Hi, yesterday (1/18/14,) I attempted to download what I thought was a video from a reputable site, but instead I ended up with some obnoxious pop up malware called CouponDropDown. I can't locate it to uninstall, although I did uninstall the program it piggybacked on. It doesn't show up in extensions either. I'm running Windows Vista and using Chrome as a browser.
I ran OTL (don't let that fool you into thinking I'm tech-savvy) and below is the log. I would appreciate some help because I'm really over my head with this.:o
OTL logfile created on: 1/19/2014 2:12:16 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = c:\Users\Terry\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 0.70 Gb Available Physical Memory | 35.01% Memory free
4.21 Gb Paging File | 2.06 Gb Available in Paging File | 48.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 35.93 Gb Free Space | 48.23% Space Free | Partition Type: NTFS
Drive D: | 437.81 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive I: | 931.48 Gb Total Space | 929.39 Gb Free Space | 99.78% Space Free | Partition Type: NTFS
Computer Name: TERRY-PC | User Name: Terry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/01/19 09:47:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- c:\Users\Terry\Downloads\OTL.com
PRC - [2014/01/16 15:31:48 | 003,825,232 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2014/01/14 13:15:18 | 000,369,664 | ---- | M] (Montiera Technologies LTD) -- C:\Users\Terry\AppData\Local\playnowradio\playnowradio\1.3.3.13\playnowradi o.exe
PRC - [2014/01/12 20:04:50 | 000,047,104 | ---- | M] () -- C:\Program Files\The Weather Channel\Desktop Weather\TWC.Win7.exe
PRC - [2014/01/11 02:29:23 | 000,866,584 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/12/09 05:45:44 | 000,593,504 | ---- | M] (Irfan Skiljan) -- C:\Program Files\IrfanView\i_view32.exe
PRC - [2013/11/07 03:17:30 | 000,269,848 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2013/10/08 04:05:13 | 000,264,360 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\21.1.0.18\N360.exe
PRC - [2012/11/22 15:10:40 | 003,575,120 | ---- | M] (EasyTech) -- C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe
PRC - [2012/07/27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/04/03 13:33:00 | 000,940,168 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Quick Menu\CNQMSWCS.EXE
PRC - [2012/04/03 13:27:16 | 001,087,608 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Quick Menu\CNQMUPDT.EXE
PRC - [2012/04/03 13:26:14 | 001,273,448 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE
PRC - [2011/12/14 17:55:40 | 008,453,376 | ---- | M] () -- C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
PRC - [2011/12/14 17:53:44 | 000,303,360 | ---- | M] () -- C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2014/01/14 13:13:50 | 000,120,832 | ---- | M] () -- C:\Users\Terry\AppData\Local\playnowradio\playnowradio\1.3.3.13\chrmXtn.dll
MOD - [2014/01/12 20:04:50 | 000,047,104 | ---- | M] () -- C:\Program Files\The Weather Channel\Desktop Weather\TWC.Win7.exe
MOD - [2014/01/11 02:29:21 | 000,399,640 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppgooglenaclpluginchrome.dll
MOD - [2014/01/11 02:29:19 | 013,615,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
MOD - [2014/01/11 02:29:17 | 004,055,320 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll
MOD - [2014/01/11 02:28:11 | 001,634,584 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
MOD - [2013/12/09 18:41:30 | 001,880,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\50ff73d7b2 903b00d86f91eefa62d1c9\System.Deployment.ni.dll
MOD - [2013/12/09 18:41:27 | 000,096,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\4b2e892 995b8cdefb1e2cddb96f32736\UIAutomationProvider.ni.dll
MOD - [2013/12/09 18:41:26 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\8927b57 6eb15c4a8f4bb04f05e7cc51e\System.Runtime.Remoting.ni.dll
MOD - [2013/12/09 18:41:20 | 001,021,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\9c1d0ae 97ff2771c17212cd15d8c9831\System.Runtime.DurableInstancing.ni.dll
MOD - [2013/12/09 18:41:18 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\d083ee23a4c0d8 cf76ae9e95e52d0388\SMDiagnostics.ni.dll
MOD - [2013/12/09 18:41:17 | 002,658,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\b5faab9 0a38802d89ccf6f9ac4bff440\System.Runtime.Serialization.ni.dll
MOD - [2013/12/09 18:41:12 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\e079ea2aa0a7 5d81c20998a6419643ff\System.Xml.Linq.ni.dll
MOD - [2013/12/09 18:41:11 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\4d277a8481c203a3 5c58bd277a2e71df\System.Xaml.ni.dll
MOD - [2013/12/09 18:40:42 | 000,044,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\51fe07d5205cd8 5d996af305a38b3770\Accessibility.ni.dll
MOD - [2013/12/09 18:01:11 | 018,003,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1934369 c96e549961e8b10309e4d7123\PresentationFramework.ni.dll
MOD - [2013/12/09 18:01:07 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e40d894 a772b2cff5ffd5a84ef20d2d4\System.Windows.Forms.ni.dll
MOD - [2013/12/09 18:00:43 | 005,628,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1 211bc7bcc3910c9\System.Xml.ni.dll
MOD - [2013/12/09 18:00:36 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\c82e4e18d91 c1cbf11342da73c7845a6\PresentationCore.ni.dll
MOD - [2013/12/09 18:00:36 | 001,014,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\71d887c e964fb69b7f03c4fe7a3f28ff\System.Configuration.ni.dll
MOD - [2013/12/09 18:00:29 | 007,053,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\75d88257b5bc5a5d 15dd4c37d8bb18bd\System.Core.ni.dll
MOD - [2013/12/09 18:00:16 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\e85c48d2567765f4 153ee2af6c50dba3\WindowsBase.ni.dll
MOD - [2013/12/09 18:00:14 | 000,309,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\9d16091 3e64d7732a8c725fc7f2d818b\PresentationFramework.Classic.ni.dll
MOD - [2013/12/09 18:00:12 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3a3fc0216674b dea0be809b305517c98\System.Drawing.ni.dll
MOD - [2013/12/09 18:00:09 | 009,099,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9 b76276c6d98\System.ni.dll
MOD - [2013/12/09 17:59:57 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b5 2f026f4455a5d\mscorlib.ni.dll
MOD - [2013/12/04 18:53:03 | 004,591,616 | ---- | M] () -- C:\Users\Terry\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libGLESv2.dll
MOD - [2013/12/04 18:53:03 | 000,112,128 | ---- | M] () -- C:\Users\Terry\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libEGL.dll
MOD - [2011/12/14 17:55:40 | 008,453,376 | ---- | M] () -- C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
MOD - [2011/12/14 10:43:04 | 000,278,528 | ---- | M] () -- C:\Program Files\NETGEAR\WNDA3100v2\WifiSvcLib.dll
MOD - [2006/12/12 10:04:00 | 000,061,440 | ---- | M] () -- C:\Windows\System32\igfxTMM.dll
MOD - [2006/12/12 10:01:48 | 000,077,824 | ---- | M] () -- C:\Windows\System32\hccutils.dll
========== Services (SafeList) ==========
SRV - [2013/10/08 04:05:13 | 000,264,360 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\21.1.0.18\N360.exe -- (N360)
SRV - [2012/11/22 15:10:40 | 003,575,120 | ---- | M] (EasyTech) [Auto | Running] -- C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe -- (EasyRedirect)
SRV - [2012/07/27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/12/14 17:53:44 | 000,303,360 | ---- | M] () [Auto | Running] -- C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe -- (WSWNDA3100v2)
SRV - [2011/11/16 08:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2008/01/18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2014/01/10 02:56:41 | 001,612,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140118.007\NAVEX15.SYS -- (NAVEX15)
DRV - [2014/01/10 02:56:41 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140118.007\NAVENG.SYS -- (NAVENG)
DRV - [2013/12/17 16:32:11 | 001,098,968 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140110.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013/12/12 21:13:42 | 000,394,456 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140117.001\IDSvix86.sys -- (IDSVix86)
DRV - [2013/12/04 21:33:41 | 000,142,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013/12/04 01:00:00 | 000,376,920 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2013/12/04 01:00:00 | 000,108,120 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/11/27 16:24:18 | 000,108,000 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP)
DRV - [2013/09/26 19:18:30 | 000,935,512 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\1501000.012\SymEFA.sys -- (SymEFA)
DRV - [2013/09/26 18:45:56 | 000,206,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1501000.012\Ironx86.sys -- (SymIRON)
DRV - [2013/09/26 18:26:03 | 000,651,352 | R--- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\N360\1501000.012\srtsp.sys -- (SRTSP)
DRV - [2013/09/25 19:27:59 | 000,383,576 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1501000.012\symtdiv.sys -- (SYMTDIv)
DRV - [2013/09/25 18:50:25 | 000,127,064 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1501000.012\ccSetx86.sys -- (ccSet_N360)
DRV - [2013/09/09 18:47:26 | 000,367,704 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\N360\1501000.012\SymDS.sys -- (SymDS)
DRV - [2013/09/09 17:49:48 | 000,032,344 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1501000.012\srtspx.sys -- (SRTSPX)
DRV - [2011/12/12 17:37:00 | 001,074,944 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcmwlhigh6.sys -- (BCMH43XX)
DRV - [2010/02/03 11:20:32 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2008/01/18 20:25:06 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007/05/06 17:12:02 | 000,326,656 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/01/19 18:20:54 | 000,021,728 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SCMNdisP.sys -- (SCMNdisP)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {EAC5828D-2671-4C84-A481-625C97049CFC}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 65 CD EA 8F CB 04 CF 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3306061&CUI=UN3822202 1992469321&UM=2&SSPV=&UP=SPBCE21F76-7644-4227-8F2E-CB6214C3A4D7
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{EAC5828D-2671-4C84-A481-625C97049CFC}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3306061&CUI=UN3822202 1992469321&UM=2&SSPV=S41BIE
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013/12/04 21:35:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014/01/19 07:16:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@interne tdownloadmanager.com: C:\Users\Terry\AppData\Roaming\IDM\idmmzcc5 [2014/01/18 16:17:09 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryFor Suggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{go ogle:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instan tExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEnco ding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={goo gle:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:ze roPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParamete r},
CHR - homepage: http://search.conduit.com/?ctid=CT33...14C3A4D7&SSPV=
CHR - Extension: Google Docs = C:\Users\Terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: IDM Integration Module = C:\Users\Terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.18.12_0\
CHR - Extension: Norton Identity Protection = C:\Users\Terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.6.2.3_0\
CHR - Extension: Google Wallet = C:\Users\Terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Gmail = C:\Users\Terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2006/09/18 13:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [CanonQuickMenu] C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [playnowradio] C:\Users\Terry\AppData\Local\playnowradio\playnowradio\1.3.3.13\playnowradi o.exe (Montiera Technologies LTD)
O4 - HKCU..\Run: [TWC.Win7] C:\Program Files\The Weather Channel\Desktop Weather\TWC.Win7.exe ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\EasyRedirect.dll (EasyTech)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\EasyRedirect.dll (EasyTech)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\EasyRedirect.dll (EasyTech)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\EasyRedirect.dll (EasyTech)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\EasyRedirect.dll (EasyTech)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F8BEF57A-4A66-4882-81A2-7F800045B188}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - igfxdev.dll (Intel Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 13:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/11/13 08:20:10 | 000,000,170 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{06d20a64-4837-11e3-abd2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{06d20a64-4837-11e3-abd2-806e6f6e6963}\Shell\AutoRun\command - "" = D:\MSETUP4.EXE -- [2012/03/16 05:50:44 | 000,363,120 | R--- | M] (CANON INC.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2014/01/19 12:36:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses
[2014/01/19 12:36:55 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/01/19 12:36:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
[2014/01/19 12:36:40 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2014/01/19 09:35:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014/01/19 09:35:09 | 000,074,456 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/01/19 09:35:03 | 000,000,000 | ---D | C] -- C:\Users\Terry\Desktop\mbar
[2014/01/19 09:34:05 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2014/01/18 20:30:21 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Roaming\Malwarebytes
[2014/01/18 20:29:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/01/18 20:29:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/01/18 20:29:37 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/01/18 20:29:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014/01/18 16:44:25 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2014/01/18 16:44:25 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2014/01/18 16:21:13 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014/01/18 16:21:06 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014/01/18 16:21:06 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014/01/18 16:21:06 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014/01/18 16:21:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/01/18 15:05:38 | 000,000,000 | ---D | C] -- C:\Users\Terry\.android
[2014/01/18 15:05:32 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\cache
[2014/01/18 15:05:26 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\genienext
[2014/01/18 15:05:25 | 000,000,000 | ---D | C] -- C:\Users\Terry\Documents\Mobogenie
[2014/01/18 15:05:25 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\Mobogenie
[2014/01/18 15:01:48 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\SearchProtect
[2014/01/18 15:01:31 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\playnowradio
[2014/01/18 14:59:09 | 000,000,000 | ---D | C] -- C:\Program Files\FTdownloader V7.0
[2014/01/16 17:20:54 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2014/01/16 17:20:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2014/01/16 15:37:52 | 000,108,000 | ---- | C] (Tonec Inc.) -- C:\Windows\System32\drivers\idmwfp.sys
[2014/01/08 19:11:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEGV
[2014/01/08 17:47:29 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Roaming\canon
[2014/01/08 17:45:28 | 000,103,424 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC_B6U.dll
[2014/01/08 17:43:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2200 series User Registration
[2014/01/08 17:42:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2014/01/08 17:42:43 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt
[2014/01/08 17:39:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2014/01/08 17:39:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2200 series Manual
[2014/01/08 17:38:30 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2014/01/08 17:38:04 | 000,000,000 | -H-D | C] -- C:\Windows\System32\CanonIJ Uninstaller Information
[2014/01/08 17:38:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2200 series
[2014/01/08 17:37:18 | 000,320,000 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC_B6L.dll
[2014/01/08 17:37:18 | 000,266,752 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC_B6C.dll
[2014/01/08 17:37:18 | 000,096,768 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC_B6I.dll
[2014/01/08 17:37:17 | 000,015,872 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNHMCA.dll
[2014/01/08 17:34:55 | 000,314,880 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMLMB6.DLL
[2014/01/08 17:34:43 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2014/01/08 17:33:42 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2014/01/07 05:22:57 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\CrashDumps
[2014/01/05 18:07:25 | 000,000,000 | ---D | C] -- C:\ProgramData\notracks.com
[2014/01/05 18:07:11 | 000,380,240 | ---- | C] (EasyTech) -- C:\Windows\System32\EasyRedirect.dll
[2014/01/05 18:07:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy-Hide-IP
[2014/01/05 18:07:02 | 000,000,000 | ---D | C] -- C:\Program Files\Easy-Hide-IP
[2014/01/04 08:23:23 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Roaming\vlc
[2014/01/04 08:22:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/01/04 08:21:25 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2014/01/04 08:14:04 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\{C8D76872-A371-4C81-8230-A91C0CBD9039}
[2014/01/04 08:13:05 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\{7D8DA40B-8ABC-4D20-82F9-B6018EE4661B}
[2014/01/04 08:13:05 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\{433AAF05-775F-4917-BE9D-A04FB9E3979A}
[2014/01/04 08:10:02 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Roaming\IDM
[2014/01/04 08:10:02 | 000,000,000 | ---D | C] -- C:\ProgramData\IDM
[2014/01/04 08:10:01 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Roaming\DMCache
[2014/01/04 08:09:45 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager
[2014/01/01 11:23:33 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\The Weather Channel
[2013/12/29 18:38:18 | 000,000,000 | ---D | C] -- C:\Program Files\SigmaTel
[2013/12/29 18:37:48 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2013/12/29 18:37:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Conduit
[2013/12/29 18:37:21 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Roaming\SearchProtect
[2013/12/29 18:37:20 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\NativeMessaging
[2013/12/29 18:37:17 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\Conduit
[2013/12/29 18:37:13 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\CRE
[2013/12/29 17:41:57 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\ElevatedDiagnostics
[2013/12/25 19:58:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Weather Channel
[2013/12/25 19:57:26 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\Downloaded Installations
========== Files - Modified Within 30 Days ==========
[2014/01/19 13:37:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/19 13:16:08 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/19 13:16:08 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/19 12:36:41 | 000,000,876 | ---- | M] () -- C:\Users\Public\Desktop\SpywareBlaster.lnk
[2014/01/19 09:35:09 | 000,074,456 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/01/19 09:04:02 | 000,002,126 | ---- | M] () -- C:\Windows\tasks\FTdownloader V7.0-chromeinstaller-dev.job
[2014/01/19 08:59:03 | 000,002,166 | ---- | M] () -- C:\Windows\tasks\FTdownloader V7.0-firefoxinstaller.job
[2014/01/19 08:59:03 | 000,001,352 | ---- | M] () -- C:\Windows\tasks\FTdownloader V7.0-updater.job
[2014/01/19 08:59:02 | 000,001,176 | ---- | M] () -- C:\Windows\tasks\FTdownloader V7.0-enabler.job
[2014/01/19 08:59:00 | 000,001,294 | ---- | M] () -- C:\Windows\tasks\FTdownloader V7.0-codedownloader.job
[2014/01/19 07:16:15 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/19 07:16:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/19 07:16:01 | 2136,907,776 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/18 20:29:40 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/18 16:44:25 | 000,001,057 | ---- | M] () -- C:\Users\Terry\Desktop\Revo Uninstaller.lnk
[2014/01/18 16:16:50 | 000,003,520 | ---- | M] () -- C:\Windows\System32\EasyRedirect.ini
[2014/01/18 16:16:50 | 000,002,040 | ---- | M] () -- C:\Windows\System32\EasyRedirectOff.ini
[2014/01/17 04:42:28 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/16 17:20:57 | 000,000,818 | ---- | M] () -- C:\Users\Terry\Desktop\Internet Download Manager.lnk
[2014/01/09 05:05:42 | 005,727,243 | ---- | M] () -- C:\Users\Terry\Documents\foster farms.jpg
[2014/01/08 17:42:46 | 000,001,802 | ---- | M] () -- C:\Users\Public\Desktop\Canon Quick Menu.lnk
[2014/01/08 17:39:15 | 000,002,135 | ---- | M] () -- C:\Users\Public\Desktop\Canon MG2200 series On-screen Manual.lnk
[2014/01/05 18:16:55 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/01/05 18:16:55 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/01/05 18:07:05 | 000,000,852 | ---- | M] () -- C:\Users\Public\Desktop\Easy-Hide-IP.lnk
[2014/01/04 09:54:33 | 000,001,614 | ---- | M] () -- C:\Users\Terry\Application Data\Microsoft\Internet Explorer\Quick Launch\Calculator.lnk
[2014/01/04 08:22:28 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/01/01 11:23:58 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\The Weather Channel App.lnk
[2013/12/29 18:38:21 | 000,000,009 | ---- | M] () -- C:\END
[2013/12/25 20:03:42 | 000,002,743 | ---- | M] () -- C:\Users\Public\Desktop\Desktop Weather.lnk
========== Files Created - No Company Name ==========
[2014/01/19 12:36:41 | 000,000,876 | ---- | C] () -- C:\Users\Public\Desktop\SpywareBlaster.lnk
[2014/01/18 20:29:40 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/18 16:44:25 | 000,001,057 | ---- | C] () -- C:\Users\Terry\Desktop\Revo Uninstaller.lnk
[2014/01/18 14:59:46 | 000,001,352 | ---- | C] () -- C:\Windows\tasks\FTdownloader V7.0-updater.job
[2014/01/18 14:59:42 | 000,001,176 | ---- | C] () -- C:\Windows\tasks\FTdownloader V7.0-enabler.job
[2014/01/18 14:59:37 | 000,001,294 | ---- | C] () -- C:\Windows\tasks\FTdownloader V7.0-codedownloader.job
[2014/01/18 14:59:18 | 000,002,166 | ---- | C] () -- C:\Windows\tasks\FTdownloader V7.0-firefoxinstaller.job
[2014/01/18 14:59:10 | 000,002,126 | ---- | C] () -- C:\Windows\tasks\FTdownloader V7.0-chromeinstaller-dev.job
[2014/01/09 05:05:41 | 005,727,243 | ---- | C] () -- C:\Users\Terry\Documents\foster farms.jpg
[2014/01/08 17:42:46 | 000,001,802 | ---- | C] () -- C:\Users\Public\Desktop\Canon Quick Menu.lnk
[2014/01/08 17:39:15 | 000,002,135 | ---- | C] () -- C:\Users\Public\Desktop\Canon MG2200 series On-screen Manual.lnk
[2014/01/08 17:37:18 | 000,077,568 | ---- | C] () -- C:\Windows\System32\CNC1760D.TBL
[2014/01/05 18:07:25 | 000,003,520 | ---- | C] () -- C:\Windows\System32\EasyRedirect.ini
[2014/01/05 18:07:25 | 000,002,040 | ---- | C] () -- C:\Windows\System32\EasyRedirectOff.ini
[2014/01/05 18:07:05 | 000,000,852 | ---- | C] () -- C:\Users\Public\Desktop\Easy-Hide-IP.lnk
[2014/01/04 09:54:33 | 000,001,614 | ---- | C] () -- C:\Users\Terry\Application Data\Microsoft\Internet Explorer\Quick Launch\Calculator.lnk
[2014/01/04 08:22:28 | 000,000,859 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/01/04 08:09:51 | 000,000,818 | ---- | C] () -- C:\Users\Terry\Desktop\Internet Download Manager.lnk
[2014/01/01 11:23:58 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\The Weather Channel App.lnk
[2013/12/29 18:36:52 | 000,000,009 | ---- | C] () -- C:\END
[2013/12/25 19:58:57 | 000,002,743 | ---- | C] () -- C:\Users\Public\Desktop\Desktop Weather.lnk
[2013/12/04 18:42:38 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2013/11/07 23:06:12 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2013/11/07 23:05:39 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2013/11/07 23:05:39 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2013/11/07 21:45:55 | 000,000,680 | ---- | C] () -- C:\Users\Terry\AppData\Local\d3d9caps.dat
========== ZeroAccess Check ==========
[2006/11/02 04:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
I ran OTL (don't let that fool you into thinking I'm tech-savvy) and below is the log. I would appreciate some help because I'm really over my head with this.:o
OTL logfile created on: 1/19/2014 2:12:16 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = c:\Users\Terry\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 0.70 Gb Available Physical Memory | 35.01% Memory free
4.21 Gb Paging File | 2.06 Gb Available in Paging File | 48.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 35.93 Gb Free Space | 48.23% Space Free | Partition Type: NTFS
Drive D: | 437.81 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive I: | 931.48 Gb Total Space | 929.39 Gb Free Space | 99.78% Space Free | Partition Type: NTFS
Computer Name: TERRY-PC | User Name: Terry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/01/19 09:47:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- c:\Users\Terry\Downloads\OTL.com
PRC - [2014/01/16 15:31:48 | 003,825,232 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
PRC - [2014/01/14 13:15:18 | 000,369,664 | ---- | M] (Montiera Technologies LTD) -- C:\Users\Terry\AppData\Local\playnowradio\playnowradio\1.3.3.13\playnowradi o.exe
PRC - [2014/01/12 20:04:50 | 000,047,104 | ---- | M] () -- C:\Program Files\The Weather Channel\Desktop Weather\TWC.Win7.exe
PRC - [2014/01/11 02:29:23 | 000,866,584 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/12/09 05:45:44 | 000,593,504 | ---- | M] (Irfan Skiljan) -- C:\Program Files\IrfanView\i_view32.exe
PRC - [2013/11/07 03:17:30 | 000,269,848 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
PRC - [2013/10/08 04:05:13 | 000,264,360 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\21.1.0.18\N360.exe
PRC - [2012/11/22 15:10:40 | 003,575,120 | ---- | M] (EasyTech) -- C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe
PRC - [2012/07/27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/04/03 13:33:00 | 000,940,168 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Quick Menu\CNQMSWCS.EXE
PRC - [2012/04/03 13:27:16 | 001,087,608 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Quick Menu\CNQMUPDT.EXE
PRC - [2012/04/03 13:26:14 | 001,273,448 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE
PRC - [2011/12/14 17:55:40 | 008,453,376 | ---- | M] () -- C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
PRC - [2011/12/14 17:53:44 | 000,303,360 | ---- | M] () -- C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2014/01/14 13:13:50 | 000,120,832 | ---- | M] () -- C:\Users\Terry\AppData\Local\playnowradio\playnowradio\1.3.3.13\chrmXtn.dll
MOD - [2014/01/12 20:04:50 | 000,047,104 | ---- | M] () -- C:\Program Files\The Weather Channel\Desktop Weather\TWC.Win7.exe
MOD - [2014/01/11 02:29:21 | 000,399,640 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppgooglenaclpluginchrome.dll
MOD - [2014/01/11 02:29:19 | 013,615,896 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
MOD - [2014/01/11 02:29:17 | 004,055,320 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll
MOD - [2014/01/11 02:28:11 | 001,634,584 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
MOD - [2013/12/09 18:41:30 | 001,880,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\50ff73d7b2 903b00d86f91eefa62d1c9\System.Deployment.ni.dll
MOD - [2013/12/09 18:41:27 | 000,096,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\4b2e892 995b8cdefb1e2cddb96f32736\UIAutomationProvider.ni.dll
MOD - [2013/12/09 18:41:26 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\8927b57 6eb15c4a8f4bb04f05e7cc51e\System.Runtime.Remoting.ni.dll
MOD - [2013/12/09 18:41:20 | 001,021,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\9c1d0ae 97ff2771c17212cd15d8c9831\System.Runtime.DurableInstancing.ni.dll
MOD - [2013/12/09 18:41:18 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\d083ee23a4c0d8 cf76ae9e95e52d0388\SMDiagnostics.ni.dll
MOD - [2013/12/09 18:41:17 | 002,658,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\b5faab9 0a38802d89ccf6f9ac4bff440\System.Runtime.Serialization.ni.dll
MOD - [2013/12/09 18:41:12 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\e079ea2aa0a7 5d81c20998a6419643ff\System.Xml.Linq.ni.dll
MOD - [2013/12/09 18:41:11 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\4d277a8481c203a3 5c58bd277a2e71df\System.Xaml.ni.dll
MOD - [2013/12/09 18:40:42 | 000,044,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\51fe07d5205cd8 5d996af305a38b3770\Accessibility.ni.dll
MOD - [2013/12/09 18:01:11 | 018,003,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1934369 c96e549961e8b10309e4d7123\PresentationFramework.ni.dll
MOD - [2013/12/09 18:01:07 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e40d894 a772b2cff5ffd5a84ef20d2d4\System.Windows.Forms.ni.dll
MOD - [2013/12/09 18:00:43 | 005,628,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1 211bc7bcc3910c9\System.Xml.ni.dll
MOD - [2013/12/09 18:00:36 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\c82e4e18d91 c1cbf11342da73c7845a6\PresentationCore.ni.dll
MOD - [2013/12/09 18:00:36 | 001,014,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\71d887c e964fb69b7f03c4fe7a3f28ff\System.Configuration.ni.dll
MOD - [2013/12/09 18:00:29 | 007,053,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\75d88257b5bc5a5d 15dd4c37d8bb18bd\System.Core.ni.dll
MOD - [2013/12/09 18:00:16 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\e85c48d2567765f4 153ee2af6c50dba3\WindowsBase.ni.dll
MOD - [2013/12/09 18:00:14 | 000,309,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\9d16091 3e64d7732a8c725fc7f2d818b\PresentationFramework.Classic.ni.dll
MOD - [2013/12/09 18:00:12 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3a3fc0216674b dea0be809b305517c98\System.Drawing.ni.dll
MOD - [2013/12/09 18:00:09 | 009,099,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9 b76276c6d98\System.ni.dll
MOD - [2013/12/09 17:59:57 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b5 2f026f4455a5d\mscorlib.ni.dll
MOD - [2013/12/04 18:53:03 | 004,591,616 | ---- | M] () -- C:\Users\Terry\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libGLESv2.dll
MOD - [2013/12/04 18:53:03 | 000,112,128 | ---- | M] () -- C:\Users\Terry\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libEGL.dll
MOD - [2011/12/14 17:55:40 | 008,453,376 | ---- | M] () -- C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
MOD - [2011/12/14 10:43:04 | 000,278,528 | ---- | M] () -- C:\Program Files\NETGEAR\WNDA3100v2\WifiSvcLib.dll
MOD - [2006/12/12 10:04:00 | 000,061,440 | ---- | M] () -- C:\Windows\System32\igfxTMM.dll
MOD - [2006/12/12 10:01:48 | 000,077,824 | ---- | M] () -- C:\Windows\System32\hccutils.dll
========== Services (SafeList) ==========
SRV - [2013/10/08 04:05:13 | 000,264,360 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\21.1.0.18\N360.exe -- (N360)
SRV - [2012/11/22 15:10:40 | 003,575,120 | ---- | M] (EasyTech) [Auto | Running] -- C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe -- (EasyRedirect)
SRV - [2012/07/27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/12/14 17:53:44 | 000,303,360 | ---- | M] () [Auto | Running] -- C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe -- (WSWNDA3100v2)
SRV - [2011/11/16 08:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2008/01/18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2014/01/10 02:56:41 | 001,612,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140118.007\NAVEX15.SYS -- (NAVEX15)
DRV - [2014/01/10 02:56:41 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140118.007\NAVENG.SYS -- (NAVENG)
DRV - [2013/12/17 16:32:11 | 001,098,968 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140110.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013/12/12 21:13:42 | 000,394,456 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140117.001\IDSvix86.sys -- (IDSVix86)
DRV - [2013/12/04 21:33:41 | 000,142,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013/12/04 01:00:00 | 000,376,920 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2013/12/04 01:00:00 | 000,108,120 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/11/27 16:24:18 | 000,108,000 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP)
DRV - [2013/09/26 19:18:30 | 000,935,512 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\1501000.012\SymEFA.sys -- (SymEFA)
DRV - [2013/09/26 18:45:56 | 000,206,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1501000.012\Ironx86.sys -- (SymIRON)
DRV - [2013/09/26 18:26:03 | 000,651,352 | R--- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\N360\1501000.012\srtsp.sys -- (SRTSP)
DRV - [2013/09/25 19:27:59 | 000,383,576 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1501000.012\symtdiv.sys -- (SYMTDIv)
DRV - [2013/09/25 18:50:25 | 000,127,064 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1501000.012\ccSetx86.sys -- (ccSet_N360)
DRV - [2013/09/09 18:47:26 | 000,367,704 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\N360\1501000.012\SymDS.sys -- (SymDS)
DRV - [2013/09/09 17:49:48 | 000,032,344 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1501000.012\srtspx.sys -- (SRTSPX)
DRV - [2011/12/12 17:37:00 | 001,074,944 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcmwlhigh6.sys -- (BCMH43XX)
DRV - [2010/02/03 11:20:32 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2008/01/18 20:25:06 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007/05/06 17:12:02 | 000,326,656 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/01/19 18:20:54 | 000,021,728 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SCMNdisP.sys -- (SCMNdisP)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {EAC5828D-2671-4C84-A481-625C97049CFC}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 65 CD EA 8F CB 04 CF 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3306061&CUI=UN3822202 1992469321&UM=2&SSPV=&UP=SPBCE21F76-7644-4227-8F2E-CB6214C3A4D7
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{EAC5828D-2671-4C84-A481-625C97049CFC}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3306061&CUI=UN3822202 1992469321&UM=2&SSPV=S41BIE
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013/12/04 21:35:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014/01/19 07:16:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@interne tdownloadmanager.com: C:\Users\Terry\AppData\Roaming\IDM\idmmzcc5 [2014/01/18 16:17:09 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryFor Suggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{go ogle:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instan tExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEnco ding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={goo gle:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:ze roPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParamete r},
CHR - homepage: http://search.conduit.com/?ctid=CT33...14C3A4D7&SSPV=
CHR - Extension: Google Docs = C:\Users\Terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: IDM Integration Module = C:\Users\Terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.18.12_0\
CHR - Extension: Norton Identity Protection = C:\Users\Terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.6.2.3_0\
CHR - Extension: Google Wallet = C:\Users\Terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Gmail = C:\Users\Terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2006/09/18 13:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [CanonQuickMenu] C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [playnowradio] C:\Users\Terry\AppData\Local\playnowradio\playnowradio\1.3.3.13\playnowradi o.exe (Montiera Technologies LTD)
O4 - HKCU..\Run: [TWC.Win7] C:\Program Files\The Weather Channel\Desktop Weather\TWC.Win7.exe ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\EasyRedirect.dll (EasyTech)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\EasyRedirect.dll (EasyTech)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\EasyRedirect.dll (EasyTech)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\EasyRedirect.dll (EasyTech)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\EasyRedirect.dll (EasyTech)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F8BEF57A-4A66-4882-81A2-7F800045B188}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - igfxdev.dll (Intel Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 13:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/11/13 08:20:10 | 000,000,170 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{06d20a64-4837-11e3-abd2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{06d20a64-4837-11e3-abd2-806e6f6e6963}\Shell\AutoRun\command - "" = D:\MSETUP4.EXE -- [2012/03/16 05:50:44 | 000,363,120 | R--- | M] (CANON INC.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2014/01/19 12:36:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses
[2014/01/19 12:36:55 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/01/19 12:36:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
[2014/01/19 12:36:40 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2014/01/19 09:35:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014/01/19 09:35:09 | 000,074,456 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/01/19 09:35:03 | 000,000,000 | ---D | C] -- C:\Users\Terry\Desktop\mbar
[2014/01/19 09:34:05 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2014/01/18 20:30:21 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Roaming\Malwarebytes
[2014/01/18 20:29:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/01/18 20:29:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/01/18 20:29:37 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/01/18 20:29:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014/01/18 16:44:25 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2014/01/18 16:44:25 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2014/01/18 16:21:13 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2014/01/18 16:21:06 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2014/01/18 16:21:06 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2014/01/18 16:21:06 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2014/01/18 16:21:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/01/18 15:05:38 | 000,000,000 | ---D | C] -- C:\Users\Terry\.android
[2014/01/18 15:05:32 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\cache
[2014/01/18 15:05:26 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\genienext
[2014/01/18 15:05:25 | 000,000,000 | ---D | C] -- C:\Users\Terry\Documents\Mobogenie
[2014/01/18 15:05:25 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\Mobogenie
[2014/01/18 15:01:48 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\SearchProtect
[2014/01/18 15:01:31 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\playnowradio
[2014/01/18 14:59:09 | 000,000,000 | ---D | C] -- C:\Program Files\FTdownloader V7.0
[2014/01/16 17:20:54 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2014/01/16 17:20:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2014/01/16 15:37:52 | 000,108,000 | ---- | C] (Tonec Inc.) -- C:\Windows\System32\drivers\idmwfp.sys
[2014/01/08 19:11:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEGV
[2014/01/08 17:47:29 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Roaming\canon
[2014/01/08 17:45:28 | 000,103,424 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC_B6U.dll
[2014/01/08 17:43:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2200 series User Registration
[2014/01/08 17:42:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2014/01/08 17:42:43 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt
[2014/01/08 17:39:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2014/01/08 17:39:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2200 series Manual
[2014/01/08 17:38:30 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2014/01/08 17:38:04 | 000,000,000 | -H-D | C] -- C:\Windows\System32\CanonIJ Uninstaller Information
[2014/01/08 17:38:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2200 series
[2014/01/08 17:37:18 | 000,320,000 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC_B6L.dll
[2014/01/08 17:37:18 | 000,266,752 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC_B6C.dll
[2014/01/08 17:37:18 | 000,096,768 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNC_B6I.dll
[2014/01/08 17:37:17 | 000,015,872 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNHMCA.dll
[2014/01/08 17:34:55 | 000,314,880 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMLMB6.DLL
[2014/01/08 17:34:43 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2014/01/08 17:33:42 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2014/01/07 05:22:57 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\CrashDumps
[2014/01/05 18:07:25 | 000,000,000 | ---D | C] -- C:\ProgramData\notracks.com
[2014/01/05 18:07:11 | 000,380,240 | ---- | C] (EasyTech) -- C:\Windows\System32\EasyRedirect.dll
[2014/01/05 18:07:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy-Hide-IP
[2014/01/05 18:07:02 | 000,000,000 | ---D | C] -- C:\Program Files\Easy-Hide-IP
[2014/01/04 08:23:23 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Roaming\vlc
[2014/01/04 08:22:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/01/04 08:21:25 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2014/01/04 08:14:04 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\{C8D76872-A371-4C81-8230-A91C0CBD9039}
[2014/01/04 08:13:05 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\{7D8DA40B-8ABC-4D20-82F9-B6018EE4661B}
[2014/01/04 08:13:05 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\{433AAF05-775F-4917-BE9D-A04FB9E3979A}
[2014/01/04 08:10:02 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Roaming\IDM
[2014/01/04 08:10:02 | 000,000,000 | ---D | C] -- C:\ProgramData\IDM
[2014/01/04 08:10:01 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Roaming\DMCache
[2014/01/04 08:09:45 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager
[2014/01/01 11:23:33 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\The Weather Channel
[2013/12/29 18:38:18 | 000,000,000 | ---D | C] -- C:\Program Files\SigmaTel
[2013/12/29 18:37:48 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2013/12/29 18:37:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Conduit
[2013/12/29 18:37:21 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Roaming\SearchProtect
[2013/12/29 18:37:20 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\NativeMessaging
[2013/12/29 18:37:17 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\Conduit
[2013/12/29 18:37:13 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\CRE
[2013/12/29 17:41:57 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\ElevatedDiagnostics
[2013/12/25 19:58:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Weather Channel
[2013/12/25 19:57:26 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Local\Downloaded Installations
========== Files - Modified Within 30 Days ==========
[2014/01/19 13:37:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/19 13:16:08 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/19 13:16:08 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/19 12:36:41 | 000,000,876 | ---- | M] () -- C:\Users\Public\Desktop\SpywareBlaster.lnk
[2014/01/19 09:35:09 | 000,074,456 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/01/19 09:04:02 | 000,002,126 | ---- | M] () -- C:\Windows\tasks\FTdownloader V7.0-chromeinstaller-dev.job
[2014/01/19 08:59:03 | 000,002,166 | ---- | M] () -- C:\Windows\tasks\FTdownloader V7.0-firefoxinstaller.job
[2014/01/19 08:59:03 | 000,001,352 | ---- | M] () -- C:\Windows\tasks\FTdownloader V7.0-updater.job
[2014/01/19 08:59:02 | 000,001,176 | ---- | M] () -- C:\Windows\tasks\FTdownloader V7.0-enabler.job
[2014/01/19 08:59:00 | 000,001,294 | ---- | M] () -- C:\Windows\tasks\FTdownloader V7.0-codedownloader.job
[2014/01/19 07:16:15 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/19 07:16:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/19 07:16:01 | 2136,907,776 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/18 20:29:40 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/18 16:44:25 | 000,001,057 | ---- | M] () -- C:\Users\Terry\Desktop\Revo Uninstaller.lnk
[2014/01/18 16:16:50 | 000,003,520 | ---- | M] () -- C:\Windows\System32\EasyRedirect.ini
[2014/01/18 16:16:50 | 000,002,040 | ---- | M] () -- C:\Windows\System32\EasyRedirectOff.ini
[2014/01/17 04:42:28 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/16 17:20:57 | 000,000,818 | ---- | M] () -- C:\Users\Terry\Desktop\Internet Download Manager.lnk
[2014/01/09 05:05:42 | 005,727,243 | ---- | M] () -- C:\Users\Terry\Documents\foster farms.jpg
[2014/01/08 17:42:46 | 000,001,802 | ---- | M] () -- C:\Users\Public\Desktop\Canon Quick Menu.lnk
[2014/01/08 17:39:15 | 000,002,135 | ---- | M] () -- C:\Users\Public\Desktop\Canon MG2200 series On-screen Manual.lnk
[2014/01/05 18:16:55 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/01/05 18:16:55 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/01/05 18:07:05 | 000,000,852 | ---- | M] () -- C:\Users\Public\Desktop\Easy-Hide-IP.lnk
[2014/01/04 09:54:33 | 000,001,614 | ---- | M] () -- C:\Users\Terry\Application Data\Microsoft\Internet Explorer\Quick Launch\Calculator.lnk
[2014/01/04 08:22:28 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/01/01 11:23:58 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\The Weather Channel App.lnk
[2013/12/29 18:38:21 | 000,000,009 | ---- | M] () -- C:\END
[2013/12/25 20:03:42 | 000,002,743 | ---- | M] () -- C:\Users\Public\Desktop\Desktop Weather.lnk
========== Files Created - No Company Name ==========
[2014/01/19 12:36:41 | 000,000,876 | ---- | C] () -- C:\Users\Public\Desktop\SpywareBlaster.lnk
[2014/01/18 20:29:40 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/18 16:44:25 | 000,001,057 | ---- | C] () -- C:\Users\Terry\Desktop\Revo Uninstaller.lnk
[2014/01/18 14:59:46 | 000,001,352 | ---- | C] () -- C:\Windows\tasks\FTdownloader V7.0-updater.job
[2014/01/18 14:59:42 | 000,001,176 | ---- | C] () -- C:\Windows\tasks\FTdownloader V7.0-enabler.job
[2014/01/18 14:59:37 | 000,001,294 | ---- | C] () -- C:\Windows\tasks\FTdownloader V7.0-codedownloader.job
[2014/01/18 14:59:18 | 000,002,166 | ---- | C] () -- C:\Windows\tasks\FTdownloader V7.0-firefoxinstaller.job
[2014/01/18 14:59:10 | 000,002,126 | ---- | C] () -- C:\Windows\tasks\FTdownloader V7.0-chromeinstaller-dev.job
[2014/01/09 05:05:41 | 005,727,243 | ---- | C] () -- C:\Users\Terry\Documents\foster farms.jpg
[2014/01/08 17:42:46 | 000,001,802 | ---- | C] () -- C:\Users\Public\Desktop\Canon Quick Menu.lnk
[2014/01/08 17:39:15 | 000,002,135 | ---- | C] () -- C:\Users\Public\Desktop\Canon MG2200 series On-screen Manual.lnk
[2014/01/08 17:37:18 | 000,077,568 | ---- | C] () -- C:\Windows\System32\CNC1760D.TBL
[2014/01/05 18:07:25 | 000,003,520 | ---- | C] () -- C:\Windows\System32\EasyRedirect.ini
[2014/01/05 18:07:25 | 000,002,040 | ---- | C] () -- C:\Windows\System32\EasyRedirectOff.ini
[2014/01/05 18:07:05 | 000,000,852 | ---- | C] () -- C:\Users\Public\Desktop\Easy-Hide-IP.lnk
[2014/01/04 09:54:33 | 000,001,614 | ---- | C] () -- C:\Users\Terry\Application Data\Microsoft\Internet Explorer\Quick Launch\Calculator.lnk
[2014/01/04 08:22:28 | 000,000,859 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/01/04 08:09:51 | 000,000,818 | ---- | C] () -- C:\Users\Terry\Desktop\Internet Download Manager.lnk
[2014/01/01 11:23:58 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\The Weather Channel App.lnk
[2013/12/29 18:36:52 | 000,000,009 | ---- | C] () -- C:\END
[2013/12/25 19:58:57 | 000,002,743 | ---- | C] () -- C:\Users\Public\Desktop\Desktop Weather.lnk
[2013/12/04 18:42:38 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2013/11/07 23:06:12 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2013/11/07 23:05:39 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2013/11/07 23:05:39 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2013/11/07 21:45:55 | 000,000,680 | ---- | C] () -- C:\Users\Terry\AppData\Local\d3d9caps.dat
========== ZeroAccess Check ==========
[2006/11/02 04:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini