Starburn problem

Inactive
By KathiM
Nov 28, 2012
  1. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    And again... :)

    OTL Fix

    Please run OTL
    • Under the Custom Scans/Fixes box at the bottom, copy and paste in the following:

    • Then click the Run Fix button at the top.
    • Note: The fix for OTL automatically hides your Desktop and Start menu so the fix can be completed. Do not be alerted, as this is normal.
    • Please do not exit the program. It might take a while to fix, but allow it to run. If it asks to reboot the computer, allow it to reboot. If the program freezes, and the computer fails to reboot - let me know.
      Lastly, post the contents of the log. (Located at C:\_OTL\Moved Files)
  2. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    How did this go?
  3. KathiM

    KathiM TechSpot Member Topic Starter Posts: 30

    Well, IE looks fixed...when I open IE, I go to the www.google.com home page I set. Firefox however, no matter how many times I set the homepage to google...it reverts to starburn and when I open the tools to set the home page, it says http://apype.com

    Here's the OTL log:

    All processes killed
    ========== REGISTRY ==========
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\DoNotAskAgain deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs\\Tabs deleted successfully.
    Registry value HKEY_USERS\S-1-5-21-2635634824-2115636220-2321885851-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DoNotAskAgain not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\A Youtube Downloader Free_Helper_RASAPI32\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\A Youtube Downloader Free_Helper_RASMANCS\ deleted successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Kathi
    ->Temp folder emptied: 317614 bytes
    ->Temporary Internet Files folder emptied: 11866376 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 84881990 bytes
    ->Google Chrome cache emptied: 0 bytes
    ->Flash cache emptied: 5560 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 3132144 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50132 bytes
    RecycleBin emptied: 21141 bytes

    Total Files Cleaned = 96.00 mb


    OTL by OldTimer - Version 3.2.69.0 log created on 12142012_050422

    Files\Folders moved on Reboot...
    C:\Users\Kathi\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    File\Folder C:\Users\Kathi\AppData\Local\Temp\~DF00C0898977D244C9.TMP not found!
    File\Folder C:\Users\Kathi\AppData\Local\Temp\~DF2C92772A9774860C.TMP not found!
    File\Folder C:\Users\Kathi\AppData\Local\Temp\~DF38B0D6287EE91D50.TMP not found!
    File\Folder C:\Users\Kathi\AppData\Local\Temp\~DF3A645DBC8EAD2E49.TMP not found!
    File\Folder C:\Users\Kathi\AppData\Local\Temp\~DF45168BD31975FB59.TMP not found!
    File\Folder C:\Users\Kathi\AppData\Local\Temp\~DF6FD3838110C1365F.TMP not found!
    File\Folder C:\Users\Kathi\AppData\Local\Temp\~DF853EB190BEAF4A09.TMP not found!
    File\Folder C:\Users\Kathi\AppData\Local\Temp\~DF91758939DB08CEA7.TMP not found!
    File\Folder C:\Users\Kathi\AppData\Local\Temp\~DF97256449E0DB6FE3.TMP not found!
    File\Folder C:\Users\Kathi\AppData\Local\Temp\~DFF20DB9E3F87BF12F.TMP not found!

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...
  4. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Next OTL log please. :D
  5. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Everything good? Post log when you can. :)
  6. KathiM

    KathiM TechSpot Member Topic Starter Posts: 30

    Sorry xmas getting in the way - running scan now - will post b4 I leave for work tomorrow...er today - about 8 am pst
  7. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Okay. :D No worries.
  8. KathiM

    KathiM TechSpot Member Topic Starter Posts: 30

    PART 1:
    OTL logfile created on: 12/16/2012 11:55:42 PM - Run 6
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kathi\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    5.00 Gb Total Physical Memory | 3.39 Gb Available Physical Memory | 67.74% Memory free
    10.00 Gb Paging File | 8.06 Gb Available in Paging File | 80.62% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 584.01 Gb Total Space | 270.68 Gb Free Space | 46.35% Space Free | Partition Type: NTFS
    Drive D: | 12.07 Gb Total Space | 1.48 Gb Free Space | 12.23% Space Free | Partition Type: NTFS

    Computer Name: KATHI-HP | User Name: Kathi | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2012/12/11 18:32:32 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
    PRC - [2012/12/05 02:32:14 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    PRC - [2012/12/02 12:07:49 | 000,236,552 | ---- | M] (Trustwave) -- C:\Program Files (x86)\Trustwave\Agent\tkstatus.exe
    PRC - [2012/12/02 12:07:48 | 000,131,592 | ---- | M] (Trustwave) -- C:\Program Files (x86)\Trustwave\Agent\tkagent.exe
    PRC - [2012/11/29 00:17:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kathi\Downloads\OTL.exe
    PRC - [2012/10/09 09:53:36 | 004,441,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Kathi\AppData\Local\Akamai\netsession_win.exe
    PRC - [2012/09/19 14:56:20 | 000,200,336 | ---- | M] (http://www.goforfiles.com/) -- C:\Program Files (x86)\GoforFiles\GFFUpdater.exe
    PRC - [2012/07/27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2012/03/07 14:40:34 | 000,913,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
    PRC - [2011/02/18 10:47:12 | 000,079,192 | ---- | M] (Research In Motion Limited) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    PRC - [2010/11/15 17:05:30 | 000,112,600 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
    PRC - [2010/10/01 12:27:22 | 000,632,792 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
    PRC - [2010/09/16 12:26:08 | 001,594,328 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Registry Mechanic\Upgrade.exe
    PRC - [2010/07/07 12:38:06 | 000,648,536 | ---- | M] (Research In Motion Limited) -- C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
    PRC - [2010/06/12 17:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
    PRC - [2010/01/18 09:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    PRC - [2009/11/19 18:15:46 | 000,583,016 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
    PRC - [2009/10/14 14:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
    PRC - [2008/11/20 09:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
    PRC - [2007/01/23 18:46:58 | 092,573,696 | ---- | M] (Individual Software Inc.) -- C:\Program Files (x86)\AnyTime Deluxe\Atw.exe


    ========== Modules (No Company Name) ==========

    MOD - [2012/12/11 18:32:31 | 014,586,296 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
    MOD - [2012/12/05 02:32:13 | 002,397,152 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
    MOD - [2012/11/19 17:34:39 | 000,037,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
    MOD - [2012/11/16 07:26:43 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\66694f9192bd0dddc2eaf90fbcbcd555\System.Management.ni.dll
    MOD - [2012/11/16 07:02:54 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7c4de95aa433eb8d81a81caf805947a8\PresentationFramework.Aero.ni.dll
    MOD - [2012/11/16 07:02:35 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll
    MOD - [2012/11/16 07:02:33 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\3d4e9d4f6c945d6d3b7d423fdb6bd274\System.Data.ni.dll
    MOD - [2012/11/16 07:02:21 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ec80905a71750be50dfc7981ad5ae28\PresentationFramework.ni.dll
    MOD - [2012/11/16 07:02:03 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
    MOD - [2012/11/16 07:01:55 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
    MOD - [2012/11/16 07:01:51 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll
    MOD - [2012/11/16 07:01:37 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
    MOD - [2012/11/16 07:01:26 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
    MOD - [2012/11/16 07:01:22 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
    MOD - [2012/11/16 07:01:19 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
    MOD - [2012/11/16 07:01:12 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
    MOD - [2012/06/13 17:42:48 | 000,181,248 | ---- | M] () -- C:\Program Files (x86)\Trustwave\Agent\zlibwapi.dll
    MOD - [2010/11/04 17:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
    MOD - [2010/09/28 14:00:32 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
    MOD - [2010/09/28 14:00:30 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
    MOD - [2010/09/28 14:00:14 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
    MOD - [2010/01/18 09:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    MOD - [1997/04/29 11:26:16 | 000,120,832 | ---- | M] () -- C:\Program Files (x86)\AnyTime Deluxe\Utdial32.dll


    ========== Services (SafeList) ==========

    SRV:64bit: - [2012/03/07 14:40:34 | 000,913,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
    SRV:64bit: - [2011/03/08 20:53:04 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
    SRV:64bit: - [2011/01/26 17:01:28 | 000,354,304 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
    SRV:64bit: - [2010/06/17 04:23:36 | 000,194,496 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager)
    SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2012/12/11 18:32:32 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2012/12/05 02:32:14 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2012/12/02 12:07:48 | 000,131,592 | ---- | M] (Trustwave) [Auto | Running] -- C:\Program Files (x86)\Trustwave\Agent\tkagent.exe -- (tkagent)
    SRV - [2012/11/09 17:59:44 | 004,539,712 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll -- (Akamai)
    SRV - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
    SRV - [2012/07/27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2011/03/28 11:51:25 | 004,323,256 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
    SRV - [2010/10/12 09:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
    SRV - [2010/10/01 12:27:22 | 000,632,792 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
    SRV - [2010/06/12 17:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
    SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2009/10/14 14:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
    SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
    DRV:64bit: - [2012/05/09 12:59:00 | 000,031,744 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgvzandnetadb.sys -- (vzandnetadb)
    DRV:64bit: - [2012/05/09 12:47:00 | 000,094,208 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgvzandnetndis64.sys -- (vzandnetndis)
    DRV:64bit: - [2012/05/09 12:45:00 | 000,036,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgvzandnetmdm64.sys -- (vzandnetmodem)
    DRV:64bit: - [2012/05/09 12:45:00 | 000,029,696 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgvzandnetdiag264.sys -- (vzandnetdiag2)
    DRV:64bit: - [2012/05/09 12:45:00 | 000,029,696 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgvzandnetdiag64.sys -- (vzandnetdiag)
    DRV:64bit: - [2012/03/14 07:40:04 | 000,187,632 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
    DRV:64bit: - [2012/03/14 07:40:04 | 000,062,496 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
    DRV:64bit: - [2012/03/14 07:40:04 | 000,038,288 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
    DRV:64bit: - [2012/03/14 07:40:02 | 000,209,768 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
    DRV:64bit: - [2012/03/14 07:40:02 | 000,148,528 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
    DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011/03/09 01:22:42 | 009,258,496 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
    DRV:64bit: - [2011/03/08 20:17:42 | 000,300,544 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
    DRV:64bit: - [2011/02/16 17:23:46 | 000,074,240 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
    DRV:64bit: - [2010/11/20 05:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/11/20 03:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2010/11/17 04:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
    DRV:64bit: - [2010/11/16 12:18:27 | 000,046,112 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd)
    DRV:64bit: - [2010/03/10 07:33:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
    DRV:64bit: - [2010/03/04 06:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2010/02/18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
    DRV:64bit: - [2010/02/05 20:04:06 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010/02/05 20:04:04 | 000,070,712 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2009/12/22 01:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
    DRV:64bit: - [2009/09/17 05:26:18 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.sys -- (SSPORT)
    DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/13 16:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
    DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009/01/09 16:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
    DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
    DRV - [2005/01/02 13:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
    IE:64bit: - HKLM\..\SearchScopes\{150F51E5-89FD-4029-83A9-0706137DF8BE}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
    IE:64bit: - HKLM\..\SearchScopes\{4637FF3D-F284-4B7E-B76A-546A8EDCD4C6}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
    IE:64bit: - HKLM\..\SearchScopes\{DFFBC655-3F10-4FE2-8430-13CFE1FD498F}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.google.com
    IE - HKLM\..\SearchScopes,DefaultScope =

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
    IE - HKCU\..\URLSearchHook: - No CLSID value found
    IE - HKCU\..\URLSearchHook: {b843a48a-b70f-45cd-a15a-6c2b30c2c11e} - C:\Program Files (x86)\Gamers Unite! Snag Bar\Helper.dll ()
    IE - HKCU\..\SearchScopes,DefaultScope = {62E7C7FA-5F68-4414-931F-93E8858EF758}
    IE - HKCU\..\SearchScopes\{62E7C7FA-5F68-4414-931F-93E8858EF758}: "URL" = http://www.google.com/search?q={sea...rce}&ie={inputEncoding?}&oe={outputEncoding?}
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "Custom search"
    FF - prefs.js..browser.search.selectedEngine: "Custom search"
    FF - prefs.js..browser.search.useDBForOrder: ""
    FF - prefs.js..browser.startup.homepage: "http://apype.com"
    FF - prefs.js..keyword.URL: "http://apype.com/results.php?q="
    FF - user.js - File not found

    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_34: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
    FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\19\NP_wtapp.dll ()
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll ()
    FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Kathi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

    64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2012/07/20 21:00:08 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\quickprint@hp.com: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 14:27:28 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/05 02:32:15 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012/07/20 21:00:08 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/05 02:32:15 | 000,000,000 | ---D | M]

    [2011/12/10 22:24:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kathi\AppData\Roaming\Mozilla\Extensions
    [2012/12/02 00:47:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kathi\AppData\Roaming\Mozilla\Firefox\Profiles\lad0jdno.default\extensions
    [2012/12/02 00:47:11 | 000,580,191 | ---- | M] () (No name found) -- C:\Users\Kathi\AppData\Roaming\Mozilla\Firefox\Profiles\lad0jdno.default\extensions\{afe43e80-0abc-4df2-81a0-3fe44b74abe8}.xpi
    [2012/12/10 21:02:51 | 000,001,742 | ---- | M] () -- C:\Users\Kathi\AppData\Roaming\Mozilla\Firefox\Profiles\lad0jdno.default\searchplugins\search-the-web.xml
    [2012/12/05 02:32:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2012/12/05 02:32:15 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

    ========== Chrome ==========

    CHR - homepage: http://www.google.com

    O1 HOSTS File: ([2012/11/27 23:45:09 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
    O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
    O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
    O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
    O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
    O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
    O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKCU..\Run: [4Sync] C:\Program Files (x86)\4Sync\4Sync.exe (New IT Solutions Ltd.)
    O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Kathi\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
    O4 - HKCU..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe (Hewlett-Packard)
    O4 - HKCU..\Run: [PlayNC Launcher] File not found
    O4 - Startup: C:\Users\Kathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AnyTime.lnk = C:\Program Files (x86)\AnyTime Deluxe\Atw.exe (Individual Software Inc.)
    O4 - Startup: C:\Users\Kathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Kathi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
    O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Kathi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Domains: caldirectsecuredocs.com ([www] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: caldirectsecuredocs.com ([www] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: com ([pennwest-edocs] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: com ([pennwest-edocs] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: ditechsecuredocs.com ([www] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: ditechsecuredocs.com ([www] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: ditechsecuredocs.net ([www] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: ditechsecuredocs.net ([www] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: docmagic.com ([www] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: docmagic.com ([www] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: elynx.net ([ctest] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: elynx.net ([ctest] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: elynx.net ([forms] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: elynx.net ([forms] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: elynx.net ([gmacforms] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: elynx.net ([gmacforms] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: elynx.net ([pro] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: elynx.net ([pro] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: elynx.net ([secure] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: elynx.net ([secure] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: elynx.net ([usign] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: elynx.net ([usign] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: elynx.net ([webpost] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: elynx.net ([webpost] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: gmacmsecuredocs.com ([www] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: gmacmsecuredocs.com ([www] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: gmacmsecuredocs.net ([www] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: gmacmsecuredocs.net ([www] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: gmamcsecuredocs.com ([www] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: gmamcsecuredocs.com ([www] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: rhapsody.com ([rhap-app-4-0] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: rhapsody.com ([rhapreg] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: ss3.swiftsend.com ([loandocs] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: ss3.swiftsend.com ([loandocs] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: swiftsend.com ([docs] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: swiftsend.com ([docs] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: swiftsend.com ([loandocs] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: swiftsend.com ([loandocs] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: swiftsend2.com ([docs] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: swiftsend2.com ([docs] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: swiftsend2.com ([loandocs] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: swiftsend2.com ([loandocs] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: swiftview.com ([www] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: swiftview.com ([www] https in Trusted sites)
    O15 - HKCU\..Trusted Domains: wamuloandocs.com ([www] http in Trusted sites)
    O15 - HKCU\..Trusted Domains: wamuloandocs.com ([www] https in Trusted sites)
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Plugin Control)
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
    O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} http://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab (P3DActiveX Control)
    O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx (CRLDownloadWrapper Class)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57F4C65D-DE84-4C7F-A9A4-EFD6EA28E475}: DhcpNameServer = 192.168.1.1
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\ms-help - No CLSID value found
    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2012/11/27 22:28:48 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  9. KathiM

    KathiM TechSpot Member Topic Starter Posts: 30

    PART 2:

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/12/16 12:11:19 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{101127C6-F807-49C4-B4A0-A46CB144F8FD}
    [2012/12/15 22:20:51 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{34D4C856-C0E4-47A9-A2E4-82CC1435F3ED}
    [2012/12/15 10:20:26 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{4FB8CD1E-9B6B-43E3-8F7D-7C7F73ED60E1}
    [2012/12/14 22:20:14 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{230EE0CE-CF30-4C05-8F42-97EF574830E2}
    [2012/12/13 21:00:16 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{C23E470B-D917-4E82-847C-1A6305F21050}
    [2012/12/13 09:00:04 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{0F6DA327-67C7-4BDC-B167-255A23A39F75}
    [2012/12/12 17:33:17 | 000,000,000 | ---D | C] -- C:\Users\Kathi\Documents\MysteryAgency
    [2012/12/12 16:56:52 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{C3036A2B-1AE2-4960-9181-A0580CB0B1CC}
    [2012/12/12 03:02:39 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
    [2012/12/12 03:02:39 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
    [2012/12/12 03:02:38 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2012/12/12 03:02:38 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
    [2012/12/12 03:02:38 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
    [2012/12/12 03:02:38 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2012/12/12 03:02:38 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
    [2012/12/12 03:02:38 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
    [2012/12/12 03:02:36 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2012/12/12 03:02:36 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
    [2012/12/12 03:02:36 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
    [2012/12/12 03:02:36 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2012/12/12 03:02:34 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
    [2012/12/12 03:02:33 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
    [2012/12/12 03:02:33 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
    [2012/12/12 02:56:15 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
    [2012/12/12 02:56:15 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
    [2012/12/12 02:56:15 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
    [2012/12/12 02:56:15 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
    [2012/12/12 02:56:00 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
    [2012/12/12 02:56:00 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
    [2012/12/12 02:56:00 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
    [2012/12/12 02:56:00 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
    [2012/12/12 02:55:58 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
    [2012/12/12 02:55:57 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
    [2012/12/12 02:55:57 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
    [2012/12/12 02:55:57 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
    [2012/12/12 02:55:57 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
    [2012/12/12 02:55:57 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
    [2012/12/12 02:55:57 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
    [2012/12/12 02:55:56 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
    [2012/12/12 02:55:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
    [2012/12/12 02:55:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
    [2012/12/12 02:55:54 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
    [2012/12/12 02:55:54 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
    [2012/12/12 02:55:54 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
    [2012/12/12 02:55:54 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
    [2012/12/12 02:55:54 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
    [2012/12/12 02:55:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
    [2012/12/12 02:55:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
    [2012/12/12 02:55:54 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
    [2012/12/12 02:55:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
    [2012/12/12 02:55:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
    [2012/12/12 02:55:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
    [2012/12/12 02:55:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
    [2012/12/12 02:55:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
    [2012/12/12 02:55:53 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
    [2012/12/12 02:55:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
    [2012/12/12 02:55:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
    [2012/12/12 02:55:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
    [2012/12/12 02:55:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
    [2012/12/12 02:55:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
    [2012/12/12 02:55:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
    [2012/12/12 02:55:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
    [2012/12/12 02:55:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
    [2012/12/12 02:55:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
    [2012/12/12 02:55:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
    [2012/12/12 02:55:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
    [2012/12/12 02:55:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
    [2012/12/12 02:55:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
    [2012/12/12 02:55:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
    [2012/12/12 02:55:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
    [2012/12/12 02:55:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
    [2012/12/12 02:55:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
    [2012/12/12 02:55:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
    [2012/12/12 02:55:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
    [2012/12/12 02:55:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
    [2012/12/12 02:55:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
    [2012/12/12 02:55:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
    [2012/12/12 02:55:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
    [2012/12/12 02:55:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
    [2012/12/12 02:55:52 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    [2012/12/12 02:55:52 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    [2012/12/12 02:55:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
    [2012/12/12 02:55:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
    [2012/12/12 02:55:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
    [2012/12/12 02:55:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    [2012/12/12 02:55:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
    [2012/12/12 02:55:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    [2012/12/12 02:55:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
    [2012/12/12 02:55:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
    [2012/12/12 02:55:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
    [2012/12/12 02:55:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
    [2012/12/12 02:55:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
    [2012/12/12 02:55:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
    [2012/12/12 02:55:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
    [2012/12/12 02:55:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
    [2012/12/12 02:55:50 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
    [2012/12/12 02:55:35 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
    [2012/12/12 02:55:35 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
    [2012/12/11 20:56:55 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{07DA5331-7C91-4EF8-8E30-B2038862347A}
    [2012/12/10 17:21:54 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{5C48830D-5769-45DB-A00D-16847BE68C08}
    [2012/12/09 16:35:38 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{8292795E-7025-4FD4-9BA5-95A8D282A127}
    [2012/12/08 21:09:15 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{23DF0909-A38F-4D77-9599-597CF11C44DF}
    [2012/12/08 16:18:19 | 000,000,000 | ---D | C] -- C:\Users\Kathi\Desktop\Alexis Music
    [2012/12/08 09:09:03 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{F2D3781D-EB9B-40E3-A4A8-4E71AF75C4BA}
    [2012/12/07 21:08:37 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{D532FEFA-41A8-4F65-BCDE-7F2E98426B1A}
    [2012/12/06 21:09:00 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{F06706D2-6961-4278-95FB-CD9741C3731D}
    [2012/12/06 09:08:34 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{4B2CE0AD-ECC4-41D6-8E2A-DE0ED913DCC7}
    [2012/12/05 17:16:51 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{8CB98B19-057D-4B4E-A2B8-78105B9EF410}
    [2012/12/05 05:16:40 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{05E9E7E9-8698-4847-8C3C-A3DEA214F888}
    [2012/12/05 02:32:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
    [2012/12/04 17:16:28 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{F32A04B1-CED7-4C9A-9110-88A299271614}
    [2012/12/03 21:46:06 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{7EDE21F6-4DA8-4439-A5C9-66AA788C005D}
    [2012/12/03 15:10:21 | 000,000,000 | ---D | C] -- C:\Users\Kathi\Desktop\PNA
    [2012/12/03 08:25:51 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{FCD356BC-10A8-4E72-BE15-096DB2D11D19}
    [2012/12/02 12:08:23 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{B681B04F-8F72-4E67-86A2-4F8D97D143EE}
    [2012/12/02 12:07:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trustwave
    [2012/12/02 12:00:28 | 000,000,000 | ---D | C] -- C:\Users\Kathi\Desktop\Contractor Stuff
    [2012/12/02 00:07:56 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{15F4C8B7-047F-4CC7-B9DD-19C43E557320}
    [2012/12/01 14:33:10 | 000,000,000 | ---D | C] -- C:\_OTL
    [2012/12/01 12:07:26 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{61F9D008-5B6C-42B6-91B9-0D910B040E50}
    [2012/11/30 14:32:57 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{4608C5FA-37EF-4EE0-94CE-1F9378567A3D}
    [2012/11/29 15:11:34 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
    [2012/11/29 15:10:30 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{C9D3E595-166B-4108-8FBB-E38912055C17}
    [2012/11/29 00:39:55 | 000,000,000 | ---D | C] -- C:\Windows\temp
    [2012/11/28 20:13:47 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{E8E58D15-3237-4464-8EF2-372578F51F11}
    [2012/11/28 08:13:34 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{AB4B3DAA-4657-457A-915B-EF2D01D484EF}
    [2012/11/28 00:24:33 | 000,000,000 | ---D | C] -- C:\Users\Kathi\Desktop\Virus removal
    [2012/11/28 00:05:18 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Roaming\Malwarebytes
    [2012/11/28 00:05:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2012/11/28 00:05:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2012/11/28 00:05:12 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2012/11/28 00:05:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2012/11/27 23:19:15 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
    [2012/11/27 23:19:15 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
    [2012/11/27 23:19:15 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
    [2012/11/27 23:18:45 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2012/11/27 23:18:14 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
    [2012/11/27 22:28:13 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
    [2012/11/27 18:37:28 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{57E04207-89F6-446D-8DCB-B86398E7A2CA}
    [2012/11/27 03:28:51 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{8293A4E9-4F86-458A-9056-38D94E7A1B2D}
    [2012/11/26 15:28:25 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{F9A09894-87D9-4E4A-8A26-76C7F64C4A0A}
    [2012/11/25 13:11:14 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{FE403889-A439-46EF-8F08-68DF75D25B1D}
    [2012/11/25 01:10:50 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{A8A9512F-FF18-4BBC-A7AA-7B206248EFE4}
    [2012/11/24 13:10:37 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{0EE3B6A2-DA5B-4E17-B2E4-2BD6A8A48774}
    [2012/11/23 11:46:27 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{269F6611-3BD7-4DEB-93EC-AB388F35B96E}
    [2012/11/22 23:46:01 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{CD6029AC-1401-46E8-8619-25569DF6764A}
    [2012/11/20 13:14:29 | 000,000,000 | ---D | C] -- C:\LGMobileUpgrade
    [2012/11/20 13:13:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LG Electronics
    [2012/11/20 11:35:09 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{7FA3AFF0-1ED7-4C62-93F5-35427272AF4C}
    [2012/11/19 23:34:58 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{58BA76CF-231E-4630-8C02-C9B31FF1370C}
    [2012/11/19 17:34:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
    [2012/11/19 17:32:55 | 000,000,000 | ---D | C] -- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
    [2012/11/19 11:34:46 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{2E351E04-2111-4EF3-86CD-CBEE0261BAEE}
    [2012/11/18 23:34:34 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{D5AD68FF-7C77-4356-AF80-3F7D56E66B3D}
    [2012/11/18 11:34:21 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{58A551D9-F5D8-4FE3-8261-D691F564D20E}
    [2012/11/17 15:16:26 | 000,000,000 | ---D | C] -- C:\Users\Kathi\AppData\Local\{0C525CDA-33F9-42CE-871D-5609DD015E6D}
    [2011/02/25 18:07:35 | 021,882,800 | ---- | C] (Trion Worlds, Inc.) -- C:\Users\Kathi\Rift_LIVE_Patcher_setup.exe
    ========== Files - Modified Within 30 Days ==========

    [2012/12/16 23:40:00 | 000,000,338 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
    [2012/12/16 23:35:02 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2012/12/16 23:32:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2012/12/16 21:28:30 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2012/12/16 21:28:30 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2012/12/16 19:05:01 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
    [2012/12/16 18:35:03 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012/12/16 15:44:19 | 000,001,916 | ---- | M] () -- C:\Users\Kathi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 6700.lnk
    [2012/12/16 15:42:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012/12/16 15:42:05 | 4025,966,592 | -HS- | M] () -- C:\hiberfil.sys
    [2012/12/12 03:26:38 | 000,382,112 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2012/12/11 18:32:32 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
    [2012/12/11 18:32:32 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2012/12/10 20:57:23 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForKathi.job
    [2012/12/09 17:16:05 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_lgvzandnetadb_01005.Wdf
    [2012/12/03 15:08:13 | 001,540,212 | ---- | M] () -- C:\Users\Kathi\Documents\Scan0145.pdf
    [2012/12/02 12:07:13 | 000,001,958 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrustKeeper Agent Status.lnk
    [2012/11/29 22:13:08 | 002,213,678 | ---- | M] () -- C:\Users\Kathi\Documents\Scan0144.pdf
    [2012/11/29 20:59:10 | 003,800,587 | ---- | M] () -- C:\Users\Kathi\Documents\Scan0143.pdf
    [2012/11/29 20:55:38 | 004,816,175 | ---- | M] () -- C:\Users\Kathi\Documents\Scan0142.pdf
    [2012/11/28 00:05:14 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/11/27 23:45:09 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
    [2012/11/27 22:28:48 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
    [2012/11/27 22:26:13 | 000,000,034 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefoxoverride.ini
    [2012/11/26 17:18:07 | 000,226,083 | ---- | M] () -- C:\Users\Kathi\Desktop\Auto Insurance.pdf
    [2012/11/23 13:16:24 | 000,251,271 | ---- | M] () -- C:\Users\Kathi\Desktop\Matthew Xmas.pdf
    [2012/11/23 13:15:59 | 000,246,731 | ---- | M] () -- C:\Users\Kathi\Documents\Scan0141.pdf
    [2012/11/23 13:14:04 | 000,458,368 | ---- | M] () -- C:\Users\Kathi\Desktop\Alexis Xmas List.pdf
    [2012/11/23 13:12:48 | 000,453,825 | ---- | M] () -- C:\Users\Kathi\Documents\Scan0140.pdf
    [2012/11/23 13:11:07 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2012/11/23 13:11:07 | 000,624,162 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2012/11/23 13:11:07 | 000,106,538 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2012/11/19 17:34:57 | 000,002,147 | ---- | M] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk

    ========== Files Created - No Company Name ==========

    [2012/12/09 17:16:05 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_lgvzandnetadb_01005.Wdf
    [2012/12/03 15:08:12 | 001,540,212 | ---- | C] () -- C:\Users\Kathi\Documents\Scan0145.pdf
    [2012/12/02 12:07:13 | 000,001,958 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrustKeeper Agent Status.lnk
    [2012/11/29 22:13:01 | 002,213,678 | ---- | C] () -- C:\Users\Kathi\Documents\Scan0144.pdf
    [2012/11/29 20:59:08 | 003,800,587 | ---- | C] () -- C:\Users\Kathi\Documents\Scan0143.pdf
    [2012/11/29 20:55:35 | 004,816,175 | ---- | C] () -- C:\Users\Kathi\Documents\Scan0142.pdf
    [2012/11/28 00:05:14 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/11/27 23:19:15 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
    [2012/11/27 23:19:15 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
    [2012/11/27 23:19:15 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2012/11/27 23:19:15 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2012/11/27 23:19:15 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2012/11/27 22:28:48 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
    [2012/11/26 21:01:18 | 000,000,034 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxoverride.ini
    [2012/11/26 17:18:05 | 000,226,083 | ---- | C] () -- C:\Users\Kathi\Desktop\Auto Insurance.pdf
    [2012/11/23 13:16:24 | 000,251,271 | ---- | C] () -- C:\Users\Kathi\Desktop\Matthew Xmas.pdf
    [2012/11/23 13:15:59 | 000,246,731 | ---- | C] () -- C:\Users\Kathi\Documents\Scan0141.pdf
    [2012/11/23 13:14:04 | 000,458,368 | ---- | C] () -- C:\Users\Kathi\Desktop\Alexis Xmas List.pdf
    [2012/11/23 13:12:48 | 000,453,825 | ---- | C] () -- C:\Users\Kathi\Documents\Scan0140.pdf
    [2012/11/19 17:34:57 | 000,002,147 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
    [2012/08/11 10:15:38 | 006,885,376 | ---- | C] () -- C:\Users\Kathi\s-1-5-21-2635634824-2115636220-2321885851-1000.rrr
    [2012/07/04 21:55:42 | 000,870,128 | ---- | C] () -- C:\Users\Kathi\AppData\Roaming\mcs.rma
    [2012/06/15 21:25:50 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
    [2011/10/05 17:16:07 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
    [2011/05/22 19:27:27 | 000,001,854 | ---- | C] () -- C:\Users\Kathi\AppData\Roaming\GhostObjGAFix.xml
    [2011/03/21 18:56:22 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
    [2011/01/12 19:03:18 | 000,003,155 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
    [2010/12/28 16:35:54 | 000,000,114 | ---- | C] () -- C:\Users\Kathi\AppData\Roaming\sview.ini
    [2010/12/28 16:35:51 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\srfvdo.dat
    [2010/11/24 20:51:43 | 000,009,216 | ---- | C] () -- C:\Users\Kathi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

    ========== ZeroAccess Check ==========

    [2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 21:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 20:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:D1B5B4F1

    < End of report >
  10. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Let me know if apype.com problem disappears for Firefox after the following:

    OTL Fix

    Please run OTL
    • Under the Custom Scans/Fixes box at the bottom, copy and paste in the following:

    • Then click the Run Fix button at the top.
    • Note: The fix for OTL automatically hides your Desktop and Start menu so the fix can be completed. Do not be alerted, as this is normal.
    • Please do not exit the program. It might take a while to fix, but allow it to run. If it asks to reboot the computer, allow it to reboot. If the program freezes, and the computer fails to reboot - let me know.
      Lastly, post the contents of the log. (Located at C:\_OTL\Moved Files)
  11. KathiM

    KathiM TechSpot Member Topic Starter Posts: 30

    All processes killed
    ========== OTL ==========
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\PlayNC Launcher deleted successfully.
    Prefs.js: "Custom search" removed from browser.search.defaultenginename
    Prefs.js: "Custom search" removed from browser.search.selectedEngine
    Prefs.js: "" removed from browser.search.useDBForOrder
    Prefs.js: "http://apype.com" removed from browser.startup.homepage
    Prefs.js: "http://apype.com/results.php?q=" removed from keyword.URL
    64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
    C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll moved successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
    C:\Users\Kathi\AppData\Roaming\Mozilla\Firefox\Profiles\lad0jdno.default\extensions\{afe43e80-0abc-4df2-81a0-3fe44b74abe8}.xpi moved successfully.
    C:\Users\Kathi\AppData\Roaming\Mozilla\Firefox\Profiles\lad0jdno.default\searchplugins\search-the-web.xml moved successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
    Starting removal of ActiveX control {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
    Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\DownloadInformation\\INF .
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\ not found.
    C:\Program Files (x86)\Mozilla Firefoxoverride.ini moved successfully.
    ADS C:\ProgramData\Temp:D1B5B4F1 deleted successfully.
    ========== FILES ==========
    < ipconfig /flushdns /c >
    Windows IP Configuration
    Successfully flushed the DNS Resolver Cache.
    C:\Users\Kathi\Downloads\cmd.bat deleted successfully.
    C:\Users\Kathi\Downloads\cmd.txt deleted successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Kathi
    ->Temp folder emptied: 27394844 bytes
    ->Temporary Internet Files folder emptied: 18476848 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 100311207 bytes
    ->Google Chrome cache emptied: 0 bytes
    ->Flash cache emptied: 646 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 4807143 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 144.00 mb


    OTL by OldTimer - Version 3.2.69.0 log created on 12172012_175144

    Files\Folders moved on Reboot...
    C:\Users\Kathi\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...
     
  12. KathiM

    KathiM TechSpot Member Topic Starter Posts: 30

  13. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Remember SystemLook? Next script for it (stay with me, you're doing well!):

  14. KathiM

    KathiM TechSpot Member Topic Starter Posts: 30

    I'm more worried about you bailing on me! haha

    Scanning now will post b4 I go to work tomorrow
  15. KathiM

    KathiM TechSpot Member Topic Starter Posts: 30

    SystemLook 30.07.11 by jpshortstuff
    Log created at 22:54 on 18/12/2012 by Kathi
    Administrator - Elevation successful

    ========== filefind ==========

    Searching for "*apype*"
    No files found.

    Searching for "*starburn*"
    No files found.

    ========== folderfind ==========

    Searching for "*apype*"
    No folders found.

    Searching for "*starburn*"
    No folders found.

    ========== regfind ==========

    Searching for "apype"
    No data found.

    Searching for "starburn"
    No data found.

    -= EOF =-
  16. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    We're going to work with a new Firefox profile to see if the problem will disappear..here's the guided tutorial:

    • Open Start > Run, and enter the following exactly: %APPDATA%\Mozilla\Firefox\Profiles then press OK.
    • You will see an eight-character folder, which is your Firefox profile. (xxxxxxxx.default) (x=random character)
    • Right-click on that folder and select Copy. Then, go to My Documents and right-click and select Paste. (If we make an error, at least the data for your current Firefox profile will be backed up, so it can be safely restored.)
    • Go to Start > Run. Enter the following: firefox.exe -ProfileManager and then press OK.
    • To start the Create Profile Wizard, click Create Profile... in the Profile Manager.
    • Click Next and enter the name of the profile. Use a profile name that is descriptive, such as your personal name. This name is not exposed on the Internet.
    • You can also choose where to store the profile, which is useful if you plan on exporting your data and settings to another computer or setup in the future. To choose its storage location on your system, click Choose Folder....
    • Note: If you choose a custom location for the profile, store it in a new or clean folder. When you choose to remove the profile, all contents stored in the same folder are removed.
    • To create the new profile, click Finish.
    • The new profile is displayed in the Profile Manager.
    • Lastly. Choose the New Profile and click Start Firefox. If you do not want it to prompt you, then click Don't Ask at Startup.

    Please let me know if this worked or not.
  17. KathiM

    KathiM TechSpot Member Topic Starter Posts: 30

    Followed your directions to the letter - It popped up right to the starburn page...I even reset the home page under Tools/Options - tested it - closed Firefox - restarted and nope...still popped up on Startburn's page
  18. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    CCleaner Programs list

    NOTE: If you already have this installed, you don't have to reinstall it.

    Please download CCleaner Slim and save it to your Desktop - Alternate download link

    When the file has been saved, go to your Desktop and double-click on ccsetupxxx_slim.exe
    Follow the prompts to install the program.

    • Double-click the CCleaner shortcut on the desktop to start the program.
    • A prompt will ask you if you want CCleaner to do a check to see what cookies it needs to keep. Allow that operation.
    • When you get to the CCleaner interface, click the Tools button on the left, and you'll automatically load the Uninstall list.
    • For me to see a list of your current programs, please click Save to text file... in the bottom right corner. Choose Desktop, and hit the Save button.
    • Please post the contents of Install.txt located on your Desktop.
  19. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Were you able to get it generated?
  20. KathiM

    KathiM TechSpot Member Topic Starter Posts: 30

    Yep! Sry about the delay - Xmas stuff

    4Sync 4/4/2012
    Adobe AIR Adobe Systems Inc. 9/10/2010 1.5.3.9130
    Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 12/11/2012 6.00 MB 11.5.502.135
    Adobe Flash Player 11 Plugin Adobe Systems Incorporated 12/17/2012 6.00 MB 11.5.502.135
    Adobe Reader X (10.1.4) Adobe Systems Incorporated 8/18/2012 196 MB 10.1.4
    Adobe Shockwave Player 11.6 Adobe Systems, Inc. 7/30/2011 11.6.0.626
    Akamai NetSession Interface Akamai Technologies, Inc 6/18/2012
    Akamai NetSession Interface Service 11/1/2011
    AnyTime Organizer Individual Software, Inc 11/20/2010 11.1
    ATI Catalyst Install Manager ATI Technologies, Inc. 4/9/2011 22.4 MB 3.0.816.0
    Audials RapidSolution Software AG 2/6/2011 285 MB 8.0.38803.300
    Audials TV RapidSolution Software AG 2/6/2011 2.07 MB 1.3.10803.300
    AVS Audio Converter 7 Online Media Technologies Ltd. 4/2/2012
    AVS Update Manager 1.0 Online Media Technologies Ltd. 4/2/2012
    AVS4YOU Software Navigator 1.4 Online Media Technologies Ltd. 4/2/2012
    BlackBerry Desktop Software 5.0.1 Research In Motion Ltd. 1/26/2011 5.0.1.41
    BlackBerry Device Software Updater Research In Motion Ltd 9/26/2011 46.6 MB 6.0.1.37
    BlackBerry® Media Sync Research In Motion 1/26/2011 6.91 MB 3.0.0.39
    CCleaner Piriform 12/19/2012 3.26
    CinemaNow Media Manager CinemaNow, Inc. 9/10/2010 11.7 MB 1.9.1.105
    Content Transfer Sony Corporation 1/11/2012 15.7 MB 1.3.0.23190
    CyberLink DVD Suite Deluxe CyberLink Corp. 9/10/2010 36.5 MB 7.0.2823
    Disney Pirates of the Caribbean Online Walt Disney Internet Group 8/27/2011
    Disney Toontown Online Walt Disney Internet Group 8/27/2011
    DocMaster 4.4 DocMagic 11/23/2010 4.4
    DVD Menu Pack for HP MediaSmart Video Hewlett-Packard 9/10/2010 101 MB 4.1.4030
    ESET Smart Security ESET, spol. s r.o. 7/20/2012 83.9 MB 5.2.9.1
    Free YouTube to MP3 Converter version 3.9.40.602 DVDVideoSoft Limited. 6/4/2011 37.9 MB
    Gamers Unite! Snag Bar 12/10/2011
    GoforFiles http://www.goforfiles.com/ 9/19/2012 1.0.0
    Google Chrome Google Inc. 12/22/2012 23.0.1271.97
    Google Earth Google 11/20/2011 92.7 MB 6.1.0.5001
    Google Toolbar for Internet Explorer Google Inc. 9/20/2012 7.4.3230.2052
    Guild Wars 2 NCsoft Corporation, Ltd. 8/24/2012
    HP Advisor Hewlett-Packard 11/28/2010 54.5 MB 3.4.12850.3526
    HP Games WildTangent 6/29/2012 1.0.3.0
    HP MediaSmart CinemaNow 2.0 Hewlett-Packard 9/10/2010 96.6 MB 2.0
    HP MediaSmart DVD Hewlett-Packard 9/10/2010 98.9 MB 4.1.4229
    HP MediaSmart Music Hewlett-Packard 9/10/2010 73.1 MB 4.1.4301
    HP MediaSmart Photo Hewlett-Packard 9/10/2010 261 MB 4.1.4211
    HP MediaSmart SmartMenu Hewlett-Packard 9/10/2010 2.02 MB 3.1.1.12
    HP MediaSmart Video Hewlett-Packard 9/10/2010 302 MB 4.1.4214
    HP MediaSmart/TouchSmart Netflix Hewlett-Packard 9/10/2010 9.61 MB 1.0.3.0
    HP Odometer Hewlett-Packard 9/10/2010 48.0 KB 2.10.0000
    HP Officejet 6700 Basic Device Software Hewlett-Packard Co. 6/15/2012 180 MB 25.0.619.0
    HP Officejet 6700 Help Hewlett Packard 6/15/2012 18.4 MB 140.0.2.2
    HP Officejet 6700 Product Improvement Study Hewlett-Packard Co. 6/15/2012 8.28 MB 25.0.619.0
    HP Photo Creations HP 6/23/2012 40.0 MB 1.0.0.8812
    HP Setup Hewlett-Packard 9/10/2010 8.1.4186.3400
    HP Support Assistant Hewlett-Packard Company 11/19/2012 91.6 MB 7.0.39.15
    HP Support Information Hewlett-Packard 9/10/2010 156 KB 10.1.0002
    HP Update Hewlett-Packard 6/15/2012 3.98 MB 5.003.000.004
    HP Vision Hardware Diagnostics Hewlett-Packard 9/10/2010 11.2 MB 2.1.2.27173
    Hulu Desktop Hulu LLC 11/20/2010 0.9.13
    I.R.I.S. OCR HP 6/15/2012 68.9 MB 12.3.4.0
    Java(TM) 6 Update 34 Oracle 8/26/2012 95.6 MB 6.0.340
    Keyboard Designer MountFocus Information Systems Ltd. 12/18/2010 5.41 MB 3.2.0.74
    Kobo 9/10/2010
    LabelPrint CyberLink Corp. 9/10/2010 230 MB 2.5.2823
    LG Verizon United Drivers LG Electronics 11/20/2012 6.61 MB 2.7.1
    LightScribe System Software LightScribe 9/10/2010 24.5 MB 1.18.15.1
    Lineage II NCsoft 7/29/2012
    Malwarebytes Anti-Malware version 1.65.1.1000 Malwarebytes Corporation 11/28/2012 19.4 MB 1.65.1.1000
    Microsoft .NET Framework 4 Client Profile Microsoft Corporation 11/20/2010 38.8 MB 4.0.30319
    Microsoft Office Home and Student 2010 Microsoft Corporation 11/10/2011 14.0.6029.1000
    Microsoft Silverlight Microsoft Corporation 5/9/2012 180 MB 4.1.10329.0
    Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 11/20/2010 1.72 MB 3.1.0000
    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Corporation 12/1/2010 260 KB 8.0.50727.4053
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 12/1/2010 250 KB 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 6/15/2011 300 KB 8.0.59193
    Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 9/10/2010 708 KB 8.0.61000
    Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 Microsoft Corporation 5/11/2011 580 KB 8.0.51011
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Corporation 5/11/2011 790 KB 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 5/11/2011 598 KB 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Corporation 11/21/2010 1.70 MB 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 9/10/2010 788 KB 9.0.30729
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 9/10/2010 788 KB 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 6/16/2011 788 KB 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 2/25/2011 1.69 MB 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 9/10/2010 596 KB 9.0.30729
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 9/10/2010 596 KB 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 6/16/2011 600 KB 9.0.30729.6161
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 4/13/2011 15.0 MB 10.0.30319
    Movie Theme Pack for HP MediaSmart Video Hewlett-Packard 9/10/2010 429 MB 4.1.4030
    Mozilla Firefox 17.0.1 (x86 en-US) Mozilla 12/5/2012 41.6 MB 17.0.1
    Mozilla Maintenance Service Mozilla 12/5/2012 329 KB 17.0.1
    MSXML 4.0 SP2 (KB954430) Microsoft Corporation 11/20/2010 1.27 MB 4.20.9870.0
    MSXML 4.0 SP2 (KB973688) Microsoft Corporation 11/20/2010 1.33 MB 4.20.9876.0
    NCsoft Launcher NCsoft 7/29/2012 1.5.19002
    NVIDIA PhysX NVIDIA Corporation 6/30/2011 79.8 MB 9.10.0129
    NWZ-E340 WALKMAN Guide Sony Corporation 1/11/2012 388 KB 2.0.00.07010
    Pando Media Booster Pando Networks Inc. 7/29/2012 5.46 MB 2.6.0.8
    PaperPort 9.0 ScanSoft, Inc. 11/23/2010 73.1 MB 9.02.0815
    PDF Complete Special Edition PDF Complete, Inc 9/10/2010 3.5.111
    PhotoNow! CyberLink Corp. 9/10/2010 34.2 MB 1.1.6904
    PhotoScape 3/18/2011
    PictureMover Hewlett-Packard Company 9/10/2010 61.5 MB 3.5.0.28
    PixiePack Codec Pack None 2/6/2011 17.2 MB 1.1.1200.0
    PlayReady PC Runtime amd64 Microsoft Corporation 9/10/2010 2.05 MB 1.3.0
    Power2Go CyberLink Corp. 9/10/2010 169 MB 6.1.4022
    PowerDirector CyberLink Corp. 9/10/2010 854 MB 8.0.2906
    PressReader NewspaperDirect Inc. 9/10/2010 8.18 MB 5.10.621.0
    Realtek High Definition Audio Driver Realtek Semiconductor Corp. 9/10/2010 6.0.1.6132
    Registry Mechanic 10.0 PC Tools 1/24/2011 32.8 MB 10.0
    Rhapsody 7/4/2012
    RIFT Trion Worlds, Inc. 2/25/2011 33.1 MB 1.0.0
    Runes of Magic Frogster Interactive Pictures 11/21/2010 3.0.5.2262
    Runtime Keyboard MountFocus Information Systems Ltd. 9/16/2012 2.22 MB 3.2.0.87
    Star Wars: The Old Republic Electronic Arts, Inc. 1/29/2012 26.7 MB 1.00
    SwiftView Viewer 12/28/2010
    TrustKeeper Agent Trustwave 12/2/2012 10.8 MB 2.01.0000
    Tunebite RapidSolution Software AG 2/6/2011 192 MB 7.2.13700.0
    Unity Web Player Unity Technologies ApS 5/27/2011 12.0 MB
    Ventrilo Client Flagship Industries, Inc. 12/6/2010 5.57 MB 3.0.7
    WildTangent Games WildTangent 12/12/2012 1.0.4.0
    Windows Live Essentials Microsoft Corporation 6/19/2012 15.4.3555.0308
    Windows Live Sync Microsoft Corporation 11/20/2010 2.78 MB 14.0.8089.726
    WinRAR 4.01 (32-bit) win.rar GmbH 12/31/2011 4.01.0
    Wizard101 KingsIsle Entertainment, Inc. 8/20/2011 1.0.0
    World of Tanks v.0.7.0 Wargaming.net 12/16/2011
    Zinio Reader 4 Zinio LLC 9/10/2010 4.0.2811
    µTorrent 6/14/2012 3.1.3
  21. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Clear your Java Cache
    • Click on Start-> Control Panel (Classic View)-> Java (looks like a coffee cup)
      • On the General tab, under Temporary Internet Files, click the Settings button.
      • Next, click on the Delete Files button
      • There are two options in the window to clear the cache - Leave BOTH Checked
        • Applications and Applets
          Trace and Log Files
      • Click OK on Delete Temporary Files Window
        Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
      • Click OK to leave the Temporary Files Window
      • Click OK to leave the Java Control Panel.

    Java Update!

    Please download the newest version of Java from Java.com.

    Before installing: it is important to remove older versions of Java since it does not do so automatically and old versions still leave you vulnerable.
    Go to the Control Panel and enter Add or Remove Programs (Programs and Features in Vista/7).
    Search in the list for all previous installed versions of Java. (J2SE Runtime Environment). Please uninstall/remove each of them.

    Once old versions are gone, please install the newest version.

    Read more about Java exploit problems


    Also, remove the Gamers Unite Snag Bar from your Programs list please. Once done, post new Uninstall list. :)
  22. KathiM

    KathiM TechSpot Member Topic Starter Posts: 30

    4Sync 4/4/2012
    Adobe AIR Adobe Systems Inc. 9/10/2010 1.5.3.9130
    Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 12/11/2012 6.00 MB 11.5.502.135
    Adobe Flash Player 11 Plugin Adobe Systems Incorporated 12/17/2012 6.00 MB 11.5.502.135
    Adobe Reader X (10.1.4) Adobe Systems Incorporated 8/18/2012 196 MB 10.1.4
    Adobe Shockwave Player 11.6 Adobe Systems, Inc. 7/30/2011 11.6.0.626
    Akamai NetSession Interface Akamai Technologies, Inc 6/18/2012
    Akamai NetSession Interface Service 11/1/2011
    AnyTime Organizer Individual Software, Inc 11/20/2010 11.1
    ATI Catalyst Install Manager ATI Technologies, Inc. 4/9/2011 22.4 MB 3.0.816.0
    Audials RapidSolution Software AG 2/6/2011 285 MB 8.0.38803.300
    Audials TV RapidSolution Software AG 2/6/2011 2.07 MB 1.3.10803.300
    AVS Audio Converter 7 Online Media Technologies Ltd. 4/2/2012
    AVS Update Manager 1.0 Online Media Technologies Ltd. 4/2/2012
    AVS4YOU Software Navigator 1.4 Online Media Technologies Ltd. 4/2/2012
    BlackBerry Desktop Software 5.0.1 Research In Motion Ltd. 1/26/2011 5.0.1.41
    BlackBerry Device Software Updater Research In Motion Ltd 9/26/2011 46.6 MB 6.0.1.37
    BlackBerry® Media Sync Research In Motion 1/26/2011 6.91 MB 3.0.0.39
    CCleaner Piriform 12/19/2012 3.26
    CinemaNow Media Manager CinemaNow, Inc. 9/10/2010 11.7 MB 1.9.1.105
    Content Transfer Sony Corporation 1/11/2012 15.7 MB 1.3.0.23190
    CyberLink DVD Suite Deluxe CyberLink Corp. 9/10/2010 36.5 MB 7.0.2823
    Disney Pirates of the Caribbean Online Walt Disney Internet Group 8/27/2011
    Disney Toontown Online Walt Disney Internet Group 8/27/2011
    DocMaster 4.4 DocMagic 11/23/2010 4.4
    DVD Menu Pack for HP MediaSmart Video Hewlett-Packard 9/10/2010 101 MB 4.1.4030
    ESET Smart Security ESET, spol. s r.o. 7/20/2012 83.9 MB 5.2.9.1
    Free YouTube to MP3 Converter version 3.9.40.602 DVDVideoSoft Limited. 6/4/2011 37.9 MB
    GoforFiles http://www.goforfiles.com/ 9/19/2012 1.0.0
    Google Chrome Google Inc. 12/22/2012 23.0.1271.97
    Google Earth Google 11/20/2011 92.7 MB 6.1.0.5001
    Google Toolbar for Internet Explorer Google Inc. 9/20/2012 7.4.3230.2052
    Guild Wars 2 NCsoft Corporation, Ltd. 8/24/2012
    HP Advisor Hewlett-Packard 11/28/2010 54.5 MB 3.4.12850.3526
    HP Games WildTangent 6/29/2012 1.0.3.0
    HP MediaSmart CinemaNow 2.0 Hewlett-Packard 9/10/2010 96.6 MB 2.0
    HP MediaSmart DVD Hewlett-Packard 9/10/2010 98.9 MB 4.1.4229
    HP MediaSmart Music Hewlett-Packard 9/10/2010 73.1 MB 4.1.4301
    HP MediaSmart Photo Hewlett-Packard 9/10/2010 261 MB 4.1.4211
    HP MediaSmart SmartMenu Hewlett-Packard 9/10/2010 2.02 MB 3.1.1.12
    HP MediaSmart Video Hewlett-Packard 9/10/2010 302 MB 4.1.4214
    HP MediaSmart/TouchSmart Netflix Hewlett-Packard 9/10/2010 9.61 MB 1.0.3.0
    HP Odometer Hewlett-Packard 9/10/2010 48.0 KB 2.10.0000
    HP Officejet 6700 Basic Device Software Hewlett-Packard Co. 6/15/2012 180 MB 25.0.619.0
    HP Officejet 6700 Help Hewlett Packard 6/15/2012 18.4 MB 140.0.2.2
    HP Officejet 6700 Product Improvement Study Hewlett-Packard Co. 6/15/2012 8.28 MB 25.0.619.0
    HP Photo Creations HP 6/23/2012 40.0 MB 1.0.0.8812
    HP Setup Hewlett-Packard 9/10/2010 8.1.4186.3400
    HP Support Assistant Hewlett-Packard Company 11/19/2012 91.6 MB 7.0.39.15
    HP Support Information Hewlett-Packard 9/10/2010 156 KB 10.1.0002
    HP Update Hewlett-Packard 6/15/2012 3.98 MB 5.003.000.004
    HP Vision Hardware Diagnostics Hewlett-Packard 9/10/2010 11.2 MB 2.1.2.27173
    Hulu Desktop Hulu LLC 11/20/2010 0.9.13
    I.R.I.S. OCR HP 6/15/2012 68.9 MB 12.3.4.0
    Java 7 Update 10 Oracle 12/23/2012 128 MB 7.0.100
    Java(TM) 6 Update 34 Oracle 8/26/2012 95.6 MB 6.0.340
    Keyboard Designer MountFocus Information Systems Ltd. 12/18/2010 5.41 MB 3.2.0.74
    Kobo 9/10/2010
    LabelPrint CyberLink Corp. 9/10/2010 230 MB 2.5.2823
    LG Verizon United Drivers LG Electronics 11/20/2012 6.61 MB 2.7.1
    LightScribe System Software LightScribe 9/10/2010 24.5 MB 1.18.15.1
    Lineage II NCsoft 7/29/2012
    Malwarebytes Anti-Malware version 1.65.1.1000 Malwarebytes Corporation 11/28/2012 19.4 MB 1.65.1.1000
    Microsoft .NET Framework 4 Client Profile Microsoft Corporation 11/20/2010 38.8 MB 4.0.30319
    Microsoft Office Home and Student 2010 Microsoft Corporation 11/10/2011 14.0.6029.1000
    Microsoft Silverlight Microsoft Corporation 5/9/2012 180 MB 4.1.10329.0
    Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 11/20/2010 1.72 MB 3.1.0000
    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Corporation 12/1/2010 260 KB 8.0.50727.4053
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 12/1/2010 250 KB 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 6/15/2011 300 KB 8.0.59193
    Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 9/10/2010 708 KB 8.0.61000
    Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 Microsoft Corporation 5/11/2011 580 KB 8.0.51011
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Corporation 5/11/2011 790 KB 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 5/11/2011 598 KB 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Corporation 11/21/2010 1.70 MB 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 9/10/2010 788 KB 9.0.30729
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 9/10/2010 788 KB 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 6/16/2011 788 KB 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 2/25/2011 1.69 MB 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 9/10/2010 596 KB 9.0.30729
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 9/10/2010 596 KB 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 6/16/2011 600 KB 9.0.30729.6161
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 4/13/2011 15.0 MB 10.0.30319
    Movie Theme Pack for HP MediaSmart Video Hewlett-Packard 9/10/2010 429 MB 4.1.4030
    Mozilla Firefox 17.0.1 (x86 en-US) Mozilla 12/5/2012 41.6 MB 17.0.1
    Mozilla Maintenance Service Mozilla 12/5/2012 329 KB 17.0.1
    MSXML 4.0 SP2 (KB954430) Microsoft Corporation 11/20/2010 1.27 MB 4.20.9870.0
    MSXML 4.0 SP2 (KB973688) Microsoft Corporation 11/20/2010 1.33 MB 4.20.9876.0
    NCsoft Launcher NCsoft 7/29/2012 1.5.19002
    NVIDIA PhysX NVIDIA Corporation 6/30/2011 79.8 MB 9.10.0129
    NWZ-E340 WALKMAN Guide Sony Corporation 1/11/2012 388 KB 2.0.00.07010
    Pando Media Booster Pando Networks Inc. 7/29/2012 5.46 MB 2.6.0.8
    PaperPort 9.0 ScanSoft, Inc. 11/23/2010 73.1 MB 9.02.0815
    PDF Complete Special Edition PDF Complete, Inc 9/10/2010 3.5.111
    PhotoNow! CyberLink Corp. 9/10/2010 34.2 MB 1.1.6904
    PhotoScape 3/18/2011
    PictureMover Hewlett-Packard Company 9/10/2010 61.5 MB 3.5.0.28
    PixiePack Codec Pack None 2/6/2011 17.2 MB 1.1.1200.0
    PlayReady PC Runtime amd64 Microsoft Corporation 9/10/2010 2.05 MB 1.3.0
    Power2Go CyberLink Corp. 9/10/2010 169 MB 6.1.4022
    PowerDirector CyberLink Corp. 9/10/2010 854 MB 8.0.2906
    PressReader NewspaperDirect Inc. 9/10/2010 8.18 MB 5.10.621.0
    Realtek High Definition Audio Driver Realtek Semiconductor Corp. 9/10/2010 6.0.1.6132
    Registry Mechanic 10.0 PC Tools 1/24/2011 32.8 MB 10.0
    Rhapsody 7/4/2012
    RIFT Trion Worlds, Inc. 2/25/2011 33.1 MB 1.0.0
    Runes of Magic Frogster Interactive Pictures 11/21/2010 3.0.5.2262
    Runtime Keyboard MountFocus Information Systems Ltd. 9/16/2012 2.22 MB 3.2.0.87
    Star Wars: The Old Republic Electronic Arts, Inc. 1/29/2012 26.7 MB 1.00
    SwiftView Viewer 12/28/2010
    TrustKeeper Agent Trustwave 12/2/2012 10.8 MB 2.01.0000
    Tunebite RapidSolution Software AG 2/6/2011 192 MB 7.2.13700.0
    Unity Web Player Unity Technologies ApS 5/27/2011 12.0 MB
    Ventrilo Client Flagship Industries, Inc. 12/6/2010 5.57 MB 3.0.7
    WildTangent Games WildTangent 12/12/2012 1.0.4.0
    Windows Live Essentials Microsoft Corporation 6/19/2012 15.4.3555.0308
    Windows Live Sync Microsoft Corporation 11/20/2010 2.78 MB 14.0.8089.726
    WinRAR 4.01 (32-bit) win.rar GmbH 12/31/2011 4.01.0
    Wizard101 KingsIsle Entertainment, Inc. 8/20/2011 1.0.0
    World of Tanks v.0.7.0 Wargaming.net 12/16/2011
    Zinio Reader 4 Zinio LLC 9/10/2010 4.0.2811
    µTorrent 6/14/2012 3.1.3
  23. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Good. Check for Starburn please...
  24. KathiM

    KathiM TechSpot Member Topic Starter Posts: 30

    Please give me until the 29th...I'm out of town for the holidays! Merry Xmas!
    DragonMaster Jay likes this.
  25. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Okay. See you then.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.