Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

MSE stalls when cleaning [Closed]

Started by zoltain , Apr 01 2012 03:13 PM

  • This topic is locked This topic is locked

#1
zoltain
Posted 01 April 2012 - 03:13 PM

zoltain

    Member

  • Member
  • PipPipPip
  • 137 posts
When I run MSE scan, it finds 51 errors (not found by Malwarebytes or SUPERAntiSpyware or Ad-Aware.exe or avast boottime scan (uninstalled mse/ installed avast/ scanned/ uninstall/ reinstall MSE). When I click clean computer in MSE is stalls out every time (sometimes 1/3 or 2/3 of the way through but at specific spots). I've run the computer over night and still the bar goes no further. I'd post a log of the infections but I cant figure out how to generate a log.

Thanks for the help
Zoltain

OTL logfile created on: 4/1/2012 5:01:46 PM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Zach\Desktop\Spyware
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.98 Gb Total Physical Memory | 12.48 Gb Available Physical Memory | 78.08% Memory free
17.93 Gb Paging File | 13.99 Gb Available in Paging File | 78.06% Paging File free
Paging file location(s): c:\pagefile.sys 2000 12000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.79 Gb Total Space | 69.04 Gb Free Space | 29.66% Space Free | Partition Type: NTFS
Drive D: | 698.63 Gb Total Space | 137.02 Gb Free Space | 19.61% Space Free | Partition Type: NTFS
Drive H: | 22.79 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: ZACH-PC | User Name: Zach | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/04/01 16:46:45 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Zach\Desktop\Spyware\OTL.exe
PRC - [2012/03/20 22:08:07 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/03/18 21:52:51 | 003,478,936 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2012/02/10 00:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/02/09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/20 10:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/05/20 10:10:12 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/05/15 15:53:20 | 000,325,512 | ---- | M] (BillP Studios) -- C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2011/03/09 12:41:08 | 001,066,896 | ---- | M] () -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
PRC - [2010/12/29 03:00:40 | 002,656,280 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/12/29 03:00:40 | 000,325,656 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/11/29 13:57:26 | 002,766,336 | ---- | M] () -- C:\Program Files (x86)\Hotkey\Hotkey.exe
PRC - [2010/11/18 19:59:16 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
PRC - [2010/11/18 01:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010/05/25 08:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2007/09/26 13:55:04 | 000,283,912 | ---- | M] (CA, Inc.) -- C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe


========== Modules (No Company Name) ==========

MOD - [2012/03/20 22:08:06 | 001,969,080 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/02/19 15:00:52 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2012/02/15 18:53:54 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\cb5bd98ffa4c82327b0e4db02bb58d2d\System.Management.ni.dll
MOD - [2012/02/15 18:53:54 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\b57bd70800db9e03c97550eafc2306f0\IAStorUtil.ni.dll
MOD - [2012/02/15 18:05:38 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\075d9c27aa02085fef8983b5f5f85834\System.ServiceProcess.ni.dll
MOD - [2012/02/15 18:05:32 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\42ae8760f0a74ab774e82a64368aa1f6\System.Web.ni.dll
MOD - [2012/02/15 18:05:28 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll
MOD - [2012/02/15 18:05:12 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll
MOD - [2012/02/15 18:05:08 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll
MOD - [2012/02/15 18:05:00 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll
MOD - [2012/02/15 18:04:57 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012/02/15 18:04:54 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2012/02/15 18:04:54 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012/02/09 21:05:16 | 000,360,768 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2011/10/12 14:51:40 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\91fa5cc7230b88e3e42b3bccd198f681\IAStorCommon.ni.dll
MOD - [2011/10/12 14:21:25 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\31fce331fded94dd06627603f6fe4562\Accessibility.ni.dll
MOD - [2011/10/12 14:21:08 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/04/14 21:01:33 | 000,548,854 | ---- | M] () -- C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2010/11/29 13:57:26 | 002,766,336 | ---- | M] () -- C:\Program Files (x86)\Hotkey\Hotkey.exe
MOD - [2009/06/06 14:50:32 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Hotkey\Audiodll.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/03/11 21:13:24 | 002,815,496 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2011/09/27 15:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2011/08/11 19:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/03/09 12:10:40 | 000,288,768 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/02/10 00:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/02/09 21:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/01/01 00:14:52 | 000,189,248 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2012/01/01 00:14:41 | 000,075,136 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/11/03 13:06:56 | 002,152,152 | ---- | M] (Lavasoft Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/05/20 10:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2011/03/09 12:41:10 | 000,491,920 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2011/03/09 12:41:08 | 001,066,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2010/12/29 03:00:40 | 002,656,280 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010/12/29 03:00:40 | 000,325,656 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/11/18 19:59:16 | 000,032,768 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotkey\PowerBiosServer.exe -- (PowerBiosServer)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/30 10:28:28 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/06/17 13:49:44 | 000,616,408 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe -- (AntiSpywareService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/09/26 13:55:04 | 000,283,912 | ---- | M] (CA, Inc.) [Auto | Running] -- C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe -- (ITMRTSVC)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/02/10 00:09:00 | 000,398,144 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2012/02/07 21:13:32 | 000,149,640 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2012/02/01 01:26:58 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/02/01 01:25:00 | 000,564,792 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012/01/17 08:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/12/07 19:22:48 | 000,087,456 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2011/11/03 13:06:56 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2011/09/16 15:10:50 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2011/09/16 15:10:24 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2011/09/02 02:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011/09/02 02:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011/08/29 20:20:29 | 000,230,352 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/05/20 09:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/05/10 08:06:14 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/19 06:28:55 | 008,080,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel®
DRV:64bit: - [2011/01/15 05:24:56 | 000,132,624 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\JME.sys -- (JME) JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits)
DRV:64bit: - [2010/12/29 03:00:37 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/12/06 07:56:26 | 000,174,168 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2010/11/20 23:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:24:15 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2010/11/20 23:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/20 23:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 23:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/20 02:34:26 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/11/20 02:34:26 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/09/17 11:14:56 | 001,393,200 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/07/13 09:57:08 | 000,069,736 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\itecir.sys -- (itecir)
DRV:64bit: - [2010/07/01 13:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/05/06 17:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2007/03/20 12:33:28 | 000,016,896 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\libusb0.sys -- (libusb0)
DRV - [2012/04/01 16:46:44 | 000,035,664 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1E1414AC-AE03-46EF-96D8-F8F77003FD8B}\MpKsld3272850.sys -- (MpKsld3272850)
DRV - [2012/04/01 15:21:20 | 000,035,664 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1E1414AC-AE03-46EF-96D8-F8F77003FD8B}\MpKsl87267db3.sys -- (MpKsl87267db3)
DRV - [2011/09/01 18:51:18 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2009/12/18 11:58:52 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004/03/23 22:12:34 | 000,017,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\nsndis5.sys -- (NSNDIS5)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://kr.yahoo.com/ilc101
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EF BD 50 E0 99 66 CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@wolfram.com/Mathematica: C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.4.2615434\npmathplugin.dll (Wolfram Research, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Zach\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Zach\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/02/11 17:10:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}: C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt [2012/03/20 12:20:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/20 22:08:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/03/31 17:51:42 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Ex\\UnicodeExtensionMap: 0000000E25D3DC6D55259BD49C5A29011B447A80
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Zach\AppData\Roaming\IDM\idmmzcc5 [2012/03/18 21:50:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\Zach\AppData\Roaming\IDM\idmmzcc5 [2012/03/18 21:50:50 | 000,000,000 | ---D | M]

[2011/08/29 18:43:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Extensions
[2012/03/20 12:20:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\2xd8jcuy.default\extensions
[2011/08/29 19:58:20 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\2xd8jcuy.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2012/01/16 16:12:53 | 000,000,000 | ---D | M] (Complitly - Speed up your search with your personal search suggestions tool) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\2xd8jcuy.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
[2011/08/29 19:58:20 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\2xd8jcuy.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2011/08/29 19:58:20 | 000,000,000 | ---D | M] (CacheIt!) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\2xd8jcuy.default\extensions\{98449521-9320-4257-aa35-9e1a39c8cbe0}
[2011/08/29 19:58:20 | 000,000,000 | ---D | M] (Cookies Manager+) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\2xd8jcuy.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
[2011/08/29 19:58:20 | 000,000,000 | ---D | M] () -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\2xd8jcuy.default\extensions\{db3cb0fa-afa1-454b-a51f-a94500cab44e}
[2011/08/29 19:58:20 | 000,000,000 | ---D | M] (Thumbnail Zoom) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\2xd8jcuy.default\extensions\{E10A6337-382E-4FE6-96DE-936ADC34DD04}
[2012/03/02 03:14:07 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\2xd8jcuy.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011/08/29 19:58:20 | 000,000,000 | ---D | M] (Web2PDF converter) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\2xd8jcuy.default\extensions\{e8f509f0-b677-11de-8a39-0800200c9a66}
[2011/08/29 19:58:20 | 000,000,000 | ---D | M] (AutoAuth) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\2xd8jcuy.default\extensions\[email protected]
[2012/01/20 12:29:45 | 000,000,000 | ---D | M] ("pearltrees") -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\2xd8jcuy.default\extensions\[email protected]
[2012/02/08 16:15:56 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\2xd8jcuy.default\extensions\[email protected]
[2012/01/07 19:51:04 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\2xd8jcuy.default\extensions\[email protected]
[2012/01/17 16:34:04 | 000,000,000 | ---D | M] ("Reddit Enhancement Suite") -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\2xd8jcuy.default\extensions\jid1-xUfzOsOFlzSOXg@jetpack
[2011/09/04 14:53:25 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\2xd8jcuy.default\extensions\[email protected]
[2012/02/29 13:39:51 | 000,000,000 | ---D | M] (IDM CC) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\2xd8jcuy.default\extensions\[email protected]
[2012/03/20 12:20:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\2xd8jcuy.default\extensions\staged
[2011/08/05 01:38:54 | 000,002,569 | ---- | M] () -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\2xd8jcuy.default\searchplugins\askcom.xml
[2011/08/18 14:31:44 | 000,000,984 | ---- | M] () -- C:\Users\Zach\AppData\Roaming\Mozilla\Firefox\Profiles\2xd8jcuy.default\searchplugins\filestube.xml
[2012/03/31 17:51:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/03/31 17:51:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012/02/11 17:10:59 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012/03/20 12:20:20 | 000,000,000 | ---D | M] (Logitech Flow Scroll) -- C:\PROGRAM FILES\LOGITECH\FLOWSCROLL\LOGISMOOTHFIREFOXEXT
() (No name found) -- C:\USERS\ZACH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2XD8JCUY.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
() (No name found) -- C:\USERS\ZACH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2XD8JCUY.DEFAULT\EXTENSIONS\{5546F97E-11A5-46B0-9082-32AD74AAA920}.XPI
() (No name found) -- C:\USERS\ZACH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2XD8JCUY.DEFAULT\EXTENSIONS\{65E41D20-F092-41B7-BB83-C6E8A9AB0F57}.XPI
() (No name found) -- C:\USERS\ZACH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2XD8JCUY.DEFAULT\EXTENSIONS\{76C80A11-FAD4-406C-8246-F5ED4F9367B5}.XPI
() (No name found) -- C:\USERS\ZACH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2XD8JCUY.DEFAULT\EXTENSIONS\{960BE052-4847-422B-9AD6-8631D3D0A607}.XPI
() (No name found) -- C:\USERS\ZACH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2XD8JCUY.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
() (No name found) -- C:\USERS\ZACH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2XD8JCUY.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\ZACH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2XD8JCUY.DEFAULT\EXTENSIONS\{EDA7B1D7-F793-4E03-B074-E6F303317FB0}.XPI
() (No name found) -- C:\USERS\ZACH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2XD8JCUY.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ZACH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2XD8JCUY.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ZACH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2XD8JCUY.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ZACH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2XD8JCUY.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ZACH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2XD8JCUY.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ZACH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2XD8JCUY.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ZACH\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2XD8JCUY.DEFAULT\EXTENSIONS\[email protected]
[2012/03/20 22:08:07 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/31 17:51:40 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/03/20 22:08:05 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/20 22:08:05 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Zach\AppData\Local\Google\Chrome\Application\18.0.1025.142\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Zach\AppData\Local\Google\Chrome\Application\18.0.1025.142\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Zach\AppData\Local\Google\Chrome\Application\18.0.1025.142\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Download Helper (Enabled) = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfjkgbjaikamkkojmakjclmkianficch\5.0.2_0\plugin/download_helper.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Wolfram Mathematica (Enabled) = C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.4.2615434\npmathplugin.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - Extension: YouTube = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Tampermonkey = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\2.3.2625_0\
CHR - Extension: Complitly plugin for chrome = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda\1.1_0\
CHR - Extension: Logitech Flow Scroll = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\geooogfhpjdpeiphckpbgkhpbeobcaoi\4.0.33_0\
CHR - Extension: Reddit Enhancement Suite = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.0.3_0\
CHR - Extension: AllDebrid Chrome Extension = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\kehalonlpdlgfjnolbogbgcchbcfcdag\4.0.5_0\
CHR - Extension: AllDebrid Chrome Extension = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\kehalonlpdlgfjnolbogbgcchbcfcdag\4.0.5_0\.bak
CHR - Extension: AllDebrid Chrome Extension = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\kehalonlpdlgfjnolbogbgcchbcfcdag\4.0.5_0\.svn\text-base\.svn-base
CHR - Extension: Download Assistant = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfjkgbjaikamkkojmakjclmkianficch\5.0.2_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Zach\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Zach\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
O2:64bit: - BHO: (Logitech Flow Scroll) - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll (Logitech, Inc.)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {74864BC8-3048-1494-5B58-3F8F2BDD3AE4} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Logitech Flow Scroll) - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\32-bit\LogiSmooth.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [LogiScrollApp] C:\Program Files\Logitech\FlowScroll\KhalScroll.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8:64bit: - Extra context menu item: En&queue current page with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidqueue.htm ()
O8:64bit: - Extra context menu item: Enqueue link tar&get with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkqueue.htm ()
O8:64bit: - Extra context menu item: Open &link target with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlink.htm ()
O8:64bit: - Extra context menu item: Open current page with BI&D - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebid.htm ()
O8:64bit: - Extra context menu item: Open current page with BID Link Explorer - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm ()
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: En&queue current page with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidqueue.htm ()
O8 - Extra context menu item: Enqueue link tar&get with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkqueue.htm ()
O8 - Extra context menu item: Open &link target with BID - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlink.htm ()
O8 - Extra context menu item: Open current page with BI&D - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebid.htm ()
O8 - Extra context menu item: Open current page with BID Link Explorer - C:\Program Files (x86)\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm ()
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - CC:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - CC:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51C8D0E5-DCB7-4AED-BFC7-07AC9FC3DE3C}: DhcpNameServer = 10.0.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51C8D0E5-DCB7-4AED-BFC7-07AC9FC3DE3C}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C1FCD9F-085C-4E60-874E-79B30FCE219A}: DhcpNameServer = 4.2.2.1 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{645C0A7B-1AA6-470F-A6E3-28F3E26A7454}: DhcpNameServer = 10.0.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{645C0A7B-1AA6-470F-A6E3-28F3E26A7454}: NameServer = 8.26.56.26,156.154.70.22
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/02/02 14:14:20 | 000,000,082 | ---- | M] () - H:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{5acc1347-7498-11e1-b812-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5acc1347-7498-11e1-b812-806e6f6e6963}\Shell\AutoRun\command - "" = H:\unlock.exe -- [2011/03/09 15:27:17 | 003,728,752 | ---- | M] (Western Digital)
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/04/01 15:44:15 | 000,000,000 | ---D | C] -- C:\Users\Zach\AppData\Local\Deployment
[2012/03/31 19:49:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2012/03/31 18:59:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/03/31 18:59:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/03/31 17:55:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/03/31 17:55:48 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/03/31 17:55:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/03/31 17:55:48 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/03/31 17:51:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/03/30 15:38:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/03/30 15:38:10 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/03/28 21:02:53 | 000,000,000 | ---D | C] -- C:\Users\Zach\Desktop\flash dvd drive
[2012/03/27 13:25:25 | 000,000,000 | ---D | C] -- C:\Users\Zach\Desktop\SCREEM
[2012/03/27 11:44:12 | 000,000,000 | ---D | C] -- C:\Users\Zach\Desktop\One Piece
[2012/03/25 17:34:49 | 000,000,000 | ---D | C] -- C:\ProgramData\CPA_VA
[2012/03/25 17:33:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\COMODO
[2012/03/25 17:28:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/03/25 17:28:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/03/25 17:24:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2012/03/25 17:24:32 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2012/03/25 17:24:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2012/03/25 17:24:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo
[2012/03/25 17:19:28 | 000,000,000 | ---D | C] -- C:\Users\Zach\AppData\Roaming\SUPERAntiSpyware.com
[2012/03/25 17:19:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/03/25 17:19:06 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/03/25 17:19:06 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/03/25 17:18:36 | 000,000,000 | ---D | C] -- C:\Users\Zach\Desktop\Spyware
[2012/03/25 03:36:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/03/22 14:29:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudibleManager
[2012/03/22 14:29:21 | 000,000,000 | ---D | C] -- C:\Users\Zach\Documents\Audible
[2012/03/22 14:29:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Audible
[2012/03/22 14:29:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audible
[2012/03/20 11:55:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack
[2012/03/20 11:55:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Combined Community Codec Pack
[2012/03/18 23:00:43 | 000,000,000 | ---D | C] -- C:\Users\Zach\Desktop\New folder (2)
[2012/03/16 07:08:36 | 000,149,640 | ---- | C] (Tonec Inc.) -- C:\Windows\SysNative\drivers\idmwfp.sys
[2012/03/15 16:02:24 | 000,000,000 | ---D | C] -- C:\download
[2012/03/14 13:47:27 | 000,000,000 | ---D | C] -- C:\Users\Zach\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GOM Video Converter
[2012/03/14 13:47:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Video Converter
[2012/03/14 13:47:26 | 000,000,000 | ---D | C] -- C:\Users\Zach\Documents\GOMVideoConverter
[2012/03/14 13:47:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GNU
[2012/03/14 13:47:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CoreAAC
[2012/03/14 13:47:01 | 000,000,000 | ---D | C] -- C:\ProgramData\GRETECH
[2012/03/13 00:23:23 | 000,000,000 | ---D | C] -- C:\Users\Zach\Desktop\New folder
[2012/03/11 21:13:40 | 000,022,696 | ---- | C] (COMODO) -- C:\Windows\SysNative\drivers\cmderd.sys
[2012/03/11 21:13:22 | 000,041,200 | ---- | C] (COMODO) -- C:\Windows\SysNative\cmdcsr.dll
[2012/03/11 21:13:20 | 000,301,224 | ---- | C] (COMODO) -- C:\Windows\SysWow64\guard32.dll
[2012/03/11 21:13:18 | 000,389,840 | ---- | C] (COMODO) -- C:\Windows\SysNative\guard64.dll
[2012/03/08 18:48:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 2 Deluxe Edition
[2012/03/08 18:25:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mass Effect 2 Deluxe Edition
[2012/03/08 00:13:56 | 000,000,000 | ---D | C] -- C:\Users\Zach\Documents\BioWare
[2012/03/08 00:10:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\3EMN7
[2012/03/04 15:14:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\abgx360
[2012/03/04 15:14:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\abgx360
[2012/03/04 14:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uTorrent Ultra Accelerator
[2012/03/04 14:56:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent Ultra Accelerator
[2012/03/04 14:40:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitTorrent Ultra Accelerator
[2012/03/03 16:35:51 | 001,292,112 | ---- | C] (WebSpeeders LLC) -- C:\Users\Zach\Documents\update132.exe
[2012/03/03 15:35:32 | 000,000,000 | ---D | C] -- C:\Users\Zach\AppData\Roaming\IDM

========== Files - Modified Within 30 Days ==========

[2012/06/30 21:53:48 | 000,367,893 | ---- | M] () -- C:\Windows\SysWow64\IDMSL Auto Update.exe
[2012/04/01 16:55:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1242743944-2142874907-2554754325-1000UA.job
[2012/04/01 16:32:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/01 15:07:24 | 000,021,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/01 15:07:24 | 000,021,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/01 15:04:38 | 000,782,702 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/01 15:04:38 | 000,662,658 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/01 15:04:38 | 000,122,454 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/01 15:00:21 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/01 15:00:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/01 15:00:15 | 4277,141,502 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/31 21:55:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1242743944-2142874907-2554754325-1000Core.job
[2012/03/31 19:49:44 | 000,001,869 | ---- | M] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2012/03/31 18:59:12 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/03/31 18:59:02 | 000,796,852 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/03/31 18:54:04 | 000,016,820 | ---- | M] () -- C:\Users\Zach\Documents\cc_20120331_185401.reg
[2012/03/31 17:55:57 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/03/31 17:51:41 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/03/30 15:38:13 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/29 18:44:42 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/03/29 18:44:42 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2012/03/28 19:50:35 | 000,020,114 | ---- | M] () -- C:\Users\Zach\Desktop\Prejudice.odt
[2012/03/26 21:10:47 | 213,774,854 | ---- | M] () -- C:\Users\Zach\Desktop\panorama.s60e11.murdochs.tv.pirates.hdtv.x264-barge.mp4
[2012/03/26 21:02:43 | 000,013,970 | ---- | M] () -- C:\Users\Zach\Documents\cc_20120326_210240.reg
[2012/03/25 17:24:39 | 000,001,846 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2012/03/25 17:24:30 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2012/03/22 14:12:13 | 000,007,619 | ---- | M] () -- C:\Users\Zach\AppData\Local\Resmon.ResmonCfg
[2012/03/22 09:10:53 | 000,022,223 | ---- | M] () -- C:\Users\Zach\Desktop\Leonard Peltier.odt
[2012/03/21 23:19:23 | 000,156,878 | R--- | M] () -- C:\Users\Zach\Desktop\Wheel of time ALL OF THEM.torrent
[2012/03/20 00:39:28 | 000,001,388 | ---- | M] () -- C:\Users\Zach\Desktop\HD Video Converter Factory Pro.lnk
[2012/03/16 01:23:55 | 000,000,628 | ---- | M] () -- C:\Windows\SysNative\mapisvc.inf
[2012/03/14 16:15:58 | 000,000,007 | ---- | M] () -- C:\Users\Zach\Desktop\ageGroup_Lucie.wmv
[2012/03/14 13:47:27 | 000,001,209 | ---- | M] () -- C:\Users\Zach\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Video Converter.lnk
[2012/03/14 13:45:36 | 000,001,183 | ---- | M] () -- C:\Users\Zach\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk
[2012/03/13 16:35:20 | 000,316,032 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/03/11 21:13:40 | 000,022,696 | ---- | M] (COMODO) -- C:\Windows\SysNative\drivers\cmderd.sys
[2012/03/11 21:13:22 | 000,041,200 | ---- | M] (COMODO) -- C:\Windows\SysNative\cmdcsr.dll
[2012/03/11 21:13:20 | 000,301,224 | ---- | M] (COMODO) -- C:\Windows\SysWow64\guard32.dll
[2012/03/11 21:13:18 | 000,389,840 | ---- | M] (COMODO) -- C:\Windows\SysNative\guard64.dll
[2012/03/09 01:15:05 | 326,139,132 | ---- | M] () -- C:\Users\Zach\Desktop\[yibis]_One_Piece_538_[720p][932D9021].mkv
[2012/03/06 19:15:03 | 000,258,520 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/03/06 15:28:57 | 000,007,692 | ---- | M] () -- C:\Users\Zach\Documents\cc_20120306_142855.reg
[2012/03/04 14:56:53 | 000,001,287 | ---- | M] () -- C:\Users\Zach\Application Data\Microsoft\Internet Explorer\Quick Launch\uTorrent Ultra Accelerator.lnk
[2012/03/03 16:35:54 | 001,292,112 | ---- | M] (WebSpeeders LLC) -- C:\Users\Zach\Documents\update132.exe

========== Files Created - No Company Name ==========

[2012/06/30 21:53:47 | 000,367,893 | ---- | C] () -- C:\Windows\SysWow64\IDMSL Auto Update.exe
[2012/03/31 19:51:30 | 213,774,854 | ---- | C] () -- C:\Users\Zach\Desktop\panorama.s60e11.murdochs.tv.pirates.hdtv.x264-barge.mp4
[2012/03/31 19:49:44 | 000,001,869 | ---- | C] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2012/03/31 18:59:01 | 000,001,913 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/03/31 18:54:03 | 000,016,820 | ---- | C] () -- C:\Users\Zach\Documents\cc_20120331_185401.reg
[2012/03/31 17:55:57 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/03/30 15:38:13 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/28 14:45:20 | 000,020,114 | ---- | C] () -- C:\Users\Zach\Desktop\Prejudice.odt
[2012/03/26 21:02:42 | 000,013,970 | ---- | C] () -- C:\Users\Zach\Documents\cc_20120326_210240.reg
[2012/03/25 17:24:39 | 000,001,846 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Firewall.lnk
[2012/03/25 17:24:30 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2012/03/24 19:45:17 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/03/22 14:12:13 | 000,007,619 | ---- | C] () -- C:\Users\Zach\AppData\Local\Resmon.ResmonCfg
[2012/03/21 23:19:23 | 000,156,878 | R--- | C] () -- C:\Users\Zach\Desktop\Wheel of time ALL OF THEM.torrent
[2012/03/18 22:02:12 | 056,169,288 | ---- | C] () -- C:\Users\Zach\Desktop\Berdesup.Com.P_Coll_Girls_2012_01_02.pdf
[2012/03/14 16:15:58 | 000,000,007 | ---- | C] () -- C:\Users\Zach\Desktop\ageGroup_Lucie.wmv
[2012/03/14 13:47:27 | 000,001,209 | ---- | C] () -- C:\Users\Zach\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Video Converter.lnk
[2012/03/09 01:06:08 | 326,139,132 | ---- | C] () -- C:\Users\Zach\Desktop\[yibis]_One_Piece_538_[720p][932D9021].mkv
[2012/03/06 15:28:56 | 000,007,692 | ---- | C] () -- C:\Users\Zach\Documents\cc_20120306_142855.reg
[2012/03/04 14:56:53 | 000,001,287 | ---- | C] () -- C:\Users\Zach\Application Data\Microsoft\Internet Explorer\Quick Launch\uTorrent Ultra Accelerator.lnk
[2012/02/09 21:05:44 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012/02/06 15:47:30 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/02/06 15:47:30 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012/02/06 15:47:25 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/01/03 03:28:06 | 002,570,286 | ---- | C] () -- C:\Windows\SysWow64\abgx360.exe
[2012/01/01 00:14:42 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/01/01 00:14:41 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/12/31 23:55:36 | 002,580,552 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011/12/27 21:00:28 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI
[2011/11/18 15:51:38 | 000,383,238 | ---- | C] () -- C:\Windows\SysWow64\libmp3lame-0.dll
[2011/09/19 18:26:15 | 000,000,426 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/09/19 18:26:15 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD2040.DAT
[2011/09/11 12:27:04 | 000,022,528 | ---- | C] () -- C:\Windows\exeshl.dll
[2011/09/06 16:30:03 | 000,003,584 | ---- | C] () -- C:\Users\Zach\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/01 18:41:56 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/09/01 18:41:56 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/08/29 18:35:15 | 000,796,852 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/08/29 18:26:42 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/08/29 17:10:27 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2011/08/29 17:07:27 | 000,000,102 | ---- | C] () -- C:\Windows\OEM.ini
[2011/08/29 17:07:27 | 000,000,020 | ---- | C] () -- C:\Windows\Bison.ini

========== LOP Check ==========

[2012/03/31 19:47:14 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\abgx360
[2012/02/06 15:33:07 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\AnvSoft
[2012/02/09 15:46:31 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\Ashisoft
[2012/01/21 19:30:59 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\Barnes & Noble
[2011/10/05 00:11:55 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\BID
[2012/01/10 16:29:50 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\BSplayer PRO
[2012/03/04 14:56:50 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\Complitly
[2012/03/26 21:02:17 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\DAEMON Tools Lite
[2012/04/01 14:58:11 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\DMCache
[2012/01/11 13:43:41 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\Dropbox
[2012/01/07 14:02:01 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\GHISLER
[2012/02/22 20:50:28 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\HandBrake
[2012/03/26 21:02:17 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\IDM
[2011/09/09 17:47:13 | 000,000,000 | -H-D | M] -- C:\Users\Zach\AppData\Roaming\IFViewer
[2011/09/10 15:12:05 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\ImgBurn
[2011/09/07 08:33:30 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\IrfanView
[2012/03/01 15:56:02 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\JAM Software
[2011/09/01 18:32:47 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\Leadertech
[2011/11/20 22:42:04 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\Notepad++
[2011/09/30 12:03:30 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\OpenOffice.org
[2012/02/08 15:18:44 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\Orbit
[2012/02/08 14:59:01 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\ProgSense
[2012/01/10 12:50:26 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\redsn0w
[2011/12/25 15:22:53 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\Soldat
[2011/09/01 16:46:48 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\Stereoscopic Player
[2011/12/25 21:10:08 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\SystemRequirementsLab
[2012/03/27 12:25:21 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\TeraCopy
[2012/02/06 15:29:30 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\Thinstall
[2011/08/30 01:08:18 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\TrueCrypt
[2012/04/01 14:58:10 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\uTorrent
[2012/02/29 15:27:43 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\VisualSearchPony
[2012/01/07 13:45:12 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\WindSolutions
[2011/10/01 16:25:18 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\WinPatrol
[2011/09/09 16:36:02 | 000,000,000 | ---D | M] -- C:\Users\Zach\AppData\Roaming\Wireshark
[2012/03/11 21:23:42 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
Crowbar
Posted 06 April 2012 - 06:39 AM

Crowbar

    Teacher

  • GeekU Moderator
  • 4,798 posts
Hello Zoltain and welcome to Geeks To Go !!

My name is Crowbar and I'll be the malware removal Geek that will be helping you remove any infections you may have on your computer.
Please be patient with me as I am currently in training, and all of my responses to you have to be reviewed by my instructor before I post them.
You get an advantage as you have 2 people examining your issue.
  • Please read all of my response through at least once before attempting to follow the procedures described.
  • Please save my instructions as a text file on your desktop, or print them out, as you may not be able to access this thread at times.
  • Please follow the steps exactly as written, in the same order.
  • If there's anything you don't understand or isn't totally clear, please ask me any questions that you may have.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.
  • This process is not an instant process - please stick with me until I tell you that your machine is clean. If you don't see any symptoms it does not mean your system is clear of malware
  • Please don't run any other scans or other software unless I ask you to, as it will make this repair more difficult.

Sorry about the delay, since it's been a few days since your first post, I will need some fresh logs so...

Step 1
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • Post the log it produces in your next reply.
Step 2
Download aswMBR.exe to your desktop.

Double click the aswMBR.exe to run it
Posted Image

Click the [Scan] button to start scan
Posted Image

On completion of the scan click [Save log], save it to your desktop and post in your next reply

In your next reply I would like to see:
  • OTL log
  • aswMBR log

  • 0

#3
Essexboy
Posted 10 April 2012 - 02:08 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP