Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot remove SafeSearch


  • This topic is locked This topic is locked
34 replies to this topic

#1 VicMJ

VicMJ

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Massachusetts, United States
  • Local time:02:43 AM

Posted 14 July 2014 - 08:08 PM

SafeSearch toolbar page opens when I start my Browser, IE or FireFox, in its first window or if there is already a different window selected when the Browser starts it will open SafeSearch in a new tab.  If I have a SafeSearch window already as a tab selection when the Browser starts it will open a new tab with an AVG toolbar.  I got this problem from downloading and installing a Vib application from some website.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17207  BrowserJavaVersion: 10.60.2
Run by VIctor Morano at 15:14:45 on 2014-07-14
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.8183.4494 [GMT -4:00]
.
AV: Norton 360 Premier Edition *Enabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
SP: Norton 360 Premier Edition *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 Premier Edition *Enabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\atieclxx.exe
C:\Program Files\HitmanPro\hmpsched.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files (x86)\IVT Corporation\BlueSoleil cPhone\cPhoneSDKCS.exe
C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe
C:\windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
C:\Program Files (x86)\PasswordBox\pbbtnService.exe
C:\Program Files (x86)\Nuance\PDF Professional 8\PDFProFiltSrv.exe
C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
C:\windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe
C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
C:\OEM\USBDECTION\USBS3S4Detection.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k HPService
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\WUDFHost.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\NetWorx\networx.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\PrinterShare\paConsole.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\windows\splwow64.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files (x86)\Palm\Hotsync.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Hewlett-Packard\Marketsplash by HP\HPLocalWebPrintAgent.exe
C:\Program Files (x86)\Common Files\MySoftware\Newsflsh.exe
C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe
C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe
C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\Nova Development\Office Printing Essentials\ReminderApp.exe
C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Nova Development\Greeting Card Factory Deluxe 9.0\ReminderApp.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\TechSmith\Snagit 11\TSCHelp.exe
C:\Program Files (x86)\Nuance\PDF Professional 8\PdfPro8Hook.exe
C:\Program Files (x86)\ShopSafe\ShopSafe.exe
C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Security Task Manager\SpyProtector.exe
C:\Windows\SysWOW64\obroker.exe
C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe
C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
C:\windows\sysWOW64\wbem\wmiprvse.exe
C:\Program Files (x86)\TechSmith\Snagit 11\snagiteditor.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\windows\sysWOW64\wbem\wmiprvse.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\windows\system32\Macromed\Flash\FlashUtil64_14_0_0_145_ActiveX.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\taskeng.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://xfinity.comcast.net/
uSearch Bar = Preserve
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit = userinit.exe,
BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll
BHO: ShopSafeBrowserHelper Class: {333F6B96-3992-4D58-A499-145A10FE48C3} - C:\Program Files (x86)\ShopSafe\BhoSSafe.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Professional 8\bin\PlusIEContextMenu.dll
BHO: PasswordBox Helper: {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\ips\ipsbho.dll
BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Simple: {886bf106-6ebf-4ef4-8676-6663caabbda4} -
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Nuance PDF Toolbar Helper: {940361F8-7F16-4498-AB43-2EFFE0235AFA} - C:\Program Files (x86)\Nuance\Power PDF\bin\SZeonIEFavClient.dll
BHO: PlusIEEventHelper Class: {9D137966-2E29-45C5-9B12-29D5427F8F66} - C:\Program Files (x86)\Nuance\Power PDF\bin\PlusIEContextMenu.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Gaaiho PDF Conversion Toolbar Helper: {C7DA0384-42AA-428c-B832-88AC343DE1A8} - C:\Program Files (x86)\Nuance\PDF Professional 8\bin\GZeonIEFavClient.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: &RoboForm Toolbar: {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: 2nd &Speech Center: {CFE40ED8-564E-4693-A9D9-80DB70C8E460} - C:\Program Files (x86)\2nd Speech Center\tts4ie.dll
TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll
TB: Nuance PDF: {BCCE15AE-AC7E-4bc9-94AF-2A714A412BCB} - C:\Program Files (x86)\Nuance\PDF Professional 8\bin\GZeonIEFavClient.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coieplg.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
TB: Nuance PDF: {BED78D9C-A025-4FE9-B3BA-27E6D376A3D5} - C:\Program Files (x86)\Nuance\Power PDF\bin\SZeonIEFavClient.dll
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [2ndSpeechCenter] C:\Program Files (x86)\2nd Speech Center\iisc.exe
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [BingWallpaperDownloader] <no file>
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [OOTag] C:\Program Files (x86)\Gateway\OOBEOffer\OOTag.exe
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
mRun: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
mRun: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [OmniPage Preload] C:\Program Files (x86)\Nuance\OmniPage18\OmniPage18.exe /preload
mRun: [Nuance OmniPage 18-reminder] "C:\Program Files (x86)\Nuance\OmniPage18\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\OmniPage 18\Ereg\Ereg.ini"
mRun: [AddressBookReminderApp] C:\Program Files (x86)\Nova Development\Office Printing Essentials\ReminderApp.exe
mRun: [PowerPanel Personal Edition User Interaction] C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [ReminderApp] C:\Program Files (x86)\Nova Development\Greeting Card Factory Deluxe 9.0\ReminderApp.exe
mRun: [NBAgent] "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
mRun: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
mRun: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
mRun: [UpdReg] C:\windows\UpdReg.EXE
mRun: [PDF8 Registry Controller] "C:\Program Files (x86)\Nuance\PDF Professional 8\RegistryController.exe"
mRun: [PDFProHook] "C:\Program Files (x86)\Nuance\PDF Professional 8\pdfpro8hook.exe"
mRun: [Nuance PDF Converter Professional 8-reminder] "C:\Program Files (x86)\Nuance\PDF Professional 8\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Converter Professional 8\Ereg\Ereg.ini"
mRun: [ShopSafe] C:\PROGRA~2\ShopSafe\ShopSafe.exe  /dontopenmycards
mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
mRun: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
mRun: [PPort14reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\14\Config\Ereg\Ereg.ini"
mRun: [Spy Protector] C:\Program Files (x86)\Security Task Manager\SpyProtector.exe /autostart
mRun: [BtTray] "C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe"
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [PowerPDF Registry Controller] "C:\Program Files (x86)\Nuance\Power PDF\RegistryController.exe"
mRun: [Nuance Power PDF Advanced-reminder] "C:\Program Files (x86)\Nuance\Power PDF\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\Power PDF Advanced\Ereg\Ereg.ini"
mRun: [PowerPDFInboxMonitor] "C:\Program Files (x86)\Nuance\Power PDF\InboxMonitor.exe" /run
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
dRun: [CtxfiReg] CTXFIREG.exe /FAIL1
StartupFolder: C:\Users\VICTOR~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\YAHOO!~1.LNK - C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HOTSYN~1.LNK - C:\Program Files (x86)\Palm\Hotsync.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MARKET~1.LNK - C:\Program Files (x86)\Hewlett-Packard\Marketsplash by HP\HPLocalWebPrintAgent.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NEWSFL~1.LNK - C:\Program Files (x86)\Common Files\MySoftware\Newsflsh.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAGIT~1.LNK - C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Windows\System: UseOEMBackground = dword:1
IE: Open with Convert Assistant - C:\Program Files (x86)\Nuance\Power PDF\cnvres_eng.dll /100
IE: Open with Nuance PDF Converter 8 - C:\Program Files (x86)\Nuance\PDF Professional 8\cnvres_eng.dll /100
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {B30C9F17-BF16-481e-BAEA-44A86128E1B4} - C:\Program Files (x86)\FreeYouTubeToMP3TURBOConverter\ytmRunner.html
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{2D1A563E-734A-4C4F-862A-4324FBD04B23} : DHCPNameServer = 192.168.1.1
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages =  scecli IVTCredentialProvider
x64-BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coieplg.dll
x64-BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll
x64-TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll
x64-TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-TB: &NetWorx Desk Band: {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - C:\Program Files\NetWorx\deskband.dll
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coieplg.dll
x64-TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
x64-Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
x64-Run: [OOTag] C:\Program Files (x86)\Gateway\OOBEOffer\ootag.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [NetWorx] "C:\Program Files\NetWorx\networx.exe" /auto
x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1    www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\
FF - prefs.js: browser.startup.homepage - hxxp://xfinity.comcast.net/
FF - prefs.js: keyword.URL -
FF - plugin: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\npBrowserPlugin.dll
FF - plugin: C:\PROGRA~2\Palm\PACKAG~1\NPInstal.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nuance\PDF Reader\Bin\nppdf.dll
FF - plugin: C:\Program Files (x86)\Nuance\Power PDF\bin\nppdf.dll
FF - plugin: C:\Program Files (x86)\Nuance\Power PDF\Bin\nppdf.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\VIctor Morano\AppData\Local\DIRECTV Player\npPlayerPlugin.dll
FF - plugin: C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\plugins\npietab2.dll
FF - plugin: C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\plugins\npietab2_x64.dll
FF - plugin: C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\extensions\coralietab@mozdev.org\plugins\npCoralIETab.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
.
============= SERVICES / DRIVERS ===============
.
R0 NBVol;Nero Backup Volume Filter Driver;C:\windows\System32\drivers\NBVol.sys [2012-5-11 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\windows\System32\drivers\NBVolUp.sys [2012-5-11 15920]
R0 PxHlpa64;PxHlpa64;C:\windows\System32\drivers\PxHlpa64.sys [2011-5-30 55856]
R0 SymDS;Symantec Data Store;C:\windows\System32\drivers\N360x64\1504000.00D\symds64.sys [2014-7-13 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\windows\System32\drivers\N360x64\1504000.00D\symefa64.sys [2014-7-13 1148120]
R1 avgtp;avgtp;C:\windows\System32\drivers\avgtpx64.sys [2013-9-22 50464]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140703.001\BHDrvx64.sys [2014-7-9 1530160]
R1 ccSet_N360;N360 Settings Manager;C:\windows\System32\drivers\N360x64\1504000.00D\ccsetx64.sys [2014-7-13 162392]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140711.001\IDSviA64.sys [2014-7-11 525016]
R1 networx;networx;C:\windows\System32\drivers\networx.sys [2012-12-19 59384]
R1 PSSDK42;PSSDK42;C:\windows\System32\drivers\pssdk42.sys [2012-6-20 53312]
R1 PSSDKLBF;PSSDKLBF;C:\windows\System32\drivers\pssdklbf.sys [2012-6-20 65600]
R1 SymIRON;Symantec Iron Driver;C:\windows\System32\drivers\N360x64\1504000.00D\ironx64.sys [2014-7-13 264280]
R1 SymNetS;Symantec Network Security WFP Driver;C:\windows\System32\drivers\N360x64\1504000.00D\symnets.sys [2014-7-13 593112]
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-9-30 169408]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2010-4-21 203776]
R2 BingDesktopUpdate;Bing Desktop Update service;C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2014-6-3 173792]
R2 BsMobileCS;BsMobileCS;C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe [2013-9-22 273656]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-4-11 1390720]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-4-11 1764992]
R2 cPhoneSDKCS;cPhoneSDKCS;C:\Program Files (x86)\IVT Corporation\BlueSoleil cPhone\cPhoneSDKCS.exe [2013-1-25 262259]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe [2009-8-28 1150496]
R2 GsServer;GoodSync Server;C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe [2012-10-7 5546712]
R2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe [2014-7-9 127752]
R2 mbamchameleon;mbamchameleon;C:\windows\System32\drivers\mbamchameleon.sys [2014-4-11 91352]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-4-11 1809720]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-4-11 860472]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\n360.exe [2014-7-13 265040]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-11-17 255744]
R2 PasswordBox;PasswordBox;C:\Program Files (x86)\PasswordBox\pbbtnService.exe [2014-5-14 67584]
R2 PDFProFiltSrv;PDFProFiltSrv;C:\Program Files (x86)\Nuance\PDF Professional 8\PDFProFiltSrv.exe [2012-10-23 135056]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP;C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2011-9-21 138600]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-5-20 1153368]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service;C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [2014-5-30 728328]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2010-4-21 243232]
R2 USBS3S4Detection;USBS3S4Detection;C:\OEM\USBDECTION\USBS3S4Detection.exe [2009-12-13 76320]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE [2014-3-11 247968]
R3 BTCOM;Bluetooth Serial port driver;C:\windows\System32\drivers\btcomport.sys [2011-7-27 29576]
R3 BtHidBus;BtHidBus;C:\windows\System32\drivers\BtHidBus.sys [2013-5-20 23904]
R3 CT20XUT.SYS;CT20XUT.SYS;C:\windows\System32\drivers\CT20XUT.sys [2014-2-28 232728]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\windows\System32\drivers\CTEXFIFX.sys [2014-2-28 1448216]
R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\windows\System32\drivers\CTHWIUT.sys [2014-2-28 97560]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-6-11 142128]
R3 ha20x22k;Creative 20X2 HAL Driver;C:\windows\System32\drivers\ha20x22k.sys [2014-2-28 1617176]
R3 IvtAudioBusSrv;IvtAudioBusSrv;C:\windows\System32\drivers\IvtBtBus.sys [2012-12-24 27256]
R3 IvtComBusSrv;IvtComBusSrv;C:\windows\System32\drivers\btcombus.sys [2013-4-26 25568]
R3 IvtPanBusSrv;IvtPanBusSrv;C:\windows\System32\drivers\btnetBus.sys [2012-12-24 31480]
R3 LVRS64;Logitech RightSound Filter Driver;C:\windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
R3 LVUVC64;Logitech QuickCam Pro 9000(UVC);C:\windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2011-5-20 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\windows\System32\drivers\MBAMSwissArmy.sys [2014-4-11 122584]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\windows\System32\drivers\mwac.sys [2014-4-11 63704]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2010-4-21 346144]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE [2014-3-11 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AceecaUSBDx64;AceecaUSBDx64;C:\windows\System32\drivers\AceecaUSBDx64.sys [2011-4-5 66552]
S3 BTCOMBUS;Bluetooth Serial Port Bus Service;C:\windows\System32\drivers\btcombus.sys [2013-4-26 25568]
S3 btnetBUs;Bluetooth PAN Bus Service;C:\windows\System32\drivers\btnetBus.sys [2012-12-24 31480]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-1-25 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-1-25 79360]
S3 Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [2011-5-23 79360]
S3 CT20XUT;CT20XUT;C:\windows\System32\drivers\CT20XUT.sys [2014-2-28 232728]
S3 CTEXFIFX;CTEXFIFX;C:\windows\System32\drivers\CTEXFIFX.sys [2014-2-28 1448216]
S3 CTHWIUT;CTHWIUT;C:\windows\System32\drivers\CTHWIUT.sys [2014-2-28 97560]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-7-8 111616]
S3 IvtBtBUs;IVT Bluetooth Bus Service;C:\windows\System32\drivers\IvtBtBus.sys [2012-12-24 27256]
S3 MBfilt;MBfilt;C:\windows\System32\drivers\MBfilt64.sys [2011-1-25 32344]
S3 OV550I;OVT Scanner;C:\windows\System32\drivers\ov550ivx.sys [2008-2-22 196992]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2012-10-26 19456]
S3 Revoflt;Revoflt;C:\windows\System32\drivers\revoflt.sys [2012-6-20 31800]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;C:\Program Files\SiSoftware\SiSoftware Sandra Personal 2014.RTM\RpcAgentSrv.exe [2013-12-7 72344]
S3 StorSvc;Storage Service;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2013-11-13 56832]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-5-19 1255736]
.
=============== Created Last 30 ================
.
2014-07-13 22:41:00    875736    ----a-w-    C:\windows\System32\drivers\N360x64\1504000.00D\srtsp64.sys
2014-07-13 22:41:00    593112    ----a-w-    C:\windows\System32\drivers\N360x64\1504000.00D\symnets.sys
2014-07-13 22:41:00    493656    ----a-r-    C:\windows\System32\drivers\N360x64\1504000.00D\symds64.sys
2014-07-13 22:41:00    36952    ----a-r-    C:\windows\System32\drivers\N360x64\1504000.00D\srtspx64.sys
2014-07-13 22:41:00    264280    ----a-r-    C:\windows\System32\drivers\N360x64\1504000.00D\ironx64.sys
2014-07-13 22:41:00    23568    ----a-r-    C:\windows\System32\drivers\N360x64\1504000.00D\symelam.sys
2014-07-13 22:41:00    162392    ----a-r-    C:\windows\System32\drivers\N360x64\1504000.00D\ccsetx64.sys
2014-07-13 22:41:00    1148120    ----a-w-    C:\windows\System32\drivers\N360x64\1504000.00D\symefa64.sys
2014-07-13 22:40:51    --------    d-----w-    C:\windows\System32\drivers\N360x64\1504000.00D
2014-07-12 14:18:29    98216    ----a-w-    C:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-12 08:04:54    --------    d-----w-    C:\windows\ERUNT
2014-07-12 01:43:45    --------    d-----w-    C:\AdwCleaner
2014-07-11 00:32:10    --------    d-----w-    C:\Program Files\Speccy
2014-07-10 01:48:39    --------    d-----w-    C:\Program Files\HitmanPro
2014-07-10 01:47:08    --------    d-----w-    C:\ProgramData\HitmanPro
2014-07-09 01:25:01    423936    ----a-w-    C:\windows\System32\hpbprtmon.dll
2014-07-09 01:25:01    413184    ----a-w-    C:\windows\System32\hpbrprtmon.dll
2014-07-09 01:25:01    231424    ----a-w-    C:\windows\System32\hpbprtmonui.dll
2014-07-09 01:23:12    --------    d-----w-    C:\HP_ePrint
2014-07-09 01:02:52    741480    ------w-    C:\windows\System32\HPDiscoPM5312.dll
2014-07-06 02:00:39    --------    d-----w-    C:\Program Files (x86)\Simple
2014-07-06 02:00:27    --------    d-----w-    C:\Users\VIctor Morano\AppData\Local\NSManager
2014-07-06 02:00:25    --------    d-----w-    C:\ProgramData\Npackd
2014-07-06 01:59:02    --------    d-----w-    C:\Users\VIctor Morano\AppData\Local\Fast Browser
2014-07-05 01:12:59    --------    d-----w-    C:\Users\VIctor Morano\AppData\Local\Avanquest North America
2014-07-05 01:11:42    --------    d-----w-    C:\Users\VIctor Morano\AppData\Local\Photo Explosion
2014-07-05 01:10:50    --------    d-----w-    C:\Program Files (x86)\Microsoft Synchronization Services
2014-06-19 23:11:40    --------    d-----w-    C:\Program Files (x86)\Linksys
2014-06-19 22:11:12    --------    d-----w-    C:\Users\VIctor Morano\AppData\Local\Adobe
.
==================== Find3M  ====================
.
2014-07-14 18:46:56    122584    ----a-w-    C:\windows\System32\drivers\MBAMSwissArmy.sys
2014-07-09 19:14:16    71344    ----a-w-    C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 19:14:16    699056    ----a-w-    C:\windows\SysWow64\FlashPlayerApp.exe
2014-06-30 02:09:33    519168    ----a-w-    C:\windows\System32\aepdu.dll
2014-06-30 02:04:49    424448    ----a-w-    C:\windows\System32\aeinv.dll
2014-06-19 01:06:55    2724864    ----a-w-    C:\windows\System32\mshtml.tlb
2014-06-19 01:06:24    4096    ----a-w-    C:\windows\System32\ieetwcollectorres.dll
2014-06-19 00:42:57    548352    ----a-w-    C:\windows\System32\vbscript.dll
2014-06-19 00:42:49    66048    ----a-w-    C:\windows\System32\iesetup.dll
2014-06-19 00:41:52    48640    ----a-w-    C:\windows\System32\ieetwproxystub.dll
2014-06-19 00:41:16    83968    ----a-w-    C:\windows\System32\MshtmlDac.dll
2014-06-19 00:24:30    139264    ----a-w-    C:\windows\System32\ieUnatt.exe
2014-06-19 00:24:12    111616    ----a-w-    C:\windows\System32\ieetwcollector.exe
2014-06-19 00:23:53    752640    ----a-w-    C:\windows\System32\jscript9diag.dll
2014-06-19 00:14:28    940032    ----a-w-    C:\windows\System32\MsSpellCheckingFacility.exe
2014-06-18 23:59:04    38400    ----a-w-    C:\windows\System32\JavaScriptCollectionAgent.dll
2014-06-18 23:56:37    2724864    ----a-w-    C:\windows\SysWow64\mshtml.tlb
2014-06-18 23:51:38    5721088    ----a-w-    C:\windows\System32\jscript9.dll
2014-06-18 23:38:40    455168    ----a-w-    C:\windows\SysWow64\vbscript.dll
2014-06-18 23:37:23    61952    ----a-w-    C:\windows\SysWow64\iesetup.dll
2014-06-18 23:36:35    51200    ----a-w-    C:\windows\SysWow64\ieetwproxystub.dll
2014-06-18 23:35:55    62464    ----a-w-    C:\windows\SysWow64\MshtmlDac.dll
2014-06-18 23:27:45    1249280    ----a-w-    C:\windows\System32\mshtmlmedia.dll
2014-06-18 23:27:07    2040832    ----a-w-    C:\windows\System32\inetcpl.cpl
2014-06-18 23:23:27    112128    ----a-w-    C:\windows\SysWow64\ieUnatt.exe
2014-06-18 23:22:40    592896    ----a-w-    C:\windows\SysWow64\jscript9diag.dll
2014-06-18 23:06:10    32256    ----a-w-    C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-06-18 22:58:27    2266112    ----a-w-    C:\windows\System32\wininet.dll
2014-06-18 22:52:18    4254720    ----a-w-    C:\windows\SysWow64\jscript9.dll
2014-06-18 22:46:23    1068032    ----a-w-    C:\windows\SysWow64\mshtmlmedia.dll
2014-06-18 22:45:59    1964544    ----a-w-    C:\windows\SysWow64\inetcpl.cpl
2014-06-18 22:13:59    1791488    ----a-w-    C:\windows\SysWow64\wininet.dll
2014-06-18 02:18:30    692736    ----a-w-    C:\windows\System32\osk.exe
2014-06-18 01:51:32    646144    ----a-w-    C:\windows\SysWow64\osk.exe
2014-06-18 01:10:36    3157504    ----a-w-    C:\windows\System32\win32k.sys
2014-06-06 10:10:34    624128    ----a-w-    C:\windows\System32\qedit.dll
2014-06-06 09:44:17    509440    ----a-w-    C:\windows\SysWow64\qedit.dll
2014-06-05 14:45:15    1460736    ----a-w-    C:\windows\System32\lsasrv.dll
2014-06-05 14:26:58    22016    ----a-w-    C:\windows\SysWow64\secur32.dll
2014-06-05 14:25:49    96768    ----a-w-    C:\windows\SysWow64\sspicli.dll
2014-06-04 00:06:13    50464    ----a-w-    C:\windows\System32\drivers\avgtpx64.sys
2014-05-30 08:08:52    210944    ----a-w-    C:\windows\System32\wdigest.dll
2014-05-30 08:08:49    86528    ----a-w-    C:\windows\System32\TSpkg.dll
2014-05-30 08:08:47    340992    ----a-w-    C:\windows\System32\schannel.dll
2014-05-30 08:08:41    314880    ----a-w-    C:\windows\System32\msv1_0.dll
2014-05-30 08:08:41    307200    ----a-w-    C:\windows\System32\ncrypt.dll
2014-05-30 08:08:36    728064    ----a-w-    C:\windows\System32\kerberos.dll
2014-05-30 08:08:31    22016    ----a-w-    C:\windows\System32\credssp.dll
2014-05-30 07:52:51    172032    ----a-w-    C:\windows\SysWow64\wdigest.dll
2014-05-30 07:52:49    65536    ----a-w-    C:\windows\SysWow64\TSpkg.dll
2014-05-30 07:52:45    247808    ----a-w-    C:\windows\SysWow64\schannel.dll
2014-05-30 07:52:41    220160    ----a-w-    C:\windows\SysWow64\ncrypt.dll
2014-05-30 07:52:40    259584    ----a-w-    C:\windows\SysWow64\msv1_0.dll
2014-05-30 07:52:36    550912    ----a-w-    C:\windows\SysWow64\kerberos.dll
2014-05-30 07:52:30    17408    ----a-w-    C:\windows\SysWow64\credssp.dll
2014-05-30 06:45:52    497152    ----a-w-    C:\windows\System32\drivers\afd.sys
2014-05-12 11:26:10    63704    ----a-w-    C:\windows\System32\drivers\mwac.sys
2014-05-12 11:26:00    91352    ----a-w-    C:\windows\System32\drivers\mbamchameleon.sys
2014-05-12 11:25:56    25816    ----a-w-    C:\windows\System32\drivers\mbam.sys
2014-05-09 22:04:14    59384    ----a-w-    C:\windows\System32\drivers\networx.sys
2014-05-08 09:32:11    3178496    ----a-w-    C:\windows\System32\rdpcorets.dll
2014-05-08 09:32:11    16384    ----a-w-    C:\windows\System32\RdpGroupPolicyExtension.dll
2014-04-25 02:34:59    801280    ----a-w-    C:\windows\System32\usp10.dll
2014-04-25 02:06:17    626688    ----a-w-    C:\windows\SysWow64\usp10.dll
.
============= FINISH: 15:16:13.57 ===============

 

 



BC AdBot (Login to Remove)

 


#2 VicMJ

VicMJ
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Massachusetts, United States
  • Local time:02:43 AM

Posted 14 July 2014 - 08:16 PM

Sorry this took so long to post, I lost my Internet connection and then I had trouble attaching the compressed attach file.  I kept getting an error so I had to use the advanced uploader.


Edited by VicMJ, 14 July 2014 - 08:17 PM.


#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,747 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:43 AM

Posted 19 July 2014 - 09:18 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

Let me know what problem persists.

Edited by nasdaq, 19 July 2014 - 09:19 AM.


#4 VicMJ

VicMJ
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Massachusetts, United States
  • Local time:02:43 AM

Posted 19 July 2014 - 11:14 AM

I have malwarebypes installed on my computer and have Scan for rootkits.

 

 

I downloaded AdwCleaner.exe to my desktop and ran it as directed.

 

A program called "SONAR.Heuristic.120" runs and removes AdwCleaner and puts it in Norton quarantine.


Edited by VicMJ, 19 July 2014 - 12:10 PM.


#5 nasdaq

nasdaq

  • Malware Response Team
  • 38,747 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:43 AM

Posted 19 July 2014 - 01:00 PM

Tell Norton to accept the file. It's good.
We use it every day in out quest to remove malware.

Check the message from Norton when downloading the file.
It give you an opportunity to trust the file.

#6 VicMJ

VicMJ
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Massachusetts, United States
  • Local time:02:43 AM

Posted 19 July 2014 - 04:47 PM

I did run Malwarebytes and got no errors.

Malwarebytes log

=======================

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 7/19/2014
Scan Time: 4:21:53 PM
Logfile: malwarebytes.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.19.08
Rootkit Database: v2014.07.17.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Enabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: VIctor Morano

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 318523
Time Elapsed: 12 min, 5 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

I think you misunderstood what I was saying.  SONAR.Heuristic.120 is the virus.  Looking at my Norton log it tells me ways I should try and remove it.

 

I went back and enabled Norton to let AdwCleaner run, I guess Norton believed AdwCleaner was a Sonar virus..

The following is its log file.

=============================================

 

# AdwCleaner v3.216 - Report created 19/07/2014 at 18:29:05
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : VIctor Morano - GATEWAYCR
# Running from : C:\Users\VIctor Morano\Desktop\adwcleaner_3.216.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Mozilla Firefox v30.0 (en-US)

[ File : C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [871 octets] - [11/07/2014 21:43:51]
AdwCleaner[R1].txt - [920 octets] - [19/07/2014 18:06:44]
AdwCleaner[R2].txt - [979 octets] - [19/07/2014 18:10:18]
AdwCleaner[R3].txt - [1099 octets] - [19/07/2014 18:21:54]
AdwCleaner[S0].txt - [933 octets] - [11/07/2014 23:14:51]
AdwCleaner[S1].txt - [1039 octets] - [19/07/2014 18:12:17]
AdwCleaner[S2].txt - [1021 octets] - [19/07/2014 18:29:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1081 octets] ##########


Edited by VicMJ, 19 July 2014 - 06:17 PM.


#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,747 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:43 AM

Posted 20 July 2014 - 08:19 AM

Please post the logs from the Farbar Recovery Scan Tool (Post No.3)

Wait for further instructions.

#8 VicMJ

VicMJ
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Massachusetts, United States
  • Local time:02:43 AM

Posted 20 July 2014 - 11:55 AM

Okay, here is the Farbar Recovery Scan Tool log.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-07-2014
Ran by VIctor Morano (administrator) on GATEWAYCR on 20-07-2014 12:48:06
Running from C:\Users\VIctor Morano\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil cPhone\cPhoneSDKCS.exe
(Acer Incorporated) C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
() C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\n360.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
(PasswordBox, Inc.) C:\Program Files (x86)\PasswordBox\pbbtnService.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 8\PDFProFiltSrv.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Cyber Power Systems, Inc.) C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Acer Group) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
() C:\OEM\USBDECTION\USBS3S4Detection.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(SoftPerfect Research) C:\Program Files\NetWorx\networx.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(PrinterAnywhere) C:\Program Files (x86)\PrinterShare\paConsole.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(PalmSource, Inc) C:\Program Files (x86)\Palm\Hotsync.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\n360.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Marketsplash by HP\HPLocalWebPrintAgent.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
(Avanquest USA LLC) C:\Program Files (x86)\Common Files\MySoftware\Newsflsh.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
() C:\Program Files (x86)\Nova Development\Office Printing Essentials\ReminderApp.exe
(Cyber Power Systems, Inc.) C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\Nova Development\Greeting Card Factory Deluxe 9.0\ReminderApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 8\PdfPro8Hook.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\TscHelp.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
(Orbiscom Ltd. All rights reserved.) C:\Program Files (x86)\ShopSafe\ShopSafe.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
(Neuber Software - www.neuber.com) C:\Program Files (x86)\Security Task Manager\SpyProtector.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Orbiscom Ltd.) C:\Windows\SysWOW64\obroker.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\SnagitEditor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_14_0_0_145_ActiveX.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [OOTag] => C:\Program Files (x86)\Gateway\OOBEOffer\ootag.exe [13856 2010-02-23] (Microsoft)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060320 2010-02-09] (Realtek Semiconductor)
HKLM\...\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [6553808 2014-06-24] (SoftPerfect Research)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe [244480 2009-11-17] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [OOTag] => C:\Program Files (x86)\Gateway\OOBEOffer\OOTag.exe [13856 2010-02-23] (Microsoft)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [1016320 2010-01-22] (Creative Technology Ltd)
HKLM-x32\...\Run: [nmctxth] => C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe [647216 2009-07-07] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [nmapp] => C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe [472112 2009-07-08] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-08-12] (Logitech Inc.)
HKLM-x32\...\Run: [OmniPage Preload] => C:\Program Files (x86)\Nuance\OmniPage18\OmniPage18.exe [2983200 2011-05-10] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Nuance OmniPage 18-reminder] => C:\Program Files (x86)\Nuance\OmniPage18\Ereg\Ereg.exe [333088 2010-10-27] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [AddressBookReminderApp] => C:\Program Files (x86)\Nova Development\Office Printing Essentials\ReminderApp.exe [144672 2010-12-29] ()
HKLM-x32\...\Run: [PowerPanel Personal Edition User Interaction] => C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\pppeuser.exe [316864 2010-04-09] (Cyber Power Systems, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [ReminderApp] => C:\Program Files (x86)\Nova Development\Greeting Card Factory Deluxe 9.0\ReminderApp.exe [145240 2011-09-19] ()
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1493288 2012-01-13] (Nero AG)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2368736 2014-06-03] (Microsoft Corp.)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [241789 2009-07-07] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [PDF8 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Professional 8\RegistryController.exe [178576 2012-10-23] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 8\pdfpro8hook.exe [2013072 2012-10-23] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Nuance PDF Converter Professional 8-reminder] => C:\Program Files (x86)\Nuance\PDF Professional 8\Ereg\Ereg.exe [333712 2012-10-11] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ShopSafe] => C:\Program Files (x86)\ShopSafe\ShopSafe.exe [371712 2010-10-13] (Orbiscom Ltd. All rights reserved.)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [333088 2010-07-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-09-21] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-09-21] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort14reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [333088 2011-05-16] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Spy Protector] => C:\Program Files (x86)\Security Task Manager\SpyProtector.exe [140616 2010-11-10] (Neuber Software - www.neuber.com)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe [447224 2013-09-22] (IVT Corporation)
HKLM-x32\...\Run: [CTxfiHlp] => CTXFIHLP.EXE
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PowerPDF Registry Controller] => C:\Program Files (x86)\Nuance\Power PDF\RegistryController.exe [191816 2014-03-14] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Nuance Power PDF Advanced-reminder] => C:\Program Files (x86)\Nuance\Power PDF\Ereg\Ereg.exe [330056 2014-02-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PowerPDFInboxMonitor] => C:\Program Files (x86)\Nuance\Power PDF\InboxMonitor.exe [110920 2014-03-14] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKU\.DEFAULT\...\Run: [CtxfiReg] => CTXFIREG.exe /FAIL1
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-3621028071-1008099766-2742997306-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-3621028071-1008099766-2742997306-1000\...\Run: [2ndSpeechCenter] => C:\Program Files (x86)\2nd Speech Center\iisc.exe [2213376 2010-12-04] (Zero2000 Software)
HKU\S-1-5-21-3621028071-1008099766-2742997306-1000\...\Run: [BingWallpaperDownloader] => [X]
HKU\S-1-5-21-3621028071-1008099766-2742997306-1000\...\Run: [3PlanesoftAnimatedWallpaper] => [X]
HKU\S-1-5-21-3621028071-1008099766-2742997306-1000\...\Run: [PrinterShare] => C:\Program Files (x86)\PrinterShare\paConsole.exe [1126400 2013-12-19] (PrinterAnywhere)
HKU\S-1-5-21-3621028071-1008099766-2742997306-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3621028071-1008099766-2742997306-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-04-21] (Google Inc.)
HKU\S-1-5-21-3621028071-1008099766-2742997306-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2014-06-24] (Siber Systems)
HKU\S-1-5-21-3621028071-1008099766-2742997306-1000\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-3621028071-1008099766-2742997306-1000\...\MountPoints2: {3e4be90f-28b6-11e0-87be-806e6f6e6963} - Z:\Setup.exe
HKU\S-1-5-21-3621028071-1008099766-2742997306-1000\...\MountPoints2: {859cceb9-8ece-11e0-a408-4487fca9e2c0} - L:\iStudio.exe
Lsa: [Notification Packages] scecli IVTCredentialProvider
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HotSync Manager.lnk
ShortcutTarget: HotSync Manager.lnk -> C:\Program Files (x86)\Palm\Hotsync.exe (PalmSource, Inc)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Marketsplash Print Software.lnk
ShortcutTarget: Marketsplash Print Software.lnk -> C:\Program Files (x86)\Hewlett-Packard\Marketsplash by HP\HPLocalWebPrintAgent.exe (Hewlett-Packard Company)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Newsflash.lnk
ShortcutTarget: Newsflash.lnk -> C:\Program Files (x86)\Common Files\MySoftware\Newsflsh.exe (Avanquest USA LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 11.lnk
ShortcutTarget: Snagit 11.lnk -> C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe (TechSmith Corporation)
Startup: C:\Users\VIctor Morano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo! Widgets.lnk
ShortcutTarget: Yahoo! Widgets.lnk -> C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe (Yahoo! Inc.)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://xfinity.comcast.net/
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACGW
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
BHO-x32: ShopSafeBrowserHelper Class -> {333F6B96-3992-4D58-A499-145A10FE48C3} -> C:\Program Files (x86)\ShopSafe\BhoSSafe.dll (Orbiscom Ltd. All rights reserved.)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 8\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Simple -> {886bf106-6ebf-4ef4-8676-6663caabbda4} -> C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Nuance PDF Toolbar Helper -> {940361F8-7F16-4498-AB43-2EFFE0235AFA} -> C:\Program Files (x86)\Nuance\Power PDF\Bin\SZeonIEFavClient.dll (Zeon Corporation)
BHO-x32: PlusIEEventHelper Class -> {9D137966-2E29-45C5-9B12-29D5427F8F66} -> C:\Program Files (x86)\Nuance\Power PDF\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Gaaiho PDF Conversion Toolbar Helper -> {C7DA0384-42AA-428c-B832-88AC343DE1A8} -> C:\Program Files (x86)\Nuance\PDF Professional 8\bin\GZeonIEFavClient.dll (Zeon Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKLM - &NetWorx Desk Band - {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - C:\Program Files\NetWorx\deskband.dll (SoftPerfect Research)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - 2nd &Speech Center - {CFE40ED8-564E-4693-A9D9-80DB70C8E460} - C:\Program Files (x86)\2nd Speech Center\tts4ie.dll ()
Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
Toolbar: HKLM-x32 - Nuance PDF - {BCCE15AE-AC7E-4bc9-94AF-2A714A412BCB} - C:\Program Files (x86)\Nuance\PDF Professional 8\bin\GZeonIEFavClient.dll (Zeon Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Nuance PDF - {BED78D9C-A025-4FE9-B3BA-27E6D376A3D5} - C:\Program Files (x86)\Nuance\Power PDF\Bin\SZeonIEFavClient.dll (Zeon Corporation)
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
DPF: HKLM-x32 {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default
FF Homepage: hxxp://xfinity.comcast.net/
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @palmsource.com/installer,version=1.0 - C:\PROGRA~2\Palm\PACKAG~1\NPInstal.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 - C:\Program Files (x86)\Nuance\Power PDF\bin\nppdf.dll (Zeon Corporation)
FF Plugin HKCU: @nds.com/PlayerPlugin - C:\Users\VIctor Morano\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (DIRECTV)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\VIctor Morano\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKCU: NDS.com/PlayerPlugin - C:\Users\VIctor Morano\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (DIRECTV)
FF SearchPlugin: C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\searchplugins\hyperwords.xml
FF SearchPlugin: C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\searchplugins\liquid-words.xml
FF Extension: IE Tab + - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\coralietab@mozdev.org [2014-06-30]
FF Extension: Fox Splitter - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\foxsplitter@piro.sakura.ne.jp [2012-12-31]
FF Extension: Cooliris - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\piclens@cooliris.com [2012-02-08]
FF Extension: Forecastfox - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2014-06-24]
FF Extension: IE Tab 2 (FF 3.6+) - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2013-12-17]
FF Extension: Liquid Words - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\{9A752782-D706-479b-98F8-3F66BF921692} [2012-04-27]
FF Extension: WOT - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-27]
FF Extension: DownloadHelper - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-26]
FF Extension: <![CDATA[1-ClickWeather]]> - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\{DCBD1271-D228-4082-9FBC-36D9B7660B03} [2011-12-22]
FF Extension: Addons Manager Hilite - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\addonsmgrhilte@cfl.xpi [2011-08-17]
FF Extension: Google Docs Viewer - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\adonis.cuhk@gmail.com.xpi [2012-09-14]
FF Extension: Ghostery - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\firefox@ghostery.com.xpi [2013-08-16]
FF Extension: hashr - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\hashr@rogeriopvl.com.xpi [2011-05-20]
FF Extension: Lightbeam - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2013-02-21]
FF Extension: Lazarus: Form Recovery - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\lazarus@interclue.com.xpi [2011-05-20]
FF Extension: Locationbar&#178; - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\locationbar2@design-noir.de.xpi [2011-05-20]
FF Extension: MD5 Reborned Hasher - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\md5rehasher@phoneixs.es.xpi [2011-12-22]
FF Extension: Team Cymru's MHR - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\mhr@team.cymru.xpi [2011-12-22]
FF Extension: Print Edit - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\printedit@DW-dev.xpi [2011-05-20]
FF Extension: Print / Print Preview (Update) - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\printprintpreview-andrewsfirefoxextensions@gmail.com.xpi [2011-06-10]
FF Extension: TrashMail.com - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\spam@trashmail.net.xpi [2014-06-23]
FF Extension: The Addon Bar (restored) - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\the-addon-bar@GeekInTraining-GiT.xpi [2014-06-23]
FF Extension: 404 : File is Not Found ? Now it will be! - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\waybackbutton@lazar.kovacevic.xpi [2011-05-20]
FF Extension: fcreward.100770.b - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\{003e1c8f-ebd6-f074-7551-4b31c0f547ec}.xpi [2012-05-21]
FF Extension: All-in-One Sidebar - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2011-05-20]
FF Extension: Flagfox - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-09]
FF Extension: abcTajpu - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\{15a7ef52-8a77-426e-9e17-e21af257d7c8}.xpi [2011-05-20]
FF Extension: Malware Search - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}.xpi [2011-05-20]
FF Extension: NoScript - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-05-20]
FF Extension: MR Tech Toolkit - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\{9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC}.xpi [2014-06-23]
FF Extension: FireFTP - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi [2011-05-20]
FF Extension: CoolPreviews - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi [2011-05-20]
FF Extension: Adblock Plus - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-05-20]
FF Extension: BetterPrivacy - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2014-06-23]
FF Extension: Tab Mix Plus - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2011-08-17]
FF Extension: DownThemAll! - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-05-20]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-06-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-06-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-06-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-11]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-06-11]
FF HKLM-x32\...\Firefox\Extensions: [shopsafe@orbiscom] - C:\Program Files (x86)\ShopSafe
FF Extension: ShopSafe - C:\Program Files (x86)\ShopSafe [2012-09-26]
FF HKLM-x32\...\Firefox\Extensions: [downloader@freeyoutubetomp3converter.org] - C:\Program Files (x86)\FreeYouTubeToMP3TURBOConverter\Firefox
FF Extension: FreeYouTubeToMP3TURBOConverter plugin for Mozilla Firefox - C:\Program Files (x86)\FreeYouTubeToMP3TURBOConverter\Firefox [2012-10-13]
FF HKLM-x32\...\Firefox\Extensions: [isend@www.bluesoleil.com] - C:\Program Files (x86)\IVT Corporation\BlueSoleil\TransSend\FireFox\isend@www.bluesoleil.com
FF Extension: BlueSoleil Extension - C:\Program Files (x86)\IVT Corporation\BlueSoleil\TransSend\FireFox\isend@www.bluesoleil.com [2013-10-29]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-10-31]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-07-20]
FF HKLM-x32\...\Firefox\Extensions: [firefox@passwordbox.com] - C:\Program Files (x86)\PasswordBox\Firefox
FF Extension: PasswordBox - C:\Program Files (x86)\PasswordBox\Firefox [2013-11-21]
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2011-05-20]
FF HKLM-x32\...\Firefox\Extensions: [{jid1-eFRcA0eiPxecTQ@jetpack}] - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\extensions\{jid1-eFRcA0eiPxecTQ@jetpack}
FF HKLM-x32\...\Firefox\Extensions: [{jid1-vS7biDmom8YxhA@jetpack}] - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\extensions\{jid1-vS7biDmom8YxhA@jetpack}
FF HKCU\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: Nuance PDF Convert - C:\Program Files (x86)\Nuance\Power PDF\FireFox [2014-07-04]

==================== Services (Whitelisted) =================

R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173792 2014-06-03] (Microsoft Corp.)
R2 BlueSoleilCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [3470360 2013-09-22] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe [162040 2013-09-22] (IVT Corporation)
R2 BsMobileCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe [273656 2013-09-22] (IVT Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 cPhoneSDKCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil cPhone\cPhoneSDKCS.exe [262259 2013-01-25] (IVT Corporation) [File not signed]
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2011-01-25] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2011-01-25] (Creative Labs) [File not signed]
S3 Creative Media Toolbox 6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [79360 2011-05-23] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 GsServer; C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe [5546712 2012-10-07] ()
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-07-16] (SurfRight B.V.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe [265040 2014-06-27] (Symantec Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]
R2 PDFProFiltSrv; C:\Program Files (x86)\Nuance\PDF Professional 8\PDFProFiltSrv.exe [135056 2012-10-23] (Nuance Communications, Inc.)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [138600 2011-09-21] (Nuance Communications, Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 ppped; C:\Program Files (x86)\CyberPower PowerPanel Personal Edition\ppped.exe [918976 2010-04-16] (Cyber Power Systems, Inc.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Personal 2014.RTM\RpcAgentSrv.exe [72344 2008-11-27] (SiSoftware) [File not signed]
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [575488 2008-09-08] (Nokia.) [File not signed]
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [728328 2014-03-31] (DEVGURU Co., LTD.)
R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] ()

==================== Drivers (Whitelisted) ====================

S3 AceecaUSBDx64; C:\Windows\System32\DRIVERS\AceecaUSBDx64.sys [66552 2011-05-31] (PalmSource, Inc.)
R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [50464 2014-06-03] (AVG Technologies)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140703.001\BHDrvx64.sys [1530160 2014-05-09] (Symantec Corporation)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [41208 2012-12-24] (IVT Corporation)
R3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [22240 2011-12-21] (IVT Corporation.)
R3 BTCOM; C:\Windows\System32\DRIVERS\btcomport.sys [29576 2011-07-27] (IVT Corporation.)
S3 BTCOMBUS; C:\Windows\System32\Drivers\btcombus.sys [25568 2013-04-26] (IVT Corporation.)
R3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [43104 2013-06-05] (IVT Corporation.)
R3 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [23904 2013-05-20] (IVT Corporation.)
S3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [31480 2012-12-24] (IVT Corporation.)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1504000.00D\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-11] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140718.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R3 IvtAudioBusSrv; C:\Windows\System32\Drivers\IvtBtBus.sys [27256 2012-12-24] (IVT Corporation.)
S3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [27256 2012-12-24] (IVT Corporation.)
R3 IvtComBusSrv; C:\Windows\System32\Drivers\btcombus.sys [25568 2013-04-26] (IVT Corporation.)
R3 IvtPanBusSrv; C:\Windows\System32\Drivers\btnetBus.sys [31480 2012-12-24] (IVT Corporation.)
R2 mbamchameleon; C:\windows\system32\drivers\mbamchameleon.sys [91352 2014-05-12] (Malwarebytes Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-20] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140719.001\ENG64.SYS [126040 2014-06-28] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140719.001\EX64.SYS [2099288 2014-06-28] (Symantec Corporation)
R1 networx; C:\Windows\System32\drivers\networx.sys [59384 2014-05-09] (NetFilterSDK.com)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
S3 OV550I; C:\Windows\System32\Drivers\ov550ivx.sys [196992 2008-02-22] (Omnivision Technologies, Inc.)
R1 PSSDKLBF; C:\windows\system32\Drivers\pssdklbf.sys [65600 2012-06-20] (microOLAP Technologies LTD)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Personal 2014.RTM\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1504000.00D\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1504000.00D\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-10-31] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [78936 2013-09-09] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1504000.00D\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1504000.00D\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [41208 2012-12-24] (IVT Corporation)
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-20 12:48 - 2014-07-20 12:48 - 00047111 _____ () C:\Users\VIctor Morano\Desktop\FRST.txt
2014-07-20 12:46 - 2014-07-20 12:48 - 00000000 ____D () C:\FRST
2014-07-20 12:40 - 2014-07-20 12:41 - 02089984 _____ (Farbar) C:\Users\VIctor Morano\Desktop\FRST64.exe
2014-07-20 12:36 - 2014-07-20 12:36 - 02089984 _____ (Farbar) C:\Users\VIctor Morano\Downloads\FRST64 (1).exe
2014-07-19 18:50 - 2014-07-19 18:50 - 00001069 _____ () C:\Users\VIctor Morano\Desktop\malwarebytes.txt
2014-07-19 18:31 - 2014-07-20 12:20 - 00006508 _____ () C:\windows\SysWOW64\LOCALSERVICE.INI
2014-07-19 18:04 - 2014-07-19 18:04 - 01354223 _____ () C:\Users\VIctor Morano\Desktop\adwcleaner_3.216.exe
2014-07-19 12:30 - 2014-07-19 12:30 - 02089984 _____ (Farbar) C:\Users\VIctor Morano\Downloads\FRST64.exe
2014-07-15 09:22 - 2014-07-15 09:22 - 00000000 ____D () C:\Users\VIctor Morano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DIRECTV
2014-07-14 22:14 - 2014-07-14 22:14 - 00000417 _____ () C:\Users\VIctor Morano\Desktop\post txt.txt
2014-07-14 20:40 - 2014-07-14 20:40 - 00006511 _____ () C:\Users\VIctor Morano\Desktop\attach.zip
2014-07-14 15:16 - 2014-07-14 15:16 - 00040223 _____ () C:\Users\VIctor Morano\Desktop\dds.txt
2014-07-14 15:16 - 2014-07-14 15:16 - 00020673 _____ () C:\Users\VIctor Morano\Desktop\attach.txt
2014-07-14 15:06 - 2014-07-14 15:06 - 00688992 ____R (Swearware) C:\Users\VIctor Morano\Desktop\dds.com
2014-07-14 06:18 - 2014-07-14 06:18 - 00000000 ____D () C:\windows\System32\Tasks\Norton 360
2014-07-12 10:18 - 2014-07-12 10:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-12 10:18 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-12 10:18 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-07-12 10:18 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-07-12 10:18 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-07-12 10:17 - 2014-07-12 10:18 - 00004341 _____ () C:\windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-07-12 10:15 - 2014-07-12 10:15 - 00918952 _____ (Oracle Corporation) C:\Users\VIctor Morano\Desktop\jxpiinstall.exe
2014-07-12 09:14 - 2014-07-12 09:14 - 00056551 _____ () C:\Users\VIctor Morano\Desktop\Result.txt
2014-07-12 09:09 - 2014-07-12 09:09 - 00401920 _____ (Farbar) C:\Users\VIctor Morano\Downloads\MiniToolBox.exe
2014-07-12 09:09 - 2014-07-12 09:09 - 00401920 _____ (Farbar) C:\Users\VIctor Morano\Desktop\MiniToolBox.exe
2014-07-12 04:14 - 2014-07-12 04:14 - 00003628 _____ () C:\Users\VIctor Morano\Desktop\JRT.txt
2014-07-12 04:04 - 2014-07-12 04:04 - 00000000 ____D () C:\windows\ERUNT
2014-07-11 21:43 - 2014-07-19 18:29 - 00000000 ____D () C:\AdwCleaner
2014-07-11 21:33 - 2014-07-11 21:33 - 01016261 _____ (Thisisu) C:\Users\VIctor Morano\Desktop\JRT.exe
2014-07-11 21:15 - 2014-07-11 21:15 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\VIctor Morano\Desktop\rkill.exe
2014-07-11 21:13 - 2014-07-11 21:13 - 01348263 _____ () C:\Users\VIctor Morano\Desktop\AdwCleaner.exe
2014-07-11 15:55 - 2014-07-11 19:59 - 00078803 _____ () C:\Users\VIctor Morano\Desktop\CheckResults.txt
2014-07-11 15:54 - 2014-07-11 15:54 - 01682416 _____ (Malwarebytes Corporation) C:\Users\VIctor Morano\Desktop\mbam-check-2.1.1.1001.exe
2014-07-10 20:32 - 2014-07-10 20:32 - 00000800 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-07-10 20:32 - 2014-07-10 20:32 - 00000000 ____D () C:\Program Files\Speccy
2014-07-10 20:28 - 2014-07-10 20:28 - 05127856 _____ (Piriform Ltd) C:\Users\VIctor Morano\Downloads\spsetup122.exe
2014-07-09 22:35 - 2014-07-09 22:35 - 00004164 _____ () C:\Users\VIctor Morano\Desktop\HitmanPro_20140709_2235.log
2014-07-09 21:48 - 2014-07-09 21:48 - 00001901 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-07-09 21:48 - 2014-07-09 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-07-09 21:48 - 2014-07-09 21:48 - 00000000 ____D () C:\Program Files\HitmanPro
2014-07-09 21:47 - 2014-07-09 23:38 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-07-09 18:46 - 2014-07-09 18:46 - 11185664 _____ (SurfRight B.V.) C:\Users\VIctor Morano\Desktop\HitmanPro_x64.exe
2014-07-08 21:25 - 2014-07-08 21:25 - 00000000 ____D () C:\ProgramData\Apple
2014-07-08 21:25 - 2014-06-10 21:53 - 00423936 _____ (Hewlett-Packard) C:\windows\system32\hpbprtmon.dll
2014-07-08 21:25 - 2014-06-10 21:53 - 00413184 _____ (Hewlett-Packard) C:\windows\system32\hpbrprtmon.dll
2014-07-08 21:25 - 2014-06-10 21:52 - 00231424 _____ (Hewlett-Packard) C:\windows\system32\hpbprtmonui.dll
2014-07-08 21:24 - 2014-07-08 21:24 - 00000000 ____D () C:\Users\VIctor Morano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2014-07-08 21:23 - 2014-07-08 21:23 - 00000000 ____D () C:\HP_ePrint
2014-07-08 21:02 - 2014-07-08 21:02 - 00002264 _____ () C:\Users\Public\Desktop\HP Officejet Pro 8500 A910.lnk
2014-07-08 21:02 - 2014-07-08 21:02 - 00001191 _____ () C:\Users\Public\Desktop\Shop for Supplies - HP Officejet Pro 8500 A910.lnk
2014-07-08 21:02 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\windows\system32\HPDiscoPM5312.dll
2014-07-08 20:40 - 2014-07-08 21:40 - 00002012 _____ () C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2014-07-08 20:18 - 2014-07-08 20:18 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-07-08 13:53 - 2014-06-29 22:09 - 00519168 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-07-08 13:53 - 2014-06-29 22:04 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-07-08 13:53 - 2014-06-20 16:14 - 00266424 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-07-08 13:53 - 2014-06-20 15:39 - 00240824 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-07-08 13:53 - 2014-06-18 21:39 - 23464448 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-07-08 13:53 - 2014-06-18 21:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-07-08 13:53 - 2014-06-18 21:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-07-08 13:53 - 2014-06-18 20:48 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-07-08 13:53 - 2014-06-18 20:42 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-07-08 13:53 - 2014-06-18 20:42 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-07-08 13:53 - 2014-06-18 20:41 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-07-08 13:53 - 2014-06-18 20:41 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-07-08 13:53 - 2014-06-18 20:32 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-07-08 13:53 - 2014-06-18 20:31 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-07-08 13:53 - 2014-06-18 20:26 - 00598016 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-07-08 13:53 - 2014-06-18 20:24 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-07-08 13:53 - 2014-06-18 20:24 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-07-08 13:53 - 2014-06-18 20:23 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-07-08 13:53 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-07-08 13:53 - 2014-06-18 20:14 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-07-08 13:53 - 2014-06-18 20:09 - 00452608 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-07-08 13:53 - 2014-06-18 19:59 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-07-08 13:53 - 2014-06-18 19:56 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-07-08 13:53 - 2014-06-18 19:53 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-07-08 13:53 - 2014-06-18 19:51 - 05721088 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-07-08 13:53 - 2014-06-18 19:50 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-07-08 13:53 - 2014-06-18 19:48 - 00292864 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-07-08 13:53 - 2014-06-18 19:39 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-07-08 13:53 - 2014-06-18 19:38 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-07-08 13:53 - 2014-06-18 19:37 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-07-08 13:53 - 2014-06-18 19:36 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-07-08 13:53 - 2014-06-18 19:35 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-07-08 13:53 - 2014-06-18 19:33 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-07-08 13:53 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-07-08 13:53 - 2014-06-18 19:28 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-07-08 13:53 - 2014-06-18 19:28 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-07-08 13:53 - 2014-06-18 19:27 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-07-08 13:53 - 2014-06-18 19:27 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-07-08 13:53 - 2014-06-18 19:25 - 00442368 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-07-08 13:53 - 2014-06-18 19:23 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-07-08 13:53 - 2014-06-18 19:22 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-07-08 13:53 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-07-08 13:53 - 2014-06-18 19:06 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-08 13:53 - 2014-06-18 19:01 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-07-08 13:53 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-07-08 13:53 - 2014-06-18 18:58 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-07-08 13:53 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-07-08 13:53 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-07-08 13:53 - 2014-06-18 18:51 - 13527040 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-07-08 13:53 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-07-08 13:53 - 2014-06-18 18:46 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-07-08 13:53 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-07-08 13:53 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-07-08 13:53 - 2014-06-18 18:34 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-07-08 13:53 - 2014-06-18 18:15 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-07-08 13:53 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-07-08 13:53 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-07-08 13:53 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-07-08 13:53 - 2014-06-17 22:18 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-07-08 13:53 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2014-07-08 13:53 - 2014-06-17 21:10 - 03157504 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-07-08 13:53 - 2014-06-06 06:10 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-07-08 13:53 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-07-08 13:53 - 2014-06-05 10:45 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-07-08 13:53 - 2014-06-05 10:26 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-07-08 13:53 - 2014-06-05 10:25 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-07-08 13:53 - 2014-05-30 04:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-07-08 13:53 - 2014-05-30 04:08 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-07-08 13:53 - 2014-05-30 04:08 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-07-08 13:53 - 2014-05-30 04:08 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-07-08 13:53 - 2014-05-30 04:08 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-07-08 13:53 - 2014-05-30 04:08 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-07-08 13:53 - 2014-05-30 04:08 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-07-08 13:53 - 2014-05-30 03:52 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-07-08 13:53 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-07-08 13:53 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-07-08 13:53 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2014-07-08 13:53 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-07-08 13:53 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-07-08 13:53 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-07-08 13:53 - 2014-05-30 02:45 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-07-05 22:00 - 2014-07-05 22:00 - 00003284 _____ () C:\windows\System32\Tasks\NSManager
2014-07-05 22:00 - 2014-07-05 22:00 - 00000000 ____D () C:\Users\VIctor Morano\AppData\Local\NSManager
2014-07-05 22:00 - 2014-07-05 22:00 - 00000000 ____D () C:\ProgramData\Npackd
2014-07-05 22:00 - 2014-07-05 22:00 - 00000000 ____D () C:\Program Files (x86)\Simple
2014-07-05 21:59 - 2014-07-05 22:37 - 00000000 ____D () C:\Users\VIctor Morano\AppData\Local\Fast Browser
2014-07-05 21:58 - 2014-07-05 22:00 - 00001332 __RSH () C:\Users\VIctor Morano\ntuser.pol
2014-07-04 21:12 - 2014-07-04 21:12 - 00000000 ____D () C:\Users\VIctor Morano\AppData\Local\Avanquest North America
2014-07-04 21:11 - 2014-07-04 21:11 - 00000122 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2014-07-04 21:11 - 2014-07-04 21:11 - 00000000 ____D () C:\Users\VIctor Morano\AppData\Local\Photo Explosion
2014-07-04 21:10 - 2014-07-04 21:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2014-07-04 20:41 - 2014-07-04 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance Power PDF Advanced

==================== One Month Modified Files and Folders =======

2014-07-20 12:48 - 2014-07-20 12:48 - 00047111 _____ () C:\Users\VIctor Morano\Desktop\FRST.txt
2014-07-20 12:48 - 2014-07-20 12:46 - 00000000 ____D () C:\FRST
2014-07-20 12:48 - 2011-01-25 15:22 - 00000000 ____D () C:\ProgramData\Temp
2014-07-20 12:41 - 2014-07-20 12:40 - 02089984 _____ (Farbar) C:\Users\VIctor Morano\Desktop\FRST64.exe
2014-07-20 12:36 - 2014-07-20 12:36 - 02089984 _____ (Farbar) C:\Users\VIctor Morano\Downloads\FRST64 (1).exe
2014-07-20 12:33 - 2012-06-20 21:18 - 01603370 _____ () C:\windows\WindowsUpdate.log
2014-07-20 12:29 - 2009-07-14 01:13 - 00782470 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-20 12:27 - 2011-05-26 09:31 - 00003962 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{108BB138-AED7-4855-A720-6FCAA1187A66}
2014-07-20 12:26 - 2009-07-14 00:45 - 00015072 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-20 12:26 - 2009-07-14 00:45 - 00015072 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-20 12:25 - 2011-06-06 17:02 - 00000000 ____D () C:\Program Files (x86)\CyberPower PowerPanel Personal Edition
2014-07-20 12:23 - 2014-04-11 16:39 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-20 12:23 - 2011-05-19 13:40 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-20 12:23 - 2011-05-19 13:40 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-20 12:21 - 2011-05-23 13:01 - 00000000 ____D () C:\Users\VIctor Morano\AppData\Roaming\Skype
2014-07-20 12:20 - 2014-07-19 18:31 - 00006508 _____ () C:\windows\SysWOW64\LOCALSERVICE.INI
2014-07-20 12:20 - 2013-10-29 20:20 - 00000101 _____ () C:\windows\SysWOW64\LOCALDEVICE.INI
2014-07-20 12:20 - 2013-09-23 16:57 - 00001427 _____ () C:\windows\SysWOW64\bscs.ini
2014-07-20 12:17 - 2013-07-03 19:16 - 00043968 _____ () C:\windows\setupact.log
2014-07-20 12:17 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-19 22:14 - 2012-03-29 17:30 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-07-19 20:50 - 2011-10-10 12:31 - 00000960 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3621028071-1008099766-2742997306-1000UA.job
2014-07-19 18:50 - 2014-07-19 18:50 - 00001069 _____ () C:\Users\VIctor Morano\Desktop\malwarebytes.txt
2014-07-19 18:30 - 2012-06-20 21:13 - 00940090 _____ () C:\windows\PFRO.log
2014-07-19 18:29 - 2014-07-11 21:43 - 00000000 ____D () C:\AdwCleaner
2014-07-19 18:04 - 2014-07-19 18:04 - 01354223 _____ () C:\Users\VIctor Morano\Desktop\adwcleaner_3.216.exe
2014-07-19 17:50 - 2011-10-10 12:31 - 00000938 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3621028071-1008099766-2742997306-1000Core.job
2014-07-19 12:30 - 2014-07-19 12:30 - 02089984 _____ (Farbar) C:\Users\VIctor Morano\Downloads\FRST64.exe
2014-07-19 04:29 - 2012-07-21 06:51 - 00000000 _____ () C:\Users\VIctor Morano\Documents\Nuance Image Printer Writer Port
2014-07-17 13:30 - 2013-11-21 05:41 - 00000000 ____D () C:\Program Files (x86)\PasswordBox
2014-07-16 10:57 - 2011-06-08 07:11 - 00000000 ____D () C:\Users\VIctor Morano\Documents\Church
2014-07-16 05:43 - 2011-05-26 08:46 - 00000000 ____D () C:\Users\VIctor Morano\AppData\Local\CrashDumps
2014-07-16 05:41 - 2011-05-19 12:57 - 00401224 _____ () C:\Users\VIctor Morano\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-16 05:40 - 2009-07-14 00:45 - 01203896 _____ () C:\windows\system32\FNTCACHE.DAT
2014-07-15 11:46 - 2013-12-19 15:00 - 00000000 ____D () C:\Program Files (x86)\PrinterShare
2014-07-15 11:46 - 2013-10-15 11:43 - 00000000 ____D () C:\Program Files (x86)\GenieGO
2014-07-15 09:23 - 2013-10-15 11:44 - 00000000 ____D () C:\Users\VIctor Morano\AppData\Roaming\DIRECTV
2014-07-15 09:22 - 2014-07-15 09:22 - 00000000 ____D () C:\Users\VIctor Morano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DIRECTV
2014-07-15 09:22 - 2013-10-15 11:44 - 00001073 _____ () C:\Users\VIctor Morano\Desktop\GenieGO.lnk
2014-07-15 09:22 - 2013-10-15 11:44 - 00000000 ____D () C:\Users\VIctor Morano\AppData\Roaming\InstallShield Installation Information
2014-07-15 09:21 - 2013-01-15 20:28 - 00000000 ____D () C:\Users\VIctor Morano\AppData\Local\Downloaded Installations
2014-07-14 22:14 - 2014-07-14 22:14 - 00000417 _____ () C:\Users\VIctor Morano\Desktop\post txt.txt
2014-07-14 20:40 - 2014-07-14 20:40 - 00006511 _____ () C:\Users\VIctor Morano\Desktop\attach.zip
2014-07-14 17:26 - 2011-05-27 04:36 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-07-14 15:16 - 2014-07-14 15:16 - 00040223 _____ () C:\Users\VIctor Morano\Desktop\dds.txt
2014-07-14 15:16 - 2014-07-14 15:16 - 00020673 _____ () C:\Users\VIctor Morano\Desktop\attach.txt
2014-07-14 15:06 - 2014-07-14 15:06 - 00688992 ____R (Swearware) C:\Users\VIctor Morano\Desktop\dds.com
2014-07-14 07:38 - 2013-11-24 19:43 - 00000000 ____D () C:\Program Files (x86)\JL Edwardian Advent Calendar
2014-07-14 06:18 - 2014-07-14 06:18 - 00000000 ____D () C:\windows\System32\Tasks\Norton 360
2014-07-14 06:13 - 2011-05-23 19:34 - 00000000 ____D () C:\windows\system32\Drivers\N360x64
2014-07-14 06:12 - 2013-10-31 13:02 - 00002323 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-07-14 06:12 - 2013-10-31 13:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-07-14 06:12 - 2012-04-27 15:51 - 00003206 _____ () C:\windows\System32\Tasks\Norton WSC Integration
2014-07-13 11:12 - 2013-08-28 14:52 - 00002326 _____ () C:\Users\VIctor Morano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Logos Bible Software 5.lnk
2014-07-13 11:12 - 2013-08-28 14:52 - 00002318 _____ () C:\Users\VIctor Morano\Desktop\Logos Bible Software 5.lnk
2014-07-13 11:11 - 2011-05-26 04:44 - 00000000 ____D () C:\Users\VIctor Morano\AppData\Local\Logos4
2014-07-13 08:13 - 2009-07-14 01:08 - 00032604 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-07-12 10:18 - 2014-07-12 10:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-12 10:18 - 2014-07-12 10:17 - 00004341 _____ () C:\windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-07-12 10:18 - 2013-10-21 17:58 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-12 10:18 - 2013-06-25 02:36 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-12 10:15 - 2014-07-12 10:15 - 00918952 _____ (Oracle Corporation) C:\Users\VIctor Morano\Desktop\jxpiinstall.exe
2014-07-12 09:14 - 2014-07-12 09:14 - 00056551 _____ () C:\Users\VIctor Morano\Desktop\Result.txt
2014-07-12 09:09 - 2014-07-12 09:09 - 00401920 _____ (Farbar) C:\Users\VIctor Morano\Downloads\MiniToolBox.exe
2014-07-12 09:09 - 2014-07-12 09:09 - 00401920 _____ (Farbar) C:\Users\VIctor Morano\Desktop\MiniToolBox.exe
2014-07-12 04:14 - 2014-07-12 04:14 - 00003628 _____ () C:\Users\VIctor Morano\Desktop\JRT.txt
2014-07-12 04:04 - 2014-07-12 04:04 - 00000000 ____D () C:\windows\ERUNT
2014-07-12 02:54 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\rescache
2014-07-11 21:40 - 2012-08-02 11:53 - 00003964 _____ () C:\Users\VIctor Morano\Desktop\Rkill.txt
2014-07-11 21:33 - 2014-07-11 21:33 - 01016261 _____ (Thisisu) C:\Users\VIctor Morano\Desktop\JRT.exe
2014-07-11 21:15 - 2014-07-11 21:15 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\VIctor Morano\Desktop\rkill.exe
2014-07-11 21:13 - 2014-07-11 21:13 - 01348263 _____ () C:\Users\VIctor Morano\Desktop\AdwCleaner.exe
2014-07-11 20:04 - 2011-05-23 12:40 - 00016417 _____ () C:\windows\system32\lvcoinst.log
2014-07-11 19:59 - 2014-07-11 15:55 - 00078803 _____ () C:\Users\VIctor Morano\Desktop\CheckResults.txt
2014-07-11 19:20 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\Globalization
2014-07-11 15:54 - 2014-07-11 15:54 - 01682416 _____ (Malwarebytes Corporation) C:\Users\VIctor Morano\Desktop\mbam-check-2.1.1.1001.exe
2014-07-10 22:07 - 2011-06-27 21:51 - 00227840 ___SH () C:\Users\VIctor Morano\Documents\Thumbs.db
2014-07-10 21:12 - 2011-06-08 06:00 - 00000000 ____D () C:\Users\VIctor Morano\AppData\Roaming\HpUpdate
2014-07-10 20:56 - 2011-07-03 19:39 - 00000000 ____D () C:\Users\VIctor Morano\Documents\ScanedOM
2014-07-10 20:32 - 2014-07-10 20:32 - 00000800 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-07-10 20:32 - 2014-07-10 20:32 - 00000000 ____D () C:\Program Files\Speccy
2014-07-10 20:28 - 2014-07-10 20:28 - 05127856 _____ (Piriform Ltd) C:\Users\VIctor Morano\Downloads\spsetup122.exe
2014-07-09 23:38 - 2014-07-09 21:47 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-07-09 22:35 - 2014-07-09 22:35 - 00004164 _____ () C:\Users\VIctor Morano\Desktop\HitmanPro_20140709_2235.log
2014-07-09 21:48 - 2014-07-09 21:48 - 00001901 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-07-09 21:48 - 2014-07-09 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-07-09 21:48 - 2014-07-09 21:48 - 00000000 ____D () C:\Program Files\HitmanPro
2014-07-09 18:46 - 2014-07-09 18:46 - 11185664 _____ (SurfRight B.V.) C:\Users\VIctor Morano\Desktop\HitmanPro_x64.exe
2014-07-09 15:14 - 2012-03-29 17:30 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 15:14 - 2012-03-29 17:30 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-07-09 15:14 - 2011-05-26 04:37 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-08 21:40 - 2014-07-08 20:40 - 00002012 _____ () C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2014-07-08 21:29 - 2013-04-21 19:34 - 00000000 ____D () C:\Users\VIctor Morano\Downloads\HP
2014-07-08 21:25 - 2014-07-08 21:25 - 00000000 ____D () C:\ProgramData\Apple
2014-07-08 21:24 - 2014-07-08 21:24 - 00000000 ____D () C:\Users\VIctor Morano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2014-07-08 21:24 - 2011-05-20 11:37 - 00000000 ____D () C:\Program Files (x86)\HP
2014-07-08 21:23 - 2014-07-08 21:23 - 00000000 ____D () C:\HP_ePrint
2014-07-08 21:23 - 2011-05-20 11:34 - 00000000 ____D () C:\ProgramData\HP
2014-07-08 21:02 - 2014-07-08 21:02 - 00002264 _____ () C:\Users\Public\Desktop\HP Officejet Pro 8500 A910.lnk
2014-07-08 21:02 - 2014-07-08 21:02 - 00001191 _____ () C:\Users\Public\Desktop\Shop for Supplies - HP Officejet Pro 8500 A910.lnk
2014-07-08 20:20 - 2011-06-08 06:01 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-07-08 20:20 - 2011-06-08 06:00 - 00003654 _____ () C:\windows\System32\Tasks\HPCustParticipation HP Officejet Pro 8500 A910
2014-07-08 20:18 - 2014-07-08 20:18 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-07-08 18:20 - 2012-07-13 15:36 - 00000000 ____D () C:\Users\VIctor Morano\Documents\My Kindle Content
2014-07-08 14:06 - 2014-04-24 11:50 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-07-08 14:06 - 2009-07-14 03:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-08 14:06 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-07-08 14:06 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\Dism
2014-07-08 14:04 - 2013-07-11 14:04 - 00000000 ____D () C:\windows\system32\MRT
2014-07-08 13:56 - 2011-05-19 22:20 - 96441528 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-07-05 22:50 - 2011-06-03 19:53 - 00000000 ____D () C:\Program Files (x86)\Nova Development
2014-07-05 22:37 - 2014-07-05 21:59 - 00000000 ____D () C:\Users\VIctor Morano\AppData\Local\Fast Browser
2014-07-05 22:04 - 2012-06-20 06:22 - 00001081 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2014-07-05 22:04 - 2012-06-20 06:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-07-05 22:00 - 2014-07-05 22:00 - 00003284 _____ () C:\windows\System32\Tasks\NSManager
2014-07-05 22:00 - 2014-07-05 22:00 - 00000000 ____D () C:\Users\VIctor Morano\AppData\Local\NSManager
2014-07-05 22:00 - 2014-07-05 22:00 - 00000000 ____D () C:\ProgramData\Npackd
2014-07-05 22:00 - 2014-07-05 22:00 - 00000000 ____D () C:\Program Files (x86)\Simple
2014-07-05 22:00 - 2014-07-05 21:58 - 00001332 __RSH () C:\Users\VIctor Morano\ntuser.pol
2014-07-05 22:00 - 2011-05-19 12:56 - 00000000 ____D () C:\Users\VIctor Morano
2014-07-04 21:12 - 2014-07-04 21:12 - 00000000 ____D () C:\Users\VIctor Morano\AppData\Local\Avanquest North America
2014-07-04 21:11 - 2014-07-04 21:11 - 00000122 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2014-07-04 21:11 - 2014-07-04 21:11 - 00000000 ____D () C:\Users\VIctor Morano\AppData\Local\Photo Explosion
2014-07-04 21:11 - 2012-03-07 04:58 - 00000000 ____D () C:\Users\VIctor Morano\AppData\Local\Avanquest
2014-07-04 21:10 - 2014-07-04 21:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2014-07-04 21:10 - 2011-01-25 15:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-07-04 20:41 - 2014-07-04 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance Power PDF Advanced
2014-07-04 20:41 - 2012-12-08 07:25 - 00000000 ____D () C:\Users\VIctor Morano\AppData\Local\Nuance
2014-07-04 20:41 - 2012-08-27 20:20 - 00001870 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Software Updates.lnk
2014-07-04 20:41 - 2011-05-26 08:06 - 00000000 ____D () C:\ProgramData\Nuance
2014-07-04 20:41 - 2011-05-26 08:05 - 00000000 ____D () C:\Users\VIctor Morano\AppData\Roaming\Nuance
2014-07-04 20:40 - 2011-05-26 08:03 - 00000000 ____D () C:\Program Files (x86)\Nuance
2014-06-30 11:00 - 2012-06-20 06:09 - 00000000 ____D () C:\Program Files\NetWorx
2014-06-30 10:59 - 2012-06-20 06:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetWorx
2014-06-29 22:09 - 2014-07-08 13:53 - 00519168 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-29 22:04 - 2014-07-08 13:53 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-25 13:44 - 2014-06-11 20:32 - 00000000 ____D () C:\Users\VIctor Morano\Documents\Samsung DirecTV codes
2014-06-25 13:15 - 2014-04-11 16:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-25 12:18 - 2011-05-19 13:40 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-25 12:18 - 2011-05-19 13:40 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-24 19:09 - 2011-06-29 19:55 - 00004166 _____ () C:\windows\System32\Tasks\Open URL by RoboForm
2014-06-24 19:09 - 2011-05-20 13:32 - 00003510 _____ () C:\windows\System32\Tasks\Run RoboForm TaskBar Icon
2014-06-24 19:08 - 2011-12-14 08:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
2014-06-24 19:06 - 2011-06-29 19:48 - 00000000 ____D () C:\Users\VIctor Morano\Downloads\RoboForm
2014-06-24 18:56 - 2014-06-19 18:11 - 00000000 ____D () C:\Users\VIctor Morano\AppData\Local\Adobe
2014-06-20 16:14 - 2014-07-08 13:53 - 00266424 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-06-20 15:39 - 2014-07-08 13:53 - 00240824 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll

Some content of TEMP:
====================
C:\Users\VIctor Morano\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-19 07:57

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-07-2014
Ran by VIctor Morano at 2014-07-20 12:48:58
Running from C:\Users\VIctor Morano\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Norton 360 Premier Edition (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 Premier Edition (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 Premier Edition (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
2nd Speech Center 4.15.10.1202 (HKLM-x32\...\2nd Speech Center_is1) (Version: 4.15.10.1202 - Zero2000.com)
3Planesoft Screensaver Manager 1.4 (HKLM-x32\...\3Planesoft Screensaver Manager_is1) (Version: 1.4 - 3Planesoft)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
8500A909_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
8500A909_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
8500A909g (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Community Help (x32 Version: 3.2.1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (x32 Version: 9.0.3.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop.com Inspiration Browser (x32 Version: 3.07 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 (x32 Version: 9.0.1 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 Content (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 Content 1 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 Content 2 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 Content 3 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 HD Content 1 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 HD Content 2 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 HD Content 3 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
AMD DnD V1.0.19 (x32 Version: 1.0.19 - AMD) Hidden
Ancient Castle 3D Screensaver and Animated Wallpaper 1.1 (HKLM-x32\...\Ancient Castle 3D Screensaver and Animated Wallpaper_is1) (Version: 1.1 - 3Planesoft)
ArcSoft PhotoImpression 6 (HKLM-x32\...\{E7E01744-E50E-4B93-AD73-AEF0AC65BD88}) (Version: 6 - ArcSoft)
ArcSoft PhotoStudio 5.5 (HKLM-x32\...\{4A81B632-07AB-4CAC-BB04-DF20DFFBFFA0}) (Version:  - ArcSoft)
ATI AVIVO64 Codecs (Version: 10.12.0.00113 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{C42B7876-FA88-4F4A-9A5F-E175AD143F2A}) (Version: 3.0.762.0 - ATI Technologies, Inc.)
Autumn Forest 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Autumn Forest 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
Autumn Wonderland 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Autumn Wonderland 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
Avanquest update (HKLM-x32\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.09 - Avanquest Software)
Backup Manager Advance (x32 Version: 2.0.2.39 - NewTech Infosystems) Hidden
Battleship Missouri 3D Screensaver 1.0 (HKLM-x32\...\Battleship Missouri 3D Screensaver_is1) (Version: 1.0 - 3Planesoft)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.470.0 - Microsoft Corporation)
Blooming Sakura 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Blooming Sakura 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
BlueSoleil 10.0.457.0 (HKLM\...\{F56591B4-0DEA-4C64-984A-28CB687E4BB0}) (Version: 10.0.457.0 - IVT Corporation)
BlueSoleil cPhone 1.0.63.0 (HKLM-x32\...\{A89DC39D-873E-4920-94E8-D9B2DAFEF32D}) (Version: 1.0.63.0 - IVT Corporation)
BPD_DSWizards (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Camera Support Core Library (x32 Version: 7.3.0.4 - Canon) Hidden
Camera Window DS (x32 Version: 5.3.1 - Canon) Hidden
Camera Window DVC (x32 Version: 5.4.4 - Canon) Hidden
Camera Window MC (x32 Version: 5.4.3 - Canon) Hidden
CameraHelperMsi (x32 Version: 13.30.1395.0 - Logitech) Hidden
Canon Camera Support Core Library (HKLM-x32\...\InstallShield_{A1D0D14A-B776-4907-BC00-5149F2298086}) (Version: 7.3.0.4 - Canon)
Canon Camera WIA Driver (x32 Version: 5.6 - Canon) Hidden
Canon Camera Window DC_DV 5 for ZoomBrowser EX (HKLM-x32\...\InstallShield_{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F}) (Version: 5.4.4 - Canon)
Canon Camera Window DSLR 5 for ZoomBrowser EX (HKLM-x32\...\InstallShield_{0A146245-DB79-4197-BF5D-FE1A699A2CC7}) (Version: 5.3.1 - Canon)
Canon Camera Window MC 5 for ZoomBrowser EX (HKLM-x32\...\InstallShield_{36C65B50-37BA-4467-AAD5-0523EFDF6F62}) (Version: 5.4.3 - Canon)
Canon EOS Kiss_N REBEL_XT 350D WIA Driver (HKLM-x32\...\InstallShield_{33CF7CDF-9805-4500-9CC7-D19D52AD63C4}) (Version: 5.6 - Canon)
Canon PhotoRecord (HKLM-x32\...\{BBBC2B89-E193-4348-A83C-C8DD8210A4AC}) (Version: 02.02.03002 - Cisra)
Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\InstallShield_{BAA43DA2-B6C5-46EC-B163-0E8EEAF975A4}) (Version: 2.2 - Canon)
Canon Utilities Digital Photo Professional 2.0 (HKLM-x32\...\InstallShield_{17BF3045-AB1D-4048-8356-6C584B83565E}) (Version: 2.0 - Canon)
Canon Utilities Digital Photo Professional 2.0 (x32 Version: 2.0 - Canon) Hidden
Canon Utilities EOS Capture 1.5 (HKLM-x32\...\InstallShield_{589D17BB-C997-48C0-BCD2-CC8DC3375FE8}) (Version: 1.5 - Canon)
Canon Utilities PhotoStitch 3.1 (HKLM-x32\...\InstallShield_{874E44F3-B9A7-4AA1-B4BA-83E5684ED9C6}) (Version: 3.1.16 - Canon)
Canon ZoomBrowser EX (E) (HKLM-x32\...\{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}) (Version: 5.05.0000 - Canon)
Caribbean Islands 3D Screensaver and Animated Wallpaper 1.1 (HKLM-x32\...\Caribbean Islands 3D Screensaver and Animated Wallpaper_is1) (Version: 1.1 - 3Planesoft)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0113.2208.39662 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help English (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help French (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help German (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0113.2207.39662 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0113.2208.39662 - ATI) Hidden
ccc-utility64 (Version: 2010.0113.2208.39662 - ATI) Hidden
Christmas 3D Screensaver 1.0 (HKLM-x32\...\Christmas 3D Screensaver_is1) (Version: 1.0 - 3Planesoft)
Christmas Bells 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Christmas Bells 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
Christmas Evening 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Christmas Evening 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
Cisco Network Magic (x32 Version: 5.5.09195.0 - Pure Networks) Hidden
Clock Tower 3D Screensaver 1.1 (HKLM-x32\...\Clock Tower 3D Screensaver_is1) (Version: 1.1 - 3Planesoft)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Coral Clock 3D Screensaver and Animated Wallpaper 1.1 (HKLM-x32\...\Coral Clock 3D Screensaver and Animated Wallpaper_is1) (Version: 1.1 - 3Planesoft)
Coral Reef 3D Screensaver and Animated Wallpaper 1.1 (HKLM-x32\...\Coral Reef 3D Screensaver and Animated Wallpaper_is1) (Version: 1.1 - 3Planesoft)
Creative 3DMIDI Player (HKLM-x32\...\3DMIDI) (Version: 1.11 - Creative Technology Limited)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative Diagnostics (HKLM-x32\...\Diagnostics 4_5) (Version: 5.11 - Creative Technology Limited)
Creative Media Toolbox 6 (HKLM-x32\...\{F1A14CB2-A048-45A6-AFDA-3571296E1D76}) (Version: 6.02 - Creative Technology Limited)
Creative Media Toolbox 6 (Shared Components) (HKLM-x32\...\Uninstaller_B4736000_Creative Media Toolbox 6) (Version: 2.80.12 - Creative Labs)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.26 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.41 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: 1.03 - Creative Technology Limited)
Creative System Information (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited)
Crystal Fireplace 3D Screensaver 1.0 (HKLM-x32\...\Crystal Fireplace 3D Screensaver_is1) (Version: 1.0 - 3Planesoft)
Cuckoo Clock 3D Screensaver 1.0 (HKLM-x32\...\Cuckoo Clock 3D Screensaver_is1) (Version: 1.0 - 3Planesoft)
Cyberfish 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Cyberfish 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2610.50 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.2610.50 - CyberLink Corp.) Hidden
CyberPower PowerPanel Personal Edition 1.2.7 (HKLM-x32\...\{6604C31C-A3F5-4B19-A75F-BF7B87369C89}) (Version: 1.2.7 - Cyber Power Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deep Space 3D Screensaver 1.0 (HKLM-x32\...\Deep Space 3D Screensaver_is1) (Version: 1.0 - 3Planesoft)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Digital Clock 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Digital Clock 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
DIRECTV GenieGO (HKCU\...\InstallShield_{CF2D1F6F-BD25-493C-A257-9ADA0CBC4E1F}) (Version: 2.1.0.62 - DIRECTV, LLC)
DIRECTV GenieGO (x32 Version: 2.1.0.62 - DIRECTV, LLC) Hidden
DIRECTV Player (HKLM-x32\...\{69b8745b-65c2-4a2d-b5db-00e0cd841f1e}) (Version: 9.0 - DIRECTV)
Discovery 3D Screensaver 1.1 (HKLM-x32\...\Discovery 3D Screensaver_is1) (Version: 1.1 - 3Planesoft)
DiskMax 4.56 (HKLM\...\DiskMax) (Version: 4.56 - KoshyJohn.com)
DocMgr (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.00 - Creative Technology Limited)
Dolphins 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Dolphins 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
DTS Connect Pack (HKLM-x32\...\DTS Connect Pack) (Version: 1.00 - Creative Technology Limited)
DubIt (HKLM-x32\...\DubIt) (Version: 2.0 - TechSmith Corporation)
Dutch Windmills 3D Screensaver 1.0 (HKLM-x32\...\Dutch Windmills 3D Screensaver_is1) (Version: 1.0 - 3Planesoft)
Earth 3D Screensaver and Animated Wallpaper 2.0 (HKLM-x32\...\Earth 3D Screensaver and Animated Wallpaper_is1) (Version: 2.0 - 3Planesoft)
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
EOS Capture 1.5 (x32 Version: 1.5 - Canon) Hidden
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Facebook Video Calling 1.2.0.159 (HKLM-x32\...\{7CAC6A44-C3DE-4153-ACA6-7524602C789E}) (Version: 1.2.159 - Skype Limited)
Fantasy Moon 3D Screensaver 1.3 (HKLM-x32\...\Fantasy Moon 3D Screensaver_is1) (Version: 1.3 - 3Planesoft)
Faraway Planet 3D Screensaver 1.0 (HKLM-x32\...\Faraway Planet 3D Screensaver_is1) (Version: 1.0 - 3Planesoft)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
File Type Assistant (HKLM-x32\...\Trusted Software Assistant_is1) (Version:  - Trusted Software) <==== ATTENTION
Fireplace 3D Screensaver and Animated Wallpaper 3.0 (HKLM-x32\...\Fireplace 3D Screensaver and Animated Wallpaper_is1) (Version: 3.0 - 3Planesoft)
Fireside Christmas 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Fireside Christmas 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
Flag 3D Screensaver 1.0 (HKLM-x32\...\Flag 3D Screensaver_is1) (Version: 1.0 - 3Planesoft)
Fog Horses 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Fog Horses 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
Fog Lake Screensaver and Animated Wallpaper 1.1 (HKLM-x32\...\Fog Lake Screensaver and Animated Wallpaper_is1) (Version: 1.1 - 3Planesoft)
Free YouTube to MP3 TURBO Converter 2012 (HKLM-x32\...\FreeYoutubeToMP3TURBOConverter_is1) (Version:  - Bitberry Software)
Futuristic City 3D Screensaver and Animated Wallpaper 1.1 (HKLM-x32\...\Futuristic City 3D Screensaver and Animated Wallpaper_is1) (Version: 1.1 - 3Planesoft)
Gaaiho Collaboration (HKLM-x32\...\{3A1B43F9-48D2-4B86-B792-0A4FC4163005}) (Version: 3.5 - ZEON Corporation)
Galleon 3D Screensaver 1.3 (HKLM-x32\...\Galleon 3D Screensaver_is1) (Version: 1.3 - 3Planesoft)
Gateway InfoCentre (HKLM-x32\...\Gateway InfoCentre) (Version: 3.02.3000 - Gateway Incorporated)
Gateway MyBackup (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.2.39 - NewTech Infosystems)
Gateway Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3007 - Gateway Incorporated)
Gateway Registration (HKLM-x32\...\Gateway Registration) (Version: 1.02.3006 - Gateway Incorporated)
Gateway ScreenSaver (HKLM-x32\...\Gateway Screensaver) (Version: 1.1.0812 - Gateway Incorporated)
Gateway Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Gateway Incorporated)
GoodSync (HKLM\...\{B26B00DA-2E5D-4CF2-83C5-911198C0F009}) (Version: 9.3.4.5 - Siber Systems)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Grand Canyon 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Grand Canyon 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
Grassland 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Grassland 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
Great Pyramids 3D Screensaver and Animated Wallpaper 1.1 (HKLM-x32\...\Great Pyramids 3D Screensaver and Animated Wallpaper_is1) (Version: 1.1 - 3Planesoft)
Greeting Card Factory Deluxe 9.0 (HKLM-x32\...\{F2274C6A-6B2F-42D5-A328-12E666D4CFEF}) (Version: 9.0.0.22 - Nova Development)
Halloween 3D Screensaver 1.1 (HKLM-x32\...\Halloween 3D Screensaver_is1) (Version: 1.1 - 3Planesoft)
Haunted House 3D Screensaver and Animated Wallpaper 2.0 (HKLM-x32\...\Haunted House 3D Screensaver and Animated Wallpaper_is1) (Version: 2.0 - 3Planesoft)
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.221 - SurfRight B.V.)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP ePrint (HKLM-x32\...\{2794875B-6CCF-48B8-84A5-5B10DB98BEE6}) (Version: 14.0.14176.1823 - Hewlett-Packard)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet Pro 8500 A910 Basic Device Software (HKLM\...\{13BE337F-9557-416D-A696-F91A6807B170}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8500 A910 Help (HKLM-x32\...\{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet Pro 8500 A910 Product Improvement Study (HKLM\...\{24E45339-C750-4EAE-8241-BA25A7DABBDD}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Unified IO (Version: 2.0.0.434 - HP) Hidden
HP Unified IO (x32 Version: 2.0.0.434 - HP) Hidden
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Ice Clock 3D Screensaver and Animated Wallpaper 2.0 (HKLM-x32\...\Ice Clock 3D Screensaver and Animated Wallpaper_is1) (Version: 2.0 - 3Planesoft)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Gateway Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Jacquie Lawson Alpine Advent Calendar (x32 Version: 1.0.2 - MicroCourt Limited) Hidden
Jacquie Lawson Edwardian Advent Calendar (x32 Version: 1.0.1 - MicroCourt Limited) Hidden
Jacquie Lawson London Advent Calendar (x32 Version: 1.5.2 - MicroCourt Limited) Hidden
Jacquie Lawson Village Advent Calendar (x32 Version: 2.0.0 - MicroCourt Limited) Hidden
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Jing (HKLM-x32\...\{22800204-9E53-45C7-B6F3-5BB0F1C1A147}) (Version: 2.8.13007.1 - TechSmith Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Koi Fish 3D Screensaver and Animated Wallpaper 2.0 (HKLM-x32\...\Koi Fish 3D Screensaver and Animated Wallpaper_is1) (Version: 2.0 - 3Planesoft)
Lagoon 3D Screensaver 1.0 (HKLM-x32\...\Lagoon 3D Screensaver_is1) (Version: 1.0 - 3Planesoft)
Lake Tree 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Lake Tree 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
Lantern 3D Screensaver 1.0 (HKLM-x32\...\Lantern 3D Screensaver_is1) (Version: 1.0 - 3Planesoft)
Lernout & Hauspie TruVoice American English TTS Engine (HKLM-x32\...\tv_enua) (Version:  - )
Lighthouse Point 3D Screensaver 1.1 (HKLM-x32\...\Lighthouse Point 3D Screensaver_is1) (Version: 1.1 - 3Planesoft)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
Logos 5 Prerequisites (HKLM-x32\...\{C91113DC-B860-43B8-9029-E2B71968631D}) (Version: 5.33.0744 - Logos Bible Software)
Logos Bible Software (HKLM-x32\...\{041C89F7-54DF-4F60-B3D9-DDC0EAAE5CB9}) (Version: 5.33.171 - Logos Bible Software)
LWS Facebook (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.30.1379.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.30.1396.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.30.1379.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.30.1395.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.30.1395.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Video Mask Maker (x32 Version: 13.30.1379.0 - Logitech) Hidden
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.30.1379.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.30.1346.0 - Logitech) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Marketsplash Print Software (HKLM-x32\...\{61933675-EFC7-4190-90B6-5AD56E1D9294}) (Version: 1.0.1.31 - Hewlett-Packard)
Marketsplash Shortcuts (HKLM-x32\...\{16FCDD97-AE09-476B-88CD-261D852BD34C}) (Version: 1.0.1.7 - Hewlett-Packard)
Mayan Waterfall 3D Screensaver 1.0 (HKLM-x32\...\Mayan Waterfall 3D Screensaver_is1) (Version: 1.0 - 3Planesoft)
Mechanical Clock 3D Screensaver and Animated Wallpaper 1.2 (HKLM-x32\...\Mechanical Clock 3D Screensaver and Animated Wallpaper_is1) (Version: 1.2 - 3Planesoft)
Medieval Castle 3D Screensaver and Animated Wallpaper 1.1 (HKLM-x32\...\Medieval Castle 3D Screensaver and Animated Wallpaper_is1) (Version: 1.1 - 3Planesoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mountain Waterfall 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Mountain Waterfall 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MPM (HKLM-x32\...\{CD8C5C7F-7C58-4F85-8977-A6C08C087912}) (Version: 1.00.0000 - Hewlett-Packard)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyLogoMaker 2.0 (HKLM-x32\...\MyLogoMaker_is1) (Version:  - Avanquest USA, Inc.)
MyProfessionalBusinessCards (HKLM-x32\...\{CC263FFC-23D9-4C78-BBA2-61A41DD947C7}) (Version: 5.5.0.0 - Avanquest Publishing USA, Inc.)
MySoftware Fonts (HKLM-x32\...\{6C6F0968-2B86-42B4-AF34-46A5F06E8FA4}) (Version:  - )
Nature 3D Screensaver 1.1 (HKLM-x32\...\Nature 3D Screensaver_is1) (Version: 1.1 - 3Planesoft)
Nautilus 3D Screensaver 1.2 (HKLM-x32\...\Nautilus 3D Screensaver_is1) (Version: 1.2 - 3Planesoft)
Nero 11 (HKLM-x32\...\{810B7362-6B05-4714-AF6A-EF3A20CCD634}) (Version: 11.2.00600 - Nero AG)
Nero 9 Essentials (HKLM-x32\...\{b0941905-5fb6-42ad-9804-609e3ae602c6}) (Version:  - Nero AG)
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp 11 (x32 Version: 6.2.18400.2.100 - Nero AG) Hidden
Nero BackItUp 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 12.0.4000 - Nero AG)
Nero Blu-ray Player (x32 Version: 12.0.20012 - Nero AG) Hidden
Nero Burning ROM 11 (x32 Version: 11.2.10300.0.0 - Nero AG) Hidden
Nero Burning ROM 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero Cliparts (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15500 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.5000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.19400 - Nero AG) Hidden
Nero CoverDesigner 11 (x32 Version: 6.0.11000.13.100 - Nero AG) Hidden
Nero CoverDesigner 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero Disc Menus Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.13.100 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.12.100 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Effects Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Express 11 (x32 Version: 11.2.10300.0.0 - Nero AG) Hidden
Nero Express 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.6.2.101 - Nero AG) Hidden
Nero Image Samples (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.12.100 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero Kwik Media (x32 Version: 1.18.19600 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero Kwik Themes Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero PiP Effects Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Recode 11 (x32 Version: 5.2.11300.0.0 - Nero AG) Hidden
Nero Recode 11 Help (CHM) (x32 Version: 11.0.10600 - Nero AG) Hidden
Nero RescueAgent 11 (x32 Version: 4.0.10600.10.100 - Nero AG) Hidden
Nero RescueAgent 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.12100.2.0 - Nero AG) Hidden
Nero SoundTrax 11 (x32 Version: 5.0.10700.6.100 - Nero AG) Hidden
Nero SoundTrax 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.37.100 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.27.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11500.28.0 - Nero AG) Hidden
Nero Video 11 (x32 Version: 8.2.16000.4.100 - Nero AG) Hidden
Nero Video 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero Video Samples (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero WaveEditor 11 (x32 Version: 6.2.11300.0.100 - Nero AG) Hidden
Nero WaveEditor 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden
nero.prerequisites.msi (x32 Version: 11.0.20010 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.33.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Network Magic (HKLM-x32\...\Network MagicUninstall) (Version: 5.5.9195.0 - Cisco Systems, Inc.)
Network64 (Version: 130.0.579.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
NetWorx 5.3.2 (HKLM\...\NetWorx_is1) (Version:  - Softperfect Research)
Newsflash (HKLM-x32\...\{1A722192-4AEA-4911-9F71-EBECEDC970B5}) (Version: 1.0.0.7 - )
NextUp.com-NeoSpeech Kate16 Voice (HKLM-x32\...\{35A99070-E9E0-42BB-8F8B-C00854A03E59}) (Version: 1.01.0000 - NextUp.com)
NextUp.com-NeoSpeech Paul16 Voice (HKLM-x32\...\{5D97F812-3F0D-4AFE-A377-27DD67DE9079}) (Version: 1.01.0000 - NextUp.com)
Nokia Connectivity Cable Driver (HKLM-x32\...\{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}) (Version: 7.0.2.0 - Nokia)
Norton 360 (HKLM-x32\...\N360) (Version: 21.4.0.13 - Symantec Corporation)
Nuance OmniPage 18 (HKLM-x32\...\{4761F31F-291F-46AA-9F00-17BADAB76371}) (Version: 18.0.0000 - Nuance Communications, Inc.)
Nuance PaperPort 14 (HKLM-x32\...\{C158E4E4-B2A2-4D62-9C61-D0FC62D78E6D}) (Version: 14.0.0000 - Nuance Communications, Inc.)
Nuance PDF Converter Professional 8 (HKLM\...\{E645E501-5E3D-4DA2-9A47-BDC0C8A74336}) (Version: 8.10.6214 - Nuance Communications, Inc.)
Nuance PDF Converter Professional 8 (HKLM-x32\...\{E645E501-5E3D-4DA2-9A47-BDC0C8A74336}) (Version: 8.00.6214 - Nuance Communications, Inc.)
Nuance PDF Converter Professional 8 Update x64 (HKLM\...\{45AE5880-34A1-4575-92A6-11D0DC182F24}) (Version: 8.11.0000 - Nuance Communications, Inc.)
Nuance PDF Reader (HKLM-x32\...\{5F6C549F-78DA-4E0E-AE70-0BD981936D99}) (Version: 7.00.0000 - Nuance Communications, Inc.)
Nuance Power PDF Advanced (HKLM\...\{BD71D245-1A8B-4FB3-83E4-74F77FB39267}) (Version: 1.00.7472 - Nuance Communications, Inc.)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Office Printing Essentials (HKLM-x32\...\{49501F7D-99A9-46E8-AECF-7ABFD90823EE}) (Version: 1.0.0.3 - Nova Development)
Officejet Pro 8500 A909 Series (HKLM\...\{D850BEF5-67AF-4071-9538-FA9AC725D62C}) (Version: 13.0 - HP)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Orbital Sunset 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Orbital Sunset 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
OVT Scanner (HKLM-x32\...\{A746CE98-A755-4AD7-B4B8-346DC74CDECD}) (Version: 1.00.0000 - OVT)
Palm Desktop by ACCESS (HKLM-x32\...\{FD6034A3-655C-49F0-B496-D4CBFD74D7A7}) (Version: 6.4.0.0 - Palm, Inc.)
PaperPort Anywhere 1.1.4269.39023 powered by OfficeDrop (HKLM\...\{52357C6C-FE7F-4E8C-B045-EDE5146A1F9C}) (Version: 1.1.4269.39023 - OfficeDrop)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0001 - Nuance Communications, Inc.)
PC Connectivity Solution (HKLM-x32\...\{83258E90-1F76-4E13-9F60-A0F8ED41E76F}) (Version: 8.22.7.0 - Nokia)
Photo Frame (HKLM-x32\...\{733C5FC0-F0C4-405B-A983-61C24CC60E39}_is1) (Version: 5.0.0.3 - Northstar Systems Corp.)
PhotoImpression (HKLM-x32\...\{063E409E-3D7C-4A4A-95AB-2F124B9224B3}) (Version:  - ArcSoft)
PhotoStitch (x32 Version: 3.1.16 - Canon) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.2.10 - Prolific Technology INC)
PrinterShare 2.3.07 (HKLM\...\{FA9BB954-1D36-4DD9-8E6B-45A1183F59B6}) (Version: 2.3.7.0 - Printer Anywhere Inc.)
ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
Pure Networks Platform (x32 Version: 11.2.09195.1 - Pure Networks) Hidden
RAW Image Task 2.2 (x32 Version: 2.2 - Canon) Hidden
Readiris Pro 12 (HKLM-x32\...\{3AC26580-A695-4134-84AE-5121B3AAE545}) (Version: 12.00.5965 - I.R.I.S.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6045 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
RoboForm 7-9-8-5 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-8-5 - Siber Systems)
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version:  - )
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.42.0 - SAMSUNG Electronics Co., Ltd.)
Sandy Beach 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Sandy Beach 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
Santa Claus 3D Screensaver and Animated Wallpaper 1.1 (HKLM-x32\...\Santa Claus 3D Screensaver and Animated Wallpaper_is1) (Version: 1.1 - 3Planesoft)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Scansoft PDF Professional (x32 Version:  - ) Hidden
Security Task Manager 1.8f (HKLM-x32\...\Security Task Manager) (Version: 1.8f - Neuber Software)
Sharks - Great White 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Sharks - Great White 3D Screensaver and Animated~7A7BEC62_is1) (Version: 1.0 - 3Planesoft)
Sharks 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Sharks 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
ShopSafe (HKLM-x32\...\{87358FDB-7A27-4F53-9BFB-1566FA03A9C5}) (Version: 3.4.13.0 - ShopSafe)
ShopSafe (x32 Version: 1.4.3.0 - ShopSafe) Hidden
Shorter Oxford English Dictionary (Sixth Edition) (HKLM-x32\...\Shorter Oxford English Dictionary (Sixth Edition)) (Version:  - )
Simple 1.1 (HKLM-x32\...\Simple) (Version: 1.1 - Simple)
SiSoftware Sandra Personal 2014.RTM (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 20.10.2014.2 - SiSoftware)
Skeleton Clock 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Skeleton Clock 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
Sky Citadel 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Sky Citadel 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SmartSound Quicktracks for Premiere Elements 9.0 (HKLM-x32\...\InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}) (Version: 3.12.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 9.0 (x32 Version: 3.12.3090 - SmartSound Software Inc) Hidden
Snagit 10.0.2 (HKLM-x32\...\{92D194E7-AEF9-4A9E-8620-8F3AE712E3F7}) (Version: 10.0.2 - TechSmith Corporation)
Snagit 11 (HKLM-x32\...\{A56C6348-59D0-433B-A48A-75914858664E}) (Version: 11.2.1 - TechSmith Corporation)
Snow Village 3D Screensaver and Animated Wallpaper 1.1 (HKLM-x32\...\Snow Village 3D Screensaver and Animated Wallpaper_is1) (Version: 1.1 - 3Planesoft)
SoftPerfect Network Protocol Analyzer 2.8 (HKLM-x32\...\SoftPerfect Network Protocol Analyzer_is1) (Version:  - SoftPerfect Research)
SoftPerfect WiFi Guard version 1.0.2 (HKLM\...\{38AFD787-4D2E-4442-92D2-7739F5F92CF4}_is1) (Version: 1.0.2 - SoftPerfect Research)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sound Blaster X-Fi (HKLM-x32\...\{20288888-A7AF-4B24-8AEB-398D20CD563C}) (Version: 1.0 - Creative Technology Limited)
SoundFont Bank Manager (HKLM-x32\...\SFBM) (Version: 3.21 - Creative Technology Limited)
Speccy (HKLM\...\Speccy) (Version: 1.22 - Piriform)
Spirit of Fire 3D Screensaver 2.4 (HKLM-x32\...\Spirit of Fire 3D Screensaver_is1) (Version: 2.4 - 3Planesoft)
Springtime 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Springtime 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Starry Night 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Starry Night 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam Clock 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Steam Clock 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
Stock Car Racing 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Stock Car Racing 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
Stonehenge 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Stonehenge 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
Summer Forest 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Summer Forest 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
Sun Village 3D Screensaver and Animated Wallpaper 1.1 (HKLM-x32\...\Sun Village 3D Screensaver and Animated Wallpaper_is1) (Version: 1.1 - 3Planesoft)
Sunny Patio 3D Screensaver and Animated Wallpaper 1.1 (HKLM-x32\...\Sunny Patio 3D Screensaver and Animated Wallpaper_is1) (Version: 1.1 - 3Planesoft)
Sweethearts 3D Screensaver and Animated Wallpaper 1.1 (HKLM-x32\...\Sweethearts 3D Screensaver and Animated Wallpaper_is1) (Version: 1.1 - 3Planesoft)
Thanksgiving Day 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Thanksgiving Day 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
The Lost Watch 3D Screensaver and Animated Wallpaper 2.0 (HKLM-x32\...\The Lost Watch 3D Screensaver and Animated Wallpaper_is1) (Version: 2.0 - 3Planesoft)
The Lost Watch II 3D Screensaver 1.0 (HKLM-x32\...\The Lost Watch II 3D Screensaver_is1) (Version: 1.0 - 3Planesoft)
The One Ring 3D Screensaver 1.0 (HKLM-x32\...\The One Ring 3D Screensaver_is1) (Version: 1.0 - 3Planesoft)
THX TruStudio PC (HKLM-x32\...\{F1F5C7EE-23BB-47A3-943E-9F290DD267F0}) (Version: 1.0 - Creative Technology Limited)
Tiger Sharks 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Tiger Sharks 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
Titanic Memories 3D Screensaver and Animated Wallpaper 1.1 (HKLM-x32\...\Titanic Memories 3D Screensaver and Animated Wallpaper_is1) (Version: 1.1 - 3Planesoft)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Tropical Fish 3D Screensaver and Animated Wallpaper 1.2 (HKLM-x32\...\Tropical Fish 3D Screensaver and Animated Wallpaper_is1) (Version: 1.2 - 3Planesoft)
Tyrannosaurus Rex 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Tyrannosaurus Rex 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
Unix Utilities for Yahoo! Widgets (HKLM-x32\...\UnixUtils for Yahoo! Widgets) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Valentine 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Valentine 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
Valentine Musicbox 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Valentine Musicbox 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
Venice Carnival 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Venice Carnival 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
Vintage Aircraft 3D Screensaver and Animated Wallpaper 1.1 (HKLM-x32\...\Vintage Aircraft 3D Screensaver and Animated Wallpaper_is1) (Version: 1.1 - 3Planesoft)
Visual Thesaurus 3.0.2 (HKLM-x32\...\Visual Thesaurus 3.0.2) (Version:  - Thinkmap, Inc.)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Voyage of Columbus 3D Screensaver 1.0 (HKLM-x32\...\Voyage of Columbus 3D Screensaver_is1) (Version: 1.0 - 3Planesoft)
Wallpaper Downloader 2.7 (HKLM-x32\...\{6452D097-5646-4039-93B6-183B54E208C0}_is1) (Version:  - WallpaperDownloader.com)
Water Clock 3D Screensaver and Animated Wallpaper 1.1 (HKLM-x32\...\Water Clock 3D Screensaver and Animated Wallpaper_is1) (Version: 1.1 - 3Planesoft)
Watermill 3D Screensaver and Animated Wallpaper 2.0 (HKLM-x32\...\Watermill 3D Screensaver and Animated Wallpaper_is1) (Version: 2.0 - 3Planesoft)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Welcome App (Start-up experience) (x32 Version: 11.0.23500.0.0 - Nero AG) Hidden
Welcome Center (HKLM-x32\...\Gateway Welcome Center) (Version: 1.00.3013 - Gateway Incorporated)
Western Railway 3D Screensaver 2.0 (HKLM-x32\...\Western Railway 3D Screensaver_is1) (Version: 2.0 - 3Planesoft)
White Christmas 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\White Christmas 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)
Wildflowers 3D Screensaver and Animated Wallpaper 1.1 (HKLM-x32\...\Wildflowers 3D Screensaver and Animated Wallpaper_is1) (Version: 1.1 - 3Planesoft)
Windows 7 Logon Background Changer (HKLM-x32\...\{2E6044C5-3495-485F-91BC-46D1B6430E51}) (Version: 1.5.2 - Julien MANICI)
Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Winter Wonderland 3D Screensaver and Animated Wallpaper 1.1 (HKLM-x32\...\Winter Wonderland 3D Screensaver and Animated Wallpaper_is1) (Version: 1.1 - 3Planesoft)
Wireshark 1.8.2 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.8.2 - The Wireshark developer community, http://www.wireshark.org)
Yahoo! Widgets (HKLM-x32\...\Yahoo! Widget Engine) (Version: 4.5.2.0 - Yahoo! Inc.)
Zodiac Clock 3D Screensaver and Animated Wallpaper 1.0 (HKLM-x32\...\Zodiac Clock 3D Screensaver and Animated Wallpaper_is1) (Version: 1.0 - 3Planesoft)

==================== Restore Points  =========================

15-07-2014 13:21:39 Installed DIRECTV GenieGO
15-07-2014 13:22:52 Installed DIRECTV GenieGO

==================== Hosts content: ==========================

2009-07-13 22:34 - 2014-07-14 16:40 - 00450712 ____R C:\windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com

There are 1000 more lines.

==================== Scheduled Tasks (whitelisted) =============

Task: {01BE2045-C3AD-456B-8FC5-307FF3FC50A4} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {0B4B27EC-D813-4662-9164-1A5226E94E42} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-06-24] (Siber Systems)
Task: {0C0D03EF-AA8F-424B-8769-FC632E2A6893} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {0C6A0B48-A6C0-4662-8A8B-17C08B5E5097} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-19] (Google Inc.)
Task: {0D91BE4E-6674-4B4F-8EA3-4E1AFE0AAFC8} - System32\Tasks\{6653B7F7-3D4D-45E4-AA3D-E0ED541DAE15} => C:\Program Files (x86)\2nd Speech Center\iisc.exe [2010-12-04] (Zero2000 Software)
Task: {1CDE5235-48BA-4B8A-A210-948C25DF7F16} - System32\Tasks\{188F1423-4C92-42D3-842B-2F706D6F5F35} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-05-08] (Skype Technologies S.A.)
Task: {36634F66-393F-46E6-93C2-19C86D8CC459} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {3A8DD10E-ED10-4B4E-8599-082903D2C62D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-05-19] (Google Inc.)
Task: {5C264018-5C98-4C73-95FF-A517CE7A6054} - System32\Tasks\{4DA3A11B-89B8-427B-9BEE-91CC147690ED} => C:\Program Files (x86)\2nd Speech Center\iisc.exe [2010-12-04] (Zero2000 Software)
Task: {6282BDE4-3D11-4446-8484-082520C65D6C} - System32\Tasks\AdobeAAMUpdater-1.0-GatewayCR-VIctor Morano => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {689FBA93-9AE8-4B13-9F5D-2A3346AF6D42} - System32\Tasks\NSManager => C:\Users\VIctor Morano\AppData\Local\NSManager\manager.exe [2014-04-04] ()
Task: {74B59FF9-CAB6-48A0-AE6F-3822CD06759B} - \ProgramUpdateCheck No Task File <==== ATTENTION
Task: {7975D76D-A77C-420A-8459-8D5FC193F0F9} - System32\Tasks\{C2065C1B-B25F-4AAE-A08F-207BE12445C8} => C:\Program Files (x86)\2nd Speech Center\iisc.exe [2010-12-04] (Zero2000 Software)
Task: {99BD73D0-DCB7-4D24-9A01-B5BFE1950380} - System32\Tasks\HPCustParticipation HP Officejet Pro 8500 A910 => C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {A2189B94-0592-45B7-B904-6886798A7EEF} - System32\Tasks\{8BF12A99-BF28-46D4-A323-2F7D0C857B80} => C:\Program Files (x86)\2nd Speech Center\iisc.exe [2010-12-04] (Zero2000 Software)
Task: {BB5C3549-34E9-48FA-8E88-45C7EE144270} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMMMOMJMPMJJLJKMKMCNKMNJLMJMCNLMKMOJMMCNHMIMPMGMCNLMHMGMOJMJKJKMLJOMKJMMOJJNJICMIMCNGMCNHMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMOMFMMJBJKJLIMJFMOMOMMMOMJNHICMMJBJKJLIMJJNBJCMJKGLMJLIAJNIPNCLAJNIOJBJAJJNKJCMJNNICMJNDJCMKJBJJNMJCMOMFMMMKMMMFMIMGMJNFICMGJLJKJBJLIGJLIGJKJMIBNKJHIKJ"
Task: {BB621D36-C0BE-4820-BB36-01A0B1F9F465} - System32\Tasks\{78877DDF-6874-41AC-8FAA-08E7FF2F0350} => C:\Program Files (x86)\2nd Speech Center\iisc.exe [2010-12-04] (Zero2000 Software)
Task: {C37389D2-A7A1-4098-B239-EB95E29E6828} - System32\Tasks\Go to RoboForm Install page => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMMMOMJMPMJJLJKMKMCNKMNJLMJMCNLMKMOJMMCNHMIMPMGMCNLMHMGMOJMJKJKMLJOMKJMMOJJNJICMIMCNNMCNGMFMGMCNPMCNHMOMOMNMFMJMCNOMCNIMJMPMOMCNNMJNPICMLMFMEKMICNJJCKFMPMJNHICMEKMICNJJCKJNBJCMJKGLMJLIAJNIPNCLAJNIOJBJAJJNKJCMJNNICMJNDJCMKJBJ"
Task: {CF9AE5EB-98B8-49EB-AB60-B158519FA1CF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3621028071-1008099766-2742997306-1000Core => C:\Users\VIctor Morano\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {D0269B98-BAF4-487F-8D92-E1FAA64C20AF} - System32\Tasks\{7C12ABE7-5074-4D25-8AF0-A8F79E9B92BC} => C:\Program Files (x86)\2nd Speech Center\iisc.exe [2010-12-04] (Zero2000 Software)
Task: {DC116354-B9ED-43BF-9BDE-22C6EB0650B1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3621028071-1008099766-2742997306-1000UA => C:\Users\VIctor Morano\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {F8512E1E-FAF6-4533-B429-623028CC4378} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\WSCStub.exe [2014-06-26] (Symantec Corporation)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3621028071-1008099766-2742997306-1000Core.job => C:\Users\VIctor Morano\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3621028071-1008099766-2742997306-1000UA.job => C:\Users\VIctor Morano\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-09-22 10:00 - 2013-09-22 10:00 - 00268536 _____ () C:\windows\system32\IVTCredentialProvider.DLL
2013-09-22 10:00 - 2013-09-22 10:00 - 00029432 _____ () C:\windows\system32\BsTrace.dll
2013-09-22 10:00 - 2013-09-22 10:00 - 00029432 _____ () C:\windows\System32\BsTrace.dll
2012-10-07 22:55 - 2012-10-07 22:55 - 05546712 _____ () C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
2009-12-13 22:19 - 2009-12-09 05:24 - 00076320 _____ () C:\OEM\USBDECTION\USBS3S4Detection.exe
2013-09-22 10:00 - 2013-09-22 10:00 - 00017144 _____ () C:\windows\system32\BsHelpCSps.dll
2012-06-20 06:09 - 2014-06-06 15:41 - 00718336 _____ () C:\Program Files\NetWorx\sqlite.dll
2010-12-29 16:40 - 2010-12-29 16:40 - 00144672 _____ () C:\Program Files (x86)\Nova Development\Office Printing Essentials\ReminderApp.exe
2011-09-19 09:51 - 2011-09-19 09:51 - 00145240 _____ () C:\Program Files (x86)\Nova Development\Greeting Card Factory Deluxe 9.0\ReminderApp.exe
2011-08-12 12:18 - 2011-08-12 12:18 - 00265240 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2011-08-12 12:19 - 2011-08-12 12:19 - 00680984 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
2009-08-14 14:55 - 2009-08-14 14:55 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-01-25 15:10 - 2011-01-25 15:10 - 00270336 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-09-22 09:58 - 2013-09-22 09:58 - 00360184 _____ () C:\Program Files (x86)\IVT Corporation\BlueSoleil\setup.dll
2010-05-13 16:30 - 2010-05-13 16:30 - 00028730 _____ () C:\Program Files (x86)\IVT Corporation\BlueSoleil\Driver\USB\btcusb.dll
2013-09-22 10:03 - 2013-09-22 10:03 - 00244472 _____ () C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile\BaseLib.dll
2013-09-22 10:03 - 2013-09-22 10:03 - 00068344 _____ () C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile\ExtraLib.dll
2013-09-22 10:03 - 2013-09-22 10:03 - 00048376 _____ () C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile\cscvt.dll
2013-09-22 09:57 - 2013-09-22 09:57 - 00016632 _____ () C:\windows\SysWOW64\BsMobileCSps.dll
2011-11-30 11:53 - 2011-11-30 11:53 - 00229376 _____ () C:\Program Files (x86)\IVT Corporation\BlueSoleil cPhone\BaseLib.dll
2011-11-30 11:54 - 2011-11-30 11:54 - 00049152 _____ () C:\Program Files (x86)\IVT Corporation\BlueSoleil cPhone\ExtraLib.dll
2003-05-01 18:23 - 2003-05-01 18:23 - 00041472 _____ () C:\Program Files (x86)\IVT Corporation\BlueSoleil cPhone\cscvt.dll
2013-09-22 09:57 - 2013-09-22 09:57 - 00026360 _____ () C:\windows\SysWOW64\BsTrace.dll
2009-11-17 18:16 - 2009-11-17 18:16 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\sqlite3.dll
2009-11-17 18:12 - 2009-11-17 18:12 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\ACE.dll
2014-05-14 12:45 - 2014-05-14 12:45 - 00090624 _____ () C:\Program Files (x86)\PasswordBox\libwebsocketswin32.dll
2009-07-13 17:37 - 2009-07-13 17:37 - 00152112 _____ () C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll
2009-07-13 17:37 - 2009-07-13 17:37 - 00098304 _____ () C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\CFireWallCOM.dll
2013-05-29 16:12 - 2013-05-29 16:12 - 00095232 _____ () C:\Program Files (x86)\TechSmith\Snagit 11\VideoRecording.dll
2013-05-29 16:11 - 2013-05-29 16:11 - 00089088 _____ () C:\Program Files (x86)\TechSmith\Snagit 11\SDKRecorder.dll
2013-05-29 16:05 - 2013-05-29 16:05 - 04710400 ____R () C:\Program Files (x86)\TechSmith\Snagit 11\PDFNetC.dll
2011-03-01 23:14 - 2011-03-01 23:14 - 02143576 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2011-03-01 23:14 - 2011-03-01 23:14 - 07954776 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2011-03-01 23:15 - 2011-03-01 23:15 - 00340824 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2011-03-01 23:15 - 2011-03-01 23:15 - 00027480 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2011-03-01 23:15 - 2011-03-01 23:15 - 00126808 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2008-01-08 18:50 - 2008-01-08 18:50 - 00349147 _____ () C:\Program Files (x86)\Yahoo!\Widgets\sqlite3.dll
2008-03-18 20:21 - 2008-03-18 20:21 - 00512000 _____ () C:\Program Files (x86)\Yahoo!\Widgets\js32.dll
2008-03-18 20:21 - 2008-03-18 20:21 - 00094208 _____ () C:\Program Files (x86)\Yahoo!\Widgets\jsd.dll
2010-12-29 16:40 - 2010-12-29 16:40 - 00087328 _____ () C:\Program Files (x86)\Nova Development\Office Printing Essentials\AddressBookCore.dll
2010-12-29 16:40 - 2010-12-29 16:40 - 00152864 _____ () C:\Program Files (x86)\Nova Development\Office Printing Essentials\en-US\ReminderApp.resources.dll
2012-09-26 17:29 - 2010-10-13 16:37 - 00032768 _____ () C:\Program Files (x86)\ShopSafe\ShopSafe.dll
2011-08-22 15:47 - 2011-08-22 15:47 - 00336408 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2013-09-22 10:00 - 2013-09-22 10:00 - 00160504 _____ () C:\windows\system32\BsProfilefunc.dll
2013-09-22 10:03 - 2013-09-22 10:03 - 00129784 _____ () C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile\s40pack.dll
2014-06-11 11:37 - 2014-06-11 11:37 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-07-09 15:14 - 2014-07-09 15:14 - 17029808 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:01C66DD9
AlternateDataStreams: C:\ProgramData\Temp:0B9FB94D
AlternateDataStreams: C:\ProgramData\Temp:18262EDA
AlternateDataStreams: C:\ProgramData\Temp:6CC0D09A
AlternateDataStreams: C:\ProgramData\Temp:9B013599
AlternateDataStreams: C:\ProgramData\Temp:A303874F
AlternateDataStreams: C:\ProgramData\Temp:AEC0AC81
AlternateDataStreams: C:\ProgramData\Temp:F9CFE070
AlternateDataStreams: C:\ProgramData\Temp:FD9CE1F3
AlternateDataStreams: C:\ProgramData\Temp:FED912DB

==================== Safe Mode (whitelisted) ===================

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

==================== Faulty Device Manager Devices =============

Name: ATI High Definition Audio Device
Description: ATI High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: ATI Technologies Inc.
Service: AtiHdmiService
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Officejet Pro 8500 A910
Description: Officejet Pro 8500 A910
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Officejet Pro 8500 A910
Description: Officejet Pro 8500 A910
Class Guid:
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name:
Description:
Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (07/19/2014 07:59:13 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (07/19/2014 07:59:13 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (07/17/2014 01:32:29 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file  for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program PasswordBox Service because of this error.

Program: PasswordBox Service
File:

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
 - It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
 - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: 00000000
Disk type: 0

Error: (07/17/2014 01:32:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: pbbtnService.exe, version: 1.8.3.0, time stamp: 0x5373bedb
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000096
Fault offset: 0x000485fe
Faulting process id: 0x9a4
Faulting application start time: 0xpbbtnService.exe0
Faulting application path: pbbtnService.exe1
Faulting module path: pbbtnService.exe2
Report Id: pbbtnService.exe3

Error: (07/16/2014 00:55:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (07/16/2014 00:55:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (07/16/2014 05:42:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: YahooWidgets.exe, version: 4.5.2.0, time stamp: 0x47e05eca
Faulting module name: YahooWidgets.exe, version: 4.5.2.0, time stamp: 0x47e05eca
Exception code: 0xc0000005
Fault offset: 0x0008e3c5
Faulting process id: 0x1858
Faulting application start time: 0xYahooWidgets.exe0
Faulting application path: YahooWidgets.exe1
Faulting module path: YahooWidgets.exe2
Report Id: YahooWidgets.exe3

Error: (07/15/2014 01:34:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (07/15/2014 01:34:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (07/15/2014 09:54:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: N360.exe, version: 12.11.2.9, time stamp: 0x5355938e
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x928
Faulting application start time: 0xN360.exe0
Faulting application path: N360.exe1
Faulting module path: N360.exe2
Report Id: N360.exe3

System errors:
=============
Error: (07/20/2014 00:18:58 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (07/19/2014 10:14:26 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (07/19/2014 06:31:35 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (07/19/2014 06:29:15 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (07/19/2014 06:16:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (07/19/2014 06:14:23 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (07/19/2014 05:30:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (07/19/2014 05:28:12 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (07/19/2014 03:37:12 AM) (Source: iaStor) (EventID: 9) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (07/19/2014 03:35:16 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Microsoft Office Sessions:
=========================
Error: (12/06/2013 05:03:31 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 207 seconds with 180 seconds of active time.  This session ended with a crash.

==================== Memory info ===========================

Percentage of memory in use: 37%
Total physical RAM: 8183.11 MB
Available physical RAM: 5136.89 MB
Total Pagefile: 16364.4 MB
Available Pagefile: 12739.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:912.41 GB) (Free:778.18 GB) NTFS
Drive x: (Hot Swap 1) (Fixed) (Total:931.51 GB) (Free:931.11 GB) NTFS
Drive y: (Hot Swop 2) (Fixed) (Total:931.51 GB) (Free:787.56 GB) NTFS
Drive z: (HP OJ8500_A910) (CDROM) (Total:0.3 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: B7156F9F)
Partition 1: (Not Active) - (Size=19 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=912 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 1BFF9BB3)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 1BFF9BB2)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================


Edited by VicMJ, 20 July 2014 - 12:37 PM.


#9 nasdaq

nasdaq

  • Malware Response Team
  • 38,747 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:43 AM

Posted 20 July 2014 - 01:33 PM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3621028071-1008099766-2742997306-1000\...\Run: [BingWallpaperDownloader] => [X]
HKU\S-1-5-21-3621028071-1008099766-2742997306-1000\...\Run: [3PlanesoftAnimatedWallpaper] => [X]
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO-x32: Simple -> {886bf106-6ebf-4ef4-8676-6663caabbda4} -> C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\VIctor Morano\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF HKLM-x32\...\Firefox\Extensions: [{jid1-eFRcA0eiPxecTQ@jetpack}] - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\extensions\{jid1-eFRcA0eiPxecTQ@jetpack}
FF HKLM-x32\...\Firefox\Extensions: [{jid1-vS7biDmom8YxhA@jetpack}] - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\extensions\{jid1-vS7biDmom8YxhA@jetpack}
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.

How is the computer running now?

#10 VicMJ

VicMJ
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Massachusetts, United States
  • Local time:02:43 AM

Posted 20 July 2014 - 06:35 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 20-07-2014
Ran by VIctor Morano at 2014-07-20 19:33:22 Run:1
Running from C:\Users\VIctor Morano\Desktop\Fist
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3621028071-1008099766-2742997306-1000\...\Run: [BingWallpaperDownloader] => [X]
HKU\S-1-5-21-3621028071-1008099766-2742997306-1000\...\Run: [3PlanesoftAnimatedWallpaper] => [X]
SearchScopes: HKLM - DefaultScope
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO-x32: Simple -> {886bf106-6ebf-4ef4-8676-6663caabbda4} -> C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\VIctor Morano\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF HKLM-x32\...\Firefox\Extensions: [{jid1-eFRcA0eiPxecTQ@jetpack}] - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\extensions\{jid1-eFRcA0eiPxecTQ@jetpack}
FF HKLM-x32\...\Firefox\Extensions: [{jid1-vS7biDmom8YxhA@jetpack}] - C:\Users\VIctor Morano\AppData\Roaming\Mozilla\Firefox\Profiles\j3nrqb6u.default\extensions\{jid1-vS7biDmom8YxhA@jetpack}
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]

End

*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-3621028071-1008099766-2742997306-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BingWallpaperDownloader => value deleted successfully.
HKU\S-1-5-21-3621028071-1008099766-2742997306-1000\Software\Microsoft\Windows\CurrentVersion\Run\\3PlanesoftAnimatedWallpaper => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{886bf106-6ebf-4ef4-8676-6663caabbda4}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{886bf106-6ebf-4ef4-8676-6663caabbda4}' => Key deleted successfully.
'HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File'=> Key not found.
"FF Plugin: @microsoft.com/GENUINE - disabled No File" => not found.
'HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @microsoft.com/GENUINE - disabled No File'=> Key not found.
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File not found.
'HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin' => Key deleted successfully.
C:\Users\VIctor Morano\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{jid1-eFRcA0eiPxecTQ@jetpack} => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{jid1-vS7biDmom8YxhA@jetpack} => value deleted successfully.
VComm => Service deleted successfully.
VcommMgr => Service deleted successfully.

==== End of Fixlog ====

 

IE stills opens with SafeSearch.

FireFox still opens with SafeSearch and then AVG with a new Tab after that.


Edited by VicMJ, 20 July 2014 - 06:49 PM.


#11 nasdaq

nasdaq

  • Malware Response Team
  • 38,747 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:43 AM

Posted 21 July 2014 - 07:40 AM


Click the StartBtn.gif button. In the Search box, type Command Prompt, and then, in the list of results, double-click Command Prompt.

at the cursor type:
ipconfig /flushdns <-- (A space between g and / is needed)

repeat with
ipconfig /renew

Then hit Enter, type Exit, hit the Enter key.

You may need to run CMD - Command Prompt on Vista - Windows 7/8 with Elevated Privilege
http://www.bleepingcomputer.com/tutorials/windows-elevated-command-prompt/
<<<>>>

If that fails to remove the Redirects try this.
...

Reset all you Browsers.

Reset Chrome...
Click on "Customize and control Google Chrome":
 
p22003758.gif
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Restart Chrome.
====

Firefox:
Reset Default Browsing settings:
https://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-problems?utm_expid=65912487-41.djHNRQY0RhaLvvtvcd0BQA.2&utm_referrer=https%3A%2F%2Fwww.google.ca%2F
===

Internet Explorer:
Menu > Tools > Internet Options > General Tab.
Click the Reset button on the bottom of the pane.
Clcik the Apply button.
Close IE.

===

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.

If the site is busy or not available use this mirror site:
http://www.bleepingcomputer.com/download/securitycheck/
===

How is it now?

===

#12 VicMJ

VicMJ
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Massachusetts, United States
  • Local time:02:43 AM

Posted 21 July 2014 - 10:18 AM

FireFox still opens with AVG search screen.

 

IE looks like it maybe okay although after a reboot these problems use to return.

 

 Results of screen317's Security Check version 0.99.86 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Norton 360 Premier Edition  
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 MVPS Hosts File 
 Spybot - Search & Destroy
 Java 7 Update 60 
 Java version out of Date!
 Adobe Flash Player 14.0.0.145 
 Adobe Reader XI 
 Mozilla Firefox (30.0)
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 4%
````````````````````End of Log``````````````````````

 

 

I have been getting a request to update java.  is it okay to do it.
 


Edited by VicMJ, 21 July 2014 - 10:21 AM.


#13 nasdaq

nasdaq

  • Malware Response Team
  • 38,747 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:43 AM

Posted 21 July 2014 - 01:03 PM

Open Firefox

Click on "Customize and control ":
 
p22003758.gif

Under the Tools menu > Internet options > General Tab.

Remove the AVG link in the Home page line.

Close Firefox and restart it.

How is it now?

#14 VicMJ

VicMJ
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Massachusetts, United States
  • Local time:02:43 AM

Posted 21 July 2014 - 01:45 PM

I can not go to the General Tab in Internet Options via the method you have given me.

 

But, I can Go there using the Menu Bar with Tools, Internet Options, General Tab.

 

AVG is not set has my home page.

 

I closed and restarted FireFox.

 

Safesearch and AVG are both back.

 

If you open FireFox Safesearch will open in the first Tab.

 

If you open another Tab, AVG will open in it.


Edited by VicMJ, 21 July 2014 - 01:53 PM.


#15 VicMJ

VicMJ
  • Topic Starter

  • Members
  • 107 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Massachusetts, United States
  • Local time:02:43 AM

Posted 22 July 2014 - 05:17 AM

Just opened my IE Browser.  The very first page that opens is SafeSearch but unlike FireFox when you open a new Tab it opens okay.  I am optioned that when I start IE to open with my home page and my home page is not SafeSearch.

 

FireFox opens the same way but when you select a new Tab you open with AVG.  My options are the same, start with my home page and my home page is not SafeSearch.

 

And in FireFox I found what I was doing wrong while following your instructions to get to the general Tab.


Edited by VicMJ, 22 July 2014 - 05:30 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users