premium Edition
    "WTA-bde235a6-dac3-4910-ba23-367eefb10d2a" = Chuzzle Deluxe
    "WTA-c37c081b-135d-4e0b-9e26-02b3816ae160" = Dora's World Adventure
    "WTA-c84ddb2b-3203-4b61-b270-0f8d6e280c53" = Mystery of Mortlake Mansion
    "WTA-cf2713c3-d71d-4625-88e4-decbfd25ff46" = Polar Golfer
    "WTA-dfb4cfa0-1b02-4261-93c5-9619074e4849" = Final Drive: Nitro
    "WTA-f459d33e-848f-41e0-aa29-f01a5207df3f" = Polar Bowler
     
    ========== HKEY_USERS Uninstall List ==========
     
    [HKEY_USERS\S-1-5-21-825749163-974839105-3472330399-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Amazon Kindle" = Amazon Kindle
    "UnityWebPlayer" = Unity Web Player
    "Winamp Detect" = Winamp Detector Plug-in
     
    ========== Last 20 Event Log Errors ==========
     
    [ Application Events ]
    Error - 1/20/2014 1:04:38 PM | Computer Name = Aspire5755-9401 | Source = WinMgmt | ID = 10
    Description =
     
    Error - 1/22/2014 1:14:18 AM | Computer Name = Aspire5755-9401 | Source = WinMgmt | ID = 10
    Description =
     
    [ System Events ]
    Error - 1/20/2014 1:15:57 PM | Computer Name = Aspire5755-9401 | Source = Service Control Manager | ID = 7034
    Description = The LiveUpdate service terminated unexpectedly.  It has done this
    1 time(s).
     
    Error - 1/22/2014 1:12:23 AM | Computer Name = Aspire5755-9401 | Source = DCOM | ID = 10010
    Description =
     
    Error - 1/22/2014 1:45:40 AM | Computer Name = Aspire5755-9401 | Source = Service Control Manager | ID = 7034
    Description = The LiveUpdate service terminated unexpectedly.  It has done this
    1 time(s).
     
     
    < End of report >
     

  9. OTL.txt

    OTL logfile created on: 1/22/2014 12:46:39 AM - Run 1
    OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\MT\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.16428)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
     
    3.86 Gb Total Physical Memory | 1.82 Gb Available Physical Memory | 47.19% Memory free
    9.63 Gb Paging File | 7.43 Gb Available in Paging File | 77.12% Paging File free
    Paging file location(s): c:\pagefile.sys 5920 5920 [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 447.66 Gb Total Space | 336.28 Gb Free Space | 75.12% Space Free | Partition Type: NTFS
     
    Computer Name: ASPIRE5755-9401 | User Name: MT | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Processes (SafeList) ==========
     
    PRC - [2014/01/21 21:06:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MT\Desktop\OTL.exe
    PRC - [2013/12/21 01:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2013/12/13 17:44:36 | 001,573,184 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
    PRC - [2013/12/09 15:02:00 | 002,285,344 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
    PRC - [2013/12/09 15:01:58 | 000,881,440 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
    PRC - [2013/12/03 16:10:24 | 000,775,968 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
    PRC - [2013/11/11 17:19:48 | 000,341,824 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
    PRC - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    PRC - [2013/05/20 23:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe
    PRC - [2012/09/23 19:43:40 | 000,040,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
    PRC - [2012/04/24 13:37:56 | 000,169,752 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
    PRC - [2012/04/05 14:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    PRC - [2011/11/29 18:16:12 | 000,109,984 | ---- | M] (CypherTec Inc.) -- C:\Program Files (x86)\Common Files\CypherTec\cgrdsrv32.exe
    PRC - [2011/06/30 21:51:14 | 000,418,896 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
    PRC - [2011/06/30 21:51:14 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
    PRC - [2011/06/30 21:51:12 | 001,103,440 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
    PRC - [2011/06/30 21:51:12 | 000,353,360 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
    PRC - [2011/05/29 21:54:14 | 000,036,456 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
    PRC - [2011/05/20 13:13:06 | 000,120,104 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
    PRC - [2011/05/20 13:13:04 | 000,169,352 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
    PRC - [2011/05/09 20:41:56 | 000,177,448 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
    PRC - [2011/04/30 02:32:54 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
    PRC - [2011/04/23 20:29:20 | 000,256,832 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
    PRC - [2011/04/23 20:28:38 | 000,297,280 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
    PRC - [2011/04/20 16:58:02 | 001,204,224 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
    PRC - [2011/04/20 16:53:10 | 000,335,872 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
    PRC - [2011/02/01 16:41:24 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
    PRC - [2011/02/01 16:41:20 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    PRC - [2010/11/16 20:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    PRC - [2010/09/30 05:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
    PRC - [2010/06/10 12:42:44 | 002,621,440 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
    PRC - [2010/03/08 23:42:02 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
    PRC - [2010/03/08 23:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
    PRC - [2010/03/05 19:11:30 | 000,636,192 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
    PRC - [2010/01/25 07:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe
     
     
    ========== Modules (No Company Name) ==========
     
    MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\madexcept_.bpl
    MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\maddisAsm_.bpl
    MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\madbasic_.bpl
    MOD - [2013/01/15 18:47:56 | 000,893,248 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll
    MOD - [2012/05/30 09:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\wincfi39.dll
    MOD - [2011/05/20 13:13:04 | 000,206,216 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
    MOD - [2011/05/20 13:13:04 | 000,169,352 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
    MOD - [2011/04/23 20:29:56 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
    MOD - [2009/02/27 15:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
     
     
    ========== Services (SafeList) ==========
     
    SRV:64bit: - [2013/11/26 04:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
    SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2012/04/05 14:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
    SRV:64bit: - [2011/11/29 18:48:06 | 000,131,000 | ---- | M] (CypherTec Inc.) [Auto | Running] -- C:\Program Files\Common Files\CypherTec\cthwsrv64.exe -- (CypherGuard Info Service)
    SRV:64bit: - [2011/11/29 18:26:28 | 000,127,416 | ---- | M] (CypherTec Inc.) [Auto | Running] -- C:\Program Files\Common Files\CypherTec\cgrdsrv64.exe -- (CypherGuard cguard Service 64bit Edition)
    SRV:64bit: - [2011/08/02 13:59:46 | 000,872,552 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
    SRV:64bit: - [2011/05/02 16:27:50 | 001,517,328 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
    SRV:64bit: - [2011/05/02 16:13:54 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
    SRV:64bit: - [2011/05/02 16:10:26 | 000,844,560 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
    SRV:64bit: - [2010/11/29 17:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
    SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
    SRV - [2013/12/21 01:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2013/12/20 05:26:05 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2013/12/16 16:51:38 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013/12/09 15:01:58 | 000,881,440 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe -- (AdvancedSystemCareService7)
    SRV - [2013/12/03 16:10:24 | 002,151,200 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
    SRV - [2013/11/11 17:19:48 | 000,341,824 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
    SRV - [2013/10/26 01:12:32 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
    SRV - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
    SRV - [2013/10/07 14:19:22 | 000,240,736 | ---- | M] (WildTangent) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe -- (GamesAppIntegrationService)
    SRV - [2013/10/07 13:30:47 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2013/09/05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2013/05/20 23:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe -- (NIS)
    SRV - [2012/04/24 13:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
    SRV - [2011/11/29 18:16:12 | 000,109,984 | ---- | M] (CypherTec Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\CypherTec\cgrdsrv32.exe -- (CypherGuard cguard Service 32bit Edition)
    SRV - [2011/06/30 21:51:12 | 000,353,360 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
    SRV - [2011/05/29 21:54:14 | 000,036,456 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
    SRV - [2011/04/30 02:32:54 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
    SRV - [2011/04/23 20:29:20 | 000,256,832 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
    SRV - [2011/02/01 16:41:24 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
    SRV - [2011/02/01 16:41:20 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
    SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
    SRV - [2010/09/30 05:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
    SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/03/08 23:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
    SRV - [2010/01/25 07:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
    SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
     
     
    ========== Driver Services (SafeList) ==========
     
    DRV:64bit: - [2013/11/13 13:23:49 | 000,435,512 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
    DRV:64bit: - [2013/10/26 01:12:26 | 005,361,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2013/10/09 09:16:27 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
    DRV:64bit: - [2013/10/08 10:43:55 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
    DRV:64bit: - [2013/05/23 00:25:28 | 001,139,800 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symefa64.sys -- (SymEFA)
    DRV:64bit: - [2013/05/22 17:49:32 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
    DRV:64bit: - [2013/05/21 00:02:00 | 000,493,656 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symds64.sys -- (SymDS)
    DRV:64bit: - [2013/05/16 00:02:14 | 000,796,760 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtsp64.sys -- (SRTSP)
    DRV:64bit: - [2013/04/24 19:43:56 | 000,433,752 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symnets.sys -- (SymNetS)
    DRV:64bit: - [2013/04/15 21:41:14 | 000,169,048 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\ccsetx64.sys -- (ccSet_NIS)
    DRV:64bit: - [2013/03/04 20:21:35 | 000,036,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtspx64.sys -- (SRTSPX)
    DRV:64bit: - [2012/12/14 16:40:22 | 000,123,832 | ---- | M] (CypherTec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cymon.sys -- (Cymon)
    DRV:64bit: - [2012/09/06 20:48:08 | 000,224,416 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\ironx64.sys -- (SymIRON)
    DRV:64bit: - [2012/08/23 09:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
    DRV:64bit: - [2012/08/23 09:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
    DRV:64bit: - [2012/08/23 09:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011/07/14 00:35:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/07/14 00:35:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2011/06/21 17:19:14 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
    DRV:64bit: - [2011/06/21 17:19:12 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
    DRV:64bit: - [2011/06/19 09:35:09 | 000,196,704 | ---- | M] (SysProgs.org) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BazisVirtualCDBus.sys -- (BazisVirtualCDBus)
    DRV:64bit: - [2011/05/16 16:57:32 | 000,051,240 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa)
    DRV:64bit: - [2011/05/06 12:11:12 | 000,086,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa)
    DRV:64bit: - [2011/05/01 16:33:06 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
    DRV:64bit: - [2011/04/26 13:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
    DRV:64bit: - [2011/04/05 06:26:26 | 000,142,632 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
    DRV:64bit: - [2011/03/09 23:01:45 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
    DRV:64bit: - [2011/03/09 23:01:45 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
    DRV:64bit: - [2011/02/10 01:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
    DRV:64bit: - [2011/02/10 01:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
    DRV:64bit: - [2011/01/20 20:15:30 | 000,019,496 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp)
    DRV:64bit: - [2011/01/20 20:15:28 | 000,067,624 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdbd.sys -- (b57xdbd)
    DRV:64bit: - [2010/11/29 17:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
    DRV:64bit: - [2010/11/20 22:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
    DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
    DRV:64bit: - [2010/10/15 03:28:18 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
    DRV:64bit: - [2010/03/19 05:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
    DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
    DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV - [2014/01/20 18:45:57 | 000,521,944 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20140121.001\IDSviA64.sys -- (IDSVia64)
    DRV - [2013/12/29 13:04:58 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20140121.017\ex64.sys -- (NAVEX15)
    DRV - [2013/12/29 13:04:58 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20140121.017\eng64.sys -- (NAVENG)
    DRV - [2013/12/17 19:32:10 | 001,526,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20140110.001\BHDrvx64.sys -- (BHDrvx64)
    DRV - [2013/11/21 00:07:51 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
    DRV - [2013/11/21 00:07:51 | 000,137,648 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
    DRV - [2013/11/19 16:10:34 | 000,034,848 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
    DRV - [2013/11/19 16:10:34 | 000,023,016 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
    DRV - [2013/03/23 15:48:48 | 000,023,048 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
    DRV - [2012/12/14 16:40:24 | 000,110,136 | ---- | M] (CypherTec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\cymon.sys -- (Cymon)
    DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
     
     
    ========== Standard Registry (SafeList) ==========
     
     
    ========== Internet Explorer ==========
     
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
    IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
     
     
    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
    IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKU\.DEFAULT\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=US&ver=20&locale=en_US&gct=kwd&qsrc=2869
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
     
    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKU\S-1-5-18\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=US&ver=20&locale=en_US&gct=kwd&qsrc=2869
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
     
    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
     
    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
     
    IE - HKU\S-1-5-21-825749163-974839105-3472330399-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.msn.com/ [binary data]
    IE - HKU\S-1-5-21-825749163-974839105-3472330399-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com/?type=198484&fr=spigot-yhp-ie
    IE - HKU\S-1-5-21-825749163-974839105-3472330399-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
    IE - HKU\S-1-5-21-825749163-974839105-3472330399-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
    IE - HKU\S-1-5-21-825749163-974839105-3472330399-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 73 5B 45 94 2D C4 CE 01  [binary data]
    IE - HKU\S-1-5-21-825749163-974839105-3472330399-1004\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKU\S-1-5-21-825749163-974839105-3472330399-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFD_enUS557
    IE - HKU\S-1-5-21-825749163-974839105-3472330399-1004\..\SearchScopes\{6B46B519-F692-44CD-A626-23B2D48A9F47}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
    IE - HKU\S-1-5-21-825749163-974839105-3472330399-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
     
    ========== FireFox ==========
     
    FF - prefs.js..browser.search.defaultenginename: "Bing"
    FF - prefs.js..browser.search.selectedEngine: "Bing"
    FF - prefs.js..browser.startup.homepage: "msn.com"
    FF - prefs.js..extensions.enabledAddons: rikaichan-jpen%40polarcloud.com:2.01.130701
    FF - prefs.js..extensions.enabledAddons: %7B0AA9101C-D3C1-4129-A9B7-D778C6A17F82%7D:2.07
    FF - prefs.js..extensions.enabledAddons: %7B59c81df5-4b7a-477b-912d-4e0fdf64e5f2%7D:0.9.90.1
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
    FF - user.js - File not found
     
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@nullsoft.com/winampDetector;version=1: C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\MT\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
     
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\IPSFF [2013/10/09 11:17:18 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\coFFPlgn\ [2014/01/22 00:15:57 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/10/10 15:55:39 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/15 22:59:14 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/10/10 15:55:39 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/15 22:59:14 | 000,000,000 | ---D | M]
     
    [2013/10/20 12:58:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MT\AppData\Roaming\Mozilla\Extensions
    [2014/01/16 12:09:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions
    [2013/10/20 13:05:13 | 000,000,000 | ---D | M] (Rikaichan) -- C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\{0AA9101C-D3C1-4129-A9B7-D778C6A17F82}
    [2013/10/20 13:05:13 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
    [2013/12/13 13:27:49 | 000,000,000 | ---D | M] (Ads Removal) -- C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\adsremoval@adsremoval.net
    [2014/01/04 19:12:50 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\ascsurfingprotection@iobit.com
    [2013/10/20 13:14:44 | 000,000,000 | ---D | M] (Rikaichan Japanese-English Dictionary File) -- C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\rikaichan-jpen@polarcloud.com
    [2014/01/16 12:09:38 | 000,940,775 | ---- | M] () (No name found) -- C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    [2014/01/04 19:03:59 | 000,000,905 | ---- | M] () -- C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\searchplugins\yahoo_ff.xml
    [2013/12/20 05:25:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
    [2013/12/20 05:26:07 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2013/11/15 03:32:00 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
     
    ========== Chrome  ==========
     
    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
    CHR - Extension: Google Docs = C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
    CHR - Extension: Google Drive = C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
    CHR - Extension: YouTube = C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
    CHR - Extension: Google Search = C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
    CHR - Extension: Ads Removal = C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod\1.0.0_0\
    CHR - Extension: avast! Online Security = C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2011.70_0\
    CHR - Extension: Skype Click to Call = C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\
    CHR - Extension: Norton Identity Protection = C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.5.2_0\
    CHR - Extension: Store = C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
    CHR - Extension: Google Wallet = C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
    CHR - Extension: Gmail = C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
     
    O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
    O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll File not found
    O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
    O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
    O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
    O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
    O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll File not found
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3:64bit: - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
    O3:64bit: - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
    O3:64bit: - HKU\S-1-5-21-825749163-974839105-3472330399-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3 - HKU\S-1-5-21-825749163-974839105-3472330399-1004\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
    O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
    O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
    O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [intelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
    O4:64bit: - HKLM..\Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
    O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
    O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [backupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
    O4 - HKLM..\Run: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
    O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
    O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.)
    O4 - HKLM..\Run: [indexSearch] C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
    O4 - HKLM..\Run: [iObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
    O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
    O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
    O4 - HKLM..\Run: [NWEReboot]  File not found
    O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
    O4 - HKLM..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe (Nuance Communications, Inc.)
    O4 - HKLM..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Nuance Communications, Inc.)
    O4 - HKLM..\Run: [PPort12reminder] C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
    O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-825749163-974839105-3472330399-1004..\Run: [Advanced SystemCare 7] C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe (IObit)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O8:64bit: - Extra context menu item: Open with PDF Viewer Plus - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
    O8 - Extra context menu item: Open with PDF Viewer Plus - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
    O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B0BCF2FB-1545-4F42-9C6F-8160A8B30C5C}: DhcpNameServer = 75.75.75.75 75.75.76.76
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F9B0643F-BDCE-4FE4-8860-BF102ADAAB91}: DhcpNameServer = 75.75.75.75 75.75.76.76
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\ms-help - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O33 - MountPoints2\{6c7c70cb-545e-11e3-b0b5-b870f4ee7158}\Shell - "" = AutoRun
    O33 - MountPoints2\{6c7c70cb-545e-11e3-b0b5-b870f4ee7158}\Shell\AutoRun\command - "" = V:\setup.exe
    O33 - MountPoints2\{7a1d30ab-4118-11e3-8e84-b870f4ee7158}\Shell - "" = AutoRun
    O33 - MountPoints2\{7a1d30ab-4118-11e3-8e84-b870f4ee7158}\Shell\AutoRun\command - "" = V:\setup.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
     
    ========== Files/Folders - Created Within 30 Days ==========
     
    [2014/01/21 21:06:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\MT\Desktop\OTL.exe
    [2014/01/21 20:50:15 | 000,000,000 | ---D | C] -- C:\Users\MT\Documents\Black Crusade
    [2014/01/20 10:50:57 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
    [2014/01/20 10:49:05 | 000,000,000 | ---D | C] -- C:\AdwCleaner
    [2014/01/19 14:35:41 | 001,037,068 | ---- | C] (Thisisu) -- C:\Users\MT\Desktop\JRT.exe
    [2014/01/17 21:26:49 | 000,000,000 | ---D | C] -- C:\Users\MT\Desktop\NUIP
    [2014/01/17 19:36:22 | 000,000,000 | ---D | C] -- C:\Users\MT\AppData\Roaming\Unity
    [2014/01/15 14:02:04 | 000,000,000 | ---D | C] -- C:\Users\MT\AppData\Local\Unity
    [2014/01/15 11:03:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
    [2014/01/13 09:08:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UVa Network Setup Tool
    [2014/01/13 09:08:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\University of Virginia
    [2014/01/08 09:05:25 | 000,000,000 | ---D | C] -- C:\Users\MT\Desktop\RJ126458
    [2014/01/07 01:02:55 | 000,000,000 | ---D | C] -- C:\Users\MT\Documents\GuP Motto Love Love Sakusen Desu C08
    [2014/01/05 10:46:36 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
    [2014/01/04 19:12:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
    [2014/01/04 19:12:35 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
    [2014/01/04 19:12:34 | 000,000,000 | ---D | C] -- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
    [2014/01/04 19:12:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
    [2014/01/03 20:52:08 | 000,000,000 | ---D | C] -- C:\Users\MT\AppData\Roaming\SPSSInc
    [2014/01/03 20:51:18 | 000,000,000 | ---D | C] -- C:\Users\MT\.spss
    [2014/01/03 20:50:52 | 000,000,000 | ---D | C] -- C:\Users\MT\AppData\Local\javasharedresources
    [2014/01/03 19:34:29 | 000,000,000 | ---D | C] -- C:\Users\MT\Desktop\Job
    [2014/01/03 19:26:33 | 000,000,000 | ---D | C] -- C:\Users\MT\AppData\Local\IBM
    [2014/01/03 19:26:25 | 000,000,000 | ---D | C] -- C:\ProgramData\SafeNet Sentinel
    [2014/01/03 19:26:17 | 000,000,000 | ---D | C] -- C:\Users\MT\Desktop\MedEssays
    [2014/01/03 19:24:51 | 000,000,000 | ---D | C] -- C:\ProgramData\SPSS
    [2014/01/03 19:24:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics
    [2014/01/03 19:23:46 | 000,000,000 | ---D | C] -- C:\SysWOW64
    [2014/01/03 19:23:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\IBM
    [2014/01/03 19:22:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IBM
    [2014/01/02 22:06:03 | 000,000,000 | ---D | C] -- C:\Users\MT\AppData\Roaming\e-academy Inc
    [2014/01/02 22:06:03 | 000,000,000 | ---D | C] -- C:\Users\MT\AppData\Local\e-academy Inc
    [2013/12/25 17:36:02 | 000,000,000 | ---D | C] -- C:\Users\MT\Desktop\Aoi Yuuki
    [2013/12/24 15:04:45 | 000,000,000 | ---D | C] -- C:\Users\MT\Desktop\Hana no Android Gakuen
    [2013/12/23 23:05:24 | 000,000,000 | ---D | C] -- C:\Users\MT\Desktop\KLK OST MP3
     
    ========== Files - Modified Within 30 Days ==========
     
    [2014/01/22 00:45:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2014/01/22 00:44:54 | 000,000,278 | ---- | M] () -- C:\Windows\tasks\Driver Booster Update.job
    [2014/01/22 00:44:39 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2014/01/22 00:21:49 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2014/01/22 00:21:49 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2014/01/22 00:18:39 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2014/01/22 00:18:39 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2014/01/22 00:18:39 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2014/01/22 00:14:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2014/01/22 00:13:57 | 3104,722,944 | -HS- | M] () -- C:\hiberfil.sys
    [2014/01/21 23:14:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2014/01/21 21:06:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MT\Desktop\OTL.exe
    [2014/01/19 14:36:20 | 001,236,282 | ---- | M] () -- C:\Users\MT\Desktop\AdwCleaner.exe
    [2014/01/19 14:35:43 | 001,037,068 | ---- | M] (Thisisu) -- C:\Users\MT\Desktop\JRT.exe
    [2014/01/18 13:58:36 | 772,433,971 | ---- | M] () -- C:\Windows\MEMORY.DMP
    [2014/01/16 22:36:44 | 349,278,301 | ---- | M] () -- C:\Users\MT\Documents\[HorribleSubs] Kill la Kill - 14 [720p].mkv
    [2014/01/15 22:52:54 | 000,464,640 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2014/01/15 11:04:24 | 000,003,719 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
    [2014/01/14 15:19:37 | 318,472,067 | ---- | M] () -- C:\Users\MT\Documents\[FFF] Sekai Seifuku ~Bouryaku no Zvezda~ - 01 [043C6B38].mkv
    [2014/01/13 09:08:51 | 000,001,371 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CertChecker.lnk
    [2014/01/09 23:37:10 | 445,342,059 | ---- | M] () -- C:\Users\MT\Documents\[AOI] Kyousougiga Music Collection [flac+scans].zip
    [2014/01/09 23:36:01 | 181,547,899 | ---- | M] () -- C:\Users\MT\Documents\[AOI] Kyousougiga Music Collection [320k+scans].zip
    [2014/01/09 21:40:14 | 375,854,580 | ---- | M] () -- C:\Users\MT\Documents\[HorribleSubs] Kyousougiga - 10.5 [720p].mkv
    [2014/01/09 21:38:01 | 376,281,091 | ---- | M] () -- C:\Users\MT\Documents\[HorribleSubs] Kyousougiga - 10 [720p].mkv
    [2014/01/09 21:37:19 | 524,318,219 | ---- | M] () -- C:\Users\MT\Documents\[Commie] Kyousougiga - 09 [4D1C06C5].mkv
    [2014/01/09 14:59:08 | 348,459,256 | ---- | M] () -- C:\Users\MT\Documents\[HorribleSubs] Kill la Kill - 13 [720p].mkv
    [2014/01/07 21:06:09 | 432,938,492 | ---- | M] () -- C:\Users\MT\Documents\[Vivid] D-Frag! - 01 [F0D3C74F].mkv
    [2014/01/07 12:01:24 | 000,506,084 | ---- | M] () -- C:\Users\MT\Desktop\010.jpg
    [2014/01/04 19:19:53 | 000,011,054 | ---- | M] () -- C:\Users\MT\Documents\cc_20140104_191934.reg
    [2014/01/03 19:22:13 | 000,000,219 | ---- | M] () -- C:\Windows\SysWow64\lsprst7.tgz
    [2014/01/03 19:22:13 | 000,000,205 | ---- | M] () -- C:\Windows\SysWow64\lsprst7.dll
    [2014/01/03 19:22:13 | 000,000,016 | -H-- | M] () -- C:\Windows\SysWow64\servdat.slm
    [2014/01/03 19:22:12 | 000,001,025 | ---- | M] () -- C:\Windows\SysWow64\sysprs7.tgz
    [2014/01/03 19:22:12 | 000,001,025 | ---- | M] () -- C:\Windows\SysWow64\sysprs7.dll
    [2014/01/02 16:38:43 | 001,922,012 | ---- | M] () -- C:\Users\MT\Documents\Devil Vs Goddess (Pixiv 40638995) - Imgur.zip
     
    ========== Files Created - No Company Name ==========
     
    [2014/01/19 14:36:18 | 001,236,282 | ---- | C] () -- C:\Users\MT\Desktop\AdwCleaner.exe
    [2014/01/18 13:58:36 | 772,433,971 | ---- | C] () -- C:\Windows\MEMORY.DMP
    [2014/01/16 22:33:12 | 349,278,301 | ---- | C] () -- C:\Users\MT\Documents\[HorribleSubs] Kill la Kill - 14 [720p].mkv
    [2014/01/15 11:04:24 | 000,003,719 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
    [2014/01/14 15:17:28 | 318,472,067 | ---- | C] () -- C:\Users\MT\Documents\[FFF] Sekai Seifuku ~Bouryaku no Zvezda~ - 01 [043C6B38].mkv
    [2014/01/13 09:08:51 | 000,001,371 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CertChecker.lnk
    [2014/01/09 23:31:36 | 445,342,059 | ---- | C] () -- C:\Users\MT\Documents\[AOI] Kyousougiga Music Collection [flac+scans].zip
    [2014/01/09 23:31:25 | 181,547,899 | ---- | C] () -- C:\Users\MT\Documents\[AOI] Kyousougiga Music Collection [320k+scans].zip
    [2014/01/09 21:34:20 | 375,854,580 | ---- | C] () -- C:\Users\MT\Documents\[HorribleSubs] Kyousougiga - 10.5 [720p].mkv
    [2014/01/09 21:32:47 | 376,281,091 | ---- | C] () -- C:\Users\MT\Documents\[HorribleSubs] Kyousougiga - 10 [720p].mkv
    [2014/01/09 21:32:42 | 524,318,219 | ---- | C] () -- C:\Users\MT\Documents\[Commie] Kyousougiga - 09 [4D1C06C5].mkv
    [2014/01/09 14:52:03 | 348,459,256 | ---- | C] () -- C:\Users\MT\Documents\[HorribleSubs] Kill la Kill - 13 [720p].mkv
    [2014/01/07 20:59:27 | 432,938,492 | ---- | C] () -- C:\Users\MT\Documents\[Vivid] D-Frag! - 01 [F0D3C74F].mkv
    [2014/01/07 12:01:24 | 000,506,084 | ---- | C] () -- C:\Users\MT\Desktop\010.jpg
    [2014/01/04 19:19:38 | 000,011,054 | ---- | C] () -- C:\Users\MT\Documents\cc_20140104_191934.reg
    [2014/01/03 19:22:12 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.tgz
    [2014/01/03 19:22:12 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
    [2014/01/03 19:22:12 | 000,000,219 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.tgz
    [2014/01/03 19:22:12 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
    [2014/01/03 19:22:12 | 000,000,016 | -H-- | C] () -- C:\Windows\SysWow64\servdat.slm
    [2014/01/02 16:38:51 | 001,922,012 | ---- | C] () -- C:\Users\MT\Documents\Devil Vs Goddess (Pixiv 40638995) - Imgur.zip
    [2013/10/31 23:23:55 | 000,087,040 | ---- | C] () -- C:\Windows\UnGins.exe
    [2013/10/26 01:12:31 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
    [2013/10/26 01:12:25 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
    [2013/10/26 01:12:24 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
    [2013/10/10 15:48:49 | 000,210,391 | ---- | C] () -- C:\Windows\hpwins19.dat
    [2013/10/10 15:48:49 | 000,000,673 | ---- | C] () -- C:\Windows\hpwmdl19.dat
    [2013/10/08 08:03:00 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
    [2013/10/08 08:02:49 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
     
    ========== ZeroAccess Check ==========
     
    [2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
     
    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
     
    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
     
    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
     
    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
     
    ========== LOP Check ==========
     
    [2014/01/13 08:56:20 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit
    [2014/01/13 08:56:20 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit
    [2013/10/08 08:45:34 | 000,000,000 | ---D | M] -- C:\Users\MT\AppData\Roaming\ControlCenter4
    [2013/10/26 01:07:03 | 000,000,000 | ---D | M] -- C:\Users\MT\AppData\Roaming\CypherTec
    [2013/10/08 10:43:45 | 000,000,000 | ---D | M] -- C:\Users\MT\AppData\Roaming\DAEMON Tools Lite
    [2013/10/26 01:36:16 | 000,000,000 | ---D | M] -- C:\Users\MT\AppData\Roaming\DLsite
    [2014/01/02 22:06:03 | 000,000,000 | ---D | M] -- C:\Users\MT\AppData\Roaming\e-academy Inc
    [2014/01/04 19:12:51 | 000,000,000 | ---D | M] -- C:\Users\MT\AppData\Roaming\IObit
    [2013/10/08 11:23:43 | 000,000,000 | ---D | M] -- C:\Users\MT\AppData\Roaming\Nuance
    [2013/10/23 20:26:32 | 000,000,000 | ---D | M] -- C:\Users\MT\AppData\Roaming\PowerCinema
    [2014/01/03 20:52:08 | 000,000,000 | ---D | M] -- C:\Users\MT\AppData\Roaming\SPSSInc
    [2013/10/10 08:08:31 | 000,000,000 | ---D | M] -- C:\Users\MT\AppData\Roaming\Stardock
    [2014/01/17 19:36:22 | 000,000,000 | ---D | M] -- C:\Users\MT\AppData\Roaming\Unity
    [2014/01/19 11:25:55 | 000,000,000 | ---D | M] -- C:\Users\MT\AppData\Roaming\uTorrent
    [2013/10/09 08:57:50 | 000,000,000 | ---D | M] -- C:\Users\MT\AppData\Roaming\WildTangent
    [2013/10/08 08:23:08 | 000,000,000 | ---D | M] -- C:\Users\TT\AppData\Roaming\ControlCenter4
    [2013/10/09 20:11:04 | 000,000,000 | ---D | M] -- C:\Users\TT\AppData\Roaming\e-academy Inc
    [2013/10/17 20:37:49 | 000,000,000 | ---D | M] -- C:\Users\TT\AppData\Roaming\ImgBurn
    [2014/01/12 12:13:37 | 000,000,000 | ---D | M] -- C:\Users\TT\AppData\Roaming\IObit
    [2013/10/08 08:14:54 | 000,000,000 | ---D | M] -- C:\Users\TT\AppData\Roaming\Nuance
    [2013/10/08 07:19:39 | 000,000,000 | ---D | M] -- C:\Users\TT\AppData\Roaming\TeraCopy
    [2013/10/08 08:15:10 | 000,000,000 | ---D | M] -- C:\Users\TT\AppData\Roaming\Zeon
    [2014/01/13 08:57:49 | 000,000,000 | ---D | M] -- C:\Users\Work\AppData\Roaming\ControlCenter4
    [2014/01/13 08:57:54 | 000,000,000 | ---D | M] -- C:\Users\Work\AppData\Roaming\IObit
    [2014/01/13 09:00:45 | 000,000,000 | ---D | M] -- C:\Users\Work\AppData\Roaming\SPSSInc
     
    ========== Purity Check ==========
     
     
     
    ========== Files - Unicode (All) ==========
    [2013/11/25 01:01:10 | 442,453,349 | ---- | M] ()(C:\Users\MT\Documents\SAINT☆YOUNG MEN THE MOVIEEiga Saint☆Oniisan映画 聖☆おにいさん 「聖☆おにいさん ネ申話 ?降臨前夜?」 (BD 1280x720 x264 AAC 中国語字幕).mp4) -- C:\Users\MT\Documents\SAINT☆YOUNG MEN THE MOVIEEiga Saint☆Oniisan映画 聖☆おにいさん 「聖☆おにいさん ネ申話 〜降臨前夜〜」 (BD 1280x720 x264 AAC 中国語字幕).mp4
    [2013/11/25 00:55:17 | 442,453,349 | ---- | C] ()(C:\Users\MT\Documents\SAINT☆YOUNG MEN THE MOVIEEiga Saint☆Oniisan映画 聖☆おにいさん 「聖☆おにいさん ネ申話 ?降臨前夜?」 (BD 1280x720 x264 AAC 中国語字幕).mp4) -- C:\Users\MT\Documents\SAINT☆YOUNG MEN THE MOVIEEiga Saint☆Oniisan映画 聖☆おにいさん 「聖☆おにいさん ネ申話 〜降臨前夜〜」 (BD 1280x720 x264 AAC 中国語字幕).mp4

    < End of report >
     

  10. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.1.0 (01.07.2014:1)
    OS: Windows 7 Home Premium x64
    Ran by MT on 01/20/2014 Mon at 11:13:25.45
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values



    ~~~ Registry Keys



    ~~~ Files



    ~~~ Folders



    ~~~ FireFox

    Successfully deleted: [File] C:\Users\MT\AppData\Roaming\mozilla\firefox\profiles\ezz5bz6n.default\user.js
    Emptied folder: C:\Users\MT\AppData\Roaming\mozilla\firefox\profiles\ezz5bz6n.default\minidumps [4 files]



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 01/20/2014 Mon at 11:48:07.41
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

     

    # AdwCleaner v3.017 - Report created 20/01/2014 at 12:03:06
    # Updated 12/01/2014 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : MT - ASPIRE5755-9401
    # Running from : C:\Users\MT\Desktop\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\Users\AdMin\AppData\LocalLow\Fast Free Converter
    Folder Deleted : C:\Users\TT\AppData\LocalLow\Fast Free Converter
    Folder Deleted : C:\Users\MT\AppData\Local\PackageAware
    File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKLM\Software\Fast Free Converter

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.16428


    -\\ Mozilla Firefox v26.0 (en-US)

    [ File : C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\prefs.js ]


    -\\ Google Chrome v

    [ File : C:\Users\TT\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    [ File : C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [2256 octets] - [20/01/2014 11:56:06]
    AdwCleaner[s0].txt - [2205 octets] - [20/01/2014 12:03:06]

    ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2265 octets] ##########
     

    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Database version: v2014.01.20.05

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 11.0.9600.16476
    MT :: ASPIRE5755-9401 [administrator]

    1/20/2014 12:17:22 PM
    mbam-log-2014-01-20 (12-17-22).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
    Scan options disabled:
    Objects scanned: 284800
    Time elapsed: 8 minute(s), 44 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)
     

    ---------------------------------------------------------------------------------------------

     

    Thank you for telling me about the multiple antivirus problem!

    After running these scans, the Yahoo/Spigot redirect is still there on IE, so they couldn't fix anything yet.

  11. DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.51.2
    Run by MT at 11:30:08 on 2014-01-19
    Microsoft Windows 7 Home Premium   6.1.7601.1.932.81.1033.18.3948.835 [GMT -5:00]
    .
    AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
    SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Windows\system32\WLANExt.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
    C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Common Files\CypherTec\cgrdsrv32.exe
    C:\Program Files\Common Files\CypherTec\cgrdsrv64.exe
    C:\Program Files\Common Files\CypherTec\cthwsrv64.exe
    C:\Program Files (x86)\Launch Manager\dsiwmis.exe
    C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
    C:\Program Files (x86)\Launch Manager\LMutilps32.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
    C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
    C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
    C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
    C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
    C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
    C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
    C:\Program Files\Elantech\ETDCtrl.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\system32\igfxext.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
    C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
    C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
    C:\Program Files\Elantech\ETDCtrlHelper.exe
    C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files (x86)\Launch Manager\LManager.exe
    C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    C:\Dolby PCEE4\pcee4.exe
    C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
    C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
    C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
    C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
    C:\Program Files (x86)\Launch Manager\LMworker.exe
    C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
    C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
    C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
    C:\Program Files (x86)\Browny02\BrYNSvc.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
    C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Internet Explorer\IELowutil.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .

    mWinlogon: Userinit = userinit.exe,
    BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
    BHO: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll
    BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll
    BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll
    BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
    BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
    BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
    BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll
    TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
    EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
    uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
    mRun: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
    mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
    mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
    mRun: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart
    mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
    mRun: [indexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
    mRun: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
    mRun: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
    mRun: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
    mRun: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
    mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
    mRun: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
    mRun: [NWEReboot] <no file>
    dRunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CERTCH~1.LNK - C:\Program Files (x86)\University of Virginia\UVa Network Setup Tool\CertChecker.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
    IE: Open with PDF Viewer Plus - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
    IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
    IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .

    TCP: NameServer = 75.75.75.75 75.75.76.76
    TCP: Interfaces\{B0BCF2FB-1545-4F42-9C6F-8160A8B30C5C} : DHCPNameServer = 75.75.75.75 75.75.76.76
    TCP: Interfaces\{F9B0643F-BDCE-4FE4-8860-BF102ADAAB91} : DHCPNameServer = 75.75.75.75 75.75.76.76
    TCP: Interfaces\{F9B0643F-BDCE-4FE4-8860-BF102ADAAB91}\7556C636F6D656F547F6F5556516F575962756C6563737 : DHCPNameServer = 128.143.2.7 128.143.3.7 128.143.22.119
    TCP: Interfaces\{F9B0643F-BDCE-4FE4-8860-BF102ADAAB91}\D416E6A657372796 : DHCPNameServer = 8.8.8.8 8.8.4.4 68.105.28.11
    Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
    x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\MicroSoft Office\Office15\OCHelper.dll
    x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\MicroSoft Office\Office15\URLREDIR.DLL
    x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\MicroSoft Office\Office15\GROOVEEX.DLL
    x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
    x64-Run: [intelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
    x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
    x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
    x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    x64-Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
    x64-Run: [igfxTray] "C:\Windows\System32\igfxtray.exe"
    x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
    x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\MicroSoft Office\Office15\ONBttnIE.dll
    x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\MicroSoft Office\Office15\OCHelper.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\MicroSoft Office\Office15\ONBttnIELinkedNotes.dll
    x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
    x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\MicroSoft Office\Office15\MSOSB.DLL
    x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\
    FF - prefs.js: browser.search.selectedEngine - Bing
    FF - prefs.js: browser.startup.homepage - msn.com
    FF - plugin: C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
    FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
    FF - plugin: C:\Program Files (x86)\Winamp Detect\npwachk.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Users\MT\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
    FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
    FF - ExtSQL: 2013-12-21 15:04; adsremoval@adsremoval.net; C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\adsremoval@adsremoval.net
    FF - ExtSQL: 2014-01-04 13:53; iobitapps@mybrowserbar.com; C:\Program Files (x86)\IObit Apps Toolbar\FF
    FF - ExtSQL: 2014-01-04 14:12; ascsurfingprotection@iobit.com; C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\ascsurfingprotection@iobit.com
    FF - ExtSQL: !HIDDEN! 2013-10-10 16:55; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: network.http.pipelining.maxrequests - 8
    FF - user.js: network.http.request.max-start-delay - 0
    FF - user.js: network.http.max-connections - 48
    FF - user.js: network.http.max-connections-per-server - 16
    FF - user.js: network.http.max-persistent-connections-per-proxy - 16
    FF - user.js: network.http.max-persistent-connections-per-server - 8
    FF - user.js: browser.turbo.enabled - true
    FF - user.js: browser.display.show_image_placeholders - true
    FF - user.js: browser.chrome.favicons - false
    FF - user.js: browser.urlbar.autocomplete.enabled - true
    FF - user.js: browser.cache.memory.capacity - 65536
    FF - user.js: content.notify.ontimer - true
    FF - user.js: content.interrupt.parsing - true
    FF - user.js: content.max.tokenizing.time - 2250000
    FF - user.js: content.switch.threshold - 750000
    FF - user.js: plugin.expose_full_path - true
    FF - user.js: ui.submenuDelay - 0
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-10-20 65776]
    R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-10-20 207904]
    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2013-10-7 55856]
    R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-10-26 17720]
    R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1404000.028\symds64.sys [2013-10-9 493656]
    R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1404000.028\symefa64.sys [2013-10-9 1139800]
    R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-10-20 1034464]
    R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2013-10-20 422216]
    R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20140110.001\BHDrvx64.sys [2014-1-13 1526488]
    R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1404000.028\ccsetx64.sys [2013-10-9 169048]
    R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20140117.001\IDSviA64.sys [2014-1-17 521944]
    R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1404000.028\ironx64.sys [2013-10-9 224416]
    R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1404000.028\symnets.sys [2013-10-9 433752]
    R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-9-30 169408]
    R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-1-4 881440]
    R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-10-20 78648]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-1-4 50344]
    R2 Cymon;Cymon;C:\Windows\System32\drivers\cymon.sys [2012-12-14 123832]
    R2 CypherGuard cguard Service 32bit Edition;CypherGuard cguard Service 32bit Edition;C:\Program Files (x86)\Common Files\CypherTec\cgrdsrv32.exe [2011-11-29 109984]
    R2 CypherGuard cguard Service 64bit Edition;CypherGuard cguard Service 64bit Edition;C:\Program Files\Common Files\CypherTec\cgrdsrv64.exe [2011-11-29 127416]
    R2 CypherGuard Info Service;CypherGuard Info Service;C:\Program Files\Common Files\CypherTec\cthwsrv64.exe [2011-11-29 131000]
    R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-8-12 353360]
    R2 ePowerSvc;ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2013-10-7 872552]
    R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-5-29 36456]
    R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-8-12 13592]
    R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-10-26 341824]
    R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-8-12 255376]
    R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe [2013-10-9 144368]
    R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-4-23 256832]
    R2 PDFProFiltSrvPP;PDFProFiltSrvPP;C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-3-8 144672]
    R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]
    R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]
    R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-10-7 2656280]
    R3 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-1-4 79672]
    R3 b57xdbd;Broadcom xD Picture Bus Driver Service;C:\Windows\System32\drivers\b57xdbd.sys [2011-1-20 67624]
    R3 b57xdmp;Broadcom xD Picture vstorp client drv;C:\Windows\System32\drivers\b57xdmp.sys [2011-1-20 19496]
    R3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver;C:\Windows\System32\drivers\BazisVirtualCDBus.sys [2011-6-4 196704]
    R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-10-8 245760]
    R3 bScsiMSa;bScsiMSa;C:\Windows\System32\drivers\bScsiMSa.sys [2011-5-16 51240]
    R3 bScsiSDa;bScsiSDa;C:\Windows\System32\drivers\bScsiSDa.sys [2011-5-6 86056]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-22 137648]
    R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2011-8-12 142632]
    R3 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-10-26 23048]
    R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-10-26 169752]
    R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-8-12 317440]
    R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2011-6-21 25496]
    R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2013-11-13 435512]
    R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-10 82432]
    R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-10 181760]
    R3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2013-10-26 34848]
    R3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2013-10-26 23016]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-1-4 2151200]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
    S3 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-10-7 240736]
    S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-12 111616]
    S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2011-6-21 34200]
    S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-5-2 340240]
    S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-1 178824]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-10-7 19456]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-10-7 57856]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-10-7 30208]
    S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-10-7 1255736]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2014-01-18 00:36:22    --------    d-----w-    C:\Users\MT\AppData\Roaming\Unity
    2014-01-15 19:02:04    --------    d-----w-    C:\Users\MT\AppData\Local\Unity
    2014-01-15 16:03:56    --------    d--h--w-    C:\ProgramData\Common Files
    2014-01-15 15:00:54    96168    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2014-01-15 10:14:39    376768    ----a-w-    C:\Windows\System32\drivers\netio.sys
    2014-01-15 10:14:38    99840    ----a-w-    C:\Windows\System32\drivers\usbccgp.sys
    2014-01-15 10:14:38    53248    ----a-w-    C:\Windows\System32\drivers\usbehci.sys
    2014-01-15 10:14:38    343040    ----a-w-    C:\Windows\System32\drivers\usbhub.sys
    2014-01-15 10:14:38    325120    ----a-w-    C:\Windows\System32\drivers\usbport.sys
    2014-01-15 10:14:38    30720    ----a-w-    C:\Windows\System32\drivers\usbuhci.sys
    2014-01-15 10:14:38    25600    ----a-w-    C:\Windows\System32\drivers\usbohci.sys
    2014-01-15 10:14:37    7808    ----a-w-    C:\Windows\System32\drivers\usbd.sys
    2014-01-15 10:14:37    3156480    ----a-w-    C:\Windows\System32\win32k.sys
    2014-01-13 14:08:50    --------    d-----w-    C:\Program Files (x86)\University of Virginia
    2014-01-05 15:46:36    --------    d-----w-    C:\ProgramData\regid.1986-12.com.adobe
    2014-01-05 00:12:35    --------    d-----w-    C:\ProgramData\ProductData
    2014-01-05 00:12:34    --------    d-----w-    C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
    2014-01-05 00:03:58    --------    d-----w-    C:\Program Files (x86)\Common Files\Spigot
    2014-01-04 16:59:13    79672    ----a-w-    C:\Windows\System32\drivers\aswstm.sys
    2014-01-04 01:52:08    --------    d-----w-    C:\Users\MT\AppData\Roaming\SPSSInc
    2014-01-04 01:51:18    --------    d-----w-    C:\Users\MT\.spss
    2014-01-04 01:50:52    --------    d-----w-    C:\Users\MT\AppData\Local\javasharedresources
    2014-01-04 00:26:33    --------    d-----w-    C:\Users\MT\AppData\Local\IBM
    2014-01-04 00:26:25    --------    d-----w-    C:\ProgramData\SafeNet Sentinel
    2014-01-04 00:24:51    --------    d-----w-    C:\ProgramData\SPSS
    2014-01-04 00:23:46    --------    d-----w-    C:\SysWOW64
    2014-01-04 00:23:44    --------    d-----w-    C:\Program Files (x86)\Common Files\IBM
    2014-01-04 00:22:32    --------    d-----w-    C:\Program Files (x86)\IBM
    2014-01-04 00:22:12    205    ----a-w-    C:\Windows\SysWow64\lsprst7.dll
    2014-01-04 00:22:12    1025    ----a-w-    C:\Windows\SysWow64\sysprs7.dll
    2014-01-03 03:06:03    --------    d-----w-    C:\Users\MT\AppData\Roaming\e-academy Inc
    2014-01-03 03:06:03    --------    d-----w-    C:\Users\MT\AppData\Local\e-academy Inc
    2013-12-21 06:04:22    225656    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
    .
    ==================== Find3M  ====================
    .
    2014-01-04 16:58:47    207904    ----a-w-    C:\Windows\System32\drivers\aswVmm.sys
    2014-01-04 16:58:46    1034464    ----a-w-    C:\Windows\System32\drivers\aswSnx.sys
    2014-01-04 16:58:45    78648    ----a-w-    C:\Windows\System32\drivers\aswMonFlt.sys
    2014-01-04 16:58:43    43152    ----a-w-    C:\Windows\avastSS.scr
    2013-12-16 21:51:37    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-12-16 21:51:37    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-11-26 10:19:07    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
    2013-11-26 10:18:23    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
    2013-11-26 09:48:07    66048    ----a-w-    C:\Windows\System32\iesetup.dll
    2013-11-26 09:46:25    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
    2013-11-26 09:23:02    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
    2013-11-26 09:18:39    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
    2013-11-26 09:18:09    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
    2013-11-26 09:16:57    708608    ----a-w-    C:\Windows\System32\jscript9diag.dll
    2013-11-26 08:35:02    5769216    ----a-w-    C:\Windows\System32\jscript9.dll
    2013-11-26 08:28:16    553472    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
    2013-11-26 08:16:12    4243968    ----a-w-    C:\Windows\SysWow64\jscript9.dll
    2013-11-26 08:02:16    1995264    ----a-w-    C:\Windows\System32\inetcpl.cpl
    2013-11-26 07:32:06    1928192    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
    2013-11-26 07:07:57    2334208    ----a-w-    C:\Windows\System32\wininet.dll
    2013-11-26 06:33:33    1820160    ----a-w-    C:\Windows\SysWow64\wininet.dll
    2013-11-23 18:26:20    417792    ----a-w-    C:\Windows\SysWow64\WMPhoto.dll
    2013-11-23 17:47:34    465920    ----a-w-    C:\Windows\System32\WMPhoto.dll
    2013-11-13 18:23:49    435512    ----a-w-    C:\Windows\System32\drivers\k57nd60a.sys
    2013-11-12 02:23:09    2048    ----a-w-    C:\Windows\System32\tzres.dll
    2013-11-12 02:07:29    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
    2013-10-30 02:32:01    335360    ----a-w-    C:\Windows\System32\msieftp.dll
    2013-10-30 02:19:52    301568    ----a-w-    C:\Windows\SysWow64\msieftp.dll
    .
    ============= FINISH: 11:30:49.92 ===============
     

    -----------------------------------------------------------------------------------------------------------------------------------------------------

     

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 10/7/2013 1:19:58 PM
    System Uptime: 1/18/2014 1:58:14 PM (22 hours ago)
    .
    Motherboard: Acer |  | JV51_HR
    Processor: Intel® Core i7-2670QM CPU @ 2.20GHz | CPU1 | 2201/1333mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 448 GiB total, 338.462 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP65: 1/11/2014 5:10:51 AM - Scheduled Checkpoint
    RP66: 1/15/2014 9:59:40 AM - Installed Java 7 Update 51
    RP67: 1/15/2014 10:03:27 PM - Windows Update
    .
    ==== Installed Programs ======================
    .
    4500_Help
    64 Bit HP CIO Components Installer
    7-Zip 9.20 (x64 edition)
    Acer Backup Manager
    Acer Crystal Eye Webcam
    Acer ePower Management
    Acer eRecovery Management
    Acer Games
    Acer Registration
    Acer ScreenSaver
    Acer Updater
    Adobe AIR
    Adobe Community Help
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Photoshop Elements 9
    Adobe Reader XI (11.0.06)
    Adobe Shockwave Player 12.0
    Advanced SystemCare 7
    Agatha Christie - Death on the Nile
    Amazon Kindle
    avast! Free Antivirus
    Backup Manager V3
    Bejeweled 2 Deluxe
    bpd_scan
    BPDSoftware
    BPDSoftware_Ini
    Broadcom Card Reader Driver Installer
    Broadcom NetLink Controller
    Brother MFL-Pro Suite DCP-7065DN
    BufferChm
    Build-a-lot 4 - Power Source
    CCleaner
    Chronicles of Albian
    Chuzzle Deluxe
    clear.fi
    clear.fi Client
    Combined Community Codec Pack 2013-10-17
    Cradle of Rome 2
    CypherGuard Browser for x64
    CypherGuard for Movie x64 Edition
    CypherGuard for PDF x64 Edition
    D3DX10
    Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
    Destinations
    DeviceDiscovery
    DLsite Viewer 64bit Edition
    DocMgr
    DocProc
    Dolby Advanced Audio v2
    Dora's World Adventure
    Driver Booster
    Elements 9 Organizer
    Elements STI Installer
    ETDWare PS/2-X64 8.0.6.3_WHQL
    FATE: The Cursed King
    Fax
    Final Drive: Nitro
    Galerie de photos Windows Live
    Google Toolbar for Internet Explorer
    Google Update Helper
    Governor of Poker 2 Premium Edition
    GPBaseService2
    HP Document Manager 2.0
    HP Imaging Device Functions 13.0
    HP Photosmart Essential 3.5
    HP Smart Web Printing 4.51
    HP Solution Center 13.0
    HP Update
    HPPhotoSmartDiscLabelContent1
    HPPhotosmartEssential
    HPProductAssistant
    HPSSupply
    IBM SPSS Statistics 22
    Identity Card
    ImgBurn
    Intel PROSet Wireless
    Intel® Control Center
    Intel® Management Engine Components
    Intel® Processor Graphics
    Intel® PROSet/Wireless WiFi Software
    Intel® Rapid Storage Technology
    Intel® Turbo Boost Technology Monitor 2.0
    Intel® WiDi
    Intel® Wireless Display
    IObit Malware Fighter
    IObit Uninstaller
    J4500
    Java 7 Update 45 (64-bit)
    Java 7 Update 51
    Java Auto Updater
    Jewel Match 3
    Junk Mail filter update
    Launch Manager
    Malwarebytes Anti-Malware version 1.75.0.1300
    Mesh Runtime
    Microsoft .NET Framework 4 Client Profile
    Microsoft Access MUI (English) 2013
    Microsoft Access Setup Metadata MUI (English) 2013
    Microsoft Application Error Reporting
    Microsoft DCF MUI (English) 2013
    Microsoft Excel MUI (English) 2013
    Microsoft Groove MUI (English) 2013
    Microsoft InfoPath MUI (English) 2013
    Microsoft Lync MUI (English) 2013
    Microsoft Office 32-bit Components 2013
    Microsoft Office File Validation Add-In
    Microsoft Office OSM MUI (English) 2013
    Microsoft Office OSM UX MUI (English) 2013
    Microsoft Office Professional Plus 2013
    Microsoft Office Proofing (English) 2013
    Microsoft Office Proofing Tools 2013 - English
    Microsoft Office Proofing Tools 2013 - Espanol
    Microsoft Office Shared 32-bit MUI (English) 2013
    Microsoft Office Shared MUI (English) 2013
    Microsoft Office Shared Setup Metadata MUI (English) 2013
    Microsoft OneNote MUI (English) 2013
    Microsoft Outlook MUI (English) 2013
    Microsoft PowerPoint MUI (English) 2013
    Microsoft Publisher MUI (English) 2013
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable (x64)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Word MUI (English) 2013
    Microsoft_VC80_CRT_x86
    Microsoft_VC80_MFC_x86
    Microsoft_VC80_MFCLOC_x86
    Microsoft_VC90_CRT_x86
    Mozilla Firefox 26.0 (x86 en-US)
    Mozilla Maintenance Service
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP3 Parser
    MSXML 4.0 SP3 Parser (KB2758694)
    Mystery of Mortlake Mansion
    Norton Internet Security
    NTI Media Maker 9
    Nuance PaperPort 12
    Nuance PDF Viewer Plus
    OCR Software by I.R.I.S. 13.0
    Officejet J4500 Series
    Outils de verification linguistique 2013 de Microsoft Office?- Francais
    PaperPort Image Printer 64-bit
    Penguins!
    Plants vs. Zombies - Game of the Year
    Polar Bowler
    Polar Golfer
    ProductContext
    Realtek High Definition Audio Driver
    Renesas Electronics USB 3.0 Host Controller Driver
    Revo Uninstaller 1.95
    RPGツクール2000 ランタイムパッケージ
    Scan
    Scansoft PDF Professional
    Secure Download Manager
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
    Security Update for Microsoft Excel 2013 (KB2827238) 64-Bit Edition
    Security Update for Microsoft Lync 2013 (KB2850057) 64-Bit Edition
    Security Update for Microsoft Office 2013 (KB2768005) 64-Bit Edition
    Security Update for Microsoft Office 2013 (KB2810009) 64-Bit Edition
    Security Update for Microsoft Office 2013 (KB2850064) 64-Bit Edition
    Security Update for Microsoft Word 2013 (KB2827224) 64-Bit Edition
    Security Update for Microsoft Word 2013 (KB2863834) 64-Bit Edition
    Shop for HP Supplies
    Skype Click to Call
    Skype? 6.11
    Smart Defrag 2
    SmartWebPrinting
    SolutionCenter
    Status
    Surfing Protection
    swMSM
    Toolbox
    Torchlight
    TrayApp
    Unity Web Player
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
    Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
    Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition
    Update for Microsoft Access 2013 (KB2827233) 64-Bit Edition
    Update for Microsoft InfoPath 2013 (KB2837648) 64-Bit Edition
    Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2837626) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2837637) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2837638) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition
    Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition
    Update for Microsoft Outlook 2013 (KB2850061) 64-Bit Edition
    Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition
    Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition
    Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition
    Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition
    Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition
    Update for Microsoft Visio 2013 (KB2817306) 64-Bit Edition
    Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition
    Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition
    Update Installer for WildTangent Games App
    UVa Network Setup Tool version 2.1.0.0
    Virtual Villagers 5 - New Believers
    WebReg
    Welcome Center
    WildTangent Games App
    Winamp
    Winamp Detector Plug-in
    WinCDEmu
    Windows Live
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Mail
    Windows Live Mesh
    Windows Live Messenger
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    WinRAR 5.00 (32-bit)
    Zuma's Revenge
    .
    ==== Event Viewer Messages From Past Week ========
    .
    1/18/2014 5:04:42 AM, Error: iaStor [9]  - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
    1/18/2014 2:21:01 PM, Error: Service Control Manager [7034]  - The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).
    1/18/2014 1:59:28 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x000000d1 (0x0000000000000008, 0x0000000000000002, 0x0000000000000000, 0xfffff88001c25a1d). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 011814-48750-01.
    1/14/2014 10:20:13 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service.
    1/12/2014 9:41:15 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
    1/12/2014 12:22:51 PM, Error: Service Control Manager [7023]  - The Server service terminated with the following error:  The service has not been started.
    1/12/2014 12:22:50 PM, Error: Service Control Manager [7023]  - The Computer Browser service terminated with the following error:  A system shutdown is in progress.
    1/12/2014 12:22:48 PM, Error: Service Control Manager [7024]  - The Background Intelligent Transfer Service service terminated with service-specific error %%-2147024846.
    1/12/2014 12:22:48 PM, Error: Microsoft-Windows-Bits-Client [16392]  - The BITS service failed to start.  Error 0x80070032.
    1/12/2014 12:21:40 PM, Error: Service Control Manager [7023]  - The IPsec Policy Agent service terminated with the following error:  The authentication service is unknown.
    .
    ==== End Of File ===========================
     

  12. Oh dear, I'm sorry. I attached them instead of copypasting.

     

     

    dds.txt

     

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.51.2
    Run by MT at 13:13:23 on 2014-01-18
    Microsoft Windows 7 Home Premium   6.1.7601.1.932.81.1033.18.3948.1053 [GMT -5:00]
    .
    AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
    SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Windows\system32\WLANExt.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
    C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
    C:\Program Files (x86)\Common Files\CypherTec\cgrdsrv32.exe
    C:\Program Files\Common Files\CypherTec\cgrdsrv64.exe
    C:\Program Files\Common Files\CypherTec\cthwsrv64.exe
    C:\Program Files (x86)\Launch Manager\dsiwmis.exe
    C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
    C:\Program Files (x86)\Launch Manager\LMutilps32.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
    C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
    C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
    C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
    C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
    C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
    C:\Program Files\Elantech\ETDCtrl.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\system32\igfxext.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Elantech\ETDCtrlHelper.exe
    C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
    C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
    C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
    C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
    C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files (x86)\Launch Manager\LManager.exe
    C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
    C:\Dolby PCEE4\pcee4.exe
    C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
    C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
    C:\Program Files (x86)\Launch Manager\LMworker.exe
    C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
    C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
    C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Browny02\BrYNSvc.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
    C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Internet Explorer\IELowutil.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .

    mWinlogon: Userinit = userinit.exe,
    BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
    BHO: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll
    BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll
    BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll
    BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
    BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
    BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
    BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll
    TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
    EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
    uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
    mRun: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
    mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
    mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
    mRun: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart
    mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
    mRun: [indexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
    mRun: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
    mRun: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
    mRun: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
    mRun: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
    mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
    mRun: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
    mRun: [NWEReboot] <no file>
    dRunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CERTCH~1.LNK - C:\Program Files (x86)\University of Virginia\UVa Network Setup Tool\CertChecker.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
    IE: Open with PDF Viewer Plus - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
    IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
    IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .

    TCP: NameServer = 75.75.75.75 75.75.76.76
    TCP: Interfaces\{B0BCF2FB-1545-4F42-9C6F-8160A8B30C5C} : DHCPNameServer = 75.75.75.75 75.75.76.76
    TCP: Interfaces\{F9B0643F-BDCE-4FE4-8860-BF102ADAAB91} : DHCPNameServer = 75.75.75.75 75.75.76.76
    TCP: Interfaces\{F9B0643F-BDCE-4FE4-8860-BF102ADAAB91}\7556C636F6D656F547F6F5556516F575962756C6563737 : DHCPNameServer = 128.143.2.7 128.143.3.7 128.143.22.119
    TCP: Interfaces\{F9B0643F-BDCE-4FE4-8860-BF102ADAAB91}\D416E6A657372796 : DHCPNameServer = 8.8.8.8 8.8.4.4 68.105.28.11
    Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
    x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\MicroSoft Office\Office15\OCHelper.dll
    x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\MicroSoft Office\Office15\URLREDIR.DLL
    x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\MicroSoft Office\Office15\GROOVEEX.DLL
    x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
    x64-Run: [intelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
    x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
    x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
    x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    x64-Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
    x64-Run: [igfxTray] "C:\Windows\System32\igfxtray.exe"
    x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
    x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\MicroSoft Office\Office15\ONBttnIE.dll
    x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\MicroSoft Office\Office15\OCHelper.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\MicroSoft Office\Office15\ONBttnIELinkedNotes.dll
    x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
    x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\MicroSoft Office\Office15\MSOSB.DLL
    x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\
    FF - prefs.js: browser.search.selectedEngine - Bing
    FF - prefs.js: browser.startup.homepage - msn.com
    FF - plugin: C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
    FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
    FF - plugin: C:\Program Files (x86)\Winamp Detect\npwachk.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Users\MT\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
    FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
    FF - ExtSQL: 2013-12-21 15:04; adsremoval@adsremoval.net; C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\adsremoval@adsremoval.net
    FF - ExtSQL: 2014-01-04 13:53; iobitapps@mybrowserbar.com; C:\Program Files (x86)\IObit Apps Toolbar\FF
    FF - ExtSQL: 2014-01-04 14:12; ascsurfingprotection@iobit.com; C:\Users\MT\AppData\Roaming\Mozilla\Firefox\Profiles\ezz5bz6n.default\extensions\ascsurfingprotection@iobit.com
    FF - ExtSQL: !HIDDEN! 2013-10-10 16:55; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: network.http.pipelining.maxrequests - 8
    FF - user.js: network.http.request.max-start-delay - 0
    FF - user.js: network.http.max-connections - 48
    FF - user.js: network.http.max-connections-per-server - 16
    FF - user.js: network.http.max-persistent-connections-per-proxy - 16
    FF - user.js: network.http.max-persistent-connections-per-server - 8
    FF - user.js: browser.turbo.enabled - true
    FF - user.js: browser.display.show_image_placeholders - true
    FF - user.js: browser.chrome.favicons - false
    FF - user.js: browser.urlbar.autocomplete.enabled - true
    FF - user.js: browser.cache.memory.capacity - 65536
    FF - user.js: content.notify.ontimer - true
    FF - user.js: content.interrupt.parsing - true
    FF - user.js: content.max.tokenizing.time - 2250000
    FF - user.js: content.switch.threshold - 750000
    FF - user.js: plugin.expose_full_path - true
    FF - user.js: ui.submenuDelay - 0
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-10-20 65776]
    R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-10-20 207904]
    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2013-10-7 55856]
    R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-10-26 17720]
    R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1404000.028\symds64.sys [2013-10-9 493656]
    R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1404000.028\symefa64.sys [2013-10-9 1139800]
    R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-10-20 1034464]
    R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2013-10-20 422216]
    R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20140110.001\BHDrvx64.sys [2014-1-13 1526488]
    R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1404000.028\ccsetx64.sys [2013-10-9 169048]
    R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20140117.001\IDSviA64.sys [2014-1-17 521944]
    R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1404000.028\ironx64.sys [2013-10-9 224416]
    R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1404000.028\symnets.sys [2013-10-9 433752]
    R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-9-30 169408]
    R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-1-4 881440]
    R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-10-20 78648]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-1-4 50344]
    R2 Cymon;Cymon;C:\Windows\System32\drivers\cymon.sys [2012-12-14 123832]
    R2 CypherGuard cguard Service 32bit Edition;CypherGuard cguard Service 32bit Edition;C:\Program Files (x86)\Common Files\CypherTec\cgrdsrv32.exe [2011-11-29 109984]
    R2 CypherGuard cguard Service 64bit Edition;CypherGuard cguard Service 64bit Edition;C:\Program Files\Common Files\CypherTec\cgrdsrv64.exe [2011-11-29 127416]
    R2 CypherGuard Info Service;CypherGuard Info Service;C:\Program Files\Common Files\CypherTec\cthwsrv64.exe [2011-11-29 131000]
    R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-8-12 353360]
    R2 ePowerSvc;ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2013-10-7 872552]
    R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-5-29 36456]
    R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-8-12 13592]
    R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-10-26 341824]
    R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-8-12 255376]
    R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe [2013-10-9 144368]
    R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-4-23 256832]
    R2 PDFProFiltSrvPP;PDFProFiltSrvPP;C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-3-8 144672]
    R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]
    R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]
    R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-10-7 2656280]
    R3 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-1-4 79672]
    R3 b57xdbd;Broadcom xD Picture Bus Driver Service;C:\Windows\System32\drivers\b57xdbd.sys [2011-1-20 67624]
    R3 b57xdmp;Broadcom xD Picture vstorp client drv;C:\Windows\System32\drivers\b57xdmp.sys [2011-1-20 19496]
    R3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver;C:\Windows\System32\drivers\BazisVirtualCDBus.sys [2011-6-4 196704]
    R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-10-8 245760]
    R3 bScsiMSa;bScsiMSa;C:\Windows\System32\drivers\bScsiMSa.sys [2011-5-16 51240]
    R3 bScsiSDa;bScsiSDa;C:\Windows\System32\drivers\bScsiSDa.sys [2011-5-6 86056]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-22 137648]
    R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2011-8-12 142632]
    R3 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-10-26 23048]
    R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-10-26 169752]
    R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-8-12 317440]
    R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2011-6-21 25496]
    R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2013-11-13 435512]
    R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-10 82432]
    R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-10 181760]
    R3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2013-10-26 34848]
    R3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2013-10-26 23016]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-1-4 2151200]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
    S3 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-10-7 240736]
    S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-12 111616]
    S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2011-6-21 34200]
    S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-5-2 340240]
    S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-1 178824]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-10-7 19456]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-10-7 57856]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-10-7 30208]
    S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-10-7 1255736]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2014-01-18 00:36:22    --------    d-----w-    C:\Users\MT\AppData\Roaming\Unity
    2014-01-15 19:02:04    --------    d-----w-    C:\Users\MT\AppData\Local\Unity
    2014-01-15 16:03:56    --------    d--h--w-    C:\ProgramData\Common Files
    2014-01-15 15:00:54    96168    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2014-01-15 10:14:39    376768    ----a-w-    C:\Windows\System32\drivers\netio.sys
    2014-01-15 10:14:38    99840    ----a-w-    C:\Windows\System32\drivers\usbccgp.sys
    2014-01-15 10:14:38    53248    ----a-w-    C:\Windows\System32\drivers\usbehci.sys
    2014-01-15 10:14:38    343040    ----a-w-    C:\Windows\System32\drivers\usbhub.sys
    2014-01-15 10:14:38    325120    ----a-w-    C:\Windows\System32\drivers\usbport.sys
    2014-01-15 10:14:38    30720    ----a-w-    C:\Windows\System32\drivers\usbuhci.sys
    2014-01-15 10:14:38    25600    ----a-w-    C:\Windows\System32\drivers\usbohci.sys
    2014-01-15 10:14:37    7808    ----a-w-    C:\Windows\System32\drivers\usbd.sys
    2014-01-15 10:14:37    3156480    ----a-w-    C:\Windows\System32\win32k.sys
    2014-01-13 14:08:50    --------    d-----w-    C:\Program Files (x86)\University of Virginia
    2014-01-05 15:46:36    --------    d-----w-    C:\ProgramData\regid.1986-12.com.adobe
    2014-01-05 00:12:35    --------    d-----w-    C:\ProgramData\ProductData
    2014-01-05 00:12:34    --------    d-----w-    C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
    2014-01-05 00:03:58    --------    d-----w-    C:\Program Files (x86)\Common Files\Spigot
    2014-01-04 16:59:13    79672    ----a-w-    C:\Windows\System32\drivers\aswstm.sys
    2014-01-04 01:52:08    --------    d-----w-    C:\Users\MT\AppData\Roaming\SPSSInc
    2014-01-04 01:51:18    --------    d-----w-    C:\Users\MT\.spss
    2014-01-04 01:50:52    --------    d-----w-    C:\Users\MT\AppData\Local\javasharedresources
    2014-01-04 00:26:33    --------    d-----w-    C:\Users\MT\AppData\Local\IBM
    2014-01-04 00:26:25    --------    d-----w-    C:\ProgramData\SafeNet Sentinel
    2014-01-04 00:24:51    --------    d-----w-    C:\ProgramData\SPSS
    2014-01-04 00:23:46    --------    d-----w-    C:\SysWOW64
    2014-01-04 00:23:44    --------    d-----w-    C:\Program Files (x86)\Common Files\IBM
    2014-01-04 00:22:32    --------    d-----w-    C:\Program Files (x86)\IBM
    2014-01-04 00:22:12    205    ----a-w-    C:\Windows\SysWow64\lsprst7.dll
    2014-01-04 00:22:12    1025    ----a-w-    C:\Windows\SysWow64\sysprs7.dll
    2014-01-03 03:06:03    --------    d-----w-    C:\Users\MT\AppData\Roaming\e-academy Inc
    2014-01-03 03:06:03    --------    d-----w-    C:\Users\MT\AppData\Local\e-academy Inc
    2013-12-21 06:04:22    225656    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
    .
    ==================== Find3M  ====================
    .
    2014-01-04 16:58:47    207904    ----a-w-    C:\Windows\System32\drivers\aswVmm.sys
    2014-01-04 16:58:46    1034464    ----a-w-    C:\Windows\System32\drivers\aswSnx.sys
    2014-01-04 16:58:45    78648    ----a-w-    C:\Windows\System32\drivers\aswMonFlt.sys
    2014-01-04 16:58:43    43152    ----a-w-    C:\Windows\avastSS.scr
    2013-12-16 21:51:37    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-12-16 21:51:37    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-11-26 10:19:07    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
    2013-11-26 10:18:23    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
    2013-11-26 09:48:07    66048    ----a-w-    C:\Windows\System32\iesetup.dll
    2013-11-26 09:46:25    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
    2013-11-26 09:23:02    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
    2013-11-26 09:18:39    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
    2013-11-26 09:18:09    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
    2013-11-26 09:16:57    708608    ----a-w-    C:\Windows\System32\jscript9diag.dll
    2013-11-26 08:35:02    5769216    ----a-w-    C:\Windows\System32\jscript9.dll
    2013-11-26 08:28:16    553472    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
    2013-11-26 08:16:12    4243968    ----a-w-    C:\Windows\SysWow64\jscript9.dll
    2013-11-26 08:02:16    1995264    ----a-w-    C:\Windows\System32\inetcpl.cpl
    2013-11-26 07:32:06    1928192    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
    2013-11-26 07:07:57    2334208    ----a-w-    C:\Windows\System32\wininet.dll
    2013-11-26 06:33:33    1820160    ----a-w-    C:\Windows\SysWow64\wininet.dll
    2013-11-23 18:26:20    417792    ----a-w-    C:\Windows\SysWow64\WMPhoto.dll
    2013-11-23 17:47:34    465920    ----a-w-    C:\Windows\System32\WMPhoto.dll
    2013-11-13 18:23:49    435512    ----a-w-    C:\Windows\System32\drivers\k57nd60a.sys
    2013-11-12 02:23:09    2048    ----a-w-    C:\Windows\System32\tzres.dll
    2013-11-12 02:07:29    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
    2013-10-30 02:32:01    335360    ----a-w-    C:\Windows\System32\msieftp.dll
    2013-10-30 02:19:52    301568    ----a-w-    C:\Windows\SysWow64\msieftp.dll
    2013-10-21 00:49:48    65776    ----a-w-    C:\Windows\System32\drivers\aswRvrt.sys
    2013-10-21 00:49:47    92544    ----a-w-    C:\Windows\System32\drivers\aswRdr2.sys
    .
    ============= FINISH: 13:13:40.50 ===============
     

     

     

     

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 10/7/2013 1:19:58 PM
    System Uptime: 1/15/2014 10:51:34 PM (63 hours ago)
    .
    Motherboard: Acer |  | JV51_HR
    Processor: Intel® Core i7-2670QM CPU @ 2.20GHz | CPU1 | 2201/1333mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 448 GiB total, 339.059 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP65: 1/11/2014 5:10:51 AM - Scheduled Checkpoint
    RP66: 1/15/2014 9:59:40 AM - Installed Java 7 Update 51
    RP67: 1/15/2014 10:03:27 PM - Windows Update
    .
    ==== Installed Programs ======================
    .
    4500_Help
    64 Bit HP CIO Components Installer
    7-Zip 9.20 (x64 edition)
    Acer Backup Manager
    Acer Crystal Eye Webcam
    Acer ePower Management
    Acer eRecovery Management
    Acer Games
    Acer Registration
    Acer ScreenSaver
    Acer Updater
    Adobe AIR
    Adobe Community Help
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Photoshop Elements 9
    Adobe Reader XI (11.0.06)
    Adobe Shockwave Player 12.0
    Advanced SystemCare 7
    Agatha Christie - Death on the Nile
    Amazon Kindle
    avast! Free Antivirus
    Backup Manager V3
    Bejeweled 2 Deluxe
    bpd_scan
    BPDSoftware
    BPDSoftware_Ini
    Broadcom Card Reader Driver Installer
    Broadcom NetLink Controller
    Brother MFL-Pro Suite DCP-7065DN
    BufferChm
    Build-a-lot 4 - Power Source
    CCleaner
    Chronicles of Albian
    Chuzzle Deluxe
    clear.fi
    clear.fi Client
    Combined Community Codec Pack 2013-10-17
    Cradle of Rome 2
    CypherGuard Browser for x64
    CypherGuard for Movie x64 Edition
    CypherGuard for PDF x64 Edition
    D3DX10
    Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
    Destinations
    DeviceDiscovery
    DLsite Viewer 64bit Edition
    DocMgr
    DocProc
    Dolby Advanced Audio v2
    Dora's World Adventure
    Driver Booster
    Elements 9 Organizer
    Elements STI Installer
    ETDWare PS/2-X64 8.0.6.3_WHQL
    FATE: The Cursed King
    Fax
    Final Drive: Nitro
    Galerie de photos Windows Live
    Google Toolbar for Internet Explorer
    Google Update Helper
    Governor of Poker 2 Premium Edition
    GPBaseService2
    HP Document Manager 2.0
    HP Imaging Device Functions 13.0
    HP Photosmart Essential 3.5
    HP Smart Web Printing 4.51
    HP Solution Center 13.0
    HP Update
    HPPhotoSmartDiscLabelContent1
    HPPhotosmartEssential
    HPProductAssistant
    HPSSupply
    IBM SPSS Statistics 22
    Identity Card
    ImgBurn
    Intel PROSet Wireless
    Intel® Control Center
    Intel® Management Engine Components
    Intel® Processor Graphics
    Intel® PROSet/Wireless WiFi Software
    Intel® Rapid Storage Technology
    Intel® Turbo Boost Technology Monitor 2.0
    Intel® WiDi
    Intel® Wireless Display
    IObit Malware Fighter
    IObit Uninstaller
    J4500
    Java 7 Update 45 (64-bit)
    Java 7 Update 51
    Java Auto Updater
    Jewel Match 3
    Junk Mail filter update
    Launch Manager
    Malwarebytes Anti-Malware version 1.75.0.1300
    Mesh Runtime
    Microsoft .NET Framework 4 Client Profile
    Microsoft Access MUI (English) 2013
    Microsoft Access Setup Metadata MUI (English) 2013
    Microsoft Application Error Reporting
    Microsoft DCF MUI (English) 2013
    Microsoft Excel MUI (English) 2013
    Microsoft Groove MUI (English) 2013
    Microsoft InfoPath MUI (English) 2013
    Microsoft Lync MUI (English) 2013
    Microsoft Office 32-bit Components 2013
    Microsoft Office File Validation Add-In
    Microsoft Office OSM MUI (English) 2013
    Microsoft Office OSM UX MUI (English) 2013
    Microsoft Office Professional Plus 2013
    Microsoft Office Proofing (English) 2013
    Microsoft Office Proofing Tools 2013 - English
    Microsoft Office Proofing Tools 2013 - Espanol
    Microsoft Office Shared 32-bit MUI (English) 2013
    Microsoft Office Shared MUI (English) 2013
    Microsoft Office Shared Setup Metadata MUI (English) 2013
    Microsoft OneNote MUI (English) 2013
    Microsoft Outlook MUI (English) 2013
    Microsoft PowerPoint MUI (English) 2013
    Microsoft Publisher MUI (English) 2013
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable (x64)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Word MUI (English) 2013
    Microsoft_VC80_CRT_x86
    Microsoft_VC80_MFC_x86
    Microsoft_VC80_MFCLOC_x86
    Microsoft_VC90_CRT_x86
    Mozilla Firefox 26.0 (x86 en-US)
    Mozilla Maintenance Service
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP3 Parser
    MSXML 4.0 SP3 Parser (KB2758694)
    Mystery of Mortlake Mansion
    Norton Internet Security
    NTI Media Maker 9
    Nuance PaperPort 12
    Nuance PDF Viewer Plus
    OCR Software by I.R.I.S. 13.0
    Officejet J4500 Series
    Outils de verification linguistique 2013 de Microsoft Office?- Francais
    PaperPort Image Printer 64-bit
    Penguins!
    Plants vs. Zombies - Game of the Year
    Polar Bowler
    Polar Golfer
    ProductContext
    Realtek High Definition Audio Driver
    Renesas Electronics USB 3.0 Host Controller Driver
    Revo Uninstaller 1.95
    RPGツクール2000 ランタイムパッケージ
    Scan
    Scansoft PDF Professional
    Secure Download Manager
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
    Security Update for Microsoft Excel 2013 (KB2827238) 64-Bit Edition
    Security Update for Microsoft Lync 2013 (KB2850057) 64-Bit Edition
    Security Update for Microsoft Office 2013 (KB2768005) 64-Bit Edition
    Security Update for Microsoft Office 2013 (KB2810009) 64-Bit Edition
    Security Update for Microsoft Office 2013 (KB2850064) 64-Bit Edition
    Security Update for Microsoft Word 2013 (KB2827224) 64-Bit Edition
    Security Update for Microsoft Word 2013 (KB2863834) 64-Bit Edition
    Shop for HP Supplies
    Skype Click to Call
    Skype? 6.11
    Smart Defrag 2
    SmartWebPrinting
    SolutionCenter
    Status
    Surfing Protection
    swMSM
    Toolbox
    Torchlight
    TrayApp
    Unity Web Player
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
    Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
    Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition
    Update for Microsoft Access 2013 (KB2827233) 64-Bit Edition
    Update for Microsoft InfoPath 2013 (KB2837648) 64-Bit Edition
    Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2837626) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2837637) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2837638) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition
    Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition
    Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition
    Update for Microsoft Outlook 2013 (KB2850061) 64-Bit Edition
    Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition
    Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition
    Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition
    Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition
    Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition
    Update for Microsoft Visio 2013 (KB2817306) 64-Bit Edition
    Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition
    Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition
    Update Installer for WildTangent Games App
    UVa Network Setup Tool version 2.1.0.0
    Virtual Villagers 5 - New Believers
    WebReg
    Welcome Center
    WildTangent Games App
    Winamp
    Winamp Detector Plug-in
    WinCDEmu
    Windows Live
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Mail
    Windows Live Mesh
    Windows Live Messenger
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    WinRAR 5.00 (32-bit)
    Zuma's Revenge
    μTorrent
    異種愛玩 version 1.01
    .
    ==== Event Viewer Messages From Past Week ========
    .
    1/18/2014 5:04:42 AM, Error: iaStor [9]  - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
    1/15/2014 10:55:30 PM, Error: Service Control Manager [7034]  - The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).
    1/14/2014 10:20:13 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service.
    1/12/2014 9:41:15 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
    1/12/2014 12:22:51 PM, Error: Service Control Manager [7023]  - The Server service terminated with the following error:  The service has not been started.
    1/12/2014 12:22:50 PM, Error: Service Control Manager [7023]  - The Computer Browser service terminated with the following error:  A system shutdown is in progress.
    1/12/2014 12:22:48 PM, Error: Service Control Manager [7024]  - The Background Intelligent Transfer Service service terminated with service-specific error %%-2147024846.
    1/12/2014 12:22:48 PM, Error: Microsoft-Windows-Bits-Client [16392]  - The BITS service failed to start.  Error 0x80070032.
    1/12/2014 12:21:40 PM, Error: Service Control Manager [7023]  - The IPsec Policy Agent service terminated with the following error:  The authentication service is unknown.
    .
    ==== End Of File ===========================
     

     

  13. Hi,

    Sorry to bother you all. I was stupid.

     

    In an effort to clean up my computer, my father recommended Advanced System Care.

    However, I was incredibly stupid: when installing it, I was going too fast through the Installation and accidentally installed Spigot and its related malware.

     

    Now Chrome and IE have annoying and downright scary Yahoo homepage redirects I can't get rid of even after uninstalling Spigot via Uninstall Programs.

    Firefox doesn't redirect, but sadly also has developed a problem where a lot of the websites I used to go to never completely finish loading.

    MalwareBytes, Norton, and Avast (Full and Boot scans) don't detect anything.

     

    Please help me remove all traces of Spigot and this terrible malware (why isn't this sort of thing illegal after I've already gone through the process of uninstallation?).

    I am using Windows 7.

     

    I'm not very experienced with this, so please have patience with me and talk to me as step-by-step as you can.

     

    For any help, thank you in advance.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.