programs lose focus/minimizing

[Genjoukai]

Latey any program I run loses focus every five to ten mins or if i'm watching a video or playing a game it will minimize with no program opening in the background that would cause that. I have run malware and virus scans but nothing seems to show up so i'm in need of help.

attach.txt

dds.txt

[Maniac]

Hello Genjoukai! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
• Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

This is not due to malware at all.

Step 1

Please uninstall the following applications:

Search Protection

Smiley Bar for Facebook

Step 2

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

Step 3

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on AdwCleaner.exe to run the tool.
• Click on Delete.
• Confirm each time with Ok.
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the content of that logfile with your next answer.
• You can find the logfile at C:\AdwCleaner[s1].txt as well.

In your next reply, post the following log files:

• Junkware Removal Tool log
• AdwCleaner log

[Genjoukai]

ok here the logs.

JRT.txt

AdwCleanerS1.txt

[Maniac]

Please read my instructions for posting your log files.

[Genjoukai]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.9 (07.30.2013:1)
OS: Microsoft Windows XP x86
Ran by David on Wed 07/31/2013 at 11:41:53.00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\zugo
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{02478d38-c3f9-4efb-9b51-7695eca05670}



~~~ Files

Successfully deleted: [File] "C:\WINDOWS\system32\roboot.exe"
Successfully deleted: [File] "C:\WINDOWS\system32\turegopt.exe"
Successfully deleted: [File] "C:\end"
Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\David\Application Data\file scout"
Successfully deleted: [Folder] "C:\Documents and Settings\David\Application Data\performersoft"



~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\David\Application Data\mozilla\firefox\profiles\ecntvwfi.default\user.js
Successfully deleted: [File] C:\Documents and Settings\David\Application Data\mozilla\firefox\profiles\ecntvwfi.default\extensions\browserprotect@browserprotect.com.xpi
Successfully deleted the following from C:\Documents and Settings\David\Application Data\mozilla\firefox\profiles\ecntvwfi.default\prefs.js










user_pref("CT2172819.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.com\"}");
















user_pref("CommunityToolbar.EngineOwner", "CT2172819");
user_pref("CommunityToolbar.EngineOwnerGuid", "{c9cac5c4-c262-4723-8825-b9d459b1c964}");
user_pref("CommunityToolbar.EngineOwnerToolbarId", "miaclan.net");
user_pref("CommunityToolbar.IsEngineShown", true);
user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
user_pref("CommunityToolbar.OriginalEngineOwner", "CT2172819");
user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{c9cac5c4-c262-4723-8825-b9d459b1c964}");
user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "miaclan.net");

user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2172819");
user_pref("CommunityToolbar.ToolbarsList2", "CT2172819");
user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sat Apr 09 2011 10:16:01 GMT-0400 (Eastern Daylight Time)");
user_pref("CommunityToolbar.alert.alertEnabled", true);
user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sat Apr 09 2011 11:54:20 GMT-0400 (Eastern Daylight Time)");

user_pref("CommunityToolbar.alert.locale", "en");
user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sat Apr 09 2011 10:16:00 GMT-0400 (Eastern Daylight Time)");
user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291048634");
user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);

user_pref("CommunityToolbar.alert.showTrayIcon", false);
user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.alert.userId", "95754371-05b6-4675-8cd9-fa15d2112442");
user_pref("CommunityToolbar.globalUserId", "1209c184-8112-4568-94e0-7a0fc840c315");
user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2172819");
user_pref("ConduitEngine.AppTrackingLastCheckTime", "Sat Apr 09 2011 10:16:12 GMT-0400 (Eastern Daylight Time)");
user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Sat Apr 09 2011 10:16:02 GMT-0400 (Eastern Daylight Time)");
user_pref("ConduitEngine.FirstServerDate", "04/09/2011 17");
user_pref("ConduitEngine.FirstTime", true);
user_pref("ConduitEngine.FirstTimeFF3", true);
user_pref("ConduitEngine.HasUserGlobalKeys", true);
user_pref("ConduitEngine.HideEngineAfterRestart", true);
user_pref("ConduitEngine.Initialize", true);
user_pref("ConduitEngine.InitializeCommonPrefs", true);
user_pref("ConduitEngine.InstalledDate", "Sat Apr 09 2011 10:16:02 GMT-0400 (Eastern Daylight Time)");
user_pref("ConduitEngine.IsMulticommunity", false);
user_pref("ConduitEngine.IsOpenThankYouPage", false);
user_pref("ConduitEngine.IsOpenUninstallPage", true);
user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sat Apr 09 2011 10:16:02 GMT-0400 (Eastern Daylight Time)");
user_pref("ConduitEngine.LastLogin_3.3.5.1", "Sat Apr 09 2011 10:16:02 GMT-0400 (Eastern Daylight Time)");
user_pref("ConduitEngine.PublisherContainerWidth", 0);
user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
user_pref("ConduitEngine.SettingsLastCheckTime", "Sat Apr 09 2011 10:16:01 GMT-0400 (Eastern Daylight Time)");
user_pref("ConduitEngine.UserID", "UN58350685855617919");
user_pref("ConduitEngine.engineLocale", "en-US");
user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sat Apr 09 2011 10:16:02 GMT-0400 (Eastern Daylight Time)");
user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sat Apr 09 2011 10:16:02 GMT-0400 (Eastern Daylight Time)");
user_pref("ConduitEngine.initDone", true);
user_pref("ConduitEngine.isAppTrackingManagerOn", true);
user_pref("browser.search.defaultthis.engineName", "MIAClan.net Customized Web Search");

user_pref("extensions.veohsearchrecs.SupportedSites", "<?xml version=\"1.0\" ?>\r\n<results revision=\"1.5.2\">\r\n    <sites>\r\n        <searchsite MatchesDomain=\"google.\"
Emptied folder: C:\Documents and Settings\David\Application Data\mozilla\firefox\profiles\ecntvwfi.default\minidumps [6 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 07/31/2013 at 11:43:42.51
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

[Genjoukai]

# AdwCleaner v2.306 - Logfile created 07/31/2013 at 11:44:16
# Updated 19/07/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : David - SEPHIROTH
# Boot Mode : Normal
# Running from : C:\Documents and Settings\David\Desktop\AdwCleaner.exe
# Option [Delete]


***** [services] *****


***** [Files / Folders] *****

Folder Deleted : C:\DOCUME~1\David\LOCALS~1\Temp\boost_interprocess
Folder Deleted : C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\Conduit
Folder Deleted : C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\ConduitEngine
Folder Deleted : C:\Documents and Settings\David\Application Data\StatusWinks

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\AskBarDis
Key Deleted : HKCU\Software\AskBarDis
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\AskBarDis
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0702A2B6-13AA-4090-9E01-BCDC85DD933F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{622FD888-4E91-4D68-84D4-7262FD0811BF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\PIP
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]

***** [internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v22.0 (en-US)

File : C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\tk8hmxil.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\a9s30qtu.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[s1].txt - [3761 octets] - [31/07/2013 11:44:16]

########## EOF - C:\AdwCleaner[s1].txt - [3821 octets] ##########
 

[Genjoukai]

um still waiting for a reply i corrected and posted the logs.

[Maniac]

Please check how are things now.

[Genjoukai]

my programs are still losing focus but they have stopped minimizing while in fullscreen.

[Maniac]

Is this problem caused at a specific browser or with all of yours?

[Genjoukai]

sorry I didn't reply fast. But it happens with both firefox and IE.

[Maniac]

Please try to reset Mozilla FireFox:

https://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-most-problems

Then Internet Explorer:

http://support.microsoft.com/kb/923737

Reboot, check again and let me know.

[Genjoukai]

reset both and rebooted but the problem is still occuring unfortunately

[Maniac]

Do you still have a problem into FireFox Safe Mode?

https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-using-safe-mode

[Genjoukai]

yes it still loses focus reggardless of being in safe mode and it not limited to firefox but even when i open folders they will also lose focus.

[Maniac]

Download OTL to your Desktop

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

[Genjoukai]

I only got an otl.txt file i didn't get an extra.txt

 

OTL logfile created on: 8/2/2013 9:40:35 PM - Run 6
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\David\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.00 Gb Total Physical Memory | 2.17 Gb Available Physical Memory | 72.41% Memory free
6.84 Gb Paging File | 5.94 Gb Available in Paging File | 86.90% Paging File free
Paging file location(s): C:\pagefile.sys 4092 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 693.94 Gb Total Space | 374.14 Gb Free Space | 53.91% Space Free | Partition Type: NTFS
Drive D: | 3.70 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 931.51 Gb Total Space | 322.36 Gb Free Space | 34.61% Space Free | Partition Type: NTFS
 
Computer Name: SEPHIROTH | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Documents and Settings\David\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe (NVIDIA Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Steam\GameOverlayUI.exe (Valve Corporation)
PRC - C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe ()
PRC - C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe (NETGEAR)
PRC - C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe ()
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios)
PRC - C:\WINDOWS\system32\escsvc.exe (Seiko Epson Corporation)
PRC - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
PRC - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\WINDOWS\system32\Ctxfihlp.exe (Creative Technology Ltd)
PRC - C:\WINDOWS\system32\CTxfispi.exe (Creative Technology Ltd)
PRC - C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Nexon\Mabinogi\npkcmsvc.exe (INCA Internet Co., Ltd.)
PRC - C:\Program Files\Razer\Tarantula\razerhid.exe ()
PRC - C:\Program Files\Razer\Tarantula\razertra.exe ()
PRC - C:\WINDOWS\CTHELPER.EXE (Creative Technology Ltd)
PRC - C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
PRC - C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.exe (Creative Technology Ltd)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8f3e54440f3742da409131428ad1bce1\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\b22afb5424455b579511b925aa1563c9\System.Management.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\79533103112291e81204ca24aed19890\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\a1d221960bf7a0cbfd1f355595f77e83\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\16562c54978851e92db8fec6f759bba1\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
MOD - C:\Program Files\NVIDIA Corporation\nView\nvShell.dll ()
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\Genie.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Map.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Resource.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Ui.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Airprint.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe ()
MOD - C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe ()
MOD - C:\Program Files\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\InnerPlugin_Update.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Statistics.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\DragonNetTool.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\WSetupApiPlugin.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Wireless.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Internet.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\DiagnosePlugin.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\QRCode.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\SvtNetworkTool.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\NetcardApi.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\airprintdll.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\DiagnoseDll.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\SVTUtils.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\WSetupDll.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\QtGui4.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\QtCore4.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\QtNetwork4.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\QtXml4.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\imageformats\qjpeg4.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\imageformats\qico4.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\imageformats\qgif4.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\libgcc_s_dw2-1.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\mingwm10.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\WINDOWS\system32\quartz.dll ()
MOD - C:\Program Files\NETGEAR Genie\bin\drivers\libntgr_api.dll ()
MOD - C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll ()
MOD - C:\WINDOWS\system32\sbe.dll ()
MOD - C:\WINDOWS\CTXFIRES.DLL ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\WINDOWS\system32\devenum.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\Razer\Tarantula\razerhid.exe ()
MOD - C:\Program Files\Razer\Tarantula\razertra.exe ()
MOD - C:\WINDOWS\system32\DLAAPI_W.DLL ()
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (EpsonCustomerParticipation) -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe (SEIKO EPSON CORPORATION)
SRV - (NETGEARGenieDaemon) -- C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe (NETGEAR)
SRV - (xsherlock) -- C:\WINDOWS\system32\xsherlock.xem (Wellbia.com Co., Ltd.)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (HiPatchService) -- C:\Program Files\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios)
SRV - (EpsonScanSvc) -- C:\WINDOWS\system32\escsvc.exe (Seiko Epson Corporation)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (tgsrvc_verizondm) -- C:\Program Files\VERIZONDM\bin\tgsrvc.exe (SupportSoft, Inc.)
SRV - (sprtsvc_verizondm) -- C:\Program Files\VERIZONDM\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (npggsvc) -- C:\WINDOWS\system32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (Creative Media Toolbox 6 Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\MT6Licensing.exe (Creative Labs)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (CTAudSvcService) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (sprtsvc_dellsupportcenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (nTuneService) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
SRV - (npkcmsvc) -- C:\Nexon\Mabinogi\npkcmsvc.exe (INCA Internet Co., Ltd.)
SRV - (rpcapd) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (xhunter1) -- C:\WINDOWS\xhunter1.sys File not found
DRV - (WDICA) --  File not found
DRV - (vtany) -- C:\WINDOWS\vtany.sys File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (npkcusb) -- C:\Nexon\Mabinogi\npkcusb.sys File not found
DRV - (npkcrypt) -- C:\Nexon\Mabinogi\npkcrypt.sys File not found
DRV - (lmimirr) -- system32\DRIVERS\lmimirr.sys File not found
DRV - (lbrtfdc) --  File not found
DRV - (EagleNT) -- C:\WINDOWS\system32\drivers\EagleNT.sys File not found
DRV - (Changer) --  File not found
DRV - (catchme) -- C:\DOCUME~1\David\LOCALS~1\Temp\catchme.sys File not found
DRV - (NPF) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys ()
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (RTL8187B) -- C:\WINDOWS\system32\drivers\wg111v3.sys (Realtek Semiconductor Corporation                           )
DRV - (ha20x2k) -- C:\WINDOWS\system32\drivers\ha20x2k.sys (Creative Technology Ltd)
DRV - (emupia) -- C:\WINDOWS\system32\drivers\emupia2k.sys (Creative Technology Ltd)
DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (ctprxy2k) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (ctdvda2k) -- C:\WINDOWS\system32\drivers\ctdvda2k.sys (Creative Technology Ltd)
DRV - (ctaud2k) -- C:\WINDOWS\system32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV - (ctac32k) -- C:\WINDOWS\system32\drivers\ctac32k.sys (Creative Technology Ltd)
DRV - (CTEXFIFX.SYS) -- C:\WINDOWS\system32\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV - (CTEXFIFX) -- C:\WINDOWS\system32\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV - (CTHWIUT.SYS) -- C:\WINDOWS\system32\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV - (CTHWIUT) -- C:\WINDOWS\system32\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV - (CT20XUT.SYS) -- C:\WINDOWS\system32\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV - (CT20XUT) -- C:\WINDOWS\system32\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV - (SCREAMINGBDRIVER) -- C:\WINDOWS\system32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
DRV - (skfilt) -- C:\WINDOWS\system32\drivers\skfilt.sys (Creative)
DRV - (nvatabus) -- C:\WINDOWS\system32\drivers\nvatabus.sys (NVIDIA Corporation)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (TarFltr) -- C:\WINDOWS\system32\drivers\UsbFltr.sys (Razer USA Ltd.)
DRV - (DLADResM) -- C:\WINDOWS\system32\DLA\DLADResM.SYS (Roxio)
DRV - (DLABMFSM) -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS (Roxio)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Roxio)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Roxio)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Roxio)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Roxio)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Roxio)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Roxio)
DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Roxio)
DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Roxio)
DRV - (APPDRV) -- C:\WINDOWS\system32\drivers\APPDRV.SYS (Dell Inc)
DRV - (Razerlow) -- C:\WINDOWS\system32\drivers\DB3G.sys (Razer (Asia-Pacific) Pte Ltd)
DRV - (USBIO) -- C:\WINDOWS\system32\drivers\usbio.sys (Thesycon GmbH, Germany)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=1080403
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=1080403
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=localhost:7171
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=1080403
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=1080403
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-4218801841-1175837858-694166655-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com?type=714647&fr=spigot-yhp-ie
IE - HKU\S-1-5-21-4218801841-1175837858-694166655-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-4218801841-1175837858-694166655-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-4218801841-1175837858-694166655-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F0 1D FD B0 A5 38 CD 01  [binary data]
IE - HKU\S-1-5-21-4218801841-1175837858-694166655-1005\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4218801841-1175837858-694166655-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4218801841-1175837858-694166655-1005\..\SearchScopes\{36F6BE6F-3375-45D2-940C-79E4CA70E7D6}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
IE - HKU\S-1-5-21-4218801841-1175837858-694166655-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-4218801841-1175837858-694166655-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4218801841-1175837858-694166655-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
IE - HKU\S-1-5-21-4218801841-1175837858-694166655-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=1080403
IE - HKU\S-1-5-21-4218801841-1175837858-694166655-1007\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\S-1-5-21-4218801841-1175837858-694166655-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us
IE - HKU\S-1-5-21-4218801841-1175837858-694166655-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us
IE - HKU\S-1-5-21-4218801841-1175837858-694166655-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=1080403
IE - HKU\S-1-5-21-4218801841-1175837858-694166655-1007\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-4218801841-1175837858-694166655-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=1080403
IE - HKU\S-1-5-21-4218801841-1175837858-694166655-1008\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\S-1-5-21-4218801841-1175837858-694166655-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us
IE - HKU\S-1-5-21-4218801841-1175837858-694166655-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/hws/sb/dell-usuk/en/side.html?channel=us
IE - HKU\S-1-5-21-4218801841-1175837858-694166655-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=1080403
IE - HKU\S-1-5-21-4218801841-1175837858-694166655-1008\..\SearchScopes,DefaultScope =
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130515
FF - prefs.js..extensions.enabledAddons: %7BE6C1199F-E687-42da-8C24-E7770CC3AE66%7D:1.8.0
FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.7.2.1
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.9
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\David\Application Data\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\WINDOWS\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\David\Application Data\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\David\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/05/26 14:56:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/06/25 14:07:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/06/25 14:07:46 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Documents and Settings\David\Application Data\Move Networks [2011/11/03 14:52:25 | 000,000,000 | ---D | M]
 
[2008/08/26 19:21:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\David\Application Data\Mozilla\Extensions
[2013/08/02 16:50:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions
[2013/07/23 19:44:28 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/03/03 01:27:43 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2)
[2013/07/23 19:44:29 | 000,000,000 | ---D | M] (Ghostery) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com
[2013/08/02 16:50:16 | 000,119,515 | ---- | M] () (No name found) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\adblockpopups@jessehakanen.net.xpi
[2013/07/31 12:06:17 | 000,346,768 | ---- | M] () (No name found) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\personas@christopher.beard.xpi
[2013/07/31 01:22:07 | 000,824,302 | ---- | M] () (No name found) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/07/23 19:44:29 | 000,014,714 | ---- | M] () (No name found) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi
[2013/02/19 15:46:50 | 000,685,671 | ---- | M] () (No name found) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
[2013/07/23 19:41:16 | 000,699,333 | ---- | M] () (No name found) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
[2013/06/25 14:07:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/06/25 14:07:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/06/25 14:07:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013/06/25 14:07:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/07/31 06:21:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/07/31 06:21:12 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/09/01 23:57:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2009/07/03 00:34:44 | 000,083,376 | ---- | M] (NHN USA Inc.) -- C:\Program Files\mozilla firefox\plugins\npijjiautoinstallpluginff.dll
[2009/08/17 07:42:14 | 000,073,728 | ---- | M] (NHN USA Inc. ) -- C:\Program Files\mozilla firefox\plugins\npijjiFFPlugin1.dll
 
O1 HOSTS File: ([2012/08/17 13:15:07 | 000,000,055 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1 secure.tune-up.com
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AudioDrvEmulator] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CTDVDDET] C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Diamondback] C:\Program Files\Razer\Diamondback 3G\razerhid.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\dell\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Nvtmru] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [Tarantula] C:\Program Files\Razer\Tarantula\razerhid.exe ()
O4 - HKLM..\Run: [VERIZONDM] C:\Program Files\VERIZONDM\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-21-4218801841-1175837858-694166655-1005..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\S-1-5-21-4218801841-1175837858-694166655-1005..\Run: [NETGEARGenie] C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe ()
O4 - HKU\S-1-5-21-4218801841-1175837858-694166655-1005..\Run: [NVIDIA nTune] C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
O4 - HKU\S-1-5-21-4218801841-1175837858-694166655-1007..\Run: [OE_OEM] "C:\Program Files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe" File not found
O4 - HKU\S-1-5-21-4218801841-1175837858-694166655-1008..\Run: [OE_OEM] "C:\Program Files\Trend Micro\Internet Security 14\TMAS_OE\TMAS_OEMon.exe" File not found
O4 - HKU\.DEFAULT..\RunOnce: [setDefaultMIDI] C:\WINDOWS\MIDIDEF.EXE (Creative Technology Ltd)
O4 - HKU\S-1-5-18..\RunOnce: [setDefaultMIDI] C:\WINDOWS\MIDIDEF.EXE (Creative Technology Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4218801841-1175837858-694166655-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4218801841-1175837858-694166655-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-4218801841-1175837858-694166655-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-4218801841-1175837858-694166655-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-4218801841-1175837858-694166655-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4218801841-1175837858-694166655-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4218801841-1175837858-694166655-1008\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4218801841-1175837858-694166655-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4218801841-1175837858-694166655-1005\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4218801841-1175837858-694166655-1005\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4218801841-1175837858-694166655-1005\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-4218801841-1175837858-694166655-1005\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1344487874187 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15109/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0B27881F-0C2C-4EFE-BCA8-8C8CC50952EB}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Desktop Background.bmp
O27 - HKLM IFEO\isuspm.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\mydvd9.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\ntunecmd.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\nvmonitor.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\razercfg.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\razertra.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\softwareupdate.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\videowave9.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 06:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/08/19 05:03:12 | 000,000,000 | RH-D | M] - G:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002/10/16 22:56:50 | 000,000,036 | RH-- | M] () - G:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/08/02 21:38:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\David\Desktop\OTL.exe
[2013/07/31 11:41:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/07/31 10:35:33 | 000,000,000 | R--D | C] -- C:\Documents and Settings\David\Start Menu\Programs\Administrative Tools
[2013/07/31 06:21:16 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013/07/25 22:48:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\My Documents\Witcher 2
[2013/07/25 22:48:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Local Settings\Application Data\The Witcher 2
[2013/07/24 18:55:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\FALCOM
[2013/07/21 16:45:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Local Settings\Application Data\FalloutNV
[2013/07/20 01:59:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Local Settings\Application Data\SplitMediaLabs
[2013/07/20 01:58:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs
[2013/07/20 01:58:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\SplitMediaLabs
[2013/07/19 02:46:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT
[2013/07/18 18:42:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Local Settings\Application Data\NVIDIA
[2013/07/17 19:52:06 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2013/07/14 23:51:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\My Documents\ANNO 2070
[2013/07/14 23:07:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Solidshield
[2013/07/14 23:06:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\Ubisoft
[2013/07/13 01:00:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\My Documents\Endless Space
[2013/07/12 20:16:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\My Documents\Telltale Games
[2013/07/12 15:47:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Turbine
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/08/02 21:41:01 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/02 21:40:05 | 000,011,844 | ---- | M] () -- C:\WINDOWS\System32\nvAppTimestamps
[2013/08/02 21:38:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\David\Desktop\OTL.exe
[2013/08/02 21:38:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/08/02 21:36:34 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{40E4B669-561C-41FB-A8DF-F624F444103E}.job
[2013/08/02 18:26:32 | 000,054,544 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000002-00000000-00000004-00001102-00000005-10031102}.rfx
[2013/08/02 18:26:32 | 000,054,544 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000002-00000000-00000004-00001102-00000005-10031102}.rfx
[2013/08/02 18:26:32 | 000,000,788 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000002-00000000-00000004-00001102-00000005-10031102}.rfx
[2013/08/02 18:17:00 | 000,000,917 | ---- | M] () -- C:\WINDOWS\tasks\EPSON XP-310 Series Update {25F7402E-ABD4-4182-8400-DE2164FBE40B}.job
[2013/08/02 18:17:00 | 000,000,731 | ---- | M] () -- C:\WINDOWS\tasks\EPSON XP-310 Series Invitation {25F7402E-ABD4-4182-8400-DE2164FBE40B}.job
[2013/08/02 17:41:00 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/31 21:27:18 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013/07/31 11:46:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/07/31 11:46:33 | 3218,444,288 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/31 10:34:38 | 000,001,697 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\NETGEAR Genie.lnk
[2013/07/31 10:34:37 | 000,281,104 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\wpcap.dll
[2013/07/31 10:34:37 | 000,096,784 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\packet.dll
[2013/07/31 10:34:37 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) -- C:\WINDOWS\System32\drivers\npf.sys
[2013/07/31 06:21:23 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/07/31 06:21:17 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/07/28 19:41:55 | 000,000,213 | ---- | M] () -- C:\Documents and Settings\David\Desktop\Counter-Strike Global Offensive.url
[2013/07/24 12:25:23 | 000,000,216 | ---- | M] () -- C:\Documents and Settings\David\Desktop\Ys II.url
[2013/07/24 12:25:23 | 000,000,216 | ---- | M] () -- C:\Documents and Settings\David\Desktop\Ys I.url
[2013/07/21 14:30:23 | 000,000,215 | ---- | M] () -- C:\Documents and Settings\David\Desktop\Fallout New Vegas.url
[2013/07/19 00:43:57 | 000,125,440 | ---- | M] () -- C:\Documents and Settings\David\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/07/18 18:20:05 | 000,000,216 | ---- | M] () -- C:\Documents and Settings\David\Desktop\Torchlight II.url
[2013/07/17 19:51:01 | 001,098,236 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013/07/17 19:51:01 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013/07/17 19:50:58 | 001,098,236 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013/07/14 14:14:12 | 000,000,216 | ---- | M] () -- C:\Documents and Settings\David\Desktop\Deadlight.url
[2013/07/14 14:14:12 | 000,000,215 | ---- | M] () -- C:\Documents and Settings\David\Desktop\The Witcher 2 Assassins of Kings Enhanced Edition.url
[2013/07/12 16:19:40 | 000,000,216 | ---- | M] () -- C:\Documents and Settings\David\Desktop\Endless Space.url
[2013/07/12 15:24:10 | 000,000,215 | ---- | M] () -- C:\Documents and Settings\David\Desktop\Overlord Raising Hell.url
[2013/07/12 15:02:07 | 000,000,215 | ---- | M] () -- C:\Documents and Settings\David\Desktop\Overlord II.url
[2013/07/12 14:44:13 | 000,000,215 | ---- | M] () -- C:\Documents and Settings\David\Desktop\Overlord.url
[2013/07/12 14:18:23 | 000,000,216 | ---- | M] () -- C:\Documents and Settings\David\Desktop\The Walking Dead.url
[2013/07/12 13:40:37 | 000,000,215 | ---- | M] () -- C:\Documents and Settings\David\Desktop\Anno 2070.url
[2013/07/12 13:27:38 | 000,000,213 | ---- | M] () -- C:\Documents and Settings\David\Desktop\Dota 2.url
[2013/07/11 11:46:59 | 002,072,776 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/07/11 03:43:25 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/07/11 03:42:28 | 000,525,214 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/07/11 03:42:28 | 000,096,078 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/07/10 10:27:11 | 000,000,291 | RHS- | M] () -- C:\boot.ini
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/07/31 06:21:23 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/07/31 06:21:17 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2013/07/31 06:21:17 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2013/07/28 19:41:55 | 000,000,213 | ---- | C] () -- C:\Documents and Settings\David\Desktop\Counter-Strike Global Offensive.url
[2013/07/24 12:25:23 | 000,000,216 | ---- | C] () -- C:\Documents and Settings\David\Desktop\Ys II.url
[2013/07/24 12:25:23 | 000,000,216 | ---- | C] () -- C:\Documents and Settings\David\Desktop\Ys I.url
[2013/07/21 14:30:23 | 000,000,215 | ---- | C] () -- C:\Documents and Settings\David\Desktop\Fallout New Vegas.url
[2013/07/18 18:20:03 | 000,000,216 | ---- | C] () -- C:\Documents and Settings\David\Desktop\Torchlight II.url
[2013/07/17 20:19:29 | 002,081,689 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-4218801841-1175837858-694166655-1005-0.dat
[2013/07/17 20:19:28 | 000,242,294 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2013/07/14 14:14:12 | 000,000,216 | ---- | C] () -- C:\Documents and Settings\David\Desktop\Deadlight.url
[2013/07/14 14:14:12 | 000,000,215 | ---- | C] () -- C:\Documents and Settings\David\Desktop\The Witcher 2 Assassins of Kings Enhanced Edition.url
[2013/07/12 16:19:40 | 000,000,216 | ---- | C] () -- C:\Documents and Settings\David\Desktop\Endless Space.url
[2013/07/12 15:24:09 | 000,000,215 | ---- | C] () -- C:\Documents and Settings\David\Desktop\Overlord Raising Hell.url
[2013/07/12 15:02:06 | 000,000,215 | ---- | C] () -- C:\Documents and Settings\David\Desktop\Overlord II.url
[2013/07/12 14:44:11 | 000,000,215 | ---- | C] () -- C:\Documents and Settings\David\Desktop\Overlord.url
[2013/07/12 14:18:23 | 000,000,216 | ---- | C] () -- C:\Documents and Settings\David\Desktop\The Walking Dead.url
[2013/07/12 13:40:36 | 000,000,215 | ---- | C] () -- C:\Documents and Settings\David\Desktop\Anno 2070.url
[2013/07/12 13:27:38 | 000,000,213 | ---- | C] () -- C:\Documents and Settings\David\Desktop\Dota 2.url
[2013/06/10 04:25:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2013/06/06 23:20:37 | 000,000,044 | ---- | C] () -- C:\WINDOWS\XP-310.ini
[2012/03/11 18:33:18 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2012/02/15 01:16:23 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/11/02 10:42:52 | 000,103,720 | ---- | C] () -- C:\Documents and Settings\David\GoToAssistDownloadHelper.exe
[2010/04/13 19:19:45 | 000,004,842 | -HS- | C] () -- C:\Documents and Settings\David\Local Settings\Application Data\2886491261
[2010/04/13 19:19:45 | 000,004,842 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2886491261
[2010/04/13 19:18:24 | 000,004,842 | -HS- | C] () -- C:\Documents and Settings\David\Local Settings\Application Data\7SkRgtbX5FlAM
[2010/04/13 19:18:24 | 000,004,842 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\7SkRgtbX5FlAM
[2010/03/30 15:46:00 | 000,001,250 | -HS- | C] () -- C:\Documents and Settings\David\Local Settings\Application Data\J7Qo
[2010/03/30 15:46:00 | 000,001,250 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\J7Qo
[2010/03/19 16:19:19 | 000,014,058 | -HS- | C] () -- C:\Documents and Settings\David\Local Settings\Application Data\H5obFSC7MF62
[2010/03/19 16:19:19 | 000,014,058 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\H5obFSC7MF62
[2010/03/09 01:53:18 | 000,013,032 | -HS- | C] () -- C:\Documents and Settings\David\Local Settings\Application Data\2hP38sy7qD86M
[2010/03/04 10:32:46 | 000,011,140 | -HS- | C] () -- C:\Documents and Settings\David\Local Settings\Application Data\jXP7U0T4
[2010/03/02 14:28:30 | 000,010,818 | -HS- | C] () -- C:\Documents and Settings\David\Local Settings\Application Data\2Rx3T63
[2009/06/16 18:59:54 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\David\Application Data\PnkBstrK.sys
[2008/07/20 12:44:40 | 000,004,990 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\gvpgdylr.gft
[2008/06/24 17:04:34 | 000,001,400 | RHS- | C] () -- C:\Documents and Settings\David\ntuser.pol
[2008/05/30 23:49:34 | 000,000,000 | -HS- | C] () -- C:\Documents and Settings\David\Application Data\004840adad4840cace.dat
[2008/05/30 21:44:30 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\David\Application Data\install.ini
[2008/05/11 19:58:17 | 000,000,042 | ---- | C] () -- C:\Documents and Settings\David\default.pls
[2008/04/10 05:16:19 | 000,125,440 | ---- | C] () -- C:\Documents and Settings\David\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/04/08 17:10:09 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\David\Local Settings\Application Data\fusioncache.dat
 
========== ZeroAccess Check ==========
 
[2005/08/16 06:39:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 20:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 20:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012/07/18 16:10:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Age of Empires 3
[2008/04/09 09:48:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2012/05/15 00:30:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Battle.net
[2012/07/31 02:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BioWare
[2012/08/15 12:53:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/12/11 01:26:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2009/04/25 14:19:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
[2005/08/16 22:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2012/03/18 00:36:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Easybits GO
[2011/12/02 17:03:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2013/06/08 14:01:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2012/07/14 17:53:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hi-Rez Studios
[2009/10/18 05:16:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ijjigame
[2011/12/02 17:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Origin
[2010/05/30 04:21:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Rosetta Stone
[2013/07/14 23:07:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Solidshield
[2010/07/11 01:40:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2013/07/20 01:58:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SplitMediaLabs
[2011/10/31 09:34:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2009/10/19 14:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2012/08/17 13:09:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2013/07/12 15:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Turbine
[2010/03/10 00:36:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2012/08/17 13:07:52 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2008/10/06 15:03:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2012/03/02 14:34:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Azureus
[2008/04/14 16:41:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Command & Conquer 3 Tiberium Wars
[2009/12/11 01:34:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\DAEMON Tools Lite
[2009/04/25 14:28:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\DAEMON Tools Pro
[2011/12/22 22:56:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\DDMSettings
[2011/02/12 23:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Dreamlords
[2013/06/08 14:01:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Epson
[2013/07/24 18:55:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\FALCOM
[2008/10/06 14:50:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\GetRightToGo
[2008/07/21 17:49:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\gnupg
[2011/05/31 08:30:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\go
[2009/10/18 05:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\ijjigame
[2013/06/06 23:20:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Leadertech
[2008/09/28 22:32:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\LimeWire
[2009/10/28 05:58:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
[2012/08/10 11:31:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Mumble
[2011/12/02 17:04:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Origin
[2010/07/11 02:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Publish Providers
[2013/05/17 00:05:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\raidcall
[2013/05/17 00:03:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\RCTW
[2011/02/04 16:49:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\RIFT
[2009/04/27 21:22:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Screaming Bee
[2010/07/11 02:20:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Sony
[2011/01/15 22:31:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Sony Online Entertainment
[2013/07/20 01:58:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\SplitMediaLabs
[2010/11/15 12:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\SystemRequirementsLab
[2011/04/09 10:43:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\TeamViewer
[2011/04/09 10:49:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\TS3Client
[2012/08/15 12:52:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\TuneUp Software
[2013/07/14 23:06:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Ubisoft
[2011/04/25 23:48:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Unity
[2013/07/31 05:42:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\uTorrent
[2010/03/09 02:21:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\ViiKiiDesktopPlugin.5E22EA0FF243470AB5EDDF282C0A5B52E9909C36.1
[2010/12/14 22:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Windows Desktop Search
[2009/05/08 00:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Windows Search
[2012/06/19 16:00:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\WinZip
[2012/08/18 20:12:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\GameTracker
[2012/08/24 14:20:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\TuneUp Software
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 48 bytes -> C:\Documents and Settings\All Users\DRM:مهندسة
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D06A4C76
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >
 

[Maniac]

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following

  :OTL

  [2013/07/23 19:44:29 | 000,000,000 | ---D | M] (Ghostery) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com

  O32 - AutoRun File - [2005/08/16 06:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

  O32 - AutoRun File - [2009/08/19 05:03:12 | 000,000,000 | RH-D | M] - G:\autorun -- [ NTFS ]

  O32 - AutoRun File - [2002/10/16 22:56:50 | 000,000,036 | RH-- | M] () - G:\autorun.inf -- [ NTFS ]

  [2010/04/13 19:19:45 | 000,004,842 | -HS- | C] () -- C:\Documents and Settings\David\Local Settings\Application Data\2886491261

  [2010/04/13 19:19:45 | 000,004,842 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2886491261

  [2010/04/13 19:18:24 | 000,004,842 | -HS- | C] () -- C:\Documents and Settings\David\Local Settings\Application Data\7SkRgtbX5FlAM

  [2010/04/13 19:18:24 | 000,004,842 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\7SkRgtbX5FlAM

  [2010/03/30 15:46:00 | 000,001,250 | -HS- | C] () -- C:\Documents and Settings\David\Local Settings\Application Data\J7Qo

  [2010/03/30 15:46:00 | 000,001,250 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\J7Qo

  [2010/03/19 16:19:19 | 000,014,058 | -HS- | C] () -- C:\Documents and Settings\David\Local Settings\Application Data\H5obFSC7MF62

  [2010/03/19 16:19:19 | 000,014,058 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\H5obFSC7MF62

  [2010/03/09 01:53:18 | 000,013,032 | -HS- | C] () -- C:\Documents and Settings\David\Local Settings\Application Data\2hP38sy7qD86M

  [2010/03/04 10:32:46 | 000,011,140 | -HS- | C] () -- C:\Documents and Settings\David\Local Settings\Application Data\jXP7U0T4

  [2010/03/02 14:28:30 | 000,010,818 | -HS- | C] () -- C:\Documents and Settings\David\Local Settings\Application Data\2Rx3T63

  [2008/07/20 12:44:40 | 000,004,990 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\gvpgdylr.gft

  [2008/04/09 09:48:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus

  [2012/03/02 14:34:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Azureus

  [2008/09/28 22:32:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\LimeWire

  [2013/07/31 05:42:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\uTorrent

  :files

  ipconfig /flushdns /c

  :Commands

  [emptytemp]

  [clearallrestorepoints]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• Please post the OTL fix log in your next reply.

Note: A copy of an OTL fix log is saved in a text file at C:\_OTL\MovedFiles

[Genjoukai]

All processes killed
========== OTL ==========
C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com\resource\font folder moved successfully.
C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com\resource folder moved successfully.
C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com\META-INF folder moved successfully.
C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com\defaults\preferences folder moved successfully.
C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com\defaults folder moved successfully.
C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com\components folder moved successfully.
C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com\chrome\locale\ru-RU folder moved successfully.
C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com\chrome\locale\ja-JP folder moved successfully.
C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com\chrome\locale\fr-FR folder moved successfully.
C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com\chrome\locale\es-ES folder moved successfully.
C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com\chrome\locale\en-US folder moved successfully.
C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com\chrome\locale\de-DE folder moved successfully.
C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com\chrome\locale folder moved successfully.
C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com\chrome\content\includes\tiptip folder moved successfully.
C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com\chrome\content\includes folder moved successfully.
C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com\chrome\content\images\popup\Tutorial folder moved successfully.
C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com\chrome\content\images\popup\Tracker folder moved successfully.
C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com\chrome\content\images\popup\Settings folder moved successfully.
C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com\chrome\content\images\popup\Header folder moved successfully.
C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com\chrome\content\images\popup\Footer folder moved successfully.
C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com\chrome\content\images\popup folder moved successfully.
C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com\chrome\content\images folder moved successfully.
C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com\chrome\content folder moved successfully.
C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com\chrome folder moved successfully.
C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\ecntvwfi.default\extensions\firefox@ghostery.com folder moved successfully.
C:\AUTOEXEC.BAT moved successfully.
File  not found.
G:\autorun.inf moved successfully.
C:\Documents and Settings\David\Local Settings\Application Data\2886491261 moved successfully.
C:\Documents and Settings\All Users\Application Data\2886491261 moved successfully.
C:\Documents and Settings\David\Local Settings\Application Data\7SkRgtbX5FlAM moved successfully.
C:\Documents and Settings\All Users\Application Data\7SkRgtbX5FlAM moved successfully.
C:\Documents and Settings\David\Local Settings\Application Data\J7Qo moved successfully.
C:\Documents and Settings\All Users\Application Data\J7Qo moved successfully.
C:\Documents and Settings\David\Local Settings\Application Data\H5obFSC7MF62 moved successfully.
C:\Documents and Settings\All Users\Application Data\H5obFSC7MF62 moved successfully.
C:\Documents and Settings\David\Local Settings\Application Data\2hP38sy7qD86M moved successfully.
C:\Documents and Settings\David\Local Settings\Application Data\jXP7U0T4 moved successfully.
C:\Documents and Settings\David\Local Settings\Application Data\2Rx3T63 moved successfully.
C:\Documents and Settings\All Users\Application Data\gvpgdylr.gft moved successfully.
C:\Documents and Settings\All Users\Application Data\Azureus folder moved successfully.
C:\Documents and Settings\David\Application Data\Azureus\updates folder moved successfully.
C:\Documents and Settings\David\Application Data\Azureus\torrents folder moved successfully.
C:\Documents and Settings\David\Application Data\Azureus\tmp folder moved successfully.
C:\Documents and Settings\David\Application Data\Azureus\subs\temp folder moved successfully.
C:\Documents and Settings\David\Application Data\Azureus\subs folder moved successfully.
C:\Documents and Settings\David\Application Data\Azureus\shares folder moved successfully.
C:\Documents and Settings\David\Application Data\Azureus\rss folder moved successfully.
C:\Documents and Settings\David\Application Data\Azureus\plugins\hvi folder moved successfully.
C:\Documents and Settings\David\Application Data\Azureus\plugins\azutp\x64 folder moved successfully.
C:\Documents and Settings\David\Application Data\Azureus\plugins\azutp\win32 folder moved successfully.
C:\Documents and Settings\David\Application Data\Azureus\plugins\azutp folder moved successfully.
C:\Documents and Settings\David\Application Data\Azureus\plugins\azupnpav folder moved successfully.
C:\Documents and Settings\David\Application Data\Azureus\plugins\aefeatman_v folder moved successfully.
C:\Documents and Settings\David\Application Data\Azureus\plugins folder moved successfully.
C:\Documents and Settings\David\Application Data\Azureus\net folder moved successfully.
C:\Documents and Settings\David\Application Data\Azureus\logs\save folder moved successfully.
C:\Documents and Settings\David\Application Data\Azureus\logs folder moved successfully.
C:\Documents and Settings\David\Application Data\Azureus\dht folder moved successfully.
C:\Documents and Settings\David\Application Data\Azureus\devices folder moved successfully.
C:\Documents and Settings\David\Application Data\Azureus\active folder moved successfully.
C:\Documents and Settings\David\Application Data\Azureus folder moved successfully.
C:\Documents and Settings\David\Application Data\LimeWire\xml\data folder moved successfully.
C:\Documents and Settings\David\Application Data\LimeWire\xml folder moved successfully.
C:\Documents and Settings\David\Application Data\LimeWire\themes\windows_theme folder moved successfully.
C:\Documents and Settings\David\Application Data\LimeWire\themes folder moved successfully.
C:\Documents and Settings\David\Application Data\LimeWire\promotion folder moved successfully.
C:\Documents and Settings\David\Application Data\LimeWire\certificate folder moved successfully.
C:\Documents and Settings\David\Application Data\LimeWire\.AppSpecialShare folder moved successfully.
C:\Documents and Settings\David\Application Data\LimeWire folder moved successfully.
C:\Documents and Settings\David\Application Data\uTorrent folder moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\David\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\David\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Admin
->Temp folder emptied: 314 bytes
->Temporary Internet Files folder emptied: 1362743 bytes
->FireFox cache emptied: 19261737 bytes
->Flash cache emptied: 0 bytes
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
 
User: All Users
 
User: David
->Temp folder emptied: 120882433 bytes
->Temporary Internet Files folder emptied: 17266200 bytes
->Java cache emptied: 1526401 bytes
->FireFox cache emptied: 1174444122 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 62623 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56475 bytes
 
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 818999 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 2087381 bytes
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: UpdatusUser.SEPHIROTH
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 2263199 bytes
->Flash cache emptied: 56475 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 401408 bytes
%systemroot%\System32 .tmp files removed: 1564672 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 37427 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 508094864 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 684384849 bytes
 
Total Files Cleaned = 2,417.00 mb
 
Restore point Set: OTL Restore Point
 
OTL by OldTimer - Version 3.2.69.0 log created on 08042013_133200

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 

[Maniac]

Any improvement?

[Genjoukai]

It seems to have worked haven't lost focus on my brower or had any minimizing on any of my other programs. Thanks so much for helping me with this problem.

[Maniac]

Glad I could help!

Please re-run OTL and click on CleanUp button. Next:

• Double click on AdwCleaner.exe to run the tool.
• Click on Uninstall
• Confirm with Yes

Some malware prevention tips:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Safe surfing!

[AdvancedSetup]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!