Sponsored By

mmcintosh

Members
  • Content Count

    22
  • Joined

  • Last visited

Posts posted by mmcintosh


  1. # DelFix v10.8 - Logfile created 30/11/2014 at 20:54:38
    # Updated 29/07/2014 by Xplode
    # Username : Owner - OWNER-PC
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

    ~ Removing disinfection tools ...

    Deleted : C:\_OTL
    Deleted : C:\zoek_backup
    Deleted : C:\AdwCleaner
    Deleted : C:\zoek-results.log
    Deleted : C:\Users\Owner\Desktop\dds.txt
    Deleted : C:\Users\Owner\Desktop\JRT.txt
    Deleted : C:\Users\Owner\Downloads\adwcleaner.exe
    Deleted : C:\Users\Owner\Downloads\adwcleaner_4.102.exe
    Deleted : C:\Users\Owner\Downloads\dds.scr
    Deleted : C:\Users\Owner\Downloads\Extras.Txt
    Deleted : C:\Users\Owner\Downloads\JRT(1).exe
    Deleted : C:\Users\Owner\Downloads\JRT.exe
    Deleted : C:\Users\Owner\Downloads\OTL.Txt
    Deleted : C:\Users\Owner\Downloads\SecurityCheck(1).exe
    Deleted : C:\Users\Owner\Downloads\SecurityCheck.exe
    Deleted : HKLM\SOFTWARE\OldTimer Tools
    Deleted : HKLM\SOFTWARE\AdwCleaner

    ~ Creating registry backup ... OK

    ~ Cleaning system restore ...

    Deleted : RP #253 [Windows Update | 10/31/2014 16:25:43]
    Deleted : RP #254 [Windows Update | 11/05/2014 23:55:27]
    Deleted : RP #255 [Removed WeatherBug | 11/12/2014 23:19:32]
    Deleted : RP #256 [Windows Update | 11/12/2014 23:35:29]
    Deleted : RP #257 [Removed VideoBuzz | 11/12/2014 23:55:50]
    Deleted : RP #258 [Windows Update | 11/13/2014 02:58:38]
    Deleted : RP #259 [Windows Update | 11/19/2014 00:49:58]
    Deleted : RP #260 [Windows Update | 11/21/2014 02:59:09]
    Deleted : RP #261 [Windows Update | 11/26/2014 19:35:03]
    Deleted : RP #262 [zoek.exe restore point | 11/30/2014 17:43:33]
    Deleted : RP #263 [OTL Restore Point - 11/30/2014 8:45:08 PM | 12/01/2014 03:45:10]

    New restore point created !

    ~ Resetting system settings ... OK

    ########## - EOF - ##########


  2. All processes killed
    ========== OTL ==========
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}\ not found.
    HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    HKEY_USERS\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Registry key HKEY_USERS\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{012E1000-F331-11DB-8314-0800200C9A66}\ not found.
    Registry key HKEY_USERS\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
    Registry key HKEY_USERS\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\Microsoft\Internet Explorer\SearchScopes\{113537E9-AEA4-4BED-BBB0-C5DCC1B70EE4}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{113537E9-AEA4-4BED-BBB0-C5DCC1B70EE4}\ not found.
    Registry key HKEY_USERS\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}\ not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
    Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
    Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
    C:\Users\Owner\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
    C:\Users\Owner\AppData\Roaming\mozilla\Extensions folder moved successfully.
    C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\0rbzcbm3.default-1395006579003\extensions folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\browser\extensions folder moved successfully.
    64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\dnsshield deleted successfully.
    Registry value HKEY_USERS\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
    File Protocol\Handler\ms-help - No CLSID value found not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
    File Protocol\Handler\skype4com - No CLSID value found not found.
    ========== COMMANDS ==========
     
    [EMPTYJAVA]
     
    User: Administrator
     
    User: All Users
     
    User: Default
     
    User: Default User
     
    User: Guest
     
    User: HomeGroupUser$
     
    User: Owner
    ->Java cache emptied: 0 bytes
     
    User: Public
     
    Total Java Files Cleaned = 0.00 mb
     
     
    [EMPTYFLASH]
     
    User: Administrator
     
    User: All Users
     
    User: Default
    ->Flash cache emptied: 0 bytes
     
    User: Default User
    ->Flash cache emptied: 0 bytes
     
    User: Guest
     
    User: HomeGroupUser$
     
    User: Owner
    ->Flash cache emptied: 1704 bytes
     
    User: Public
     
    Total Flash Files Cleaned = 0.00 mb
     
     
    [EMPTYTEMP]
     
    User: Administrator
     
    User: All Users
     
    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes
     
    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes
     
    User: Guest
     
    User: HomeGroupUser$
     
    User: Owner
    ->Temp folder emptied: 5655820 bytes
    ->Temporary Internet Files folder emptied: 3697171 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 78319461 bytes
    ->Google Chrome cache emptied: 856432 bytes
    ->Flash cache emptied: 0 bytes
     
    User: Public
     
    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 7994 bytes
    %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 195 bytes
    %systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 753 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes
     
    Total Files Cleaned = 84.00 mb
     
    C:\windows\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully
    Restore point Set: OTL Restore Point
     
    OTL by OldTimer - Version 3.2.69.0 log created on 11302014_204417

    Files\Folders moved on Reboot...
    File\Folder C:\Users\Owner\AppData\Local\Temp\OICE_7A559717-D76B-4B6C-8086-7F156FDADB01.0\mso3518.tmp not found!
    File\Folder C:\Users\Owner\AppData\Local\Temp\OICE_7A559717-D76B-4B6C-8086-7F156FDADB01.0\~WRS{422348F8-93E8-4E5D-82B4-D8BD259FB543}.tmp not found!
    File\Folder C:\Users\Owner\AppData\Local\Temp\OICE_7A559717-D76B-4B6C-8086-7F156FDADB01.0\~WRS{6BF44758-09CB-4FFA-BD1C-CF8B5F8E0F45}.tmp not found!
    C:\Users\Owner\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
    File move failed. C:\windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
    File move failed. C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...


  3. OTL Extras logfile created on: 11/30/2014 8:03:59 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Owner\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.17420)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
     
    3.80 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 41.22% Memory free
    7.60 Gb Paging File | 5.05 Gb Available in Paging File | 66.50% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 583.11 Gb Total Space | 525.27 Gb Free Space | 90.08% Space Free | Partition Type: NTFS
    Drive D: | 509.93 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
     
    Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Extra Registry (SafeList) ==========
     
     
    ========== File Associations ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    .url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
     
    [HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
     
    [HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
     
    [HKEY_USERS\S-1-5-21-3546646767-1445017109-1683610049-1000\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
     
    ========== Shell Spawning ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- C:\Program Files (x86)\Advanced System Protector\filetypehelper.exe -scanunknown "%1"
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- C:\Program Files (x86)\Advanced System Protector\filetypehelper.exe -scanunknown "%1"
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
     
    ========== Security Center Settings ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
     
    ========== Firewall Settings ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
     
    ========== Authorized Applications List ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
     
     
    ========== Vista Active Open Ports Exception List ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{152FD0A3-F0A4-4683-8976-778AE00870B0}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{25880696-7D6E-4F26-BFE0-334DF8DC0E7E}" = lport=139 | protocol=6 | dir=in | app=system |
    "{3B1A23C8-027A-4978-BF2E-39B9CCC5A81E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{45C75B4D-BCE3-4B91-9C86-6F3D3DB7FBAD}" = rport=137 | protocol=17 | dir=out | app=system |
    "{4E612F40-751A-4C55-99A6-121E92061298}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{503BCF64-261C-4037-B325-118291FD9E39}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{528F64F2-064C-47C3-8BB7-EC3064A815B8}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{58FDB526-0F67-42AA-BF8B-A7B26FA1B78A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{5F3B9A93-E7CE-4AC7-8EE5-489943685A2D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{60EC594A-4537-4B67-944F-4707A2F64A77}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{64F6E930-6898-43EE-8869-FFF175C2B5AB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
    "{6970D384-CF25-4238-A500-4B80B0D4557C}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{707A860E-9A13-4FAD-BAED-0A9A45FC3477}" = lport=137 | protocol=17 | dir=in | app=system |
    "{8920EDBC-A221-4C6D-8A21-F7971A519E03}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{8A5256F7-292C-43F0-A2BE-060BD90EDFEA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{8B9F9313-6543-4DC0-B1C9-21601CDBF952}" = rport=138 | protocol=17 | dir=out | app=system |
    "{8DDC9207-A363-4E54-9EE5-1FF5D23B7960}" = rport=139 | protocol=6 | dir=out | app=system |
    "{8F83562C-87DC-4F72-B9F0-EE55DFB1FD3A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{A39AB92B-448A-4728-A9EE-4EDFE6FAD45E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{A6DC61A7-1F0C-45CF-923E-ED45CF569AD8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{A7DED250-2FDC-47B8-9471-A36270D0A9BA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{A826F968-4381-40F6-9BC2-24D173CE6802}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{A8BD79CF-6E68-41ED-AD66-25D2015F52A6}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{AA224A88-A174-473B-941E-99F8D4826621}" = lport=445 | protocol=6 | dir=in | app=system |
    "{E87D2983-1DF0-4249-A0AA-DDDBD407616D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{EF0322E0-427D-4784-9AD8-78ED2B9B4517}" = rport=445 | protocol=6 | dir=out | app=system |
    "{FD720341-5589-4352-BF92-2E405BE7A6A3}" = lport=138 | protocol=17 | dir=in | app=system |
     
    ========== Vista Active Application Exception List ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{00F4C894-8AE5-4C85-BB01-A82EDB89E59D}" = protocol=1 | dir=out | [email protected],-28544 |
    "{07AB37FC-2FBB-41AE-9C9C-0A35C4B28C49}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "{1EB0FD21-F292-4F72-878A-DA9714671AB8}" = dir=in | app=c:\users\owner\appdata\local\facebook\video\skype\facebookvideocalling.exe |
    "{2CBD8C9B-1095-4EF0-A41B-99ECAC26CFE3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{367FE427-23CE-49A9-A754-4D1A249DE79D}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
    "{38CDB13F-156E-4378-8674-A84629CD77B2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
    "{42557E08-B633-43FC-87CA-3C9BB852F1DD}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
    "{4418D890-D5DC-4E15-BF6D-327675FF012E}" = protocol=6 | dir=in | app=c:\program files\intel\wimax\bin\appsrv.exe |
    "{4436EB00-F248-4236-8A74-C00787392EA7}" = protocol=1 | dir=in | [email protected],-28543 |
    "{45E6778B-0A9B-4ADB-AA82-740544338514}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{49FCB6EC-3CE1-4555-8742-CD2458606804}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{55EA347F-DEBD-4DC6-A24F-D4044032DD97}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{5B191765-9A10-4599-994E-3282F7E5F278}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{5F0DC987-9EA6-4642-B1D7-4D82500880C4}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
    "{61A8AFB2-BBA0-42CE-964E-3BBB58DB5B7F}" = protocol=17 | dir=in | app=c:\users\owner\appdata\local\temp\7zse55e.tmp\symnrt.exe |
    "{65A6F4D4-2F31-4491-80EF-F21A2A24D1AE}" = protocol=58 | dir=in | app=system |
    "{6BBE3461-D4C6-4B86-89F3-738CC0F0BEED}" = dir=in | app=c:\program files\hp\hp deskjet 3050a j611 series\bin\devicesetup.exe |
    "{70CD95D8-D193-448E-87E0-5BF0BEDBD0D5}" = protocol=6 | dir=in | app=c:\users\owner\appdata\local\temp\7zse55e.tmp\symnrt.exe |
    "{7731591C-5DA5-44F5-BAF3-0E41C0A25B1F}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
    "{77400AE7-946B-4B1A-8F87-1DEDF360D259}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{787492D0-8E56-463A-B7AE-E53BD6BC5B67}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{841C89B1-321F-465D-A652-E3DDCB1DE216}" = protocol=17 | dir=in | app=c:\users\owner\downloads\online_anthropology_kinship_chart_creator_downloader.exe |
    "{8C5C96D5-0EF1-4F39-818E-9885C83F0E63}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
    "{8D6D485F-1CC4-4752-9879-14C2067DFFA8}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{8F45A27B-5969-44AE-9422-43E9E96696F7}" = protocol=58 | dir=out | [email protected],-503 |
    "{90297666-B45A-4681-B043-0660111BDB7A}" = protocol=17 | dir=in | app=c:\program files\intel\wimax\bin\dmagent.exe |
    "{9E9EAEE9-9819-4B51-B224-92291FECD49B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{9FAA15D4-D250-43FD-9DD3-2D6C64AE671E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{A4DE0ABC-71D6-468C-B20C-D1FE25124078}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{B78EE4D6-88EA-4961-B160-4AB92BFAC1BE}" = protocol=6 | dir=in | app=c:\users\owner\downloads\online_anthropology_kinship_chart_creator_downloader.exe |
    "{BB7D40EF-7365-4ADC-9B46-D68DADEE2454}" = protocol=58 | dir=in | [email protected],-28545 |
    "{C17DCFD8-5D52-4AA3-9F75-5F3E530DB1C6}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
    "{C63349A2-45E3-4078-B5F9-D75DB838817A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{C8D05211-B847-4F17-8800-2FF14827258C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{CD848823-E4D2-41AD-B627-D4C254FFDFC4}" = protocol=58 | dir=out | [email protected],-28546 |
    "{D04E55B8-7376-413C-BB5D-CBE100689BAA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{D489BFE2-C01A-41AB-AC39-BF441A1E48BF}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{DC32C1F1-C472-41CA-AD68-DAC2A1020B86}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
    "{DE7101F8-73CA-4715-A374-7CE62D1084F4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{E86EEFF0-AE49-4340-8680-372D0BAF726B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{E93E2E53-ADFB-4D2C-BE92-2B3D81BD016E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{EF769D05-47AF-472F-B5C9-0C848E55E1B0}" = protocol=6 | dir=in | app=c:\program files\intel\wimax\bin\dmagent.exe |
    "{EFF33D34-4C2B-468C-BE2C-97E01D8B491D}" = protocol=6 | dir=out | app=system |
    "{F12C3805-A7E9-4619-B8BA-9AE6D5A73836}" = protocol=17 | dir=in | app=c:\program files\intel\wimax\bin\appsrv.exe |
    "{F5AABD7B-D795-4D73-9F8B-A60D45102C50}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
    "{F6C1C234-24B0-4D22-B28D-F19D8AB65FD2}" = dir=in | app=c:\program files (x86)\intel corporation\intel wireless display\widiapp.exe |
    "{F7BDF7E6-8170-47AE-A43D-B18F2FA72EA9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{F89209F3-1ACA-40F7-B213-5B5E8B099028}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
    "{FEBACEF5-81D7-4533-8458-DC41FD1B0EA3}" = dir=in | app=c:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe |
    "TCP Query User{111C9DD9-85DB-42D5-9A83-398F83EDE02F}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
    "TCP Query User{1C72954E-8BE3-4BFE-B2E0-4470B032145A}C:\program files (x86)\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
    "TCP Query User{2C5E3417-9CF3-4FDB-95C0-2F1250655981}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
    "TCP Query User{6D02F5B8-5092-4DC2-841E-91D419A59C1B}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
    "TCP Query User{911692AE-D1E2-4875-AA7C-805DDEBC9F91}C:\program files (x86)\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
    "UDP Query User{2D62497B-6E10-4523-AEC7-F859A23816EF}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
    "UDP Query User{68819A61-07F0-4666-BC11-93D34E26F45A}C:\program files (x86)\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
    "UDP Query User{78FB9ED9-C91E-43E8-9BFE-F2A9AFA8E1F6}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
    "UDP Query User{7C955AD9-C1AA-49D1-A314-2C5C9401EB5D}C:\program files (x86)\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
    "UDP Query User{E9D2B5CE-5DCD-491A-A89A-7C054D05882F}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
     
    ========== HKEY_LOCAL_MACHINE Uninstall List ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
    "{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
    "{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
    "{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
    "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
    "{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{4F26C164-9373-4974-8F43-E0F2176AF937}" = Intel WiMAX Tutorial
    "{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{6548B189-BEA4-4041-80E0-AEB60548E046}" = Intel® PROSet/Wireless WiMAX Software
    "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
    "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
    "{710D4D91-1924-4A6B-8659-9CDE02DC7207}" = HP Deskjet 3050A J611 series Product Improvement Study
    "{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
    "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
    "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
    "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
    "{94A90C69-71C1-470A-88F5-AA47ECC96B40}" = TOSHIBA HDD Protection
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
    "{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
    "{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
    "{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
    "{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
    "{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
    "{C298FF86-AB23-4B58-AC53-A23383C07B3A}" = Intel® Wireless Display
    "{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
    "{D16A2127-B927-4379-B153-3DEC091E4EEB}" = Intel® PROSet/Wireless WiFi Software
    "{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
    "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
    "{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
    "{FB555BCF-9202-4886-9203-88C9A210D727}" = HP Deskjet 3050A J611 series Basic Device Software
    "{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app
    "McAfee Security Scan" = McAfee Security Scan Plus
    "ProInst" = Intel PROSet Wireless
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0D795777-9D60-4692-8386-F2B3F2B5E5BF}" = [email protected] 1.0
    "{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
    "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
    "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
    "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
    "{2A83AD05-56E6-3FBD-8752-B4143162EF59}" = Google Talk Plugin
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{33BC5F69-0E51-4121-A04A-0868D65CF050}" = VBPlayerMoz
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
    "{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
    "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skypeâ„¢ 6.11
    "{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
    "{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
    "{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
    "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
    "{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
    "{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
    "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
    "{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
    "{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
    "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
    "{654F7484-88C5-46DC-AB32-C66BCB0E2102}" = TOSHIBA Sleep Utility
    "{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}" = HP Update
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
    "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
    "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
    "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
    "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
    "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
    "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
    "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
    "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
    "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
    "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
    "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
    "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
    "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
    "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
    "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
    "{97DDCAB8-B770-4089-A10F-67568069D78A}" = HP Deskjet 3050A J611 series Help
    "{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
    "{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
    "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
    "{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
    "{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
    "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
    "{BB51B753-9A0C-4D1D-B3EF-A1B936F55796}" = Toshiba Book Place
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
    "{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
    "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
    "{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
    "Adobe Shockwave Player" = Adobe Shockwave Player 12.0
    "Avast" = avast! Free Antivirus
    "dnsshield" = Social Privacy DNS
    "GeniusBox" = GeniusBox 2.0
    "Google Chrome" = Google Chrome
    "groove_stream" = Groove-Stream
    "HP Photo Creations" = HP Photo Creations
    "InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
    "InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
    "InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
    "InstallShield_{33BC5F69-0E51-4121-A04A-0868D65CF050}" = VBPlayerMoz
    "InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
    "InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
    "InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
    "InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
    "InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
    "InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
    "InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
    "KeepMySettingsX" = KeepMySettingsX
    "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.3.1025
    "Mozilla Firefox 33.1.1 (x86 en-US)" = Mozilla Firefox 33.1.1 (x86 en-US)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "Office14.SingleImage" = Microsoft Office Home and Student 2010
    "WinLiveSuite" = Windows Live Essentials
     
    ========== HKEY_USERS Uninstall List ==========
     
    [HKEY_USERS\S-1-5-21-3546646767-1445017109-1683610049-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "@@[email protected]@SanDiskSecureAccess_Manager.exe" = SanDiskSecureAccess_Manager.exe
    "e55b814e55744b76" = Best Buy pc app
     
    ========== Last 20 Event Log Errors ==========
     
    [ System Events ]
    Error - 11/30/2014 3:58:03 PM | Computer Name = Owner-PC | Source = DCOM | ID = 10010
    Description =
     
    Error - 11/30/2014 4:35:26 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
    Description = The Google Update Service (gupdate) service failed to start due to
     the following error:   %%2
     
     
    < End of report >
     


  4. OTL logfile created on: 11/30/2014 8:03:59 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Owner\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.17420)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
     
    3.80 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 41.22% Memory free
    7.60 Gb Paging File | 5.05 Gb Available in Paging File | 66.50% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 583.11 Gb Total Space | 525.27 Gb Free Space | 90.08% Space Free | Partition Type: NTFS
    Drive D: | 509.93 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
     
    Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Processes (SafeList) ==========
     
    PRC - [2014/11/30 20:01:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL.com
    PRC - [2014/11/26 12:29:58 | 001,880,752 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe
    PRC - [2014/11/23 13:07:55 | 000,982,600 | ---- | M] (InstallX, LLC) -- C:\Users\Owner\AppData\Roaming\KeepMySettingsX\keepmysettingsx.exe
    PRC - [2014/11/15 18:02:21 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    PRC - [2014/08/01 04:00:08 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
    PRC - [2014/08/01 03:59:51 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    PRC - [2013/09/03 06:53:50 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2012/02/14 23:39:36 | 030,705,792 | ---- | M] (Gemalto N.V.) -- C:\Users\Owner\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
    PRC - [2010/04/01 09:52:22 | 000,252,728 | ---- | M] (TOSHIBA) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
    PRC - [2010/03/03 14:42:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
    PRC - [2010/03/03 14:41:58 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    PRC - [2009/12/25 15:21:16 | 000,034,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
    PRC - [2007/03/29 15:41:26 | 000,222,128 | ---- | M] (Macrovision Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
     
     
    ========== Modules (No Company Name) ==========
     
    MOD - [2014/11/26 12:29:58 | 016,841,392 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll
    MOD - [2014/11/15 18:02:20 | 003,649,648 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
    MOD - [2014/08/01 03:59:52 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
    MOD - [2014/08/01 03:59:51 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
    MOD - [2013/09/05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    MOD - [2012/02/20 20:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2012/02/20 20:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2012/02/14 16:37:52 | 011,796,096 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\SanDisk\My Vaults\dmBackup.dll
     
     
    ========== Services (SafeList) ==========
     
    SRV:64bit: - [2014/11/05 20:30:08 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
    SRV:64bit: - [2014/08/01 03:59:51 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
    SRV:64bit: - [2013/09/06 10:32:06 | 000,288,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe -- (McComponentHostService)
    SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
    SRV:64bit: - [2010/07/28 10:27:16 | 000,267,192 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
    SRV:64bit: - [2010/07/22 16:36:16 | 000,822,192 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
    SRV:64bit: - [2010/06/29 11:05:02 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
    SRV:64bit: - [2010/06/07 15:39:40 | 000,911,872 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv)
    SRV:64bit: - [2010/06/07 15:34:20 | 000,408,576 | ---- | M] (Red Bend Ltd.) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent)
    SRV:64bit: - [2010/03/05 10:26:38 | 001,425,168 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
    SRV:64bit: - [2010/03/05 10:07:58 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
    SRV:64bit: - [2010/03/05 10:06:22 | 000,831,760 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
    SRV:64bit: - [2010/02/05 17:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
    SRV:64bit: - [2009/10/21 09:30:36 | 000,531,520 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
    SRV:64bit: - [2009/07/28 15:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
    SRV - [2014/11/26 12:29:59 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2014/11/15 18:02:21 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2014/03/20 15:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2013/10/23 07:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2013/09/11 20:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2013/09/03 06:53:50 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
    SRV - [2010/03/03 14:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
    SRV - [2010/03/03 14:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
     
     
    ========== Driver Services (SafeList) ==========
     
    DRV:64bit: - [2014/11/23 12:58:46 | 001,041,168 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
    DRV:64bit: - [2014/08/01 04:00:07 | 000,427,360 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
    DRV:64bit: - [2014/08/01 03:59:54 | 000,224,896 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
    DRV:64bit: - [2014/08/01 03:59:54 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
    DRV:64bit: - [2014/08/01 03:59:54 | 000,092,008 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
    DRV:64bit: - [2014/08/01 03:59:54 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV:64bit: - [2014/08/01 03:59:54 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
    DRV:64bit: - [2014/08/01 03:59:54 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
    DRV:64bit: - [2012/09/28 21:52:10 | 000,075,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
    DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
    DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2012/02/15 10:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
    DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010/11/20 04:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/11/20 02:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2010/11/20 00:37:44 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
    DRV:64bit: - [2010/06/18 10:38:06 | 000,039,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
    DRV:64bit: - [2010/05/31 12:05:06 | 007,689,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
    DRV:64bit: - [2010/05/18 16:02:48 | 000,164,464 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
    DRV:64bit: - [2010/05/16 17:28:38 | 000,175,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpmp.sys -- (bpmp)
    DRV:64bit: - [2010/05/16 17:28:30 | 000,081,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpusb.sys -- (bpusb)
    DRV:64bit: - [2010/05/16 17:28:28 | 000,071,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpenum.sys -- (bpenum)
    DRV:64bit: - [2010/05/08 18:38:56 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
    DRV:64bit: - [2010/05/03 14:44:02 | 000,331,880 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2010/04/21 11:18:44 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2010/03/10 18:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
    DRV:64bit: - [2010/02/26 16:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
    DRV:64bit: - [2010/02/03 06:38:30 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
    DRV:64bit: - [2010/01/15 12:22:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
    DRV:64bit: - [2009/09/17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
    DRV:64bit: - [2009/07/30 21:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
    DRV:64bit: - [2009/07/30 20:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
    DRV:64bit: - [2009/07/14 15:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
    DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/13 17:00:24 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpials.sys -- (acpials)
    DRV:64bit: - [2009/06/29 16:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
    DRV:64bit: - [2009/06/29 10:25:22 | 000,034,880 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
    DRV:64bit: - [2009/06/22 17:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
    DRV:64bit: - [2009/06/19 19:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
    DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
    DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
    DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
     
     
    ========== Standard Registry (SafeList) ==========
     
     
    ========== Internet Explorer ==========
     
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
    IE - HKLM\..\SearchScopes,DefaultScope = {632F07F3-19A1-4d16-A23F-E6CE9486BAB5}
    IE - HKLM\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
     
     
    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
     
    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
     
    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
     
    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
     
    IE - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://start.toshiba.com/g/ [binary data]
    IE - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
    IE - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
    IE - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://search.yahoo.com/yhs/web?hspart=w3i&hsimp=yhs-syctransfer&type=W3i_SP,204,0_0,StartPage,20141146,20029,0,101,9284
    IE - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\..\SearchScopes,DefaultScope = {113537E9-AEA4-4BED-BBB0-C5DCC1B70EE4}
    IE - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
    IE - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\..\SearchScopes\{113537E9-AEA4-4BED-BBB0-C5DCC1B70EE4}: "URL" = https://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20141146,20028,0,101,0
    IE - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
    IE - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
    IE - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
    IE - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49167;https=127.0.0.1:49167
     
    ========== FireFox ==========
     
    FF - prefs.js..browser.search.defaultenginename: "Yahoo"
    FF - prefs.js..browser.search.order.1: "Yahoo"
    FF - prefs.js..browser.search.order.2: ""
    FF - prefs.js..browser.search.param.yahoo-fr: "w3i&type=W3i_DS,157,0_0,Search,20141146,20030,0,101,0"
    FF - prefs.js..browser.search.selectedEngine: "Yahoo"
    FF - prefs.js..browser.startup.homepage: "https://search.yahoo.com/yhs/web?hspart=w3i&hsimp=yhs-syctransfer&type=W3i_SP,205,0_0,StartPage,20141146,20031,0,101,0"
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.1.1
    FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=w3i&type=W3i_DS,157,0_0,Search,20141146,20030,0,101,0"
    FF - prefs.js..network.proxy.type: 0
    FF - user.js - File not found
     
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll File not found
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll File not found
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKLM\Software\MozillaPlugins\vbplayer: C:\Program Files (x86)\Common Files\VBrick\VBPlayerMoz\npvbplayer.dll (VBrick Inc.)
    FF - HKLM\Software\MozillaPlugins\vbwmplayer: C:\Program Files (x86)\Common Files\VBrick\VBPlayerMoz\npvbwmplayer.dll (VBrick Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Owner\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll File not found
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Owner\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll File not found
     
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/08/01 03:59:55 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/11/07 16:59:28 | 000,000,000 | ---D | M]
     
    [2014/11/12 16:16:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions
    [2014/11/30 12:51:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\0rbzcbm3.default-1395006579003\extensions
    [2014/11/07 16:59:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
    [2014/11/15 18:02:22 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2007/07/18 11:19:40 | 002,998,784 | ---- | M] (Tamarack Software, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nptgeqplugin.dll
     
    ========== Chrome  ==========
     
    CHR - default_search_provider: Microsoft (Bing) (Enabled)
    CHR - default_search_provider: search_url = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
    CHR - default_search_provider: suggest_url = http://api.bing.com/osjson.aspx?query={searchTerms}&language={language}&FORM=AVASDF&PC=AV01,
    CHR - homepage: http://www.msn.com/?pc=AV01
    CHR - Extension: Avast Online Security = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.0.2204.148_0\
    CHR - Extension: Google Wallet = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
     
    O1 HOSTS File: ([2013/11/24 21:49:21 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
    O1 - Hosts: 127.0.0.1       localhost
    O1 - Hosts: ::1       localhost
    O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O2:64bit: - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
    O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
    O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
    O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
    O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
    O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
    O4:64bit: - HKLM..\Run: [intelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
    O4:64bit: - HKLM..\Run: [intelWirelessWiMAX] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel® Corporation)
    O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [smartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
    O4:64bit: - HKLM..\Run: [smoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
    O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
    O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
    O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
    O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
    O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
    O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
    O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [dnsshield] C:\Program Files (x86)\Social Privacy  DNS\dnswatch.exe File not found
    O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
    O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
    O4 - HKLM..\Run: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA CORPORATION)
    O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe (TOSHIBA)
    O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
    O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000..\Run: [Facebook Update] C:\Users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
    O4 - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000..\Run: [Google Update] "C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c File not found
    O4 - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000..\Run: [iSUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
    O4 - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000..\Run: [sanDiskSecureAccess_Manager.exe] C:\Users\Owner\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe (Gemalto N.V.)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O7 - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.4.4
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{473B71CB-DE63-4CA3-86EE-6E3E788BD628}: DhcpNameServer = 10.1.0.101 10.33.1.101
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{473B71CB-DE63-4CA3-86EE-6E3E788BD628}: NameServer = 8.8.8.8,8.8.4.4
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E8163B9-9237-4136-840E-0B07C0F72B55}: NameServer = 8.8.8.8,8.8.4.4
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 8.8.8.8,8.8.4.4
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E5F7D1AA-E3BD-489C-9076-9B2120943A5D}: NameServer = 8.8.8.8,8.8.4.4
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6759FE2-C7A5-477D-8FF9-27F41EDE2897}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6759FE2-C7A5-477D-8FF9-27F41EDE2897}: NameServer = 8.8.8.8,8.8.4.4
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F8F484EE-41AE-4C9A-BF17-D8F84709B324}: NameServer = 8.8.8.8,8.8.4.4
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2010/07/19 17:04:00 | 000,000,028 | R--- | M] () - D:\autorun.bat -- [ CDFS ]
    O32 - AutoRun File - [2004/06/23 23:28:58 | 000,000,029 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
    O33 - MountPoints2\{6532aff3-7b7b-11e1-9610-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{6532aff3-7b7b-11e1-9610-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.bat -- [2010/07/19 17:04:00 | 000,000,028 | R--- | M] ()
    O34 - HKLM BootExecute: (autocheck autochk *)
    O34 - HKLM BootExecute: (sdnclean64.exe)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
     
    ========== Files/Folders - Created Within 30 Days ==========
     
    [2014/11/30 11:07:56 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
    [2014/11/30 11:02:05 | 000,000,000 | ---D | C] -- C:\windows\Temp
    [2014/11/30 11:02:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Temp
    [2014/11/30 10:41:49 | 000,000,000 | ---D | C] -- C:\zoek_backup
    [2014/11/12 16:37:28 | 000,304,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\generaltel.dll
    [2014/11/12 16:37:27 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
    [2014/11/12 16:37:27 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
    [2014/11/12 16:37:20 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
    [2014/11/12 16:37:20 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\adtschema.dll
    [2014/11/12 16:37:20 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\adtschema.dll
    [2014/11/12 16:37:19 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msaudite.dll
    [2014/11/12 16:37:19 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msaudite.dll
    [2014/11/12 16:37:08 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
    [2014/11/12 16:37:08 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
    [2014/11/12 16:37:08 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
    [2014/11/12 16:37:08 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
    [2014/11/12 16:37:08 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
    [2014/11/12 16:37:08 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
    [2014/11/12 16:37:08 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
    [2014/11/12 16:37:08 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
    [2014/11/12 16:37:08 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
    [2014/11/12 16:37:07 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
    [2014/11/12 16:37:07 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
    [2014/11/12 16:37:06 | 002,051,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
    [2014/11/12 16:37:06 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
    [2014/11/12 16:37:06 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
    [2014/11/12 16:37:06 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
    [2014/11/12 16:37:06 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
    [2014/11/12 16:37:05 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
    [2014/11/12 16:37:05 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
    [2014/11/12 16:37:05 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
    [2014/11/12 16:37:04 | 002,124,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
    [2014/11/12 16:37:04 | 000,799,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
    [2014/11/12 16:37:04 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
    [2014/11/12 16:37:02 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
    [2014/11/12 16:37:01 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
    [2014/11/12 16:37:01 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
    [2014/11/12 16:37:01 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
    [2014/11/12 16:37:01 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
    [2014/11/12 16:37:00 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
    [2014/11/12 16:37:00 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
    [2014/11/12 16:37:00 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
    [2014/11/12 16:36:59 | 006,040,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
    [2014/11/12 16:36:59 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
    [2014/11/12 16:36:59 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
    [2014/11/12 16:36:58 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
    [2014/11/12 16:36:58 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
    [2014/11/12 16:36:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3r.dll
    [2014/11/12 16:36:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml3r.dll
    [2014/11/12 16:36:12 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IMJP10K.DLL
    [2014/11/12 16:36:12 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IMJP10K.DLL
    [2014/11/12 16:36:05 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
    [2014/11/12 16:36:01 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AUDIOKSE.dll
    [2014/11/12 16:36:01 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AUDIOKSE.dll
    [2014/11/12 16:36:00 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioEng.dll
    [2014/11/12 16:36:00 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioSes.dll
    [2014/11/12 16:36:00 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDump.dll
    [2014/11/12 16:35:58 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\packager.dll
    [2014/11/12 16:35:57 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\packager.dll
    [2014/11/12 16:35:55 | 003,241,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msi.dll
    [2014/11/12 16:35:39 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleaut32.dll
    [2014/11/12 16:15:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\KeepMySettingsX
    [2014/11/12 16:15:30 | 000,159,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ATL90.dll
    [2014/11/08 19:24:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Comodo
    [2014/11/07 16:59:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
    [2014/11/04 09:55:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\ElevatedDiagnostics
     
    ========== Files - Modified Within 30 Days ==========
     
    [2014/11/30 20:01:00 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3546646767-1445017109-1683610049-1000UA.job
    [2014/11/30 20:01:00 | 000,000,256 | ---- | M] () -- C:\windows\tasks\HP Photo Creations Messager.job
    [2014/11/30 19:32:00 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
    [2014/11/30 19:29:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
    [2014/11/30 19:25:01 | 000,000,928 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3546646767-1445017109-1683610049-1000UA.job
    [2014/11/30 17:32:00 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
    [2014/11/30 16:29:01 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
    [2014/11/30 13:41:13 | 000,019,248 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2014/11/30 13:41:13 | 000,019,248 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2014/11/30 13:37:43 | 000,782,510 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
    [2014/11/30 13:37:43 | 000,662,650 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
    [2014/11/30 13:37:43 | 000,122,486 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
    [2014/11/30 13:33:51 | 000,001,960 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3050A J611 series.lnk
    [2014/11/30 13:33:01 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
    [2014/11/30 13:32:57 | 3059,748,864 | -HS- | M] () -- C:\hiberfil.sys
    [2014/11/30 13:25:00 | 000,000,906 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3546646767-1445017109-1683610049-1000Core.job
    [2014/11/30 13:01:00 | 000,000,856 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3546646767-1445017109-1683610049-1000Core.job
    [2014/11/30 12:57:10 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2014/11/30 11:07:21 | 000,000,008 | RHS- | M] () -- C:\ProgramData\ntuser.pol
    [2014/11/30 10:42:53 | 000,024,064 | ---- | M] () -- C:\windows\zoek-delete.exe
    [2014/11/26 12:29:58 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
    [2014/11/26 12:29:58 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
    [2014/11/23 12:58:46 | 001,041,168 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswsnx.sys
    [2014/11/15 12:32:11 | 000,348,312 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
    [2014/11/05 21:03:50 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
    [2014/11/05 20:47:03 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
    [2014/11/05 20:46:12 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
    [2014/11/05 20:46:12 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
    [2014/11/05 20:44:28 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
    [2014/11/05 20:35:59 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
    [2014/11/05 20:31:48 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
    [2014/11/05 20:30:22 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
    [2014/11/05 20:30:08 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
    [2014/11/05 20:29:18 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
    [2014/11/05 20:23:57 | 006,040,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
    [2014/11/05 20:20:18 | 000,968,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
    [2014/11/05 20:16:23 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
    [2014/11/05 20:13:36 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
    [2014/11/05 20:12:44 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
    [2014/11/05 20:10:58 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
    [2014/11/05 20:07:29 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
    [2014/11/05 20:03:56 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
    [2014/11/05 20:02:05 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
    [2014/11/05 20:00:56 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
    [2014/11/05 20:00:51 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
    [2014/11/05 19:59:36 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
    [2014/11/05 19:58:38 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
    [2014/11/05 19:57:38 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
    [2014/11/05 19:42:36 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
    [2014/11/05 19:41:26 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
    [2014/11/05 19:41:26 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
    [2014/11/05 19:39:39 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
    [2014/11/05 19:38:25 | 002,124,288 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
    [2014/11/05 19:37:58 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
    [2014/11/05 19:36:47 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
    [2014/11/05 19:21:25 | 002,051,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
    [2014/11/05 19:20:37 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
    [2014/11/05 18:53:19 | 000,799,232 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
    [2014/11/05 18:47:17 | 000,708,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
    [2014/11/05 10:56:54 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\generaltel.dll
    [2014/11/05 10:56:36 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
    [2014/11/05 10:52:22 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
     
    ========== Files Created - No Company Name ==========
     
    [2014/11/30 11:02:05 | 000,024,064 | ---- | C] () -- C:\windows\zoek-delete.exe
    [2014/11/08 19:24:07 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol
    [2014/04/22 06:50:59 | 000,775,124 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
    [2012/09/11 14:40:01 | 000,000,064 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Statdisk.prefs
    [2012/04/02 17:54:58 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
    [2012/03/31 14:00:11 | 000,017,408 | ---- | C] () -- C:\Users\Owner\AppData\Local\WebpageIcons.db
     
    ========== ZeroAccess Check ==========
     
    [2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
     
    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
     
    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
     
    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
     
    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2014/06/24 19:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 18:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 03:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
     
    ========== LOP Check ==========
     
    [2013/11/30 19:45:40 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\AVAST Software
    [2012/08/21 14:17:27 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Blackboard
    [2014/11/30 19:35:50 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\KeepMySettingsX
    [2012/08/08 11:42:46 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\MusicOasis
    [2013/03/22 21:10:32 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ooVoo Details
    [2013/08/29 15:38:14 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SanDisk
    [2013/08/29 15:35:18 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SanDisk SecureAccess
    [2012/11/14 18:07:19 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Toshiba
    [2012/03/31 12:29:04 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WinBatch
     
    ========== Purity Check ==========
     
     

    < End of report >


  5. Results of screen317's Security Check version 0.99.91  
     Windows 7 Service Pack 1 x64 (UAC is enabled)  
     Internet Explorer 11  
    ``````````````Antivirus/Firewall Check:``````````````
     Windows Firewall Enabled!  
    avast! Antivirus   
     Antivirus up to date!   
    `````````Anti-malware/Other Utilities Check:`````````
     Malwarebytes Anti-Malware version 2.0.3.1025  
     Adobe Flash Player 15.0.0.239  
     Adobe Reader 10.1.8 Adobe Reader out of Date!  
     Mozilla Firefox (33.1.1)
     Google Chrome 31.0.1650.48 Google Chrome out of date!  
    ````````Process Check: objlist.exe by Laurent````````  
     AVAST Software Avast AvastSvc.exe  
     AVAST Software Avast AvastUI.exe  
    `````````````````System Health check`````````````````
     Total Fragmentation on Drive C: 2%
    ````````````````````End of Log``````````````````````
     


  6. .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 3/31/2012 1:27:38 PM
    System Uptime: 11/30/2014 1:32:46 PM (3 hours ago)
    .
    Motherboard: TOSHIBA |  | NWQAA
    Processor: Intel® Core i3 CPU       M 380  @ 2.53GHz | CPU | 2533/133mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 583 GiB total, 525.323 GiB free.
    D: is CDROM (CDFS)
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP253: 10/31/2014 10:25:43 AM - Windows Update
    RP254: 11/5/2014 4:55:27 PM - Windows Update
    RP255: 11/12/2014 4:19:32 PM - Removed WeatherBug
    RP256: 11/12/2014 4:35:29 PM - Windows Update
    RP257: 11/12/2014 4:55:50 PM - Removed VideoBuzz
    RP258: 11/12/2014 7:58:38 PM - Windows Update
    RP259: 11/18/2014 5:49:58 PM - Windows Update
    RP260: 11/20/2014 7:59:09 PM - Windows Update
    RP261: 11/26/2014 12:35:03 PM - Windows Update
    RP262: 11/30/2014 10:43:33 AM - zoek.exe restore point
    .
    ==== Installed Programs ======================
    .
    Adobe AIR
    Adobe Flash Player 15 ActiveX
    Adobe Flash Player 15 Plugin
    Adobe Reader X (10.1.8)
    Adobe Shockwave Player 12.0
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    avast! Free Antivirus
    Best Buy pc app
    Bing Rewards Client Installer
    Bonjour
    D3DX10
    Definition Update for Microsoft Office 2010 (KB2899521) 32-Bit Edition
    Facebook Video Calling 3.1.0.521
    GeniusBox 2.0
    Google Chrome
    Google Earth
    Google Talk Plugin
    Google Toolbar for Internet Explorer
    Google Update Helper
    Groove-Stream
    HP Deskjet 3050A J611 series Basic Device Software
    HP Deskjet 3050A J611 series Help
    HP Deskjet 3050A J611 series Product Improvement Study
    HP Photo Creations
    HP Update
    Intel PROSet Wireless
    Intel WiMAX Tutorial
    Intel® Graphics Media Accelerator Driver
    Intel® Management Engine Components
    Intel® PROSet/Wireless WiFi Software
    Intel® Rapid Storage Technology
    Intel® PROSet/Wireless WiMAX Software
    Intel® Wireless Display
    iTunes
    JMicron Flash Media Controller Driver
    Junk Mail filter update
    KeepMySettingsX
    [email protected] 1.0
    Malwarebytes Anti-Malware version 2.0.3.1025
    McAfee Security Scan Plus
    Mesh Runtime
    Messenger Companion
    Microsoft .NET Framework 4.5.1
    Microsoft Application Error Reporting
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office Home and Student 2010
    Microsoft Office Office 64-bit Components 2010
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared 64-bit MUI (English) 2010
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Single Image 2010
    Microsoft Office Word MUI (English) 2010
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Mozilla Firefox 33.1.1 (x86 en-US)
    Mozilla Maintenance Service
    MSVCRT
    MSVCRT_amd64
    PlayReady PC Runtime amd64
    Realtek Ethernet Controller Driver For Windows 7
    Realtek High Definition Audio Driver
    SanDiskSecureAccess_Manager.exe
    Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
    Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition
    Security Update for Microsoft Word 2010 (KB2883013) 32-Bit Edition
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
    Skype Click to Call
    Skypeâ„¢ 6.11
    Social Privacy DNS
    swMSM
    Synaptics Pointing Device Driver
    TOSHIBA Application Installer
    TOSHIBA Assist
    Toshiba Book Place
    TOSHIBA Bulletin Board
    TOSHIBA Disc Creator
    TOSHIBA DVD PLAYER
    TOSHIBA eco Utility
    TOSHIBA Face Recognition
    TOSHIBA Flash Cards Support Utility
    TOSHIBA Hardware Setup
    TOSHIBA HDD Protection
    TOSHIBA HDD/SSD Alert
    TOSHIBA Media Controller
    TOSHIBA Media Controller Plug-in
    TOSHIBA PC Health Monitor
    TOSHIBA Quality Application
    TOSHIBA Recovery Media Creator
    TOSHIBA ReelTime
    TOSHIBA Service Station
    TOSHIBA Sleep Utility
    TOSHIBA Supervisor Password
    TOSHIBA Value Added Package
    TOSHIBA Web Camera Application
    ToshibaRegistration
    Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
    Update for Microsoft Excel 2010 (KB2889935) 32-Bit Edition
    Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition
    Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2494150)
    Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
    Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
    Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
    Update for Microsoft PowerPoint 2010 (KB2878251) 32-Bit Edition
    Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
    Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition
    Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition
    Utility Common Driver
    VBPlayerMoz
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live Messenger Companion Core
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live Sync
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    .
    ==== Event Viewer Messages From Past Week ========
    .


  7. DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.17420
    Run by Owner at 16:56:23 on 2014-11-30
    Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3891.2102 [GMT -7:00]
    .
    AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    .
    ============== Running Processes ===============
    .
    C:\windows\system32\lsm.exe
    C:\windows\system32\svchost.exe -k DcomLaunch
    C:\windows\system32\svchost.exe -k RPCSS
    C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\windows\system32\svchost.exe -k LocalService
    C:\windows\system32\svchost.exe -k netsvcs
    C:\windows\system32\svchost.exe -k NetworkService
    C:\windows\system32\WLANExt.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\windows\system32\Dwm.exe
    C:\windows\Explorer.EXE
    C:\windows\System32\spoolsv.exe
    C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\windows\system32\taskhost.exe
    C:\windows\system32\taskeng.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\windows\system32\svchost.exe -k imgsvc
    C:\windows\system32\ThpSrv.exe
    C:\Windows\system32\TODDSrv.exe
    C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\windows\system32\SearchIndexer.exe
    C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\TOSHIBA\TECO\TecoService.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\windows\system32\wbem\unsecapp.exe
    C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\windows\System32\rundll32.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\ThpSrv.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
    C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
    C:\Program Files\TOSHIBA\TECO\Teco.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
    C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
    C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
    C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
    C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
    C:\windows\system32\wbem\unsecapp.exe
    C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\windows\system32\igfxext.exe
    C:\windows\system32\igfxsrvc.exe
    C:\Users\Owner\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
    C:\windows\system32\RunDll32.exe
    C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
    C:\windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
    C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
    C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
    C:\Users\Owner\AppData\Roaming\KeepMySettingsX\keepmysettingsx.exe
    C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
    C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
    C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
    C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
    C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
    C:\windows\System32\svchost.exe -k secsvcs
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\windows\system32\SearchProtocolHost.exe
    C:\windows\system32\SearchFilterHost.exe
    C:\windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .


    uProxyServer = hxxp=127.0.0.1:49167;https=127.0.0.1:49167
    uProxyOverride = <-loopback>
    mWinlogon: Userinit = userinit.exe,
    BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
    BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
    uRun: [Facebook Update] "C:\Users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
    uRun: [iSUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
    uRun: [Google Update] "C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    uRun: [sanDiskSecureAccess_Manager.exe] C:\Users\Owner\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
    mRun: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
    mRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
    mRun: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
    mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
    mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
    mRun: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [dnsshield] C:\Program Files (x86)\Social Privacy  DNS\dnswatch.exe
    mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\windows\System32\RunDll32.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    TCP: NameServer = 8.8.8.8,8.8.4.4
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{473B71CB-DE63-4CA3-86EE-6E3E788BD628} : NameServer = 8.8.8.8,8.8.4.4
    TCP: Interfaces\{473B71CB-DE63-4CA3-86EE-6E3E788BD628} : DHCPNameServer = 10.1.0.101 10.33.1.101
    TCP: Interfaces\{6E8163B9-9237-4136-840E-0B07C0F72B55} : NameServer = 8.8.8.8,8.8.4.4
    TCP: Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963} : NameServer = 8.8.8.8,8.8.4.4
    TCP: Interfaces\{E5F7D1AA-E3BD-489C-9076-9B2120943A5D} : NameServer = 8.8.8.8,8.8.4.4
    TCP: Interfaces\{E6759FE2-C7A5-477D-8FF9-27F41EDE2897} : NameServer = 8.8.8.8,8.8.4.4
    TCP: Interfaces\{E6759FE2-C7A5-477D-8FF9-27F41EDE2897} : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{E6759FE2-C7A5-477D-8FF9-27F41EDE2897}\05658434F57457563747 : NameServer = 8.8.8.8,8.8.4.4
    TCP: Interfaces\{E6759FE2-C7A5-477D-8FF9-27F41EDE2897}\05658434F57457563747 : DHCPNameServer = 67.215.21.202 72.21.65.14
    TCP: Interfaces\{E6759FE2-C7A5-477D-8FF9-27F41EDE2897}\A62626F677562737 : DHCPNameServer = 192.168.10.1
    TCP: Interfaces\{E6759FE2-C7A5-477D-8FF9-27F41EDE2897}\E42484840275966496 : NameServer = 8.8.8.8,8.8.4.4
    TCP: Interfaces\{E6759FE2-C7A5-477D-8FF9-27F41EDE2897}\E42484840275966496 : DHCPNameServer = 72.21.65.13 72.21.65.14
    TCP: Interfaces\{E6759FE2-C7A5-477D-8FF9-27F41EDE2897}\E67736 : NameServer = 8.8.8.8,8.8.4.4
    TCP: Interfaces\{E6759FE2-C7A5-477D-8FF9-27F41EDE2897}\E67736 : DHCPNameServer = 192.168.96.1
    TCP: Interfaces\{F8F484EE-41AE-4C9A-BF17-D8F84709B324} : NameServer = 8.8.8.8,8.8.4.4
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll
    x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3
    x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-Run: [ThpSrv] C:\windows\System32\thpsrv /logon
    x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
    x64-Run: [smoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe
    x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
    x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
    x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
    x64-Run: [smartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
    x64-Run: [intelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
    x64-Run: [intelWirelessWiMAX] "C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe" /tasktray /nosplash
    x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
    x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
    x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
    x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0rbzcbm3.default-1395006579003\
    FF - prefs.js: browser.search.selectedEngine - Yahoo


    FF - prefs.js: network.proxy.type - 0
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Common Files\VBrick\VBPlayerMoz\npvbplayer.dll
    FF - plugin: C:\Program Files (x86)\Common Files\VBrick\VBPlayerMoz\npvbwmplayer.dll
    FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll
    FF - plugin: C:\Users\Owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
    FF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
    FF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
    FF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npo1d.dll
    FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll
    FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll
    FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
    FF - plugin: C:\windows\SysWOW64\npmproxy.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswRvrt;avast! Revert;C:\windows\System32\drivers\aswRvrt.sys [2013-11-30 65776]
    R0 aswVmm;avast! VM Monitor;C:\windows\System32\drivers\aswVmm.sys [2013-11-30 224896]
    R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\windows\System32\drivers\thpdrv.sys [2009-6-29 34880]
    R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\windows\System32\drivers\Thpevm.sys [2009-6-29 14784]
    R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2012-3-31 482384]
    R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswsnx.sys [2013-11-30 1041168]
    R1 aswSP;aswSP;C:\windows\System32\drivers\aswsp.sys [2013-11-30 427360]
    R2 aswHwid;avast! HardwareID;C:\windows\System32\drivers\aswHwid.sys [2014-8-1 29208]
    R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2013-11-30 79184]
    R2 aswStm;aswStm;C:\windows\System32\drivers\aswStm.sys [2014-8-1 92008]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-8-1 50344]
    R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2010-6-7 408576]
    R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-7-28 267192]
    R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
    R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-3-31 2320920]
    R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2010-6-7 911872]
    R3 bpenum;bpenum;C:\windows\System32\drivers\bpenum.sys [2010-5-16 71168]
    R3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:\windows\System32\drivers\bpmp.sys [2010-5-16 175104]
    R3 bpusb;bpusb;C:\windows\System32\drivers\bpusb.sys [2010-5-16 81920]
    R3 HECIx64;Intel® Management Engine Interface;C:\windows\System32\drivers\HECIx64.sys [2012-3-31 56344]
    R3 Impcd;Impcd;C:\windows\System32\drivers\Impcd.sys [2010-2-26 158976]
    R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2010-2-3 271872]
    R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\windows\System32\drivers\NETw5s64.sys [2010-5-31 7689216]
    R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2012-3-31 35008]
    R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-3-31 331880]
    R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-3-31 54136]
    R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
    R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-7-22 822192]
    R3 wdkmd;Intel WiDi KMD;C:\windows\System32\drivers\WDKMD.sys [2010-6-18 39832]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
    S3 acpials;ALS Sensor Filter;C:\windows\System32\drivers\acpials.sys [2009-7-14 9728]
    S3 fssfltr;fssfltr;C:\windows\System32\drivers\fssfltr.sys [2012-12-14 48488]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-11-12 114688]
    S3 JMCR;JMCR;C:\windows\System32\drivers\jmcr.sys [2010-5-18 164464]
    S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-9-6 288776]
    S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-5 340240]
    S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2012-3-31 59392]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-2-15 52736]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-3-31 1255736]
    S3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2014-11-30 18:07:56    --------    d-sh--w-    C:\$RECYCLE.BIN
    2014-11-30 18:02:05    24064    ----a-w-    C:\windows\zoek-delete.exe
    2014-11-30 18:02:05    --------    d-----w-    C:\Users\Owner\AppData\Local\Temp
    2014-11-30 17:41:49    --------    d-----w-    C:\zoek_backup
    2014-11-28 16:11:33    11632448    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C295FA03-4060-4F4C-959D-A106DEC2CBA1}\mpengine.dll
    2014-11-19 00:50:07    728064    ----a-w-    C:\windows\System32\kerberos.dll
    2014-11-19 00:50:07    241152    ----a-w-    C:\windows\System32\pku2u.dll
    2014-11-19 00:50:07    186880    ----a-w-    C:\windows\SysWow64\pku2u.dll
    2014-11-19 00:50:05    550912    ----a-w-    C:\windows\SysWow64\kerberos.dll
    2014-11-12 23:36:59    950784    ----a-w-    C:\Program Files\Internet Explorer\iedvtool.dll
    2014-11-12 23:35:58    77824    ----a-w-    C:\windows\System32\packager.dll
    2014-11-12 23:35:57    67584    ----a-w-    C:\windows\SysWow64\packager.dll
    2014-11-12 23:35:57    3198976    ----a-w-    C:\windows\System32\win32k.sys
    2014-11-12 23:35:55    3241984    ----a-w-    C:\windows\System32\msi.dll
    2014-11-12 23:35:55    2363904    ----a-w-    C:\windows\SysWow64\msi.dll
    2014-11-12 23:35:39    861696    ----a-w-    C:\windows\System32\oleaut32.dll
    2014-11-12 23:35:39    571904    ----a-w-    C:\windows\SysWow64\oleaut32.dll
    2014-11-12 23:15:41    --------    d-----w-    C:\Users\Owner\AppData\Roaming\KeepMySettingsX
    2014-11-12 23:15:30    159032    ----a-w-    C:\windows\System32\ATL90.dll
    2014-11-09 02:24:06    --------    d-----w-    C:\Users\Owner\AppData\Local\Comodo
    2014-11-04 16:55:47    --------    d-----w-    C:\Users\Owner\AppData\Local\ElevatedDiagnostics
    .
    ==================== Find3M  ====================
    .
    2014-11-30 23:29:01    129752    ----a-w-    C:\windows\System32\drivers\MBAMSwissArmy.sys
    2014-11-26 19:29:58    71344    ----a-w-    C:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-11-26 19:29:58    701104    ----a-w-    C:\windows\SysWow64\FlashPlayerApp.exe
    2014-11-23 19:58:46    1041168    ----a-w-    C:\windows\System32\drivers\aswsnx.sys
    2014-11-06 04:04:03    2724864    ----a-w-    C:\windows\System32\mshtml.tlb
    2014-11-06 04:03:50    4096    ----a-w-    C:\windows\System32\ieetwcollectorres.dll
    2014-11-06 03:47:03    66560    ----a-w-    C:\windows\System32\iesetup.dll
    2014-11-06 03:46:12    580096    ----a-w-    C:\windows\System32\vbscript.dll
    2014-11-06 03:46:12    48640    ----a-w-    C:\windows\System32\ieetwproxystub.dll
    2014-11-06 03:44:28    88064    ----a-w-    C:\windows\System32\MshtmlDac.dll
    2014-11-06 03:30:22    144384    ----a-w-    C:\windows\System32\ieUnatt.exe
    2014-11-06 03:30:08    114688    ----a-w-    C:\windows\System32\ieetwcollector.exe
    2014-11-06 03:29:18    814080    ----a-w-    C:\windows\System32\jscript9diag.dll
    2014-11-06 03:28:20    2724864    ----a-w-    C:\windows\SysWow64\mshtml.tlb
    2014-11-06 03:23:57    6040064    ----a-w-    C:\windows\System32\jscript9.dll
    2014-11-06 03:20:18    968704    ----a-w-    C:\windows\System32\MsSpellCheckingFacility.exe
    2014-11-06 03:13:43    501248    ----a-w-    C:\windows\SysWow64\vbscript.dll
    2014-11-06 03:13:36    62464    ----a-w-    C:\windows\SysWow64\iesetup.dll
    2014-11-06 03:12:44    47616    ----a-w-    C:\windows\SysWow64\ieetwproxystub.dll
    2014-11-06 03:10:58    64000    ----a-w-    C:\windows\SysWow64\MshtmlDac.dll
    2014-11-06 03:07:29    77824    ----a-w-    C:\windows\System32\JavaScriptCollectionAgent.dll
    2014-11-06 02:59:36    115712    ----a-w-    C:\windows\SysWow64\ieUnatt.exe
    2014-11-06 02:58:38    620032    ----a-w-    C:\windows\SysWow64\jscript9diag.dll
    2014-11-06 02:42:36    60416    ----a-w-    C:\windows\SysWow64\JavaScriptCollectionAgent.dll
    2014-11-06 02:39:39    1359360    ----a-w-    C:\windows\System32\mshtmlmedia.dll
    2014-11-06 02:38:25    2124288    ----a-w-    C:\windows\System32\inetcpl.cpl
    2014-11-06 02:21:49    4298240    ----a-w-    C:\windows\SysWow64\jscript9.dll
    2014-11-06 02:21:25    2051072    ----a-w-    C:\windows\SysWow64\inetcpl.cpl
    2014-11-06 02:20:37    1155072    ----a-w-    C:\windows\SysWow64\mshtmlmedia.dll
    2014-11-06 02:17:24    2365440    ----a-w-    C:\windows\System32\wininet.dll
    2014-11-06 01:52:35    1892864    ----a-w-    C:\windows\SysWow64\wininet.dll
    2014-11-05 17:56:54    304640    ----a-w-    C:\windows\System32\generaltel.dll
    2014-11-05 17:56:36    228864    ----a-w-    C:\windows\System32\aepdu.dll
    2014-11-05 17:52:22    424448    ----a-w-    C:\windows\System32\aeinv.dll
    2014-11-04 21:30:58    275080    ------w-    C:\windows\System32\MpSigStub.exe
    2014-10-14 02:16:37    155064    ----a-w-    C:\windows\System32\drivers\ksecpkg.sys
    2014-10-14 02:13:06    683520    ----a-w-    C:\windows\System32\termsrv.dll
    2014-10-14 02:12:57    1460736    ----a-w-    C:\windows\System32\lsasrv.dll
    2014-10-14 02:09:31    146432    ----a-w-    C:\windows\System32\msaudite.dll
    2014-10-14 02:07:31    681984    ----a-w-    C:\windows\System32\adtschema.dll
    2014-10-14 01:50:47    22016    ----a-w-    C:\windows\SysWow64\secur32.dll
    2014-10-14 01:49:38    96768    ----a-w-    C:\windows\SysWow64\sspicli.dll
    2014-10-14 01:47:30    146432    ----a-w-    C:\windows\SysWow64\msaudite.dll
    2014-10-14 01:46:02    681984    ----a-w-    C:\windows\SysWow64\adtschema.dll
    2014-10-03 02:12:00    500224    ----a-w-    C:\windows\System32\AUDIOKSE.dll
    2014-10-03 02:11:54    284672    ----a-w-    C:\windows\System32\EncDump.dll
    2014-10-03 02:11:51    680960    ----a-w-    C:\windows\System32\audiosrv.dll
    2014-10-03 02:11:51    440832    ----a-w-    C:\windows\System32\AudioEng.dll
    2014-10-03 02:11:51    296448    ----a-w-    C:\windows\System32\AudioSes.dll
    2014-10-03 01:44:42    442880    ----a-w-    C:\windows\SysWow64\AUDIOKSE.dll
    2014-10-03 01:44:26    374784    ----a-w-    C:\windows\SysWow64\AudioEng.dll
    2014-10-03 01:44:26    195584    ----a-w-    C:\windows\SysWow64\AudioSes.dll
    2014-10-01 18:11:26    63704    ----a-w-    C:\windows\System32\drivers\mwac.sys
    2014-10-01 18:11:16    93400    ----a-w-    C:\windows\System32\drivers\mbamchameleon.sys
    2014-10-01 18:11:12    25816    ----a-w-    C:\windows\System32\drivers\mbam.sys
    2014-09-25 02:08:38    371712    ----a-w-    C:\windows\System32\qdvd.dll
    2014-09-25 01:40:50    519680    ----a-w-    C:\windows\SysWow64\qdvd.dll
    2014-09-19 09:42:52    210944    ----a-w-    C:\windows\System32\wdigest.dll
    2014-09-19 09:42:51    86528    ----a-w-    C:\windows\System32\TSpkg.dll
    2014-09-19 09:42:49    342016    ----a-w-    C:\windows\System32\schannel.dll
    2014-09-19 09:42:47    314880    ----a-w-    C:\windows\System32\msv1_0.dll
    2014-09-19 09:42:47    309760    ----a-w-    C:\windows\System32\ncrypt.dll
    2014-09-19 09:42:41    22016    ----a-w-    C:\windows\System32\credssp.dll
    2014-09-19 09:23:55    172032    ----a-w-    C:\windows\SysWow64\wdigest.dll
    2014-09-19 09:23:52    65536    ----a-w-    C:\windows\SysWow64\TSpkg.dll
    2014-09-19 09:23:49    248832    ----a-w-    C:\windows\SysWow64\schannel.dll
    2014-09-19 09:23:46    221184    ----a-w-    C:\windows\SysWow64\ncrypt.dll
    2014-09-19 09:23:45    259584    ----a-w-    C:\windows\SysWow64\msv1_0.dll
    2014-09-19 09:23:36    17408    ----a-w-    C:\windows\SysWow64\credssp.dll
    2014-09-09 22:11:04    2048    ----a-w-    C:\windows\System32\tzres.dll
    2014-09-09 21:47:10    2048    ----a-w-    C:\windows\SysWow64\tzres.dll
    2014-09-04 05:23:20    424448    ----a-w-    C:\windows\System32\rastls.dll
    2014-09-04 05:04:15    372736    ----a-w-    C:\windows\SysWow64\rastls.dll
    .
    ============= FINISH: 16:57:03.32 ===============
     


  8. Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 11/30/2014
    Scan Time: 12:57:25 PM
    Logfile: 745616.txt
    Administrator: Yes

    Version: 2.00.3.1025
    Malware Database: v2014.11.30.07
    Rootkit Database: v2014.11.30.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Owner

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 384289
    Time Elapsed: 21 min, 49 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Warn
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 11
    PUP.Optional.CouponBar.A, HKU\S-1-5-21-3546646767-1445017109-1683610049-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{8660E5B3-6C41-44DE-8503-98D99BBECD41}, Quarantined, [27c8a49d2b5142f4eb6c1caa27db9769],
    PUP.Optional.CouponBar.A, HKU\S-1-5-21-3546646767-1445017109-1683610049-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{8660E5B3-6C41-44DE-8503-98D99BBECD41}, Quarantined, [27c8a49d2b5142f4eb6c1caa27db9769],
    PUP.Optional.InstallIQ, HKU\S-1-5-21-3546646767-1445017109-1683610049-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\W3I\InstallIQUpdater, Quarantined, [41aed071e29ace682ae51f388281fd03],
    PUP.Optional.SpeedItUP.A, HKLM\SOFTWARE\CLASSES\CLSID\{9DFA7693-AAAC-7A62-B396-385343669C0F}, Quarantined, [648b241d2d4f0d299da5ca70b74ca55b],
    PUP.Optional.SpeedItUP.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{A090A85F-7BC0-BDE0-7C50-0C25728CCB86}, Quarantined, [648b241d2d4f0d299da5ca70b74ca55b],
    PUP.Optional.SpeedItUP.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{489022B1-3433-B8CA-46EB-85FED966C2B6}, Quarantined, [648b241d2d4f0d299da5ca70b74ca55b],
    PUP.Optional.SpeedItUP.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{489022B1-3433-B8CA-46EB-85FED966C2B6}, Quarantined, [648b241d2d4f0d299da5ca70b74ca55b],
    PUP.Optional.SpeedItUP.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{A090A85F-7BC0-BDE0-7C50-0C25728CCB86}, Quarantined, [648b241d2d4f0d299da5ca70b74ca55b],
    PUP.Optional.SpeedItUP.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{9DFA7693-AAAC-7A62-B396-385343669C0F}, Quarantined, [648b241d2d4f0d299da5ca70b74ca55b],
    PUP.Optional.SpeedItUP.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{9DFA7693-AAAC-7A62-B396-385343669C0F}, Quarantined, [648b241d2d4f0d299da5ca70b74ca55b],
    PUP.Optional.SpeedItUP.A, HKLM\SOFTWARE\CLASSES\CLSID\{9DFA7693-AAAC-7A62-B396-385343669C0F}\INPROCSERVER32, Quarantined, [648b241d2d4f0d299da5ca70b74ca55b],

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 4
    PUP.Optional.ArcadeParlor.A, C:\Users\Owner\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F32E7E42-9AFA-47CA-A0C4-D07EE651D404}, Quarantined, [e70866db81fb3bfb5c96a184e51e5fa1],
    PUP.Optional.ArcadeParlor.A, C:\Users\Owner\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F32E7E42-9AFA-47CA-A0C4-D07EE651D404}\chrome, Quarantined, [e70866db81fb3bfb5c96a184e51e5fa1],
    PUP.Optional.SpeedItUP.A, C:\Program Files (x86)\ver4SpeeditUp, Quarantined, [648b241d2d4f0d299da5ca70b74ca55b],
    PUP.Optional.SpeedItUP.A, C:\Program Files (x86)\ver4SpeeditUp\x64, Quarantined, [648b241d2d4f0d299da5ca70b74ca55b],

    Files: 12
    PUP.Optional.SpeedItUP.A, C:\Program Files (x86)\ver4SpeeditUp\182.dat, Quarantined, [648b241d2d4f0d299da5ca70b74ca55b],
    PUP.Optional.SpeedItUP.A, C:\Program Files (x86)\ver4SpeeditUp\182_x64.dll, Quarantined, [648b241d2d4f0d299da5ca70b74ca55b],
    PUP.Optional.SpeedItUP.A, C:\Program Files (x86)\ver4SpeeditUp\a.db, Quarantined, [648b241d2d4f0d299da5ca70b74ca55b],
    PUP.Optional.SpeedItUP.A, C:\Program Files (x86)\ver4SpeeditUp\b.db, Quarantined, [648b241d2d4f0d299da5ca70b74ca55b],
    PUP.Optional.SpeedItUP.A, C:\Program Files (x86)\ver4SpeeditUp\n1CD182.bin, Quarantined, [648b241d2d4f0d299da5ca70b74ca55b],
    PUP.Optional.SpeedItUP.A, C:\Program Files (x86)\ver4SpeeditUp\SpeeditUp.exe, Quarantined, [648b241d2d4f0d299da5ca70b74ca55b],
    PUP.Optional.SpeedItUP.A, C:\Program Files (x86)\ver4SpeeditUp\Sqlite3.dll, Quarantined, [648b241d2d4f0d299da5ca70b74ca55b],
    PUP.Optional.SpeedItUP.A, C:\Program Files (x86)\ver4SpeeditUp\y1SpeeditUpp63.dll, Quarantined, [648b241d2d4f0d299da5ca70b74ca55b],
    PUP.Optional.SpeedItUP.A, C:\Program Files (x86)\ver4SpeeditUp\x64\TandemRunner.exe, Quarantined, [648b241d2d4f0d299da5ca70b74ca55b],
    PUP.Optional.SpeedItUP.A, C:\Program Files (x86)\ver4SpeeditUp\x64\WdfCoInstaller01009.dll, Quarantined, [648b241d2d4f0d299da5ca70b74ca55b],
    PUP.Optional.SpeedItUP.A, C:\Program Files (x86)\ver4SpeeditUp\x64\webinstr.inf, Quarantined, [648b241d2d4f0d299da5ca70b74ca55b],
    PUP.Optional.SpeedItUP.A, C:\Program Files (x86)\ver4SpeeditUp\x64\webinstrNew.sys, Quarantined, [648b241d2d4f0d299da5ca70b74ca55b],

    Physical Sectors: 0
    (No malicious items detected)


    (end)


  9. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.4.0 (11.29.2014:1)
    OS: Windows 7 Home Premium x64
    Ran by Owner on Sun 11/30/2014 at 12:48:33.67
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values

    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



    ~~~ Registry Keys



    ~~~ Files



    ~~~ Folders



    ~~~ FireFox

    Successfully deleted: [Folder] C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\0rbzcbm3.default-1395006579003\extensions\{f32e7e42-9afa-47ca-a0c4-d07ee651d404}
    Emptied folder: C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\0rbzcbm3.default-1395006579003\minidumps [15 files]



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Sun 11/30/2014 at 12:53:36.85
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     


  10. # AdwCleaner v4.102 - Report created 30/11/2014 at 11:15:53
    # Updated 23/11/2014 by Xplode
    # Database : 2014-11-27.1 [Live]
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Owner - OWNER-PC
    # Running from : C:\Users\Owner\Downloads\adwcleaner_4.102.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\RandomPrice
    Folder Deleted : C:\Program Files (x86)\Social Privacy  DNS
    Folder Deleted : C:\Users\Owner\AppData\Local\GeniusBox
    Folder Deleted : C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab
    Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfaifkapfifnanhhiidacmhldddojchn
    Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
    File Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0rbzcbm3.default-1395006579003\user.js

    ***** [ Scheduled Tasks ] *****

    Task Deleted : Advanced System Protector_startup
    Task Deleted : LuckyTab

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\DynConIE.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\.
    Key Deleted : HKLM\SOFTWARE\Classes\..9
    Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{384997EE-E3BE-49C4-9ECA-C62B7C08128A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1a876239-0545-4880-8ab2-33aec4e6ab42}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1a876239-0545-4880-8ab2-33aec4e6ab42}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1a876239-0545-4880-8ab2-33aec4e6ab42}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{1a876239-0545-4880-8ab2-33aec4e6ab42}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2830488C-079B-45C2-88B6-AFE4EAA2DF85}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1a876239-0545-4880-8ab2-33aec4e6ab42}
    Key Deleted : HKCU\Software\buenosearch LTD
    Key Deleted : HKCU\Software\pc optimizer pro
    Key Deleted : HKCU\Software\RegisteredApplicationsEx
    Key Deleted : HKCU\Software\Search Extensions
    Key Deleted : HKCU\Software\AppDataLow\Software\SpeeditUp
    Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
    Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
    Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
    Key Deleted : HKLM\SOFTWARE\InstallIQ
    Key Deleted : HKLM\SOFTWARE\YourFileDownloader
    Key Deleted : HKLM\SOFTWARE\LuckyTab
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0E08BAC8-845B-4327-8CDB-4B0F8C9857A5}_is1

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17420


    -\\ Mozilla Firefox v33.1.1 (x86 en-US)


    -\\ Google Chrome v31.0.1650.57







    [C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : cfaifkapfifnanhhiidacmhldddojchn
    [C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb
    [C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : lifbcibllhkdhoafpjfnlhfpfgnpldfl

    *************************

    AdwCleaner[R0].txt - [22792 octets] - [23/11/2013 15:18:38]
    AdwCleaner[R1].txt - [6899 octets] - [30/11/2014 11:11:21]
    AdwCleaner[s0].txt - [22129 octets] - [23/11/2013 15:19:56]
    AdwCleaner[s1].txt - [6467 octets] - [30/11/2014 11:15:53]

    ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [6527 octets] ##########
     


  11. Zoek.exe v5.0.0.0 Updated 29-11-2014
    Tool run by Owner on Sun 11/30/2014 at 10:42:57.32.
    Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
    Running in: Normal Mode Internet Access Detected
    Launched: C:\Users\Owner\Downloads\zoek.exe [scan all users]  [Checkboxes used]

    ==== System Restore Info ======================

    11/30/2014 10:44:02 AM Zoek.exe System Restore Point Created Succesfully.

    ==== Empty Folders Check ======================

    C:\PROGRA~2\Bing Torrent Search deleted successfully
    C:\PROGRA~2\Supporter deleted successfully
    C:\Program Files\Google deleted successfully
    C:\PROGRA~3\Oracle deleted successfully
    C:\PROGRA~3\Yahoo! deleted successfully
    C:\PROGRA~3\{FBF3739B-717D-4429-BCEB-98D514E65F29} deleted successfully
    C:\Users\Owner\AppData\Roaming\Collaborate deleted successfully
    C:\Users\Owner\AppData\Roaming\Malwarebytes deleted successfully

    ==== Deleting CLSID Registry Keys ======================

    HKEY_USERS\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\Microsoft\Internet Explorer\SearchScopes\{467D4EE9-28E0-498C-9F6F-FD1A013BFE79} deleted successfully
    HKEY_USERS\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} deleted successfully
    HKEY_USERS\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} deleted successfully
    HKEY_USERS\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C442AC41-9200-4770-8CC0-7CDB4F245C55} deleted successfully
    HKEY_USERS\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C442AC41-9200-4770-8CC0-7CDB4F245C55} deleted successfully
    HKEY_USERS\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4E39681-15F8-4fda-B8A3-B5C98378F2F3} deleted successfully
    HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} deleted successfully
    HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} deleted successfully
    HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C442AC41-9200-4770-8CC0-7CDB4F245C55} deleted successfully
    HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55} deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55} deleted successfully

    ==== Deleting CLSID Registry Values ======================


    ==== Deleting Services ======================

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\webinstrNew deleted successfully
    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\webinstrNew deleted successfully

    ==== FireFox Fix ======================

    ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0rbzcbm3.default-1395006579003

    ---- Lines extensions.H6fdOXnGOwOyupOs removed from prefs.js ----
    user_pref("extensions.H6fdOXnGOwOyupOs.epoch", "1");
    user_pref("extensions.H6fdOXnGOwOyupOs.scode", "void(0);");
    user_pref("extensions.H6fdOXnGOwOyupOs.url", "http://beautyspygetonlinez.info/sync/?q=C6qUojw6rdCEqTn4qTk5pjs5pjwGpjn4tMZPhd9FrHr7rHsErHCErds9qdn7rdr6
    ---- Lines extensions.cyOb01Dhxi3du6tD removed from prefs.js ----
    user_pref("extensions.cyOb01Dhxi3du6tD.epoch", "1416267471");
    user_pref("extensions.cyOb01Dhxi3du6tD.url", "http://canadafirstforeverygroup.net/sync2/?q=hfZ9oemMhdCHtNbPhd98qjgGpihTB6lKDzt4olljtNtVh7n0rjnFrja4rds
    ---- FireFox user.js and prefs.js backups ----

    user_20141130_1057_.backup
    prefs_20141130_1057_.backup

    ==== Deleting Files \ Folders ======================

    C:\PROGRA~3\{FBF3739B-717D-4429-BCEB-98D514E65F29} not found
    C:\PROGRA~2\PriceLess deleted
    C:\ProgramData\PriceLess deleted
    C:\PROGRA~3\90a5c7455bacb5d deleted
    C:\PROGRA~2\LuckyTab deleted
    C:\PROGRA~3\CloudSoft deleted
    C:\PROGRA~3\Updater deleted
    C:\PROGRA~3\RHelpers deleted
    C:\PROGRA~3\InstallMate deleted
    C:\Users\Owner\AppData\Local\avgchrome deleted
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted
    C:\windows\patsearch.bin deleted
    C:\windows\SysNative\sasnative64.exe deleted
    C:\Users\Owner\Downloads\CouponPrinter(1).exe deleted
    C:\Users\Owner\Downloads\CouponPrinter(2).exe deleted
    C:\Users\Owner\Downloads\CouponPrinter(3).exe deleted
    C:\Users\Owner\Downloads\CouponPrinter.exe deleted
    C:\windows\wininit.ini deleted
    C:\windows\SysNative\tasks\LuckyTab deleted
    C:\windows\SysNative\drivers\webinstrNew.sys deleted
    C:\windows\SysNative\drivers\Msft_Kernel_webinstrNew_01009.Wdf deleted
    C:\windows\SysNative\config\systemprofile\Searches deleted
    C:\windows\SysNative\GroupPolicy\Machine deleted
    C:\windows\SysNative\GroupPolicy\User deleted
    C:\windows\SysNative\GroupPolicy\GPT.INI deleted
    C:\windows\Syswow64\GroupPolicy\gpt.ini deleted
    C:\windows\SysWow64\AI_RecycleBin deleted
    C:\Users\Owner\Downloads\setup.exe deleted
    "C:\windows\Installer\332106e3.msi" deleted
    "C:\Users\Owner\AppData\Local\0df296065d8b7004eef1fd7c1e1c4f9c" deleted

    ==== Firefox Extensions Registry ======================

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
    "[email protected]"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [08/01/2014 03:59 AM]
    [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
    "{CBD0B549-5AA8-2F4D-8415-130B5802BBD5}"="C:\Program Files (x86)\ver4SpeeditUp\182.xpi" []

    ==== Firefox Extensions ======================

    ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0rbzcbm3.default-1395006579003
    - Undetermined - {F32E7E42-9AFA-47CA-A0C4-D07EE651D404}
    - ArcadeParlor - %ProfilePath%\extensions\{F32E7E42-9AFA-47CA-A0C4-D07EE651D404}

    AppDir: C:\Program Files (x86)\Mozilla Firefox
    - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

    ==== Firefox Plugins ======================

    Profilepath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\0rbzcbm3.default-1395006579003
    8303B3CEC05500F763B4FA75210598BB    - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll -    Shockwave Flash
    3CD19649B2C3023D65E67C056457A2BC    - C:\Users\Owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll -    Facebook Video Calling Plugin
    68BCBB241EF254BC5100D9E6C06ECC71    - C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll -    Google Talk Plugin Video Accelerator
    99FE6AFE80EB7FE3EEB75DC504A326A3    - C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npo1d.dll -    Google Talk Plugin Video Renderer
    AF42019A3B0EDBFA6878F75B9377A792    - C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll -    Google Talk Plugin
    AF661355EBAB898EB92D5454AEF93CE0    - C:\windows\SysWOW64\npDeployJava1.dll -    Java Deployment Toolkit 7.0.400.43
    7EF7E4C1325D533F5186E7118ABB0E7C    - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll -    McAfee Security Scanner +
    0C0C5C207121C7A78414A8250E8E099A    - C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll -    Shockwave for Director / Shockwave for Director
    15E298B5EC5B89C5994A59863969D9FF    - C:\windows\SysWOW64\npmproxy.dll -    Microsoft® Windows® Operating System


    ==== Fake Chromium Profiles Check ======================

    Fake profile C:\Users\Administrator\AppData\Local\Torch deleted
    Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted
    Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted
    Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted
    Fake profile C:\Users\Administrator\AppData\Local\Chromatic Browser deleted
    Fake profile C:\Users\Guest\AppData\Local\Torch deleted
    Fake profile C:\Users\Guest\AppData\Local\Google\Chrome deleted
    Fake profile C:\Users\Guest\AppData\Local\Google\Chrome SxS deleted
    Fake profile C:\Users\Guest\AppData\Local\Comodo\Dragon deleted
    Fake profile C:\Users\Guest\AppData\Local\Chromatic Browser deleted
    Fake profile C:\Users\HomeGroupUser$\AppData\Local\Torch deleted
    Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome deleted
    Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS deleted
    Fake profile C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon deleted
    Fake profile C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser deleted
    Fake profile C:\Users\Owner\AppData\Local\Torch deleted
    Fake profile C:\Users\Owner\AppData\Local\Google\Chrome SxS deleted
    Fake profile C:\Users\Owner\AppData\Local\Comodo\Dragon deleted
    Fake profile C:\Users\Owner\AppData\Local\Chromatic Browser deleted

    ==== Chromium Look ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
    eefhnbpnnaaokmclnihgajdnlgljajjg - No path found[]
    ggebenakhmhfdkmkemdmllecchcldgec - No path found[]
    gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[08/01/2014 03:59 AM]
    lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[03/02/2012 10:53 AM]

    Bcool - Owner\AppData\Local\Fast Browser\User Data\Default\Extensions\belehhimfpnfiopbmpkioideigiglmjg
    Skype Click to Call - Owner\AppData\Local\Fast Browser\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
    Social Privacy - Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfaifkapfifnanhhiidacmhldddojchn
    DubLi Toolbar - Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\clagbfpdfojpoondfdloibkiaipdeibm
    PriceLess - Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dclcodbflbdinkjeblfamifniepbbalh
    Avant Downloader - Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbonimgkpojnocmgjgkgigbfgffpcjnp
    Avast Online Security - Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
    Skype Click to Call - Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

    ==== Chromium Startpages ======================

    C:\Users\Owner\AppData\Local\Fast Browser\User Data\Default\Preferences
    "homepage": "http://www.safesear.ch",
    "urls_to_restore_on_startup": [ "http://www.safesear.ch" ]

    C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Preferences
    "homepage": "http://www.msn.com/?pc=AV01",


    ==== Chromium Fix ======================

    C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.live-lyrics.com_0.localstorage deleted successfully
    C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.live-lyrics.com_0.localstorage-journal deleted successfully
    C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
    C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully
    C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully
    C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully
    C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.soft-quick.info_0.localstorage deleted successfully
    C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.soft-quick.info_0.localstorage-journal deleted successfully
    C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fastonlinefinder.com_0.localstorage deleted successfully
    C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fastonlinefinder.com_0.localstorage-journal deleted successfully
    C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage deleted successfully
    C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage-journal deleted successfully
    C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.addtoany.com_0.localstorage deleted successfully
    C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.addtoany.com_0.localstorage-journal deleted successfully
    C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.ak.facebook.com_0.localstorage deleted successfully
    C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.ak.facebook.com_0.localstorage-journal deleted successfully
    C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.woolik.com_0.localstorage deleted successfully
    C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.woolik.com_0.localstorage-journal deleted successfully
    C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_b.scorecardresearch.com_0.localstorage deleted successfully
    C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_b.scorecardresearch.com_0.localstorage-journal deleted successfully
    C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.buenosearch.com_0.localstorage deleted successfully
    C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.buenosearch.com_0.localstorage-journal deleted successfully
    C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\clagbfpdfojpoondfdloibkiaipdeibm deleted successfully
    C:\Users\Owner\AppData\Local\Fast Browser\User Data\Default\Extensions\belehhimfpnfiopbmpkioideigiglmjg deleted successfully
    C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dclcodbflbdinkjeblfamifniepbbalh deleted successfully
    C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbonimgkpojnocmgjgkgigbfgffpcjnp deleted successfully

    ==== Set IE to Default ======================

    Old Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="https://search.yahoo.com/yhs/web?hspart=w3i&hsimp=yhs-syctransfer&type=W3i_SP,204,0_0,StartPage,20141146,20029,0,101,9284"
    "Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01"
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01"
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
    "Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
    "Tabs"="about:newtab"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
    "Tabs"="about:newtab"
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
    "DefaultScope"="{467D4EE9-28E0-498C-9F6F-FD1A013BFE79}"
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{467D4EE9-28E0-498C-9F6F-FD1A013BFE79}] not found

    New Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
    "Start Page"="http://www.google.com"
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
    "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
    "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

    ==== All HKCU SearchScopes ======================

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    {012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
    {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
    {1C24DC0E-AD7E-4339-8480-F45D566D30B7} Unknown  Url="Not_Found"
    {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} Microsoft (Bing) Url="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01"

    ==== Deleting CLSID Registry Keys ======================

    HKEY_USERS\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1C24DC0E-AD7E-4339-8480-F45D566D30B7} deleted successfully
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0733f78f-2d05-4f1e-95d1-ce20f52fcdf3} deleted successfully
    HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0733f78f-2d05-4f1e-95d1-ce20f52fcdf3} deleted successfully
    HKEY_CLASSES_ROOT\CLSID\{0733f78f-2d05-4f1e-95d1-ce20f52fcdf3} deleted successfully
    HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0733f78f-2d05-4f1e-95d1-ce20f52fcdf3} deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0733f78f-2d05-4f1e-95d1-ce20f52fcdf3} deleted successfully

    ==== Deleting CLSID Registry Values ======================

    HKEY_USERS\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\Mozilla\FireFox\Extensions\[email protected] deleted successfully
    HKEY_USERS\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\Mozilla\FireFox\Extensions\{CBD0B549-5AA8-2F4D-8415-130B5802BBD5} deleted successfully

    ==== Reset IE Proxy ======================

    Value(s) before fix:
    "ProxyServer"="http=127.0.0.1:49162;https=127.0.0.1:49162"
    "ProxyOverride"="<-loopback>"
    "ProxyEnable"=dword:00000001

    Value(s) after fix:
    "ProxyEnable"=dword:00000000

    ==== Deleting Registry Keys ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1F0BC1E8FB762504AA32AF229E84401C deleted successfully
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ContinueToSave deleted successfully
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3C511AE2-1655-7A2F-9196-89A88239B3E0} deleted successfully
    HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{32336E21-EAC0-0F33-4843-41048D7D2D33} deleted successfully
    HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
    HKEY_CURRENT_USER\Software\Policies\Google deleted successfully
    HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{75F9BF4A-AF67-A478-A37B-31D73186D3F3} deleted successfully
    HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8E1CB0F1-67BF-4052-AA23-FA22E94804C1} deleted successfully
    HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B} deleted successfully
    HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{be0fb33b} deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\1F0BC1E8FB762504AA32AF229E84401C deleted successfully
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully

    ==== Empty IE Cache ======================

    C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
    C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

    ==== Empty FireFox Cache ======================

    C:\Users\Owner\AppData\Local\Mozilla\Firefox\Profiles\0rbzcbm3.default-1395006579003\cache2 emptied successfully

    ==== Empty Chrome Cache ======================

    C:\Users\Owner\AppData\Local\Fast Browser\User Data\Default\Cache emptied successfully

    ==== Empty All Flash Cache ======================

    Flash Cache Emptied Successfully

    ==== Empty All Java Cache ======================

    Java Cache cleared successfully

    ==== C:\zoek_backup content ======================

    C:\zoek_backup (files=355 folders=31 20885591 bytes)

    ==== Empty Temp Folders ======================

    C:\Users\Default\AppData\Local\Temp emptied successfully
    C:\Users\Default User\AppData\Local\Temp emptied successfully
    C:\Users\Owner\AppData\Local\Temp will be emptied at reboot
    C:\windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully
    C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
    C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
    C:\windows\Temp will be emptied at reboot

    ==== After Reboot ======================

    ==== Empty Temp Folders ======================

    C:\windows\Temp successfully emptied
    C:\Users\Owner\AppData\Local\Temp successfully emptied

    ==== Empty Recycle Bin ======================

    C:\$RECYCLE.BIN successfully emptied

    ==== EOF on Sun 11/30/2014 at 11:07:53.87 ======================
     


  12. All processes killed
    ========== OTL ==========
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1C24DC0E-AD7E-4339-8480-F45D566D30B7}\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1C24DC0E-AD7E-4339-8480-F45D566D30B7}\ not found.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
    HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Registry value HKEY_USERS\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{2877A654-1C9F-4cb5-8438-16022B2FDD9C} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2877A654-1C9F-4cb5-8438-16022B2FDD9C}\ not found.
    HKEY_USERS\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Registry key HKEY_USERS\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
    Registry key HKEY_USERS\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C3A345CE-BFBC-4936-BF7C-3ABEA78CEF9D}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3A345CE-BFBC-4936-BF7C-3ABEA78CEF9D}\ not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
    C:\Users\Owner\AppData\Roaming\mozilla\Extensions folder moved successfully.
    C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\hyr99t9j.default\extensions\[email protected]\chrome\content folder moved successfully.
    C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\hyr99t9j.default\extensions\[email protected]\chrome folder moved successfully.
    C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\hyr99t9j.default\extensions\[email protected] folder moved successfully.
    C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\hyr99t9j.default\extensions\[email protected]\content folder moved successfully.
    C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\hyr99t9j.default\extensions\[email protected]\components folder moved successfully.
    C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\hyr99t9j.default\extensions\[email protected] folder moved successfully.
    C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\hyr99t9j.default\extensions folder moved successfully.
    File C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\hyr99t9j.default\extensions\{1266764D-FC4F-4FA7-B63B-884D53B1680F}.xpi not found.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons\default folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\extensions folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
    C:\Program Files (x86)\Mozilla Firefox\browser\extensions folder moved successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE}\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE}\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
    64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8660E5B3-6C41-44DE-8503-98D99BBECD41} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8660E5B3-6C41-44DE-8503-98D99BBECD41}\ deleted successfully.
    Registry value HKEY_USERS\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8660E5B3-6C41-44DE-8503-98D99BBECD41} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8660E5B3-6C41-44DE-8503-98D99BBECD41}\ not found.
    64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TPwrMain deleted successfully.
    C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe moved successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
    Registry value HKEY_USERS\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\Microsoft\Windows\CurrentVersion\Run\\MobileAppSync deleted successfully.
    Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
    Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.

    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
    File Protocol\Handler\livecall - No CLSID value found not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
    File Protocol\Handler\ms-help - No CLSID value found not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
    File Protocol\Handler\msnim - No CLSID value found not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
    File Protocol\Handler\skype4com - No CLSID value found not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
    File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ not found.
    File Protocol\Handler\livecall - No CLSID value found not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ not found.
    File Protocol\Handler\ms-help - No CLSID value found not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ not found.
    File Protocol\Handler\msnim - No CLSID value found not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ not found.
    File Protocol\Handler\skype4com - No CLSID value found not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ not found.
    File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
    File Protocol\Handler\wlmailhtml - No CLSID value found not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
    File Protocol\Handler\wlpg - No CLSID value found not found.
    64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll deleted successfully.
    64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
    ========== COMMANDS ==========
     
    [EMPTYJAVA]
     
    User: Administrator
     
    User: All Users
     
    User: Default
     
    User: Default User
     
    User: Owner
    ->Java cache emptied: 4386947 bytes
     
    User: Public
     
    Total Java Files Cleaned = 4.00 mb
     
     
    [EMPTYFLASH]
     
    User: Administrator
     
    User: All Users
     
    User: Default
    ->Flash cache emptied: 56478 bytes
     
    User: Default User
    ->Flash cache emptied: 0 bytes
     
    User: Owner
    ->Flash cache emptied: 77772 bytes
     
    User: Public
     
    Total Flash Files Cleaned = 0.00 mb
     
     
    [EMPTYTEMP]
     
    User: Administrator
     
    User: All Users
     
    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Flash cache emptied: 0 bytes
     
    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes
     
    User: Owner
    ->Temp folder emptied: 67736087 bytes
    ->Temporary Internet Files folder emptied: 172218055 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 309637714 bytes
    ->Google Chrome cache emptied: 10460968 bytes
    ->Flash cache emptied: 0 bytes
     
    User: Public
     
    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 572568654 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 84787 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 746 bytes
    RecycleBin emptied: 48882443 bytes
     
    Total Files Cleaned = 1,127.00 mb
     
    C:\windows\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully
    Restore point Set: OTL Restore Point
     
    OTL by OldTimer - Version 3.2.69.0 log created on 11242013_214743

    Files\Folders moved on Reboot...
    C:\Users\Owner\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
    File move failed. C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...


  13. OTL logfile created on: 11/24/2013 8:44:52 AM - Run 1
    OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Owner\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16736)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
     
    3.80 Gb Total Physical Memory | 1.58 Gb Available Physical Memory | 41.53% Memory free
    7.60 Gb Paging File | 5.03 Gb Available in Paging File | 66.24% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 583.11 Gb Total Space | 529.80 Gb Free Space | 90.86% Space Free | Partition Type: NTFS
    Drive D: | 7.38 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
     
    Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Processes (SafeList) ==========
     
    PRC - [2013/11/24 08:33:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL.com
    PRC - [2013/11/23 12:00:09 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
    PRC - [2013/11/18 00:16:59 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    PRC - [2013/11/13 00:36:50 | 000,148,480 | ---- | M] () -- C:\Program Files (x86)\Social Privacy  DNS\dnswatch.exe
    PRC - [2013/09/03 06:53:50 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    PRC - [2013/01/07 12:53:22 | 000,340,992 | ---- | M] () -- C:\ProgramData\CloudSoft\ContinueToSave\ContinueToSave.exe
    PRC - [2012/02/14 23:39:36 | 030,705,792 | ---- | M] (Gemalto N.V.) -- C:\Users\Owner\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
    PRC - [2011/10/05 12:31:46 | 001,652,736 | R--- | M] (AWS Convergence Technologies, Inc.) -- C:\Program Files (x86)\AWS\WeatherBug\Weather.exe
    PRC - [2010/11/20 03:17:02 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe
    PRC - [2010/09/02 23:45:02 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
    PRC - [2010/05/01 16:55:36 | 002,454,840 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
    PRC - [2010/04/01 09:52:22 | 000,252,728 | ---- | M] (TOSHIBA) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
    PRC - [2010/03/03 14:42:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
    PRC - [2010/03/03 14:41:58 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    PRC - [2009/12/25 15:21:16 | 000,034,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
    PRC - [2007/03/29 15:41:26 | 000,222,128 | ---- | M] (Macrovision Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
     
     
    ========== Modules (No Company Name) ==========
     
    MOD - [2013/11/23 12:00:09 | 016,237,448 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
    MOD - [2013/11/18 00:16:58 | 003,363,952 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
    MOD - [2013/11/13 00:36:50 | 000,148,480 | ---- | M] () -- C:\Program Files (x86)\Social Privacy  DNS\dnswatch.exe
    MOD - [2012/02/20 20:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2012/02/20 20:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2012/02/14 16:37:52 | 011,796,096 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\SanDisk\My Vaults\dmBackup.dll
     
     
    ========== Services (SafeList) ==========
     
    SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
    SRV:64bit: - [2010/07/28 10:27:16 | 000,267,192 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
    SRV:64bit: - [2010/07/22 16:36:16 | 000,822,192 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
    SRV:64bit: - [2010/06/29 11:05:02 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
    SRV:64bit: - [2010/06/07 15:39:40 | 000,911,872 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv)
    SRV:64bit: - [2010/06/07 15:34:20 | 000,408,576 | ---- | M] (Red Bend Ltd.) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent)
    SRV:64bit: - [2010/03/05 10:26:38 | 001,425,168 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
    SRV:64bit: - [2010/03/05 10:07:58 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
    SRV:64bit: - [2010/03/05 10:06:22 | 000,831,760 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
    SRV:64bit: - [2010/02/05 17:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
    SRV:64bit: - [2009/10/21 09:30:36 | 000,531,520 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
    SRV:64bit: - [2009/07/28 15:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
    SRV - [2013/11/23 12:00:09 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013/11/18 00:16:58 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2013/09/03 06:53:50 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
    SRV - [2013/01/08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
    SRV - [2010/09/02 23:45:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe -- (McComponentHostService)
    SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/03/03 14:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
    SRV - [2010/03/03 14:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
    SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
     
     
    ========== Driver Services (SafeList) ==========
     
    DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
    DRV:64bit: - [2012/09/28 21:52:10 | 000,075,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
    DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
    DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2012/02/15 10:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
    DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010/11/20 04:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/11/20 02:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2010/11/20 00:37:44 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
    DRV:64bit: - [2010/06/18 10:38:06 | 000,039,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
    DRV:64bit: - [2010/05/31 12:05:06 | 007,689,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
    DRV:64bit: - [2010/05/18 16:02:48 | 000,164,464 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
    DRV:64bit: - [2010/05/16 17:28:38 | 000,175,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpmp.sys -- (bpmp)
    DRV:64bit: - [2010/05/16 17:28:30 | 000,081,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpusb.sys -- (bpusb)
    DRV:64bit: - [2010/05/16 17:28:28 | 000,071,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpenum.sys -- (bpenum)
    DRV:64bit: - [2010/05/08 18:38:56 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
    DRV:64bit: - [2010/05/03 14:44:02 | 000,331,880 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2010/04/21 11:18:44 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2010/03/10 18:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
    DRV:64bit: - [2010/02/26 16:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
    DRV:64bit: - [2010/02/03 06:38:30 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
    DRV:64bit: - [2010/01/15 12:22:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
    DRV:64bit: - [2009/09/17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
    DRV:64bit: - [2009/07/30 21:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
    DRV:64bit: - [2009/07/30 20:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
    DRV:64bit: - [2009/07/14 15:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
    DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/13 17:00:24 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpials.sys -- (acpials)
    DRV:64bit: - [2009/06/29 16:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
    DRV:64bit: - [2009/06/29 10:25:22 | 000,034,880 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
    DRV:64bit: - [2009/06/22 17:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
    DRV:64bit: - [2009/06/19 19:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
    DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
    DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
     
     
    ========== Standard Registry (All) ==========
     
     
    ========== Internet Explorer ==========
     
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.toshiba.com/
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {1C24DC0E-AD7E-4339-8480-F45D566D30B7}
    IE:64bit: - HKLM\..\SearchScopes\{1C24DC0E-AD7E-4339-8480-F45D566D30B7}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
     
     
    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
     
    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
     
    IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
     
    IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
     
    IE - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/?cid=C001B2Y
    IE - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://start.toshiba.com/g/ [binary data]
    IE - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
    IE - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    IE - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
    IE - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.buenosearch.com/?babsrc [binary data over 200 bytes]
    IE - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
    IE - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\..\URLSearchHook: {2877A654-1C9F-4cb5-8438-16022B2FDD9C} - No CLSID value found
    IE - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
    IE - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
    IE - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\..\SearchScopes\{C3A345CE-BFBC-4936-BF7C-3ABEA78CEF9D}: "URL" = http://www.bing.com/search?FORM=IPGTDF&PC=IPGTDF&q={searchTerms}&src=IE-SearchBox
    IE - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
     
    ========== FireFox ==========
     
    FF - prefs.js..browser.search.defaultenginename,S: S", ""
    FF - prefs.js..browser.search.defaultthis.engineName: ""
    FF - prefs.js..browser.search.order.1: ""
    FF - prefs.js..browser.search.order.1,S: S", ""
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..extensions.enabledAddons: %7B1266764D-FC4F-4FA7-B63B-884D53B1680F%7D:3.6.5
    FF - prefs.js..extensions.enabledAddons: support%40tubedimmerapp.com:2.6.49
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
    FF - prefs.js..keyword.URL: ""
    FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
    FF - prefs.js..network.proxy.type: 0
    FF - user.js - File not found
     
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll File not found
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKLM\Software\MozillaPlugins\vbplayer: C:\Program Files (x86)\Common Files\VBrick\VBPlayerMoz\npvbplayer.dll (VBrick Inc.)
    FF - HKLM\Software\MozillaPlugins\vbwmplayer: C:\Program Files (x86)\Common Files\VBrick\VBPlayerMoz\npvbwmplayer.dll (VBrick Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
     
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/11/18 00:16:56 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/11/20 10:27:07 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\FireFox\Extensions\\[email protected]: C:\Program Files (x86)\Social Privacy\FF\
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/11/18 00:16:56 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/11/20 10:27:07 | 000,000,000 | ---D | M]
     
    [2012/04/02 16:03:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions
    [2013/11/23 15:20:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\hyr99t9j.default\extensions
    [2013/01/30 19:53:37 | 000,000,000 | ---D | M] (Default Manager) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\hyr99t9j.default\extensions\[email protected]
    [2013/11/23 12:02:19 | 000,000,000 | ---D | M] (Tube Dimmer) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\hyr99t9j.default\extensions\[email protected]
    [2012/08/09 16:04:54 | 000,011,658 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\hyr99t9j.default\extensions\{1266764D-FC4F-4FA7-B63B-884D53B1680F}.xpi
    [2013/10/18 19:35:31 | 000,001,315 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\hyr99t9j.default\searchplugins\buenosearch.xml
    [2013/11/23 14:38:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2013/11/18 00:16:56 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
    [2013/11/18 00:16:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
    [2013/11/18 00:16:59 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2013/09/03 06:53:52 | 000,187,248 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
    [2007/07/18 11:19:40 | 002,998,784 | ---- | M] (Tamarack Software, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nptgeqplugin.dll
     
    ========== Chrome  ==========
     
    CHR - homepage: http://www.google.com
    CHR - Extension: Social Privacy = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfaifkapfifnanhhiidacmhldddojchn\1.0_0\
    CHR - Extension: Skype Click to Call = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_1\
    CHR - Extension: Google Wallet = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1\
     
    O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
    O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    O2:64bit: - BHO: (Social Privacy) - {91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} - C:\Program Files (x86)\Social Privacy\sp64.dll File not found
    O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg64.dll File not found
    O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
    O2:64bit: - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
    O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
    O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
    O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Coupons.com CouponBar) - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll File not found
    O3 - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\..\Toolbar\WebBrowser: (Coupons.com CouponBar) - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll File not found
    O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
    O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
    O4:64bit: - HKLM..\Run: [intelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
    O4:64bit: - HKLM..\Run: [intelWirelessWiMAX] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel® Corporation)
    O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [smartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
    O4:64bit: - HKLM..\Run: [smoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
    O4:64bit: - HKLM..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
    O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
    O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
    O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
    O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
    O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
    O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
    O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
    O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: []  File not found
    O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [dnsshield] C:\Program Files (x86)\Social Privacy  DNS\dnswatch.exe ()
    O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
    O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
    O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
    O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
    O4 - HKLM..\Run: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA CORPORATION)
    O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe (TOSHIBA)
    O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
    O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000..\Run: [Facebook Update] C:\Users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
    O4 - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000..\Run: [Google Update] C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
    O4 - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000..\Run: [iSUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
    O4 - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000..\Run: [MobileAppSync] "C:\Program Files (x86)\Mobile App Sync\D2MClient.exe" File not found
    O4 - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000..\Run: [sanDiskSecureAccess_Manager.exe] C:\Users\Owner\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe (Gemalto N.V.)
    O4 - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000..\Run: [skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
    O4 - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000..\Run: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe (AWS Convergence Technologies, Inc.)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3050A J611 series.lnk = C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
    O7 - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
    O7 - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
    O7 - HKU\S-1-5-21-3546646767-1445017109-1683610049-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
    O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
    O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
    O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.4.4
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{473B71CB-DE63-4CA3-86EE-6E3E788BD628}: DhcpNameServer = 10.1.0.101 10.33.1.101
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{473B71CB-DE63-4CA3-86EE-6E3E788BD628}: NameServer = 8.8.8.8,8.8.4.4
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E8163B9-9237-4136-840E-0B07C0F72B55}: NameServer = 8.8.8.8,8.8.4.4
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 8.8.8.8,8.8.4.4
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E5F7D1AA-E3BD-489C-9076-9B2120943A5D}: NameServer = 8.8.8.8,8.8.4.4
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6759FE2-C7A5-477D-8FF9-27F41EDE2897}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6759FE2-C7A5-477D-8FF9-27F41EDE2897}: NameServer = 8.8.8.8,8.8.4.4
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F8F484EE-41AE-4C9A-BF17-D8F84709B324}: NameServer = 8.8.8.8,8.8.4.4
    O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
    O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
    O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
    O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
    O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
    O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
    O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) -  File not found
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation)
    O29 - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation)
    O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation)
    O30 - LSA: Authentication Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (kerberos) - C:\windows\SysNative\kerberos.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (schannel) - C:\windows\SysNative\schannel.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (wdigest) - C:\windows\SysNative\wdigest.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (tspkg) - C:\windows\SysNative\tspkg.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (pku2u) - C:\windows\SysNative\pku2u.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (livessp) - C:\windows\SysNative\livessp.dll (Microsoft Corp.)
    O30 - LSA: Security Packages - (kerberos) - C:\windows\SysWow64\kerberos.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (schannel) - C:\windows\SysWow64\schannel.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (wdigest) - C:\windows\SysWow64\wdigest.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (tspkg) - C:\windows\SysWow64\tspkg.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (pku2u) - C:\windows\SysWow64\pku2u.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (livessp) - C:\windows\SysWow64\livessp.dll (Microsoft Corp.)
    O31 - SafeBoot: AlternateShell - cmd.exe
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
     
    ========== Files/Folders - Created Within 30 Days ==========
     
    [2013/11/23 15:26:52 | 000,000,000 | ---D | C] -- C:\windows\ERUNT
    [2013/11/23 15:18:26 | 000,000,000 | ---D | C] -- C:\AdwCleaner
    [2013/11/23 14:41:20 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Malwarebytes
    [2013/11/23 14:41:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2013/11/23 14:41:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2013/11/23 14:41:13 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
    [2013/11/23 14:41:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2013/11/23 14:35:03 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\CrashDumps
    [2013/11/23 13:54:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
    [2013/11/23 12:02:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Updater
    [2013/11/23 12:02:19 | 000,000,000 | ---D | C] -- C:\ProgramData\RHelpers
    [2013/11/23 12:01:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Social Privacy  DNS
    [2013/11/23 12:01:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\sp
    [2013/11/23 11:58:51 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\InstallShield
    [2013/11/23 11:58:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UEFI WinFlash
    [2013/11/18 00:16:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
    [2013/11/13 03:05:53 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
    [2013/11/13 03:05:53 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
    [2013/11/13 03:05:52 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
    [2013/11/13 03:05:52 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
    [2013/11/13 03:05:52 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
    [2013/11/13 03:05:52 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
    [2013/11/13 03:05:52 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
    [2013/11/13 03:05:52 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
    [2013/11/13 03:05:52 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
    [2013/11/13 03:05:52 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
    [2013/11/13 03:05:52 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
    [2013/11/13 03:05:50 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
    [2013/11/13 03:05:50 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
    [2013/11/13 03:05:50 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
    [2013/11/13 03:05:49 | 003,959,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
    [2013/11/12 23:20:15 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll
    [2013/11/12 23:20:13 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll
    [2013/11/12 23:20:12 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll
    [2013/11/12 23:20:12 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\credui.dll
    [2013/11/12 23:20:12 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SmartcardCredentialProvider.dll
    [2013/11/12 23:20:12 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SmartcardCredentialProvider.dll
    [2013/11/12 23:20:10 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
    [2013/11/12 23:20:10 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
    [2013/11/12 23:20:10 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
    [2013/11/12 23:20:10 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
    [2013/11/12 23:20:10 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
    [2013/11/12 23:20:05 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nshwfp.dll
    [2013/11/12 23:20:05 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nshwfp.dll
    [2013/11/12 23:20:05 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll
    [2013/11/12 23:20:05 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FWPUCLNT.DLL
    [2013/11/12 23:20:05 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FWPUCLNT.DLL
    [2013/11/03 18:34:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Crystal Decisions
    [2013/11/03 18:34:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VBrick
    [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
     
    ========== Files - Modified Within 30 Days ==========
     
    [2013/11/24 08:33:13 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3546646767-1445017109-1683610049-1000UA.job
    [2013/11/24 08:33:01 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
    [2013/11/24 08:32:38 | 000,000,928 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3546646767-1445017109-1683610049-1000UA.job
    [2013/11/24 08:32:38 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
    [2013/11/24 08:32:35 | 000,000,256 | ---- | M] () -- C:\windows\tasks\HP Photo Creations Messager.job
    [2013/11/24 08:32:24 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
    [2013/11/23 16:18:00 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
    [2013/11/23 15:30:11 | 000,016,304 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/11/23 15:30:11 | 000,016,304 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/11/23 15:22:43 | 000,001,960 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3050A J611 series.lnk
    [2013/11/23 15:21:54 | 000,000,398 | -H-- | M] () -- C:\windows\tasks\{3D084AB5-6B71-476E-B860-DEC739BBF3B3}.job
    [2013/11/23 15:21:26 | 3059,748,864 | -HS- | M] () -- C:\hiberfil.sys
    [2013/11/23 14:41:15 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2013/11/23 14:38:02 | 000,726,444 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
    [2013/11/23 14:38:02 | 000,624,412 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
    [2013/11/23 14:38:02 | 000,106,756 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
    [2013/11/23 14:23:55 | 000,000,085 | ---- | M] () -- C:\windows\wininit.ini
    [2013/11/23 13:25:08 | 000,000,906 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3546646767-1445017109-1683610049-1000Core.job
    [2013/11/23 13:24:25 | 000,000,856 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3546646767-1445017109-1683610049-1000Core.job
    [2013/11/23 12:00:09 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
    [2013/11/23 12:00:09 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
    [2013/11/14 23:12:21 | 000,002,194 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
     
    ========== Files Created - No Company Name ==========
     
    [2013/11/23 14:41:15 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2013/11/23 14:23:50 | 000,000,085 | ---- | C] () -- C:\windows\wininit.ini
    [2012/09/11 14:40:01 | 000,000,064 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Statdisk.prefs
    [2012/04/02 17:54:58 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
    [2012/03/31 14:00:11 | 000,017,408 | ---- | C] () -- C:\Users\Owner\AppData\Local\WebpageIcons.db
     
    ========== ZeroAccess Check ==========
     
    [2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
     
    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
     
    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
     
    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
     
    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 03:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
     
    ========== LOP Check ==========
     
    [2012/08/21 14:17:27 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Blackboard
    [2012/08/21 14:16:26 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Collaborate
    [2012/08/08 11:42:46 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\MusicOasis
    [2013/03/22 21:10:32 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ooVoo Details
    [2013/08/29 15:38:14 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SanDisk
    [2013/08/29 15:35:18 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SanDisk SecureAccess
    [2012/11/14 18:07:19 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Toshiba
    [2012/05/23 08:36:04 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WeatherBug
    [2012/03/31 12:29:04 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WinBatch
     
    ========== Purity Check ==========
     
     

    < End of report >
     


  14. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.0.8 (11.05.2013:1)
    OS: Windows 7 Home Premium x64
    Ran by Owner on Sat 11/23/2013 at 15:26:55.39
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3546646767-1445017109-1683610049-1000\Software\sweetim
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FC7D95DD-6EDB-4b68-8CAB-A93808C37EB4}



    ~~~ Files

    Successfully deleted: [File] "C:\users\default user\start menu\programs\startup\best buy pc app.lnk"



    ~~~ Folders

    Successfully deleted: [Folder] "C:\ProgramData\best buy pc app"
    Successfully deleted: [Folder] "C:\ProgramData\cloud software ltd"
    Successfully deleted: [Folder] "C:\Users\Owner\appdata\local\best buy pc app"
    Successfully deleted: [Folder] "C:\windows\syswow64\ai_recyclebin"
    Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0247B643-19D3-4EAF-BB02-DF3B9C0F0051}
    Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{14CF282F-65F2-4FE2-8C7C-B4E4C9FC79EC}
    Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{19719634-8A72-4779-A74B-6F0C6F7DE83D}
    Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8B4D939C-DFEA-471F-99BA-9E9D4221BEC3}
    Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D83FF8BC-C60C-48E7-840E-166A46EAEDC9}



    ~~~ FireFox

    Successfully deleted: [File] C:\user.js
    Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{1c43baf1-00c2-40a8-a09e-f84cfd79546d}
    Successfully deleted the following from C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\hyr99t9j.default\prefs.js


    user_pref("id_couponscom.variables.Var1", "hxxp%3A//cdn.coupons.com/couponbar.coupons.com");
    user_pref("id_couponscom.variables.Var2", "hxxp%3A//couponbar.coupons.com");
    user_pref("id_couponscom.variables.Var3", "hxxp%3A//www.coupons.com/coupon-codes/");
    Emptied folder: C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\hyr99t9j.default\minidumps [163 files]



    ~~~ Chrome

    Successfully deleted: [Folder] C:\Users\Owner\appdata\local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Sat 11/23/2013 at 15:36:04.99
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


  15. # AdwCleaner v3.012 - Report created 23/11/2013 at 15:19:56
    # Updated 11/11/2013 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Owner - OWNER-PC
    # Running from : C:\Users\Owner\Downloads\adwcleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\continuetosave
    Folder Deleted : C:\ProgramData\DSearchLink
    Folder Deleted : C:\ProgramData\Partner
    Folder Deleted : C:\ProgramData\Premium
    Folder Deleted : C:\ProgramData\Systweak
    Folder Deleted : C:\ProgramData\Tarma Installer
    Folder Deleted : C:\ProgramData\w3i
    Folder Deleted : C:\ProgramData\Bcool
    Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
    Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\continuetosave
    Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bcool
    Folder Deleted : C:\Program Files (x86)\Babylon
    Folder Deleted : C:\Program Files (x86)\continuetosave
    Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com
    Folder Deleted : C:\Program Files (x86)\MyPC Backup
    Folder Deleted : C:\Program Files (x86)\w3i
    Folder Deleted : C:\Program Files\Babylon
    Folder Deleted : C:\Users\Owner\AppData\Local\Ilivid
    Folder Deleted : C:\Users\Owner\AppData\Local\PackageAware
    Folder Deleted : C:\Users\Owner\AppData\Local\Searchprotect
    Folder Deleted : C:\Users\Owner\AppData\Local\Temp\BabylonToolbar
    Folder Deleted : C:\Users\Owner\AppData\LocalLow\BabylonToolbar
    Folder Deleted : C:\Users\Owner\AppData\LocalLow\continuetosave
    Folder Deleted : C:\Users\Owner\AppData\LocalLow\Toolbar4
    Folder Deleted : C:\Users\Owner\AppData\LocalLow\Bcool
    Folder Deleted : C:\Users\Owner\AppData\Roaming\optimizer pro
    Folder Deleted : C:\Users\Owner\AppData\Roaming\Systweak
    Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\hyr99t9j.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
    Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\hyr99t9j.default\Extensions\[email protected]
    Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\hyr99t9j.default\Extensions\[email protected]
    Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\belehhimfpnfiopbmpkioideigiglmjg
    File Deleted : C:\windows\System32\roboot64.exe
    File Deleted : C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
    File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
    File Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\hyr99t9j.default\searchplugins\conduit-search.xml
    File Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\hyr99t9j.default\searchplugins\GoogleFeed.xml
    File Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\hyr99t9j.default\searchplugins\WebSearch.xml
    File Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\hyr99t9j.default\searchplugins\web-search.xml
    File Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\hyr99t9j.default\user.js
    File Deleted : C:\windows\System32\Tasks\Advanced System Protector_startup

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\belehhimfpnfiopbmpkioideigiglmjg
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com
    Key Deleted : HKCU\Software\Microsoft\Office\Powerpoint\Addins\babylonofficeaddin.officeaddin
    Key Deleted : HKCU\Software\Microsoft\Office\Word\Addins\babylonofficeaddin.officeaddin
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
    Key Deleted : HKLM\SOFTWARE\Classes\BabyDict
    Key Deleted : HKLM\SOFTWARE\Classes\BabyGloss
    Key Deleted : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin
    Key Deleted : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin.1
    Key Deleted : HKLM\SOFTWARE\Classes\BabyOptFile
    Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
    Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
    Key Deleted : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho
    Key Deleted : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
    Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
    Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
    Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
    Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ContinueToSave_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ContinueToSave_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_e14dcdfa
    Key Deleted : HKLM\SOFTWARE\5a57d88fe738ed47
    Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar
    Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar.1
    Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.TBSB07898
    Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.TBSB07898.3
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898.1
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6AC0BB10-C922-45E2-857D-2A368FE749E5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6ECE3D6-4B98-404D-F169-424568257FD7}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5C9A2304-70A5-11D5-AFB0-0050DAC67890}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F310F027-15CB-4A7F-B10D-3A4AFB5013A5}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6ECE3D6-4B98-404D-F169-424568257FD7}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B6ECE3D6-4B98-404D-F169-424568257FD7}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B6ECE3D6-4B98-404D-F169-424568257FD7}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
    Key Deleted : HKCU\Software\BabSolution
    Key Deleted : HKCU\Software\Babylon
    Key Deleted : HKCU\Software\ilivid
    Key Deleted : HKCU\Software\systweak
    Key Deleted : HKCU\Software\AppDataLow\Software\DynConIE
    Key Deleted : HKLM\Software\Babylon
    Key Deleted : HKLM\Software\DataMngr
    Key Deleted : HKLM\Software\Freeze.com
    Key Deleted : HKLM\Software\SearchProtect
    Key Deleted : HKLM\Software\SP Global
    Key Deleted : HKLM\Software\SProtector
    Key Deleted : HKLM\Software\systweak
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{20E7BC40-33F6-4A81-9D52-B58349326206}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
    Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
    Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\contin~1\sprote~1.dll
    Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\softqu~1\sprote~1.dll

    ***** [ Browsers ] *****

    -\\ Internet Explorer v10.0.9200.16736


    -\\ Mozilla Firefox v25.0.1 (en-US)

    [ File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\hyr99t9j.default\prefs.js ]

    Line Deleted : user_pref("aol_toolbar.default.homepage.check", false);
    Line Deleted : user_pref("aol_toolbar.default.search.check", false);
    Line Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");

    Line Deleted : user_pref("browser.search.defaultenginename", "Conduit Search");

    Line Deleted : user_pref("browser.search.selectedEngine", "Conduit Search");
    Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");

    Line Deleted : user_pref("extensions.4fbc84135687b.scode", "(function(){try{if('aol.com,mail.google.com,mystart.incredibar.com,premiumreports.info,search.babylon.com,search.funmoods.com,search.gboxapp.com,search.swe[...]
    Line Deleted : user_pref("extensions.50f350351540d.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self.location.protocol.indexOf('hxxp') > -1 && window.self == wi[...]
    Line Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
    Line Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
    Line Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112454&tt=220512_53all");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "1a6fc41600000000000064d4da291afd");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.id", "1a6fc41600000000000064d4da291afd");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15483");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);

    Line Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.179:35:03");
    Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");

    Line Deleted : user_pref("extensions.dynconff.cache.search.conduit.com.content", "<package expire=\"3600\" message=\"Empty\"></package>");
    Line Deleted : user_pref("extensions.dynconff.cache.search.conduit.com.expires", "1385247835034");
    Line Deleted : user_pref("id_couponscom.variablecashedNotifications", "%7B%22hxxp%3A//www.amazon.com/%22%3A%22%3CTOOLBAR%3E%5Cr%5Cn%3CSETTINGS%20scope%3D%5C%220%5C%22%3E%5Cr%5Cn%20%20%20%20%3CWEBJUMP%20encoding%3D%5[...]
    Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
    Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "WebSearch");

    Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
    Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*");
    Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "1");
    Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1");
    Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "false");

    -\\ Google Chrome v31.0.1650.57

    [ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    Deleted : homepage
    Deleted : urls_to_restore_on_startup

    *************************

    AdwCleaner[R0].txt - [22792 octets] - [23/11/2013 15:18:38]
    AdwCleaner[s0].txt - [21871 octets] - [23/11/2013 15:19:56]

    ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [21932 octets] ##########
     


  16. Malwarebytes Anti-Malware (Trial) 1.75.0.1300
    www.malwarebytes.org

    Database version: v2013.11.23.08

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 10.0.9200.16736
    Owner :: OWNER-PC [administrator]

    Protection: Enabled

    11/23/2013 2:42:43 PM
    mbam-log-2013-11-23 (14-42-43).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 235609
    Time elapsed: 6 minute(s), 41 second(s)

    Memory Processes Detected: 8
    C:\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe (PUP.Optional.OptimizerPro) -> 3584 -> Delete on reboot.
    C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe (PUP.Optional.OptimizerPro) -> 3608 -> Delete on reboot.
    C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe (PUP.Optional.InstallIQ.A) -> 3692 -> Delete on reboot.
    C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe (PUP.Optional.SearchDonkey.A) -> 4124 -> Delete on reboot.
    C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe (PUP.Optional.SearchDonkey.A) -> 4892 -> Delete on reboot.
    C:\ProgramData\RHelpers\IeHelper\IeHelper.exe (PUP.Optional.SearchDonkey.A) -> 5096 -> Delete on reboot.
    C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe (PUP.Optional.AdvancedSystemProtector.A) -> 1964 -> Delete on reboot.
    C:\ProgramData\Updater\updater.exe (Trojan.Agent) -> 3676 -> Delete on reboot.

    Memory Modules Detected: 6
    C:\Program Files (x86)\Advanced System Protector\aspsys.dll (PUP.Optional.AdvancedSystemProtector.A) -> Delete on reboot.
    C:\Program Files (x86)\Advanced System Protector\Microsoft.Win32.TaskScheduler.DLL (PUP.Optional.AdvancedSystemProtector.A) -> Delete on reboot.
    C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll (PUP.Optional.AdvancedSystemProtector.A) -> Delete on reboot.
    C:\Program Files (x86)\Advanced System Protector\Xceed.Compression.dll (PUP.Optional.AdvancedSystemProtector.A) -> Delete on reboot.
    C:\Program Files (x86)\Advanced System Protector\Xceed.FileSystem.dll (PUP.Optional.AdvancedSystemProtector.A) -> Delete on reboot.
    C:\Program Files (x86)\Advanced System Protector\Xceed.Zip.dll (PUP.Optional.AdvancedSystemProtector.A) -> Delete on reboot.

    Registry Keys Detected: 37
    HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
    HKCR\CLSID\{0D880AFA-5ECD-A203-3246-A130BA3156F6} (PUP.DownloadnSave) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0D880AFA-5ECD-A203-3246-A130BA3156F6} (PUP.DownloadnSave) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0D880AFA-5ECD-A203-3246-A130BA3156F6} (PUP.DownloadnSave) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0D880AFA-5ECD-A203-3246-A130BA3156F6} (PUP.DownloadnSave) -> Quarantined and deleted successfully.
    HKCR\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC} (PUP.DownloadnSave) -> Quarantined and deleted successfully.
    HKCR\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB} (PUP.DownloadnSave) -> Quarantined and deleted successfully.
    HKCR\CLSID\{44ed99e2-16a6-4b89-80d6-5b21cf42e78b} (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.
    HKCR\TypeLib\{781CA792-9B6E-400B-B36F-15C097D2CA54} (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.
    HKCR\Interface\{2830488C-079B-45C2-88B6-AFE4EAA2DF85} (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.
    HKCR\DynConIE.DynConIEObject.1 (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.
    HKCR\DynConIE.DynConIEObject (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B} (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.
    HKCR\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0} (PUP.Optional.Softomate.A) -> Quarantined and deleted successfully.
    HKCR\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D} (PUP.Optional.Softomate.A) -> Quarantined and deleted successfully.
    HKCR\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B} (PUP.Optional.Softomate.A) -> Quarantined and deleted successfully.
    HKCR\URLSearchHook.ToolbarURLSearchHook.1 (PUP.Optional.Softomate.A) -> Quarantined and deleted successfully.
    HKCR\URLSearchHook.ToolbarURLSearchHook (PUP.Optional.Softomate.A) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C1C6816E-CBB3-A748-85F9-A8B47B68985B} (PUP.Optional.SilentInstall.A) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TubeDimmer (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1 (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1 (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IEXPLORE.EXE (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    HKCR\CLSID\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
    HKCR\TypeLib\{DCB1CD02-42FC-4447-B833-6405CE328D62} (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
    HKCR\Interface\{96B7C08E-01F0-491A-8509-9741CF47039F} (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\[email protected] (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} (PUP.Optional.WebSearchInfo) -> Quarantined and deleted successfully.
    HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
    HKCU\Software\SkyMedia (Adware.SkyMedia) -> Quarantined and deleted successfully.
    HKCU\Software\AppDataLow\SProtector (PUP.Optional.SProtector.A) -> Quarantined and deleted successfully.
    HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\OPTIMIZER PRO (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
    HKCU\Software\Systweak\Advanced System Protector (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.

    Registry Values Detected: 5
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|InstallIQUpdater (PUP.Optional.InstallIQ.A) -> Data: "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Optimizer Pro (PUP.Optional.OptimizePro.A) -> Data: C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe -> Quarantined and deleted successfully.
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Updater (Trojan.Agent) -> Data: C:\ProgramData\Updater\updater.exe -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Updater (Trojan.Agent) -> Data: C:\ProgramData\Updater\Updater.exe -> Quarantined and deleted successfully.
    HKCU\Software\Optimizer Pro|AdsBuyNowURL (PUP.Optional.OptimizerPro.A) -> Data: http://conversion.pcutilitiespro.revenuewire.net/driverpro/xsell -> Quarantined and deleted successfully.

    Registry Data Items Detected: 3
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.Conduit.A) -> Bad: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) Good: () -> Quarantined and repaired successfully.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit.A) -> Bad: (http://search.conduit.com/?ctid=CT3317458&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPA7B71020-C8F7-4E2E-A0EF-F3146D87A310&SSPV=) Good: (http://www.google.com) -> Quarantined and repaired successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.

    Folders Detected: 48
    C:\ProgramData\TubeDimmer (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    C:\ProgramData\TubeDimmer\Chrome (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    C:\ProgramData\TubeDimmer\Chrome\unzip (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    C:\ProgramData\TubeDimmer\Firefox (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    C:\ProgramData\TubeDimmer\Firefox\chrome (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    C:\ProgramData\TubeDimmer\Firefox\chrome\content (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    C:\ProgramData\TubeDimmer\IE (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro (PUP.Optional.OptimizerPro.A) -> Delete on reboot.
    C:\Program Files (x86)\Advanced System Protector (PUP.Optional.AdvancedSystemProtector.A) -> Delete on reboot.
    C:\Program Files (x86)\Advanced System Protector\clamunpack (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\Troubleshooter (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Social Privacy (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Social Privacy\FF (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Social Privacy\FF\chrome (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Social Privacy\FF\chrome\content (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect (PUP.Optional.SearchProtect.A) -> Delete on reboot.
    C:\Program Files (x86)\SearchProtect\Main (PUP.Optional.SearchProtect.A) -> Delete on reboot.
    C:\Program Files (x86)\SearchProtect\Main\bin (PUP.Optional.SearchProtect.A) -> Delete on reboot.
    C:\Program Files (x86)\SearchProtect\Main\Logs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\Main\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\SearchProtect (PUP.Optional.SearchProtect.A) -> Delete on reboot.
    C:\Program Files (x86)\SearchProtect\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> Delete on reboot.
    C:\Program Files (x86)\SearchProtect\SearchProtect\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI (PUP.Optional.SearchProtect.A) -> Delete on reboot.
    C:\Program Files (x86)\SearchProtect\UI\bin (PUP.Optional.SearchProtect.A) -> Delete on reboot.
    C:\Program Files (x86)\SearchProtect\UI\dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\libs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\protection (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\settings (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\rep (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\2.1.1000.12150 (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\signatures (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Roaming\Systweak\Advanced System Protector (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Roaming\Systweak\Advanced System Protector\2.1.1000.12150 (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Roaming\Systweak\Advanced System Protector\Backup (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Roaming\Systweak\Advanced System Protector\Logs (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Local\Temp\mt_ffx\buenosearch (PUP.Optional.BuenoSearch.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Local\Temp\mt_ffx\buenosearch\buenosearch (PUP.Optional.BuenoSearch.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Local\Temp\mt_ffx\buenosearch\buenosearch\1.8.21.22 (PUP.Optional.BuenoSearch.A) -> Quarantined and deleted successfully.
    C:\ProgramData\RHelpers\ChromeHelper (PUP.Optional.Searchagent) -> Delete on reboot.
    C:\ProgramData\RHelpers\FirefoxHelper (PUP.Optional.Searchagent) -> Delete on reboot.
    C:\ProgramData\RHelpers\IeHelper (PUP.Optional.Searchagent) -> Delete on reboot.

    Files Detected: 275
    C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> Delete on reboot.
    C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe (PUP.Optional.Conduit.A) -> Delete on reboot.
    C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe (PUP.Optional.Conduit.A) -> Delete on reboot.
    C:\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe (PUP.Optional.OptimizerPro) -> Delete on reboot.
    C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe (PUP.Optional.OptimizerPro) -> Delete on reboot.
    C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe (PUP.Optional.InstallIQ.A) -> Delete on reboot.
    C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe (PUP.Optional.SearchDonkey.A) -> Delete on reboot.
    C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe (PUP.Optional.SearchDonkey.A) -> Delete on reboot.
    C:\ProgramData\RHelpers\IeHelper\IeHelper.exe (PUP.Optional.SearchDonkey.A) -> Delete on reboot.
    C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll (PUP.Optional.Conduit.A) -> Delete on reboot.
    C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe (PUP.Optional.OptimizePro.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Bcool\bhoclass.dll (PUP.DownloadnSave) -> Quarantined and deleted successfully.
    C:\ProgramData\TubeDimmer\IE\common.dll (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.
    C:\ProgramData\continuetosave\uninstall.exe (PUP.Optional.SilentInstall.A) -> Quarantined and deleted successfully.
    C:\ProgramData\DSearchLink\DSearchLink.exe (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Local\Temp\nsdA0C5.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Local\Temp\nsdA5A7.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Local\Temp\nsiC8D2.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Local\Temp\nsnCBB0.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Local\Temp\nssC603.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Local\Temp\nsyA317.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Local\Temp\Setup_US.exe (PUP.Optional.SearchDonkey.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Local\Temp\D5A392E9-BAB0-7891-90F0-252284989A9E\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Local\Temp\D5A392E9-BAB0-7891-90F0-252284989A9E\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Local\Temp\D5A392E9-BAB0-7891-90F0-252284989A9E\Latest\ccp.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Local\Temp\D5A392E9-BAB0-7891-90F0-252284989A9E\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Local\Temp\D5A392E9-BAB0-7891-90F0-252284989A9E\Latest\DSearchLink.exe (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Local\Temp\D5A392E9-BAB0-7891-90F0-252284989A9E\Latest\MntrDLLInstall.dll (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Local\Temp\D5A392E9-BAB0-7891-90F0-252284989A9E\Latest\MyBuenoTB.exe (PUP.Optional.BuenoSearch.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Local\Temp\D5A392E9-BAB0-7891-90F0-252284989A9E\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\Downloads\Firefox_Setup(1).exe (PUP.Optional.iBryte) -> Quarantined and deleted successfully.
    C:\Users\Owner\Downloads\Flash_Player_Pro_Setup.exe (PUP.Optional.IBryte.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\Downloads\flvmplayer(1).exe (PUP.BundleInstaller.SOL) -> Quarantined and deleted successfully.
    C:\Users\Owner\Downloads\flvmplayer.exe (PUP.BundleInstaller.SOL) -> Quarantined and deleted successfully.
    C:\Users\Owner\Downloads\GrooveStream(2).exe (PUP.Bundle.Installer.OI) -> Quarantined and deleted successfully.
    C:\Users\Owner\Downloads\GrooveStream(3).exe (PUP.Bundle.Installer.OI) -> Quarantined and deleted successfully.
    C:\Users\Owner\Downloads\GrooveStream(4).exe (PUP.Bundle.Installer.OI) -> Quarantined and deleted successfully.
    C:\Users\Owner\Downloads\GrooveStream.exe (PUP.Bundle.Installer.OI) -> Quarantined and deleted successfully.
    C:\Users\Owner\Downloads\happy-wheels(1).exe (PUP.Optional.DomaIQ) -> Quarantined and deleted successfully.
    C:\Users\Owner\Downloads\happy-wheels(2).exe (PUP.Optional.DomaIQ) -> Quarantined and deleted successfully.
    C:\Users\Owner\Downloads\happy-wheels.exe (PUP.Optional.DomaIQ) -> Quarantined and deleted successfully.
    C:\Users\Owner\Downloads\iLividSetup.exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.
    C:\Users\Owner\Downloads\musicoasis.exe (PUP.Optional.InstallIQ.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\Downloads\picture_install_.zip (Backdoor.Agent) -> Quarantined and deleted successfully.
    C:\Users\Owner\Downloads\Setup (1).exe (PUP.Optional.Solimba) -> Quarantined and deleted successfully.
    C:\Users\Owner\Downloads\Setup (2).exe (PUP.Optional.MSILLauncher) -> Quarantined and deleted successfully.
    C:\Users\Owner\Downloads\windows live movie maker setup.exe (PUP.AdBundle) -> Quarantined and deleted successfully.
    C:\Users\Owner\Local Settings\Temporary Internet Files\Content.IE5\9CZTQIRA\pack[1].7z (PUP.Optional.PerformerSoft.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\Local Settings\Temporary Internet Files\Content.IE5\9CZTQIRA\Setup_US_20131122[1].exe (PUP.Optional.SearchDonkey.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\Local Settings\Temporary Internet Files\Content.IE5\LXSBT308\delta[1].exe (PUP.Optional.DeltaTB) -> Quarantined and deleted successfully.
    C:\Users\Owner\Local Settings\Temporary Internet Files\Content.IE5\LXSBT308\spstub[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\Local Settings\Temporary Internet Files\Content.IE5\OEH7K74C\SPSetup[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\Local Settings\Temporary Internet Files\Content.IE5\Z1ZM5LVB\reg[1].exe (PUP.Optional.RegCleanerPro) -> Quarantined and deleted successfully.
    C:\ProgramData\TubeDimmer\app.dat (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    C:\ProgramData\TubeDimmer\TubeDimmer.ico (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    C:\ProgramData\TubeDimmer\Uninstall.exe (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    C:\ProgramData\TubeDimmer\Chrome\common.crx (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    C:\ProgramData\TubeDimmer\Chrome\_common.crx (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    C:\ProgramData\TubeDimmer\Chrome\unzip\announce.js (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    C:\ProgramData\TubeDimmer\Chrome\unzip\background.html (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    C:\ProgramData\TubeDimmer\Chrome\unzip\common.js (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    C:\ProgramData\TubeDimmer\Chrome\unzip\contentscript.js (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    C:\ProgramData\TubeDimmer\Chrome\unzip\icon.png (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    C:\ProgramData\TubeDimmer\Chrome\unzip\icon128.png (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    C:\ProgramData\TubeDimmer\Chrome\unzip\icon16.png (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    C:\ProgramData\TubeDimmer\Chrome\unzip\icon48.png (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    C:\ProgramData\TubeDimmer\Chrome\unzip\iframecontentscript.js (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    C:\ProgramData\TubeDimmer\Chrome\unzip\manifest.json (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    C:\ProgramData\TubeDimmer\Firefox\chrome.manifest (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    C:\ProgramData\TubeDimmer\Firefox\install.rdf (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    C:\ProgramData\TubeDimmer\Firefox\chrome\content\main.js (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    C:\ProgramData\TubeDimmer\Firefox\chrome\content\overlay.xul (PUP.Optional.TubeDimmer) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\OptimizerPro.chm (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\English.ini (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\file_id.diz (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\HomePage.url (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\OptimizerPro.exe (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\OptProGuard.exe (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\OptProSchedule.exe (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\OptProStart.exe (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\OptProUninstaller.exe (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\scan.gif (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\sqlite3.dll (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\unins000.dat (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Optimizer Pro\unins000.exe (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\loading_withWhiteBG.avi (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe (PUP.Optional.AdvancedSystemProtector.A) -> Delete on reboot.
    C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe.config (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\AppResource.dll (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\asp.ico (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\AspManager.exe (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\aspsys.dll (PUP.Optional.AdvancedSystemProtector.A) -> Delete on reboot.
    C:\Program Files (x86)\Advanced System Protector\categories.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\Chinese_asp_ZH-CN.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\Communication.dll (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\danish_asp_DA.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\dutch_asp_NL.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\eng_asp_en.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\filetypehelper.exe (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\Finnish_asp_FI.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\french_asp_FR.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\german_asp_DE.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\Interop.IWshRuntimeLibrary.dll (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\italian_asp_IT.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\japanese_asp_JA.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\Microsoft.Win32.TaskScheduler.DLL (PUP.Optional.AdvancedSystemProtector.A) -> Delete on reboot.
    C:\Program Files (x86)\Advanced System Protector\norwegian_asp_NO.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\portuguese_asp_PT-BR.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\russian_asp_ru.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\scandll.dll (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\spanish_asp_ES.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\swedish_asp_SV.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\System.Core.dll (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll (PUP.Optional.AdvancedSystemProtector.A) -> Delete on reboot.
    C:\Program Files (x86)\Advanced System Protector\unins000.dat (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\unins000.exe (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\unins000.msg (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\unrar.dll (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\Xceed.Compression.dll (PUP.Optional.AdvancedSystemProtector.A) -> Delete on reboot.
    C:\Program Files (x86)\Advanced System Protector\Xceed.Compression.Formats.dll (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\Xceed.FileSystem.dll (PUP.Optional.AdvancedSystemProtector.A) -> Delete on reboot.
    C:\Program Files (x86)\Advanced System Protector\Xceed.Zip.dll (PUP.Optional.AdvancedSystemProtector.A) -> Delete on reboot.
    C:\Program Files (x86)\Advanced System Protector\clamunpack\clamscan.exe (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\clamunpack\libclamav.dll (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\clamunpack\readme.txt (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.com (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.exe (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.pif (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.scr (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\Troubleshooter\ASP-Troubleshooter.chm (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\Troubleshooter\firefox.com (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\Troubleshooter\iexplore.exe (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Advanced System Protector\Troubleshooter\iexplore.lnk (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Social Privacy\code.zip (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Social Privacy\r.log (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Social Privacy\sp.dll (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Social Privacy\sp64.dll (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Social Privacy\sqlite3.exe (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Social Privacy\Uninstall.exe (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Social Privacy\FF\chrome.manifest (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Social Privacy\FF\install.rdf (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Social Privacy\FF\chrome\content\icon.png (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Social Privacy\FF\chrome\content\main.js (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Social Privacy\FF\chrome\content\overlay.xul (PUP.Optional.SocialPrivacy) -> Quarantined and deleted successfully.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro\Optimizer Pro on the Web.lnk (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro\Help.lnk (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro\Optimizer Pro.lnk (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro\Uninstall Optimizer Pro.lnk (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\EULA.txt (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Updater\updater.exe (Trojan.Agent) -> Delete on reboot.
    C:\ProgramData\Systweak\Advanced System Protector\AddonSafelist (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\log.xslt (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\signatures\completedatabase.db (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\signatures\Cookies.bin (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\signatures\DigSign.bin (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\signatures\FilePaths.bin (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\signatures\FileSignature.bin (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\signatures\Folders.bin (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\signatures\Md5.bin (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\signatures\Registry.bin (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\signatures\SetupSign.bin (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\signatures\StrSetupSign.bin (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1545mupdate.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1545update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1546update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1547update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1548update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1549update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1550update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1551update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1552update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1553update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1554update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1555update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1556update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1557update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1558update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1559update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1560update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1561update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1562update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1563update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1564update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1565update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1566update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1567update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1568update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1569update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1570update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1571update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1572update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1573update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1574update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1575update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1576update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1577update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1578update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1579update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1580update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1581update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1582update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1583update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1584update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1585update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\1586update.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\ProgramData\Systweak\Advanced System Protector\updates\914completedatabase.zip (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Roaming\Systweak\Advanced System Protector\QDetail.db (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Roaming\Systweak\Advanced System Protector\Settings.db (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Roaming\Systweak\Advanced System Protector\Update.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Roaming\Systweak\Advanced System Protector\2.1.1000.12150\ASPLog.txt (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Roaming\Systweak\Advanced System Protector\Logs\log_18-10-13_08-47-39.xml (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.
    C:\Users\Owner\AppData\Roaming\Systweak\Advanced System Protector\Logs\SMLog.xml (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully.

    (end)
     


  17.  Results of screen317's Security Check version 0.99.77  
     Windows 7 Service Pack 1 x64 (UAC is enabled)  
     Internet Explorer 10 Out of date!
    ``````````````Antivirus/Firewall Check:``````````````
     Windows Firewall Enabled!  
    Norton 360    
     WMI entry may not exist for antivirus; attempting automatic update.
    `````````Anti-malware/Other Utilities Check:`````````
     Spybot - Search & Destroy
     Java 6 Update 35  
     Java 7 Update 40  
     Java version out of Date!
     Adobe Flash Player 11.9.900.152  
     Adobe Reader 10.1.8 Adobe Reader out of Date!  
     Mozilla Firefox (25.0.1)
     Google Chrome 31.0.1650.48  
     Google Chrome 31.0.1650.57  
     Google Chrome plugins...  
    ````````Process Check: objlist.exe by Laurent````````  
     Norton ccSvcHst.exe
     Spybot Teatimer.exe is disabled!
    `````````````````System Health check`````````````````
     Total Fragmentation on Drive C: 2%
    ````````````````````End of Log``````````````````````
     


  18. .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 3/31/2012 1:27:38 PM
    System Uptime: 11/23/2013 11:53:28 AM (3 hours ago)
    .
    Motherboard: TOSHIBA |  | NWQAA
    Processor: Intel® Core i3 CPU       M 380  @ 2.53GHz | CPU | 2533/133mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 583 GiB total, 529.173 GiB free.
    D: is CDROM (UDF)
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP172: 10/29/2013 4:29:38 AM - Windows Update
    RP173: 11/1/2013 10:15:06 PM - Windows Update
    RP174: 11/3/2013 6:33:23 PM - Installed VBPlayerMoz
    RP175: 11/5/2013 2:30:20 AM - Windows Update
    RP176: 11/12/2013 12:52:08 AM - Windows Update
    RP177: 11/12/2013 3:00:11 AM - Windows Update
    RP178: 11/13/2013 3:00:33 AM - Windows Update
    RP179: 11/19/2013 6:58:34 PM - Windows Update
    RP180: 11/23/2013 11:59:20 AM - Installed TOSHIBA Service Station
    .
    ==== Installed Programs ======================
    .
    Adobe AIR
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader X (10.1.8)
    Adobe Shockwave Player 12.0
    Advanced System Protector
    Amazon Kindle
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Bcool
    Best Buy pc app
    Bing Rewards Client Installer
    Bonjour
    continuetosave
    ContinueToSave 1.66
    D3DX10
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
    Facebook Video Calling 1.2.0.287
    FLV Media Player version 1.3
    Google Chrome
    Google Talk Plugin
    Google Toolbar for Internet Explorer
    Google Update Helper
    Groove-Stream
    HP Deskjet 3050A J611 series Basic Device Software
    HP Deskjet 3050A J611 series Help
    HP Deskjet 3050A J611 series Product Improvement Study
    HP Photo Creations
    HP Update
    iLivid
    InstallIQ Updater
    Intel PROSet Wireless
    Intel WiMAX Tutorial
    Intel® Graphics Media Accelerator Driver
    Intel® Management Engine Components
    Intel® PROSet/Wireless WiFi Software
    Intel® Rapid Storage Technology
    Intel® PROSet/Wireless WiMAX Software
    Intel® Wireless Display
    iTunes
    Java 7 Update 40
    Java Auto Updater
    Java 6 Update 35
    JMicron Flash Media Controller Driver
    Junk Mail filter update
    [email protected] 1.0
    McAfee Security Scan Plus
    Mesh Runtime
    Messenger Companion
    Microsoft .NET Framework 4 Client Profile
    Microsoft Application Error Reporting
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office Home and Student 2010
    Microsoft Office Office 64-bit Components 2010
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared 64-bit MUI (English) 2010
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Single Image 2010
    Microsoft Office Word MUI (English) 2010
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Mozilla Firefox 25.0.1 (x86 en-US)
    Mozilla Maintenance Service
    MSVCRT
    MSVCRT_amd64
    Norton 360
    Optimizer Pro v3.0
    PlayReady PC Runtime amd64
    Realtek Ethernet Controller Driver For Windows 7
    Realtek High Definition Audio Driver
    SanDiskSecureAccess_Manager.exe
    Search Protect
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
    Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
    Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
    Skype Click to Call
    Skypeâ„¢ 6.1
    Social Privacy
    Social Privacy DNS
    Spybot - Search & Destroy
    swMSM
    Synaptics Pointing Device Driver
    TOSHIBA Application Installer
    TOSHIBA Assist
    Toshiba Book Place
    TOSHIBA Bulletin Board
    TOSHIBA Disc Creator
    TOSHIBA DVD PLAYER
    TOSHIBA eco Utility
    TOSHIBA Face Recognition
    TOSHIBA Flash Cards Support Utility
    TOSHIBA Hardware Setup
    TOSHIBA HDD Protection
    TOSHIBA HDD/SSD Alert
    TOSHIBA Media Controller
    TOSHIBA Media Controller Plug-in
    TOSHIBA PC Health Monitor
    TOSHIBA Quality Application
    TOSHIBA Recovery Media Creator
    TOSHIBA ReelTime
    TOSHIBA Service Station
    TOSHIBA Sleep Utility
    TOSHIBA Supervisor Password
    TOSHIBA Value Added Package
    TOSHIBA Web Camera Application
    ToshibaRegistration
    Tube Dimmer
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
    Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
    Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
    Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2494150)
    Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
    Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
    Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
    Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition
    Updater
    Utility Common Driver
    VBPlayerMoz
    WeatherBug
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live Messenger Companion Core
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live Sync
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    .
    ==== Event Viewer Messages From Past Week ========
    .
    11/20/2013 9:31:23 PM, Error: bowser [8003]  - The master browser has received a server announcement from the computer KEITH-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{E6759FE2-C7A5-477D-8FF9-27F41EDE2897}. The master browser is stopping or an election is being forced.
    11/20/2013 10:28:51 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10003]  - WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\windows\System32\IWMSSvc.dll
    11/20/2013 10:21:51 AM, Error: Service Control Manager [7000]  - The Spybot-S&D 2 Scanner Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
    11/20/2013 10:21:50 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
    11/20/2013 10:21:13 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Updating Service service to connect.
    11/20/2013 10:21:13 AM, Error: Service Control Manager [7000]  - The Spybot-S&D 2 Updating Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
    11/18/2013 9:47:19 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
    .
    ==== End Of File ===========================
     


  19. DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 10.0.9200.16736  BrowserJavaVersion: 10.40.2
    Run by Owner at 14:04:42 on 2013-11-23
    Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3891.1374 [GMT -7:00]
    .
    AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
    .
    ============== Running Processes ===============
    .
    C:\windows\system32\lsm.exe
    C:\windows\system32\svchost.exe -k DcomLaunch
    C:\windows\system32\svchost.exe -k RPCSS
    C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\windows\system32\svchost.exe -k LocalService
    C:\windows\system32\svchost.exe -k netsvcs
    C:\windows\system32\svchost.exe -k NetworkService
    C:\windows\system32\WLANExt.exe
    C:\windows\System32\spoolsv.exe
    C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\windows\system32\taskhost.exe
    C:\windows\system32\taskeng.exe
    C:\windows\Explorer.EXE
    C:\windows\system32\Dwm.exe
    C:\windows\system32\taskeng.exe
    C:\ProgramData\CloudSoft\ContinueToSave\ContinueToSave.exe
    C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Windows\System32\ThpSrv.exe
    C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
    C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
    C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
    C:\Program Files\TOSHIBA\TECO\Teco.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
    C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
    C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
    C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
    C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
    C:\windows\system32\svchost.exe -k imgsvc
    C:\windows\system32\ThpSrv.exe
    C:\Windows\system32\TODDSrv.exe
    C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
    C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe
    C:\Users\Owner\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
    C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe
    C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
    C:\windows\system32\RunDll32.exe
    C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\windows\system32\igfxext.exe
    C:\windows\system32\igfxsrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    C:\Program Files\TOSHIBA\TECO\TecoService.exe
    C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\windows\system32\wbem\unsecapp.exe
    C:\windows\system32\wbem\unsecapp.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
    C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
    C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\windows\System32\svchost.exe -k LocalServicePeerNet
    C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
    C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
    C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
    C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
    C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
    C:\Program Files (x86)\Social Privacy  DNS\dnswatch.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
    C:\PROGRA~2\SearchProtect\SearchProtect\bin\cltmng.exe
    C:\PROGRA~2\SearchProtect\UI\bin\cltmngui.exe
    C:\ProgramData\Updater\Updater.exe
    C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe
    C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe
    C:\ProgramData\RHelpers\IeHelper\IeHelper.exe
    C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
    C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
    C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccSvcHst.exe
    C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccSvcHst.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
    C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
    C:\windows\system32\SearchProtocolHost.exe
    C:\windows\system32\SearchFilterHost.exe
    C:\windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .


    uURLSearchHooks: {2877A654-1C9F-4cb5-8438-16022B2FDD9C} - <orphaned>
    mWinlogon: Userinit = userinit.exe
    BHO: Bcool Class: {0D880AFA-5ECD-A203-3246-A130BA3156F6} - C:\ProgramData\Bcool\bhoclass.dll
    BHO: Tube Dimmer: {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\ProgramData\TubeDimmer\IE\common.dll
    BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\CoIEPlg.dll
    BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\IPS\IPSBHO.dll
    BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Social Privacy: {91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} - C:\Program Files (x86)\Social Privacy\sp.dll
    BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: continuetosave: {B6ECE3D6-4B98-404D-F169-424568257FD7} - C:\ProgramData\continuetosave\50f35035154f6.dll
    BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
    BHO: TBSB07898 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} -
    TB: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} -
    TB: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} -
    TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\CoIEPlg.dll
    uRun: [Facebook Update] "C:\Users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
    uRun: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
    uRun: [Weather] C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1
    uRun: [iSUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
    uRun: [Google Update] "C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    uRun: [sanDiskSecureAccess_Manager.exe] C:\Users\Owner\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
    uRun: [installIQUpdater] "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun
    uRun: [MobileAppSync] "C:\Program Files (x86)\Mobile App Sync\D2MClient.exe"
    uRun: [updater] C:\ProgramData\Updater\Updater.exe
    mRun: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
    mRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
    mRun: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
    mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
    mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
    mRun: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    mRun: [dnsshield] C:\Program Files (x86)\Social Privacy  DNS\dnswatch.exe
    mRun: [updater] C:\ProgramData\Updater\Updater.exe
    mRunOnce: [Mobile App Sync Uninstall] cmd /C rd /Q /S "C:\Program Files (x86)\Mobile App Sync"
    StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\windows\System32\RunDll32.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll



    TCP: NameServer = 8.8.8.8,8.8.4.4
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{473B71CB-DE63-4CA3-86EE-6E3E788BD628} : NameServer = 8.8.8.8,8.8.4.4
    TCP: Interfaces\{473B71CB-DE63-4CA3-86EE-6E3E788BD628} : DHCPNameServer = 10.1.0.101 10.33.1.101
    TCP: Interfaces\{6E8163B9-9237-4136-840E-0B07C0F72B55} : NameServer = 8.8.8.8,8.8.4.4
    TCP: Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963} : NameServer = 8.8.8.8,8.8.4.4
    TCP: Interfaces\{E5F7D1AA-E3BD-489C-9076-9B2120943A5D} : NameServer = 8.8.8.8,8.8.4.4
    TCP: Interfaces\{E6759FE2-C7A5-477D-8FF9-27F41EDE2897} : NameServer = 8.8.8.8,8.8.4.4
    TCP: Interfaces\{E6759FE2-C7A5-477D-8FF9-27F41EDE2897} : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{E6759FE2-C7A5-477D-8FF9-27F41EDE2897}\A62626F677562737 : DHCPNameServer = 192.168.10.1
    TCP: Interfaces\{E6759FE2-C7A5-477D-8FF9-27F41EDE2897}\E42484840275966496 : DHCPNameServer = 72.21.65.13 72.21.65.14
    TCP: Interfaces\{F8F484EE-41AE-4C9A-BF17-D8F84709B324} : NameServer = 8.8.8.8,8.8.4.4
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    Notify: SDWinLogon - SDWinLogon.dll
    AppInit_DLLs= C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll c:\progra~2\contin~1\sprote~1.dll c:\progra~2\softqu~1\sprote~1.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome


    x64-BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Social Privacy: {91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE} - C:\Program Files (x86)\Social Privacy\sp64.dll
    x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
    x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll
    x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3
    x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-Run: [ThpSrv] C:\windows\System32\thpsrv /logon
    x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
    x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
    x64-Run: [smoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe
    x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
    x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
    x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
    x64-Run: [smartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
    x64-Run: [intelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
    x64-Run: [intelWirelessWiMAX] "C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe" /tasktray /nosplash
    x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
    x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
    x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
    x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\hyr99t9j.default\

    FF - prefs.js: browser.search.selectedEngine - Conduit Search

    FF - prefs.js: keyword.URL -
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Common Files\VBrick\VBPlayerMoz\npvbplayer.dll
    FF - plugin: C:\Program Files (x86)\Common Files\VBrick\VBPlayerMoz\npvbwmplayer.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll
    FF - plugin: C:\Users\Owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
    FF - plugin: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll
    FF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
    FF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
    FF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npo1d.dll
    FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll
    FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
    FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
    FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
    FF - plugin: C:\windows\SysWOW64\npmproxy.dll
    FF - ExtSQL: 2013-11-18 08:51; [email protected]; C:\Program Files (x86)\Social Privacy\FF
    FF - ExtSQL: 2013-11-23 13:25; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\coFFPlgn
    FF - ExtSQL: 2013-11-23 13:26; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\IPSFFPlgn
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: extensions.autoDisableScopes - 0
    FF - user.js: extensions.enabledAddons - [email protected]:1.0
    FF - user.js: extensions.shownSelectionUI - true
    FF - user.js: extensions.enabledScopes - 15
    user_pref(extensions.newAddons,false);
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\windows\System32\drivers\thpdrv.sys [2009-6-29 34880]
    R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\windows\System32\drivers\Thpevm.sys [2009-6-29 14784]
    R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2012-3-31 482384]
    R2 CltMngSvc;Search Protect by Conduit Service;C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [2013-10-31 1735968]
    R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2010-6-7 408576]
    R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccSvcHst.exe [2013-11-23 144520]
    R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-8-5 1817560]
    R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-8-5 1033688]
    R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-8-5 171928]
    R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-7-28 267192]
    R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
    R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-3-31 2320920]
    R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2010-6-7 911872]
    R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\BASHDefs\20130107.001\BHDrvx64.sys [2013-11-23 1384608]
    R3 bpenum;bpenum;C:\windows\System32\drivers\bpenum.sys [2010-5-16 71168]
    R3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:\windows\System32\drivers\bpmp.sys [2010-5-16 175104]
    R3 bpusb;bpusb;C:\windows\System32\drivers\bpusb.sys [2010-5-16 81920]
    R3 ccSet_N360;Norton 360 Settings Manager;C:\windows\System32\drivers\N360x64\1403000.024\ccSetx64.sys [2013-11-23 168096]
    R3 HECIx64;Intel® Management Engine Interface;C:\windows\System32\drivers\HECIx64.sys [2012-3-31 56344]
    R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\IPSDefs\20130113.001\IDSviA64.sys [2013-11-23 513184]
    R3 Impcd;Impcd;C:\windows\System32\drivers\Impcd.sys [2010-2-26 158976]
    R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2010-2-3 271872]
    R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\windows\System32\drivers\NETw5s64.sys [2010-5-31 7689216]
    R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2012-3-31 35008]
    R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-3-31 331880]
    R3 SymDS;Symantec Data Store;C:\windows\System32\drivers\N360x64\1403000.024\SymDS64.sys [2013-11-23 493656]
    R3 SymEFA;Symantec Extended File Attributes;C:\windows\System32\drivers\N360x64\1403000.024\SymEFA64.sys [2013-11-23 1139800]
    R3 SymIRON;Symantec Iron Driver;C:\windows\System32\drivers\N360x64\1403000.024\Ironx64.sys [2013-11-23 224416]
    R3 SYMNETS;Symantec Network Security WFP Driver;C:\windows\System32\drivers\N360x64\1403000.024\symnets.sys [2013-11-23 432800]
    R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-3-31 54136]
    R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
    R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-7-22 822192]
    R3 wdkmd;Intel WiDi KMD;C:\windows\System32\drivers\WDKMD.sys [2010-6-18 39832]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]
    S3 acpials;ALS Sensor Filter;C:\windows\System32\drivers\acpials.sys [2009-7-14 9728]
    S3 fssfltr;fssfltr;C:\windows\System32\drivers\fssfltr.sys [2012-12-14 48488]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
    S3 JMCR;JMCR;C:\windows\System32\drivers\jmcr.sys [2010-5-18 164464]
    S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [2010-9-2 227232]
    S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-5 340240]
    S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2012-3-31 59392]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-2-15 52736]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-3-31 1255736]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2013-11-23 20:54:07    --------    d-----w-    C:\Program Files (x86)\Common Files\Symantec Shared
    2013-11-23 20:25:37    177312    ----a-w-    C:\windows\System32\drivers\SYMEVENT64x86.SYS
    2013-11-23 20:25:37    --------    d-----w-    C:\Program Files\Symantec
    2013-11-23 20:25:37    --------    d-----w-    C:\Program Files\Common Files\Symantec Shared
    2013-11-23 20:24:56    796248    ----a-r-    C:\windows\System32\drivers\N360x64\1403000.024\srtsp64.sys
    2013-11-23 20:24:56    493656    ----a-r-    C:\windows\System32\drivers\N360x64\1403000.024\SymDS64.sys
    2013-11-23 20:24:56    432800    ----a-r-    C:\windows\System32\drivers\N360x64\1403000.024\symnets.sys
    2013-11-23 20:24:56    36952    ----a-r-    C:\windows\System32\drivers\N360x64\1403000.024\srtspx64.sys
    2013-11-23 20:24:56    23448    ----a-r-    C:\windows\System32\drivers\N360x64\1403000.024\SymELAM.sys
    2013-11-23 20:24:56    224416    ----a-r-    C:\windows\System32\drivers\N360x64\1403000.024\Ironx64.sys
    2013-11-23 20:24:56    1139800    ----a-r-    C:\windows\System32\drivers\N360x64\1403000.024\SymEFA64.sys
    2013-11-23 20:24:55    168096    ----a-r-    C:\windows\System32\drivers\N360x64\1403000.024\ccSetx64.sys
    2013-11-23 19:03:51    --------    d-----w-    C:\windows\System32\drivers\N360x64\1403000.024
    2013-11-23 19:03:51    --------    d-----w-    C:\windows\System32\drivers\N360x64
    2013-11-23 19:03:49    --------    d-----w-    C:\Program Files (x86)\Norton 360
    2013-11-23 19:02:19    --------    d-----w-    C:\ProgramData\Updater
    2013-11-23 19:02:19    --------    d-----w-    C:\ProgramData\RHelpers
    2013-11-23 19:02:18    --------    d-----w-    C:\ProgramData\TubeDimmer
    2013-11-23 19:02:04    --------    d-----w-    C:\Program Files (x86)\Mobile App Sync
    2013-11-23 19:01:44    --------    d-----w-    C:\Users\Owner\AppData\Local\SearchProtect
    2013-11-23 19:01:44    --------    d-----w-    C:\Program Files (x86)\SearchProtect
    2013-11-23 19:01:39    --------    d-----w-    C:\Program Files (x86)\Social Privacy
    2013-11-23 19:01:37    --------    d-----w-    C:\Program Files (x86)\Social Privacy  DNS
    2013-11-23 19:01:35    --------    d-----w-    C:\Program Files (x86)\sp
    2013-11-23 19:00:32    --------    d-----w-    C:\Program Files (x86)\NortonInstaller
    2013-11-23 18:58:09    --------    d-----w-    C:\Program Files (x86)\UEFI WinFlash
    2013-11-22 12:30:50    75888    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D3B52B93-2595-492D-8738-572A0053D322}\offreg.dll
    2013-11-22 06:08:52    10285968    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D3B52B93-2595-492D-8738-572A0053D322}\mpengine.dll
    2013-11-13 06:20:15    1474048    ----a-w-    C:\windows\System32\crypt32.dll
    2013-11-04 01:34:11    --------    d-----w-    C:\Program Files (x86)\Common Files\Crystal Decisions
    2013-11-04 01:34:10    --------    d-----w-    C:\Program Files (x86)\Common Files\VBrick
    .
    ==================== Find3M  ====================
    .
    2013-11-23 19:00:09    71048    ----a-w-    C:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-11-23 19:00:09    692616    ----a-w-    C:\windows\SysWow64\FlashPlayerApp.exe
    2013-11-11 12:50:16    267936    ------w-    C:\windows\System32\MpSigStub.exe
    2013-10-12 08:45:20    2241536    ----a-w-    C:\windows\System32\wininet.dll
    2013-10-12 08:43:37    3959808    ----a-w-    C:\windows\System32\jscript9.dll
    2013-10-12 08:43:32    67072    ----a-w-    C:\windows\System32\iesetup.dll
    2013-10-12 08:43:32    136704    ----a-w-    C:\windows\System32\iesysprep.dll
    2013-10-12 07:03:50    1767936    ----a-w-    C:\windows\SysWow64\wininet.dll
    2013-10-12 07:02:33    2877952    ----a-w-    C:\windows\SysWow64\jscript9.dll
    2013-10-12 07:02:29    61440    ----a-w-    C:\windows\SysWow64\iesetup.dll
    2013-10-12 07:02:29    109056    ----a-w-    C:\windows\SysWow64\iesysprep.dll
    2013-10-12 06:35:26    2706432    ----a-w-    C:\windows\System32\mshtml.tlb
    2013-10-12 06:08:58    2706432    ----a-w-    C:\windows\SysWow64\mshtml.tlb
    2013-10-12 05:44:38    89600    ----a-w-    C:\windows\System32\RegisterIEPKEYs.exe
    2013-10-12 05:15:39    71680    ----a-w-    C:\windows\SysWow64\RegisterIEPKEYs.exe
    2013-10-12 02:30:42    830464    ----a-w-    C:\windows\System32\nshwfp.dll
    2013-10-12 02:29:21    859648    ----a-w-    C:\windows\System32\IKEEXT.DLL
    2013-10-12 02:29:08    324096    ----a-w-    C:\windows\System32\FWPUCLNT.DLL
    2013-10-12 02:03:08    656896    ----a-w-    C:\windows\SysWow64\nshwfp.dll
    2013-10-12 02:01:25    216576    ----a-w-    C:\windows\SysWow64\FWPUCLNT.DLL
    2013-10-05 19:57:25    1168384    ----a-w-    C:\windows\SysWow64\crypt32.dll
    2013-10-04 02:28:31    190464    ----a-w-    C:\windows\System32\SmartcardCredentialProvider.dll
    2013-10-04 02:25:17    197120    ----a-w-    C:\windows\System32\credui.dll
    2013-10-04 02:24:49    1930752    ----a-w-    C:\windows\System32\authui.dll
    2013-10-04 01:58:50    152576    ----a-w-    C:\windows\SysWow64\SmartcardCredentialProvider.dll
    2013-10-04 01:56:25    168960    ----a-w-    C:\windows\SysWow64\credui.dll
    2013-10-04 01:56:00    1796096    ----a-w-    C:\windows\SysWow64\authui.dll
    2013-10-03 02:23:48    404480    ----a-w-    C:\windows\System32\gdi32.dll
    2013-10-03 02:00:44    311808    ----a-w-    C:\windows\SysWow64\gdi32.dll
    2013-09-28 01:09:10    497152    ----a-w-    C:\windows\System32\drivers\afd.sys
    2013-09-25 02:26:40    95680    ----a-w-    C:\windows\System32\drivers\ksecdd.sys
    2013-09-25 02:26:40    154560    ----a-w-    C:\windows\System32\drivers\ksecpkg.sys
    2013-09-25 02:23:33    28672    ----a-w-    C:\windows\System32\sspisrv.dll
    2013-09-25 02:23:33    135680    ----a-w-    C:\windows\System32\sspicli.dll
    2013-09-25 02:23:01    28160    ----a-w-    C:\windows\System32\secur32.dll
    2013-09-25 02:22:59    340992    ----a-w-    C:\windows\System32\schannel.dll
    2013-09-25 02:21:50    307200    ----a-w-    C:\windows\System32\ncrypt.dll
    2013-09-25 02:21:07    1447936    ----a-w-    C:\windows\System32\lsasrv.dll
    2013-09-25 01:58:17    96768    ----a-w-    C:\windows\SysWow64\sspicli.dll
    2013-09-25 01:57:26    22016    ----a-w-    C:\windows\SysWow64\secur32.dll
    2013-09-25 01:57:24    247808    ----a-w-    C:\windows\SysWow64\schannel.dll
    2013-09-25 01:56:42    220160    ----a-w-    C:\windows\SysWow64\ncrypt.dll
    2013-09-25 01:03:24    30720    ----a-w-    C:\windows\System32\lsass.exe
    2013-09-19 20:06:14    96168    ----a-w-    C:\windows\SysWow64\WindowsAccessBridge-32.dll
    2013-09-19 20:06:14    868264    ----a-w-    C:\windows\SysWow64\npDeployJava1.dll
    2013-09-19 20:06:14    790440    ----a-w-    C:\windows\SysWow64\deployJava1.dll
    2013-09-08 02:30:37    1903552    ----a-w-    C:\windows\System32\drivers\tcpip.sys
    2013-09-08 02:27:14    327168    ----a-w-    C:\windows\System32\mswsock.dll
    2013-09-08 02:03:58    231424    ----a-w-    C:\windows\SysWow64\mswsock.dll
    2013-09-04 12:12:11    343040    ----a-w-    C:\windows\System32\drivers\usbhub.sys
    2013-09-04 12:11:51    325120    ----a-w-    C:\windows\System32\drivers\usbport.sys
    2013-09-04 12:11:49    99840    ----a-w-    C:\windows\System32\drivers\usbccgp.sys
    2013-09-04 12:11:43    52736    ----a-w-    C:\windows\System32\drivers\usbehci.sys
    2013-09-04 12:11:43    30720    ----a-w-    C:\windows\System32\drivers\usbuhci.sys
    2013-09-04 12:11:42    25600    ----a-w-    C:\windows\System32\drivers\usbohci.sys
    2013-09-04 12:11:40    7808    ----a-w-    C:\windows\System32\drivers\usbd.sys
    2013-08-29 02:17:48    5549504    ----a-w-    C:\windows\System32\ntoskrnl.exe
    2013-08-29 02:16:35    1732032    ----a-w-    C:\windows\System32\ntdll.dll
    2013-08-29 02:16:28    243712    ----a-w-    C:\windows\System32\wow64.dll
    2013-08-29 02:16:14    859648    ----a-w-    C:\windows\System32\tdh.dll
    2013-08-29 02:13:28    878080    ----a-w-    C:\windows\System32\advapi32.dll
    2013-08-29 01:51:45    3969472    ----a-w-    C:\windows\SysWow64\ntkrnlpa.exe
    2013-08-29 01:51:45    3914176    ----a-w-    C:\windows\SysWow64\ntoskrnl.exe
    2013-08-29 01:50:31    5120    ----a-w-    C:\windows\SysWow64\wow32.dll
    2013-08-29 01:50:30    1292192    ----a-w-    C:\windows\SysWow64\ntdll.dll
    2013-08-29 01:50:16    619520    ----a-w-    C:\windows\SysWow64\tdh.dll
    2013-08-29 01:48:17    640512    ----a-w-    C:\windows\SysWow64\advapi32.dll
    2013-08-29 01:48:15    44032    ----a-w-    C:\windows\apppatch\acwow64.dll
    2013-08-29 00:49:53    25600    ----a-w-    C:\windows\SysWow64\setup16.exe
    2013-08-29 00:49:52    7680    ----a-w-    C:\windows\SysWow64\instnm.exe
    2013-08-29 00:49:52    14336    ----a-w-    C:\windows\SysWow64\ntvdm64.dll
    2013-08-29 00:49:49    2048    ----a-w-    C:\windows\SysWow64\user.exe
    2013-08-28 01:21:06    3155968    ----a-w-    C:\windows\System32\win32k.sys
    2013-08-28 01:12:33    461312    ----a-w-    C:\windows\System32\scavengeui.dll
    .
    ============= FINISH: 14:05:51.05 ===============


  20. My computer is being slower than normal, more pop-ups than normal and I don't know how to get rid of them. My websites, Moodle, and school e-mail isn't letting me do anything like submit papers, or compose new e-mails. I believe there is something wrong that I can not figure out.