Hi DragonMaster Jay -
Here it is:
OTL logfile created on: 1/22/2013 9:13:15 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Doug\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.97 Gb Total Physical Memory | 5.99 Gb Available Physical Memory | 75.19% Memory free
15.93 Gb Paging File | 13.68 Gb Available in Paging File | 85.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 686.69 Gb Total Space | 483.58 Gb Free Space | 70.42% Space Free | Partition Type: NTFS
Drive D: | 11.84 Gb Total Space | 2.13 Gb Free Space | 17.96% Space Free | Partition Type: NTFS
Drive J: | 298.01 Gb Total Space | 0.02 Gb Free Space | 0.01% Space Free | Partition Type: FAT32
Computer Name: HPQUAD | User Name: Doug | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/01/22 21:07:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Doug\Downloads\OTL.exe
PRC - [2013/01/08 17:47:17 | 000,699,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe
PRC - [2013/01/07 14:02:22 | 000,945,480 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe
PRC - [2012/12/17 19:50:28 | 016,328,976 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2012/12/13 14:26:20 | 003,290,896 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/11/15 21:47:26 | 000,255,992 | ---- | M] (Microsoft Corporation) -- C:\Users\Doug\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
PRC - [2012/10/30 18:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/10/30 18:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/09/15 15:57:38 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Users\Doug\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012/09/14 19:22:30 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2011/10/14 01:01:50 | 000,994,360 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psia.exe
PRC - [2011/10/14 01:01:48 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
PRC - [2009/12/01 19:49:52 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/10/20 13:50:34 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
========== Modules (No Company Name) ==========
MOD - [2013/01/21 14:31:29 | 000,571,392 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\pysqlite2._sqlite.pyd
MOD - [2013/01/21 14:31:29 | 000,096,256 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\win32api.pyd
MOD - [2013/01/21 14:31:29 | 000,086,016 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\_elementtree.pyd
MOD - [2013/01/21 14:31:29 | 000,040,448 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\_socket.pyd
MOD - [2013/01/21 14:31:29 | 000,023,040 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\win32ts.pyd
MOD - [2013/01/21 14:31:28 | 001,024,616 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\windows._cacheinvalidation.pyd
MOD - [2013/01/21 14:31:28 | 000,792,576 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\wx._gdi_.pyd
MOD - [2013/01/21 14:31:28 | 000,263,168 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\win32com.shell.shell.pyd
MOD - [2013/01/21 14:31:28 | 000,153,088 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\pyexpat.pyd
MOD - [2013/01/21 14:31:28 | 000,070,656 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\wx._html2.pyd
MOD - [2013/01/21 14:31:28 | 000,017,920 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\win32profile.pyd
MOD - [2013/01/21 14:31:28 | 000,011,776 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\win32crypt.pyd
MOD - [2013/01/21 14:31:27 | 000,731,136 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\wx._misc_.pyd
MOD - [2013/01/21 14:31:27 | 000,354,304 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\pythoncom26.dll
MOD - [2013/01/21 14:31:27 | 000,110,592 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\PyWinTypes26.dll
MOD - [2013/01/21 14:31:27 | 000,073,728 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\_ctypes.pyd
MOD - [2013/01/21 14:31:26 | 000,645,120 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\_ssl.pyd
MOD - [2013/01/21 14:31:26 | 000,110,592 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\win32security.pyd
MOD - [2013/01/21 14:31:26 | 000,022,528 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\win32pdh.pyd
MOD - [2013/01/21 14:31:25 | 001,169,408 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\wx._core_.pyd
MOD - [2013/01/21 14:31:25 | 000,036,352 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\win32process.pyd
MOD - [2013/01/21 14:31:24 | 000,807,424 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\wx._windows_.pyd
MOD - [2013/01/21 14:31:24 | 000,311,808 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\_hashlib.pyd
MOD - [2013/01/21 14:31:24 | 000,121,856 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\wx._wizard.pyd
MOD - [2013/01/21 14:31:24 | 000,111,104 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\win32file.pyd
MOD - [2013/01/21 14:31:23 | 000,039,424 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\win32inet.pyd
MOD - [2013/01/21 14:31:22 | 001,056,256 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\wx._controls_.pyd
MOD - [2013/01/21 14:31:21 | 000,585,728 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\unicodedata.pyd
MOD - [2013/01/21 14:31:21 | 000,017,920 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\win32event.pyd
MOD - [2013/01/21 14:31:21 | 000,011,776 | ---- | M] () -- C:\Users\Doug\AppData\Local\Temp\_MEI36562\select.pyd
MOD - [2009/12/01 19:49:50 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
========== Services (SafeList) ==========
SRV:
64bit: - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe -- (Update Server)
SRV:
64bit: - [2012/11/07 18:37:39 | 002,828,408 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:
64bit: - [2012/10/30 18:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:
64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2009/07/13 20:38:59 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CISVC.EXE -- (CISVC)
SRV - [2013/01/18 23:38:24 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/01/08 18:47:12 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/01/08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/01/07 14:02:22 | 000,945,480 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe -- (vToolbarUpdater14.0.1)
SRV - [2012/12/18 14:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/13 14:26:20 | 003,290,896 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/03/05 13:16:38 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/10/14 01:01:50 | 000,994,360 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2011/10/14 01:01:48 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011/03/09 17:02:56 | 000,331,648 | ---- | M] (FileOpen Systems Inc.) [Auto | Stopped] -- C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe -- (FileOpenManagerSvc)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/22 13:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
========== Driver Services (SafeList) ==========
DRV:
64bit: - [2013/01/07 14:02:22 | 000,037,720 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:
64bit: - [2012/10/30 18:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:
64bit: - [2012/10/30 18:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:
64bit: - [2012/10/30 18:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:
64bit: - [2012/10/30 18:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:
64bit: - [2012/10/30 18:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:
64bit: - [2012/10/15 11:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:
64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:
64bit: - [2012/07/28 01:15:28 | 000,057,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:
64bit: - [2012/06/20 08:42:44 | 003,678,720 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:
64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2011/09/01 14:29:14 | 000,078,928 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bdsandbox.sys -- (bdsandbox)
DRV:
64bit: - [2011/07/15 15:12:44 | 000,258,224 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avchv.sys -- (avchv)
DRV:
64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2010/10/16 05:28:42 | 010,619,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2010/09/01 03:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
DRV:
64bit: - [2009/12/30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:
64bit: - [2009/08/20 15:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:
64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2011/12/29 21:48:33 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
IE:
64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:
64bit: - HKLM\..\SearchScopes\{3ED1A161-7CD4-445F-B9A8-B8A40A008C45}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE:
64bit: - HKLM\..\SearchScopes\{CEC019A3-2714-47A9-8D78-0B71F2C46863}: "URL" =
http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{3ED1A161-7CD4-445F-B9A8-B8A40A008C45}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{CEC019A3-2714-47A9-8D78-0B71F2C46863}: "URL" =
http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.msn.com/?ocid=OIE9HP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BE D2 46 C8 E3 53 CA 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {6EAE3D8E-5EF4-4BD4-87EC-9505FB7C6E66}
IE - HKCU\..\SearchScopes\{6EAE3D8E-5EF4-4BD4-87EC-9505FB7C6E66}: "URL" =
http://www.bing.com/search?FORM=BDKTDF&PC=BDT3&q={searchTerms}&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaulturl: "
http://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "
https://www.google.com/"
FF - prefs.js..extensions.enabledAddons: amznUWL2%40amazon.com:1.10
FF - prefs.js..extensions.enabledAddons: del.icio.us%40askin.ws:1.2.0
FF - prefs.js..extensions.enabledAddons: %7B635abd67-4fe9-1b23-4f01-e679fa7484c1%7D:2.5.1.20121011034613
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20120926
FF - prefs.js..extensions.enabledAddons: %7Bd93e6838-8272-4382-a0fb-36a56db176c5%7D:1.5
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0037-ABCDEFFEDCBA%7D:6.0.37
FF - prefs.js..extensions.enabledAddons: %7B82AF8DCA-6DE9-405D-BD5E-43525BDAD38A%7D:6.5.0.11422
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..extensions.enabledItems:
amznUWL2@amazon.com:1.7
FF - prefs.js..extensions.enabledItems:
engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}:2.3.1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.4.5.20111209014555
FF - prefs.js..extensions.enabledItems: {88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.8.1.0
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20111107
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.99
FF - prefs.js..extensions.enabledItems:
FFToolbar@bitdefender.com:2.0
FF - prefs.js..extensions.enabledItems:
wrc@avast.com:6.0.1367
FF - prefs.js..keyword.URL: "
http://search.mywebsearch.com/myweb...008&p2=^ZX^xdm039^YY^us&si=radiopi&searchfor="
FF - user.js - File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Sun Microsystems, Inc.)
FF:
64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\
google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RadioRage_4j.com/Plugin: C:\Program Files (x86)\RadioRage_4j\bar\1.bin\NP4jStub.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Doug\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Doug\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Doug\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Doug\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2011/11/24 11:02:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/11/12 10:31:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4jffxtbr@RadioRage_4j.com: C:\Program Files (x86)\RadioRage_4j\bar\1.bin [2013/01/20 10:01:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/01/18 23:38:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/01/18 23:38:21 | 000,000,000 | ---D | M]
[2009/10/22 15:14:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Doug\AppData\Roaming\Mozilla\Extensions
[2013/01/20 10:23:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Doug\AppData\Roaming\Mozilla\Firefox\Profiles\7q0hgche.default\extensions
[2011/07/12 22:36:21 | 000,000,000 | ---D | M] (Delicious Bookmarks) -- C:\Users\Doug\AppData\Roaming\Mozilla\Firefox\Profiles\7q0hgche.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
[2012/10/14 11:09:04 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Doug\AppData\Roaming\Mozilla\Firefox\Profiles\7q0hgche.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/10/03 17:35:59 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Doug\AppData\Roaming\Mozilla\Firefox\Profiles\7q0hgche.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013/01/20 08:32:14 | 000,000,000 | ---D | M] (RadioRage) -- C:\Users\Doug\AppData\Roaming\Mozilla\Firefox\Profiles\7q0hgche.default\extensions\4jffxtbr@RadioRage_4j.com
[2012/09/19 16:44:19 | 000,243,287 | ---- | M] () (No name found) -- C:\Users\Doug\AppData\Roaming\Mozilla\Firefox\Profiles\7q0hgche.default\extensions\
amznUWL2@amazon.com.xpi
[2012/10/14 13:22:59 | 000,014,052 | ---- | M] () (No name found) -- C:\Users\Doug\AppData\Roaming\Mozilla\Firefox\Profiles\7q0hgche.default\extensions\
del.icio.us@askin.ws.xpi
[2012/10/14 13:22:59 | 000,038,787 | ---- | M] () (No name found) -- C:\Users\Doug\AppData\Roaming\Mozilla\Firefox\Profiles\7q0hgche.default\extensions\{d93e6838-8272-4382-a0fb-36a56db176c5}.xpi
[2009/10/23 08:47:06 | 000,002,171 | ---- | M] () -- C:\Users\Doug\AppData\Roaming\Mozilla\Firefox\Profiles\7q0hgche.default\searchplugins\bing.xml
[2013/01/18 23:38:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/01/18 23:38:19 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/01/18 23:38:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2012/11/12 10:31:53 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2013/01/18 23:38:25 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/06/22 21:23:55 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files (x86)\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2013/01/04 22:45:12 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/01/04 22:45:12 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - homepage:
http://www.bing.com/
CHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url =
http://www.bing.com/search?setmkt=en-US&q={searchTerms}
CHR - default_search_provider: suggest_url =
http://api.bing.com/osjson.aspx?query={searchTerms}&language={language}
CHR - homepage:
http://www.bing.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Doug\AppData\Local\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Doug\AppData\Local\Google\Chrome\Application\24.0.1312.52\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Doug\AppData\Local\Google\Chrome\Application\24.0.1312.52\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Doug\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Doug\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Doug\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Doug\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Users\Doug\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: avast! WebRep = C:\Users\Doug\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Gmail = C:\Users\Doug\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2011/11/20 03:01:31 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:
64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:
64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:
64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:
64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:
64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (RadioRage) - {78ba36c9-6036-482b-b48d-ecca6f964b84} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbar.dll File not found
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:
64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [SkyDrive] C:\Users\Doug\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:
64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}
http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E2AD852-4733-446D-8134-5F28B4CD57F2}: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E2AD852-4733-446D-8134-5F28B4CD57F2}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6B33D97-8497-4BC3-876D-4BBD2E8E8788}: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6B33D97-8497-4BC3-876D-4BBD2E8E8788}: NameServer = 8.26.56.26,156.154.70.22
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:
64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:
64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:
64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/11/19 00:34:56 | 000,000,032 | ---- | M] () - J:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/01/21 21:52:20 | 000,000,000 | ---D | C] -- C:\Users\Doug\Desktop\RK_Quarantine
[2013/01/21 14:31:13 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/01/21 14:12:00 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013/01/21 14:11:12 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/01/21 14:11:00 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2013/01/20 11:45:23 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/01/20 11:44:53 | 000,000,000 | ---D | C] -- C:\JRT
[2013/01/20 08:32:21 | 000,000,000 | ---D | C] -- C:\Users\Doug\AppData\Local\RadioRage_4j
[2013/01/20 08:32:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RadioRage_4j
[2013/01/18 23:38:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/01/14 18:06:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/01/14 18:06:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/01/07 19:32:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012/12/28 07:39:27 | 000,000,000 | ---D | C] -- C:\Users\Doug\AppData\Local\Programs
[2012/12/24 14:19:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2012/12/24 14:17:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/12/24 14:16:47 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/12/24 14:16:46 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/12/24 14:16:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/12/24 14:16:46 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
========== Files - Modified Within 30 Days ==========
[2013/01/22 21:02:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4032159327-3157157313-2726375902-1000UA.job
[2013/01/22 20:47:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/22 20:27:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/22 20:27:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/22 17:02:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4032159327-3157157313-2726375902-1000Core.job
[2013/01/22 14:23:19 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDoug.job
[2013/01/22 04:34:08 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/22 04:34:08 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/21 14:29:55 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job
[2013/01/21 14:29:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/21 14:29:35 | 2120,097,791 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/21 14:12:00 | 000,000,331 | ---- | M] () -- C:\Start_.cmd
[2013/01/19 20:35:37 | 000,002,082 | ---- | M] () -- C:\Users\Doug\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/01/10 03:29:12 | 000,372,624 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/01/07 14:02:22 | 000,037,720 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
========== Files Created - No Company Name ==========
[2013/01/21 14:12:00 | 000,000,331 | ---- | C] () -- C:\Start_.cmd
[2013/01/07 14:02:39 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job
[2012/06/20 15:26:04 | 000,060,304 | ---- | C] () -- C:\Users\Doug\g2mdlhlpx.exe
[2012/04/03 22:08:14 | 000,000,025 | ---- | C] () -- C:\Users\Doug\dougscan.bat
[2012/03/11 12:29:10 | 000,001,459 | ---- | C] () -- C:\Users\Doug\gsview64.ini
[2012/01/01 21:48:43 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/01/01 21:48:43 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/11/20 02:54:12 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/11/20 02:54:12 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/11/20 02:54:12 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/11/20 02:54:12 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/11/20 02:54:12 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/11/19 19:22:59 | 000,000,000 | ---- | C] () -- C:\Users\Doug\AppData\Local\{1F27879C-3BF5-4336-BA6A-00D39B8B3F6B}
[2011/11/17 10:58:42 | 000,164,104 | ---- | C] () -- C:\Users\Doug\AppData\Local\census.cache
[2011/11/17 10:58:39 | 000,114,525 | ---- | C] () -- C:\Users\Doug\AppData\Local\ars.cache
[2011/11/17 10:54:37 | 000,000,036 | ---- | C] () -- C:\Users\Doug\AppData\Local\housecall.guid.cache
[2011/10/26 17:14:44 | 000,027,689 | ---- | C] () -- C:\ProgramData\1319667278.bdinstall.bin
[2011/10/26 17:12:57 | 000,027,689 | ---- | C] () -- C:\ProgramData\1319667172.bdinstall.bin
[2011/10/26 17:05:46 | 000,007,606 | ---- | C] () -- C:\Users\Doug\AppData\Local\Resmon.ResmonCfg
[2011/10/26 16:39:39 | 000,148,729 | ---- | C] () -- C:\ProgramData\1319665086.bdinstall.bin
[2011/10/26 16:38:06 | 000,023,975 | ---- | C] () -- C:\ProgramData\1319665085.bdinstall.bin
[2011/10/26 10:11:30 | 000,027,689 | ---- | C] () -- C:\ProgramData\1319641883.bdinstall.bin
[2011/10/25 22:15:21 | 000,204,091 | ---- | C] () -- C:\ProgramData\1319598661.bdinstall.bin
[2011/10/25 22:02:56 | 000,166,240 | ---- | C] () -- C:\ProgramData\1319598111.bdinstall.bin
[2011/10/25 21:58:07 | 000,094,087 | ---- | C] () -- C:\ProgramData\1319597729.bdinstall.bin
[2011/10/25 21:30:35 | 000,214,848 | ---- | C] () -- C:\ProgramData\1319595922.bdinstall.bin
[2011/10/25 21:18:41 | 000,095,205 | ---- | C] () -- C:\ProgramData\1319595405.bdinstall.bin
[2011/10/22 18:51:50 | 000,190,222 | ---- | C] () -- C:\ProgramData\1319327154.bdinstall.bin
[2011/06/08 11:29:06 | 000,704,793 | ---- | C] () -- C:\Windows\unins000.exe
[2011/06/08 11:29:06 | 000,003,668 | ---- | C] () -- C:\Windows\unins000.dat
[2010/06/09 18:16:03 | 000,835,732 | ---- | C] () -- C:\Users\Doug\AppData\Roaming\DouglasWRoberts.zip
[2010/02/25 23:14:26 | 000,000,025 | ---- | C] () -- C:\Users\Doug\AppData\Roaming\bdfvconp.ini
[2009/10/23 06:31:04 | 000,000,272 | ---- | C] () -- C:\Users\Doug\AppData\Roaming\wklnhst.dat
[2009/10/22 13:59:54 | 001,835,008 | ---- | C] () -- C:\Users\Doug\NTUSER.bak
========== ZeroAccess Check ==========
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2011/10/26 17:38:25 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\BitDefender
[2013/01/14 18:22:49 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\BitTorrent
[2011/03/30 11:22:13 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\FileOpen
[2010/07/12 00:38:21 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\Foxit Software
[2009/12/22 13:13:12 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\IObit
[2009/10/22 21:12:39 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\OEC
[2011/11/13 01:45:08 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\Opera
[2012/11/10 21:27:05 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\PC Health Doc PDF Reader
[2012/10/22 20:43:06 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\PeaZip
[2009/10/22 15:07:39 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\PictureMover
[2011/10/25 09:13:33 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\QuickScan
[2010/08/06 18:50:38 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\Registry Mechanic
[2011/01/12 16:49:25 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\Stellarium
[2009/10/23 06:31:04 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\Template
[2010/11/13 11:50:26 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\WildTangent
[2009/11/13 15:09:54 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\WinBatch
[2011/01/29 14:56:49 | 000,000,000 | ---D | M] -- C:\Users\Doug\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
< End of report >
