Thanks John. Take a look:
OTL logfile created on: 10/7/2013 9:05:21 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bob\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.75 Gb Total Physical Memory | 6.19 Gb Available Physical Memory | 79.86% Memory free
15.50 Gb Paging File | 12.72 Gb Available in Paging File | 82.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 315.77 Gb Free Space | 67.81% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 170.84 Gb Free Space | 36.68% Space Free | Partition Type: NTFS
Computer Name: BUDESAPC | User Name: Bob | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Bob\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe (Adobe Systems, Inc.)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\afwServ.exe (AVAST Software)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\LVPrS64H.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\vpxmd.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\SDL.dll ()
MOD - C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtCore4.dll ()
MOD - C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qico4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\plugins\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtWebKit4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtXml4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtSql4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtOpenGL4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\QtGui4.dll ()
MOD - C:\Program Files (x86)\Logitech\Vid HD\phonon4.dll ()
MOD - C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll ()
MOD - C:\Windows\SysWOW64\AsIO.dll ()
========== Services (SafeList) ==========
SRV:
64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:
64bit: - (avast! Firewall) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe (AVAST Software)
SRV:
64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:
64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV:
64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:
64bit: - (LVPrcS64) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV:
64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (IntuitUpdateService) -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit Inc.)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:
64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:
64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:
64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:
64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:
64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:
64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:
64bit: - (aswNdis2) -- C:\Windows\SysNative\drivers\aswNdis2.sys (AVAST Software)
DRV:
64bit: - (aswFW) -- C:\Windows\SysNative\drivers\aswFW.sys (AVAST Software)
DRV:
64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:
64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:
64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:
64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:
64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:
64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:
64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:
64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:
64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:
64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:
64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:
64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:
64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:
64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:
64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:
64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:
64bit: - (lvpopf64) -- C:\Windows\SysNative\drivers\lvpopf64.sys (Logitech Inc.)
DRV:
64bit: - (LVPr2Mon) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:
64bit: - (LVPr2M64) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:
64bit: - (aswNdis) -- C:\Windows\SysNative\drivers\aswNdis.sys (ALWIL Software)
DRV:
64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:
64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:
64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:
64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:
64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:
64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:
64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:
64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:
64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:
64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:
64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASInsHelp) -- C:\Windows\SysWOW64\drivers\AsInsHelp64.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E0 24 A3 19 FA 79 CA 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49551;https=127.0.0.1:49551
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://my.msn.com/?ppud=4"
FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.0.4
FF - prefs.js..extensions.enabledAddons: twitter%40disconnect.me:2.1.2
FF - prefs.js..extensions.enabledAddons: extension%40FastFreeConverter.com:3.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - prefs.js..network.proxy.type: 4
FF - user.js - File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\
[email protected]: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/04/05 14:44:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013/09/18 05:58:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/07/18 15:47:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/09/16 06:51:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\
[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/04/05 14:44:14 | 000,000,000 | ---D | M]
[2013/10/01 15:26:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bob\AppData\Roaming\mozilla\Extensions
[2013/10/06 20:22:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bob\AppData\Roaming\mozilla\Firefox\Profiles\phm5365y.default\extensions
[2012/11/29 10:42:54 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Bob\AppData\Roaming\mozilla\Firefox\Profiles\phm5365y.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010/08/28 21:06:47 | 000,000,000 | ---D | M] (Charter Toolbar) -- C:\Users\Bob\AppData\Roaming\mozilla\Firefox\Profiles\phm5365y.default\extensions\{2104C0F5-952D-443c-AFCD-8F892F991F55}
[2010/08/28 21:06:47 | 000,000,000 | ---D | M] (Charter Update) -- C:\Users\Bob\AppData\Roaming\mozilla\Firefox\Profiles\phm5365y.default\extensions\{fa8cb1bd-1442-439c-8225-b8b16983d9b7}
[2013/07/01 12:24:00 | 000,035,303 | ---- | M] () (No name found) -- C:\Users\Bob\AppData\Roaming\mozilla\firefox\profiles\phm5365y.default\extensions\
[email protected]
[2013/10/06 20:22:57 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\Bob\AppData\Roaming\mozilla\firefox\profiles\phm5365y.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/07/13 11:02:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/09/21 12:01:12 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2013/09/30 19:46:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/10/03 21:12:21 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/09/30 19:46:04 | 000,000,000 | ---D | M] (Fast Free Converter) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\
[email protected]
[2013/04/15 22:49:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\
[email protected]\content
[2013/04/15 22:49:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\
[email protected]\defaults
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage:
http://www.google.com
CHR - Extension: No name found = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: No name found = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: No name found = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: No name found = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh\1.0.0_0\
CHR - Extension: No name found = C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2013/10/05 08:14:59 | 000,037,341 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 08sr.combineads.info # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 2010-fr.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 2012-new.biz # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 24h00business.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ad.adn360.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adeartss.eu # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adesoeasy.eu # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adm.soft365.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads7.complexadveising.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.aff.co # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.alpha00001.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.cloud4ads.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.eorezo.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.hooqy.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.icksor.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.regiedepub.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.sucomspot.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 ads.tersecta.com # hosts anti-adware / pups
O1 - Hosts: 127.0.0.1 a.dungtank.com # hosts anti-adware / pups
O1 - Hosts: 619 more lines...
O2:
64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:
64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {0134af61-7a0c-4649-aeca-90d776060cb3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
O4 - Startup: C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2010/08/13 12:46:38 | 000,000,000 | -H-D | M]
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:
64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DC2C1E85-256B-4516-8B9E-255E48D3022D}: DhcpNameServer = 192.168.2.1
O18:
64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:
64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:
64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:
64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/10/06 15:05:38 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERSetup
[2013/10/06 13:27:34 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\ATI
[2013/10/06 12:35:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013/10/06 11:27:16 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/10/06 11:25:29 | 000,000,000 | ---D | C] -- C:\Combofix
[2013/10/06 10:43:06 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/10/06 10:32:26 | 001,898,112 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Bob\Desktop\rkill.com
[2013/10/06 09:25:06 | 001,032,220 | ---- | C] (Thisisu) -- C:\Users\Bob\Desktop\JRT_NEW.exe
[2013/10/05 13:30:08 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\ESET
[2013/10/05 12:14:47 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\SUPERAntiSpyware.com
[2013/10/05 12:14:40 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2013/10/05 12:14:09 | 027,878,304 | ---- | C] (SUPERAntiSpyware) -- C:\Users\Bob\Desktop\SUPERAntiSpyware.exe
[2013/10/05 12:05:55 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Bob\Desktop\tdsskiller.exe
[2013/10/05 09:07:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Bob\Desktop\OTL.exe
[2013/10/05 08:29:16 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2013/10/05 08:29:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2013/10/05 08:14:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
[2013/10/05 07:36:40 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\HPAppData
[2013/10/04 22:40:13 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/10/04 22:40:13 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/10/04 22:40:13 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/10/04 22:31:53 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/10/04 22:31:19 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/10/04 22:22:04 | 005,130,782 | R--- | C] (Swearware) -- C:\Users\Bob\Desktop\Combofix.exe
[2013/10/04 20:54:02 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/10/03 20:51:06 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\Diagnostics
[2013/10/03 18:44:41 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\Anti-Malware
[2013/10/03 16:50:15 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/03 15:25:29 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/10/03 15:21:19 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\Programs
[2013/10/02 06:45:00 | 000,000,000 | ---D | C] -- C:\Users\Bob\Documents\SightSpeed Recordings
[2013/10/02 06:43:35 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Roaming\DiskDefrag
[2013/10/01 15:27:27 | 000,000,000 | ---D | C] -- C:\Users\Bob\AppData\Local\Macromedia
[2013/10/01 09:20:38 | 000,000,000 | ---D | C] -- C:\ProgramData\GlarySoft
[2013/10/01 06:08:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
[2013/10/01 06:08:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinDirStat
[2013/09/30 19:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrowserSafeguard
[2013/09/30 15:51:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/09/30 15:51:00 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/09/30 15:50:59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/09/30 15:50:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/09/30 15:50:59 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/09/24 19:21:12 | 000,000,000 | ---D | C] -- C:\ProgramData\ClubSanDisk
[2013/03/30 22:01:42 | 002,000,040 | ---- | C] (Driver Restore) -- C:\Program Files (x86)\DriverRestore.exe
[2011/05/17 02:53:09 | 000,411,136 | ---- | C] (Google) -- C:\Program Files (x86)\googleearth.exe
[2011/05/17 02:18:36 | 000,632,656 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\msvcr80.dll
[2011/05/17 02:18:36 | 000,554,832 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\msvcp80.dll
[2011/05/17 02:14:05 | 005,816,320 | ---- | C] (OSGeo) -- C:\Program Files (x86)\gdal17.dll
========== Files - Modified Within 30 Days ==========
[2013/10/07 20:56:32 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 530ac1be-cbc4-48c0-9d79-5e3315f7dd3e.job
[2013/10/07 20:56:30 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/07 20:56:23 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/10/07 20:56:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/10/07 16:45:55 | 000,013,952 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/10/07 16:45:55 | 000,013,952 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/10/07 16:14:58 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/07 16:12:48 | 1945,505,791 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/06 12:35:13 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/10/06 10:32:22 | 001,898,112 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Bob\Desktop\rkill.com
[2013/10/06 08:53:22 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2013/10/06 08:53:22 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2013/10/06 00:25:07 | 001,032,220 | ---- | M] (Thisisu) -- C:\Users\Bob\Desktop\JRT_NEW.exe
[2013/10/05 13:12:30 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 5760a512-5f91-47b7-9ef3-9b7d6712adca.job
[2013/10/05 12:14:14 | 027,878,304 | ---- | M] (SUPERAntiSpyware) -- C:\Users\Bob\Desktop\SUPERAntiSpyware.exe
[2013/10/05 12:05:59 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Bob\Desktop\tdsskiller.exe
[2013/10/05 09:07:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bob\Desktop\OTL.exe
[2013/10/05 08:29:16 | 000,002,965 | ---- | M] () -- C:\Users\Bob\Desktop\HiJackThis.lnk
[2013/10/05 08:14:59 | 000,037,341 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/10/04 22:32:44 | 000,002,005 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2013/10/04 22:30:53 | 005,130,782 | R--- | M] (Swearware) -- C:\Users\Bob\Desktop\Combofix.exe
[2013/10/04 20:06:00 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/10/04 11:46:17 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/10/03 16:50:02 | 001,045,226 | ---- | M] () -- C:\Users\Bob\Desktop\adwcleaner.exe
[2013/10/02 22:46:31 | 000,000,258 | RHS- | M] () -- C:\Users\Bob\ntuser.pol
[2013/10/01 21:35:14 | 000,835,790 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/10/01 21:35:14 | 000,692,828 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/10/01 21:35:14 | 000,131,834 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/10/01 06:08:24 | 000,001,031 | ---- | M] () -- C:\Users\Bob\Desktop\WinDirStat.lnk
[2013/09/30 17:17:45 | 000,818,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/09/30 15:51:31 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/09/18 05:58:38 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013/09/13 03:01:46 | 000,002,637 | ---- | M] () -- C:\Users\Bob\Desktop\Microsoft Office Excel 2007.lnk
[2013/09/12 15:46:00 | 001,931,335 | ---- | M] () -- C:\Users\Bob\Desktop\vrp-20130821-144401.mp4
[2013/09/12 03:30:16 | 000,334,344 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
========== Files Created - No Company Name ==========
[2013/10/06 12:35:13 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/10/06 08:49:18 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml
[2013/10/06 08:49:18 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2013/10/05 12:15:01 | 000,000,506 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 530ac1be-cbc4-48c0-9d79-5e3315f7dd3e.job
[2013/10/05 12:15:00 | 000,000,506 | ---- | C] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 5760a512-5f91-47b7-9ef3-9b7d6712adca.job
[2013/10/05 08:29:16 | 000,002,965 | ---- | C] () -- C:\Users\Bob\Desktop\HiJackThis.lnk
[2013/10/04 22:40:13 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/10/04 22:40:13 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/10/04 22:40:13 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/10/04 22:40:13 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/10/04 22:40:13 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/10/03 16:49:49 | 001,045,226 | ---- | C] () -- C:\Users\Bob\Desktop\adwcleaner.exe
[2013/10/01 06:08:24 | 000,001,031 | ---- | C] () -- C:\Users\Bob\Desktop\WinDirStat.lnk
[2013/09/30 19:46:19 | 000,000,258 | RHS- | C] () -- C:\Users\Bob\ntuser.pol
[2013/09/30 15:51:31 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/09/12 15:46:00 | 001,931,335 | ---- | C] () -- C:\Users\Bob\Desktop\vrp-20130821-144401.mp4
[2013/04/01 07:32:13 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\Inst2891.dll
[2011/12/31 20:10:07 | 000,004,608 | ---- | C] () -- C:\Users\Bob\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/29 11:32:19 | 000,000,777 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011/10/29 11:32:19 | 000,000,288 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/10/29 11:24:35 | 000,835,790 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/17 02:41:13 | 000,291,840 | ---- | C] () -- C:\Program Files (x86)\gpsbabel.exe
[2011/05/17 02:40:52 | 000,056,320 | ---- | C] () -- C:\Program Files (x86)\earthflashsol.exe
[2011/05/17 02:17:54 | 000,053,248 | ---- | C] () -- C:\Program Files (x86)\wavdest.ax
[2011/05/17 02:13:54 | 000,352,333 | ---- | C] () -- C:\Program Files (x86)\pcs.csv
[2011/05/17 02:13:54 | 000,233,102 | ---- | C] () -- C:\Program Files (x86)\ecw_cs.dat
[2011/05/17 02:13:54 | 000,145,621 | ---- | C] () -- C:\Program Files (x86)\projop_wparm.csv
[2011/05/17 02:13:54 | 000,107,562 | ---- | C] () -- C:\Program Files (x86)\gdal_datum.csv
[2011/05/17 02:13:54 | 000,031,394 | ---- | C] () -- C:\Program Files (x86)\s57objectclasses.csv
[2011/05/17 02:13:54 | 000,028,075 | ---- | C] () -- C:\Program Files (x86)\gcs.csv
[2011/05/17 02:13:54 | 000,021,893 | ---- | C] () -- C:\Program Files (x86)\s57expectedinput.csv
[2011/05/17 02:13:54 | 000,018,006 | ---- | C] () -- C:\Program Files (x86)\unit_of_measure.csv
[2011/05/17 02:13:54 | 000,011,875 | ---- | C] () -- C:\Program Files (x86)\ellipsoid.csv
[2011/05/17 02:13:54 | 000,010,573 | ---- | C] () -- C:\Program Files (x86)\stateplane.csv
[2011/05/17 02:13:54 | 000,009,236 | ---- | C] () -- C:\Program Files (x86)\seed_2d.dgn
[2011/05/17 02:13:54 | 000,007,452 | ---- | C] () -- C:\Program Files (x86)\s57attributes.csv
[2011/05/17 02:13:54 | 000,002,048 | ---- | C] () -- C:\Program Files (x86)\seed_3d.dgn
[2011/05/17 02:13:54 | 000,001,613 | ---- | C] () -- C:\Program Files (x86)\prime_meridian.csv
[2011/05/17 02:13:54 | 000,000,444 | ---- | C] () -- C:\Program Files (x86)\gdalicon.png
[2011/05/17 02:13:51 | 000,003,812 | ---- | C] () -- C:\Program Files (x86)\WMV9_Highest_Quality_Video_(16mbps).prx
[2011/05/17 02:13:51 | 000,003,794 | ---- | C] () -- C:\Program Files (x86)\WMV9_DVD_Quality_(6mbps).prx
[2011/05/17 02:13:39 | 000,005,219 | ---- | C] () -- C:\Program Files (x86)\ImporterUISettings.ini
[2011/05/17 02:13:39 | 000,001,013 | ---- | C] () -- C:\Program Files (x86)\ImporterGlobalSettings.ini
[2011/05/17 02:13:39 | 000,000,704 | ---- | C] () -- C:\Program Files (x86)\PCOptimizations.ini
[2011/05/17 02:13:31 | 000,075,289 | ---- | C] () -- C:\Program Files (x86)\drivers.ini
[2011/05/17 02:13:31 | 000,000,000 | ---- | C] () -- C:\Program Files (x86)\kh56
[2011/05/17 02:13:31 | 000,000,000 | ---- | C] () -- C:\Program Files (x86)\googleearth.exe.local
[2010/09/21 12:05:13 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/07/17 13:45:21 | 000,000,377 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2010/05/03 12:36:37 | 000,000,213 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\default.rss
[2010/05/03 12:32:50 | 000,000,000 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\downloads.m3u
[2009/12/30 16:45:45 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Tribal Masks
[2009/12/30 16:45:45 | 000,000,268 | RH-- | C] () -- C:\Users\Bob\AppData\Roaming\Trance Pad
[2009/12/30 16:45:45 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2009/12/14 14:34:48 | 000,024,601 | ---- | C] () -- C:\Users\Bob\AppData\Roaming\Comma Separated Values (Windows).ADR
========== ZeroAccess Check ==========
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2011/10/29 14:04:14 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\DeLorme
[2013/02/16 10:39:22 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\DirectoryListPrintPro
[2013/10/02 06:43:35 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\DiskDefrag
[2013/10/04 21:38:29 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Dropbox
[2013/10/01 15:18:08 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Garmin
[2013/10/02 12:51:22 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\GlarySoft
[2010/09/21 11:43:18 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Leadertech
[2013/10/01 15:18:11 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\NCH Swift Sound
[2009/12/30 16:50:40 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Nikon
[2009/12/11 17:42:13 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\OpenOffice.org
[2010/02/16 13:56:04 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\OverDrive
[2010/06/12 15:05:39 | 000,000,000 | ---D | M] -- C:\Users\Bob\AppData\Roaming\Uniblue
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:373E1720
< End of report >