Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Ads In Browser

Started by HKim42 , Jun 11 2012 06:46 PM

  • Please log in to reply

#16
Amlak
Posted 16 June 2012 - 05:41 AM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Hi, HKim42. Correct me if I'm mistaken, but you don't seem to have an antivirus installed. If that is the case, please install Avast (free version) from here. Then run the setup file to install it and make sure it's updated.

Also:

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

Don't forget to let me know when you do the disk check I suggested earlier. If the data in your external hard drive is important to you, you owe it to yourself to give the drive a check. You might also want to back up copies of your data to a different drive as well just in case.
  • 0

Advertisements

#17
HKim42
Posted 21 June 2012 - 10:05 PM

HKim42

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Really sorry for delay, I didn't realize there was a second page in this thread! I finally finished the scan, it said there was nothing wrong. Here is FSS log:

Farbar Service Scanner Version: 19-06-2012 01
Ran by Eric (administrator) on 22-06-2012 at 00:07:22
Running from "C:\Users\Eric\Downloads"
Windows 7 Ultimate (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-02-15 17:08] - [2011-12-27 23:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-05-09 21:18] - [2012-03-30 07:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-13 20:09] - [2009-07-13 21:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-13 19:36] - [2009-07-13 21:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll
[2009-07-13 20:36] - [2009-07-13 21:41] - 2418176 ____A (Microsoft Corporation) 38340204A2D0228F1E87740FC5E554A7

C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-06-13 11:40] - [2012-04-24 01:59] - 0182272 ____A (Microsoft Corporation) F02786B66375292E58C8777082D4396D

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Edited by HKim42, 21 June 2012 - 10:09 PM.

  • 0

#18
Amlak
Posted 22 June 2012 - 07:26 AM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Download Windows Repair (all in one) from this site

Install the programme then run

Posted Image

Go to step 3 and allow it to run SFC
Posted Image


On the start repairs tab click start
Posted Image

Select the following items and tick restart system when finished
Posted Image
  • 0

#19
HKim42
Posted 23 June 2012 - 10:56 PM

HKim42

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
I ran Windows repair, but I still have the same issue with the firewall.
  • 0

#20
Amlak
Posted 24 June 2012 - 07:50 AM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Hey, HKim42. I've attached a zip file for you to download. Here's what to do:

  • Download the zip file to your desktop.
  • Extract from the zip file both the bfe.reg and mpssvc.reg files to the desktop. Let me know if you need a hand here in extracting the files.
  • Double-click bfe.reg and click Yes to confirm its merge into the Registry.
  • Then double-click mpssvc.reg and click Yes to confirm its merge into the Registry.

And then restart your system and then let me know if the firewall issue is resolved or not.

Attached Files


  • 0

#21
HKim42
Posted 25 June 2012 - 09:04 PM

HKim42

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
This seems to have fixed the firewall problem, thanks!
  • 0

#22
Amlak
Posted 26 June 2012 - 04:33 PM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Hi, HKim42. That's good news! Are you having any other issues with your Windows and the Internet specifically? Let's do one more quick scan with OTL:

  • Run OTL.
  • Click Quick Scan.
  • When done, paste the resultant log in your next reply.

  • 0

#23
HKim42
Posted 28 June 2012 - 06:34 PM

HKim42

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Thanks a lot, I don't think anything is wrong anymore, although one thing I have noticed is that my downloads folder which I always used to keep sorted by date modified becomes sorted by name every time I open the folder again. This just started happening recently, so I don't know if it has anything to do with a virus. Anyways, here is otl log.

OTL logfile created on: 6/28/2012 8:21:34 PM - Run 9
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\Eric\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 2.06 Gb Available Physical Memory | 51.61% Memory free
8.00 Gb Paging File | 5.58 Gb Available in Paging File | 69.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.50 Gb Total Space | 307.31 Gb Free Space | 32.99% Space Free | Partition Type: NTFS
Drive D: | 7.85 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 931.51 Gb Total Space | 134.04 Gb Free Space | 14.39% Space Free | Partition Type: NTFS

Computer Name: ERIC-PC | User Name: Eric | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/28 20:20:47 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Eric\Downloads\OTL.exe
PRC - [2012/06/20 07:51:12 | 000,529,232 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012/06/16 13:08:38 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/06/10 13:24:45 | 001,535,176 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
PRC - [2012/04/04 01:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/11/22 21:20:13 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2011/10/15 01:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/09/14 05:11:28 | 002,006,528 | ---- | M] () -- C:\Program Files (x86)\foobar2000\foobar2000.exe
PRC - [2011/08/02 03:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010/10/05 12:32:58 | 001,811,800 | ---- | M] (Logitech©) -- C:\Program Files (x86)\Logitech\G35\G35.exe
PRC - [2009/12/21 11:00:50 | 000,081,920 | ---- | M] (Realtime Soft Ltd) -- C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
PRC - [2009/12/15 14:17:08 | 003,278,728 | ---- | M] (Razer USA Ltd) -- C:\Program Files (x86)\Razer\Mamba\RazerTray.exe
PRC - [2009/08/13 20:37:44 | 000,522,760 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/20 07:51:12 | 020,313,384 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/06/20 07:51:08 | 000,895,312 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/06/20 07:51:08 | 000,190,776 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/06/20 07:51:08 | 000,123,192 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/06/20 07:51:07 | 001,099,576 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/06/16 13:08:38 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/06/10 13:24:45 | 009,459,912 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll
MOD - [2011/12/03 00:12:40 | 000,098,304 | ---- | M] () -- C:\Users\Eric\AppData\Roaming\foobar2000\user-components\foo_input_alac\foo_input_alac.dll
MOD - [2011/10/15 01:54:26 | 000,265,536 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2011/09/20 13:21:14 | 001,457,664 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_input_std.dll
MOD - [2011/09/14 05:11:28 | 002,006,528 | ---- | M] () -- C:\Program Files (x86)\foobar2000\foobar2000.exe
MOD - [2011/09/14 05:10:12 | 000,276,480 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_dsp_std.dll
MOD - [2011/09/14 05:09:52 | 000,365,056 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_albumlist.dll
MOD - [2011/09/14 05:09:46 | 001,130,496 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_ui_std.dll
MOD - [2011/09/14 05:09:40 | 000,299,008 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_cdda.dll
MOD - [2011/09/14 05:09:32 | 000,480,256 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_converter.dll
MOD - [2011/09/14 05:09:32 | 000,283,136 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_rgscan.dll
MOD - [2011/09/14 05:09:06 | 000,171,008 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_unpack.dll
MOD - [2011/09/14 05:08:24 | 000,275,456 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_fileops.dll
MOD - [2011/09/14 05:08:22 | 000,237,568 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_freedb2.dll
MOD - [2011/09/14 05:07:44 | 000,148,480 | ---- | M] () -- C:\Program Files (x86)\foobar2000\shared.dll
MOD - [2010/04/21 08:48:00 | 000,066,560 | ---- | M] () -- C:\Program Files (x86)\foobar2000\zlib1.dll
MOD - [2007/07/19 15:50:12 | 000,104,520 | ---- | M] () -- C:\Windows\SysWOW64\OSD.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/06/17 03:34:18 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/06/20 07:51:12 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/06/16 13:08:38 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/04 01:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/15 01:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/01 02:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/12 09:28:48 | 000,057,976 | R--- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SBREDrv.sys -- (SBRE)
DRV:64bit: - [2011/11/01 00:15:36 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/06/16 23:10:08 | 001,308,160 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CAHS164.sys -- (CorsairCAHS1)
DRV:64bit: - [2011/05/10 09:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/09/29 14:34:50 | 000,377,176 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ladfSBVMamd64.sys -- (LADF_SBVM)
DRV:64bit: - [2010/09/29 14:34:48 | 000,062,168 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ladfDHP2amd64.sys -- (LADF_DHP2)
DRV:64bit: - [2010/07/14 13:51:56 | 000,087,600 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2009/07/14 18:36:28 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/19 22:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2005/03/29 04:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/11/14 05:11:42 | 000,020,512 | ---- | M] (Realtime Soft Ltd) [Kernel | Auto | Running] -- C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys -- (UltraMonUtility)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-CA
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A4 DE ED AF 3C 2F CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Eric\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Eric\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/16 13:08:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/04/14 20:02:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{3CE0F853-9B2F-11E1-826E-B8AC6F996F26}: C:\Users\Eric\AppData\Local\{3CE0F853-9B2F-11E1-826E-B8AC6F996F26}\ [2012/05/11 02:05:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F9416C60-A787-11E1-8270-B8AC6F996F26}: C:\Users\Eric\AppData\Local\{3CE0F853-9B2F-11E1-826E-B8AC6F996F26}\ [2012/05/11 02:05:12 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/16 13:08:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/04/14 20:02:15 | 000,000,000 | ---D | M]

[2012/02/06 21:59:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eric\AppData\Roaming\Mozilla\Extensions
[2012/06/26 01:14:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\wa5svetl.default\extensions
[2012/06/07 15:06:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/06/14 01:53:49 | 000,525,301 | ---- | M] () (No name found) -- C:\USERS\ERIC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WA5SVETL.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2012/06/26 01:14:35 | 000,082,787 | ---- | M] () (No name found) -- C:\USERS\ERIC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WA5SVETL.DEFAULT\EXTENSIONS\[email protected]
[2012/06/16 13:08:39 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/10/12 17:33:32 | 000,124,344 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll
[2010/10/12 17:37:06 | 000,070,592 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll
[2010/10/12 17:35:42 | 000,091,576 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll
[2010/10/12 17:34:56 | 000,022,464 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll
[2011/09/20 23:22:13 | 000,611,224 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/10/12 19:16:54 | 000,484,768 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll
[2011/12/09 13:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010/10/12 17:37:02 | 000,024,000 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll
[2012/06/01 11:39:16 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/01 11:39:16 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Eric\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Eric\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Eric\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Eric\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 7.0.0.147 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Eric\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: Gmail = C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/06/07 15:38:01 | 000,000,798 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4 - HKLM..\Run: [Logitech G35] C:\Program Files (x86)\Logitech\G35\G35.exe (Logitech©)
O4 - HKLM..\Run: [Razer Mamba Driver] C:\Program Files (x86)\Razer\Mamba\RazerTray.exe (Razer USA Ltd)
O4 - HKCU..\Run: [\\IOMEGA-0A4E29\Printer1] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICJA.EXE /FU "C:\Windows\TEMP\E_S7637.tmp" /EF "HKCU" File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - %SystemRoot%\System32\nwprovau.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.0.0)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{83CA3A17-9CC8-402C-8A9D-DC90054C809C}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/06/15 00:36:12 | 000,000,073 | R--- | M] () - D:\AUTORUN.INF -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/28 15:52:28 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{D360B007-1EE5-4CBA-B512-6C2577330319}
[2012/06/28 15:52:17 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{CC04BAC4-7882-46A5-85F9-6939DECC61B0}
[2012/06/28 03:51:51 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{B6668820-DB01-46B6-AD70-6B96F423676A}
[2012/06/28 03:51:39 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{4883655B-658C-4A08-ACFC-F71417B62DA3}
[2012/06/27 15:51:13 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{8173F3E1-408D-4CD1-AF19-322B0C50402A}
[2012/06/27 15:51:02 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{3B440507-B6A8-4F5C-834E-140C9CAC2F81}
[2012/06/27 15:11:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Monolith Productions
[2012/06/27 03:50:36 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{F4D2F5AA-1D17-46EC-93C3-7ADA0FED0B55}
[2012/06/27 03:50:24 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{424CB919-C4B5-4E5A-862D-D0CE8DC0AEC7}
[2012/06/26 15:50:11 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{AE49BF78-CDF7-4862-AF23-05B30B2F133A}
[2012/06/26 15:50:00 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{8B05FADB-9D82-4796-B85C-D51832107EB3}
[2012/06/26 03:49:33 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{9E04E700-DC3D-4E8E-BB4F-42B79482313E}
[2012/06/26 03:49:22 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{32ECC2B9-785A-4C32-8831-A6FE4DF463AD}
[2012/06/25 15:48:53 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{297219CC-6077-4BB2-A781-97AEB80BD99D}
[2012/06/25 15:48:35 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{7CDBDC56-410F-43BF-8850-AD391EFBFD29}
[2012/06/25 03:02:12 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{6A9D98DB-0071-4456-97CA-99059320852B}
[2012/06/25 03:02:00 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{36B39624-3EEC-437B-9E26-544354EEFD5D}
[2012/06/24 15:01:42 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{09B00BA2-BEFF-4FA1-B708-D34964D5EEE3}
[2012/06/24 15:01:30 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{B2960B32-8A96-46C0-A728-D005C636D524}
[2012/06/24 02:04:13 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{AE1F570F-EA79-4638-8496-C2B044D94DAC}
[2012/06/24 02:04:01 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{99B8524C-D070-404D-9254-9D0ED811DD9B}
[2012/06/24 00:49:42 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/06/24 00:47:15 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/06/24 00:14:48 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2012/06/23 23:57:06 | 000,000,000 | ---D | C] -- C:\Tweaking.com_Windows_Repair_Logs
[2012/06/23 23:57:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2012/06/23 23:57:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com
[2012/06/23 14:03:35 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{F71A01E5-1E64-4DCF-8B77-04FC6BFCCCA7}
[2012/06/23 14:03:23 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{0C159E2D-D908-46FD-A546-2591063282EE}
[2012/06/23 02:02:55 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{CA6510FD-5F5B-437B-896A-3281A2E2755B}
[2012/06/23 02:02:44 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{8045956C-0071-42FE-A75E-B4B918AB070C}
[2012/06/23 00:08:21 | 000,000,000 | ---D | C] -- C:\Users\Eric\Documents\how_to_dominate
[2012/06/22 14:02:28 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{E48E9968-CCFF-4D90-8DBD-84F5DD437B1D}
[2012/06/22 14:02:15 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{D0213C3C-F486-4649-B3AF-4B948AEDDBD4}
[2012/06/21 23:20:29 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{560D1617-E1F0-4FC9-BCD3-7B42A0A2C953}
[2012/06/21 23:20:18 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{F89F4F28-CC6B-46CA-87D3-2E8B8EDCF646}
[2012/06/21 11:20:02 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{9B322490-899C-4DE2-AD7E-F7C6F57097FF}
[2012/06/21 11:19:50 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{CB7821FE-C7E6-41B6-84A1-28069DF50117}
[2012/06/20 19:34:50 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{2F09BEBF-A092-425C-9878-AE4E7C7FA7B1}
[2012/06/20 19:34:39 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{4D95F88E-C165-4487-A215-BA753C450E6C}
[2012/06/20 02:37:50 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{1A32E2C8-D7DB-4988-B0B8-CCF8B68E6B60}
[2012/06/20 02:37:39 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{8EBC72C0-8A88-4C71-A3E8-E7DBD8718939}
[2012/06/19 14:37:26 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{39D3EE15-AE63-41F7-8CA1-A9A268D319E8}
[2012/06/19 14:37:15 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{A2302880-6C1A-4B0F-A5FB-387283367527}
[2012/06/19 02:36:42 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{B15FBDF4-6C67-4799-8FB6-C6956F51E120}
[2012/06/19 02:36:31 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{C692AB1B-D05A-4188-AAE3-EA4513ED9F8F}
[2012/06/18 14:36:19 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{D3157489-1590-4FEC-B005-84602BB55889}
[2012/06/18 02:35:55 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{E977F890-5346-4DB7-AA21-9D9983BAD9E9}
[2012/06/17 14:35:43 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{FAF54F68-DEE4-4A6F-BF9E-1744D31D75D3}
[2012/06/17 02:35:18 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{81A8B88C-8FA6-49B5-A7F2-B0F7609F9E29}
[2012/06/16 14:35:07 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{B44AB429-D75D-4758-B568-EADE733F5CF3}
[2012/06/16 02:34:42 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{922A5B9E-2252-4C68-8A36-9074963E7286}
[2012/06/15 14:34:17 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{B3F03A9C-1077-44F1-8B83-D1D167A48203}
[2012/06/15 02:33:53 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{4F23703A-9425-4D23-AAD8-88B2BDD05FC5}
[2012/06/14 14:33:39 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{3602872F-8953-44E3-93C6-4E1F33E00054}
[2012/06/14 14:33:27 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{A47F0126-818C-41B5-80A8-7AC9124D44F4}
[2012/06/14 02:33:00 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{CD41730C-0106-471C-A020-70704FE158D0}
[2012/06/14 02:32:49 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{144FA0A4-B45D-4FFF-A3F2-D372D4F1ED04}
[2012/06/13 14:32:21 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{35D101BB-E333-4461-976C-7B5600AAFA60}
[2012/06/13 14:32:10 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{B8C440BD-11EE-49A7-A573-69752B03C01B}
[2012/06/13 12:07:52 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/06/13 02:31:43 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{98E14196-891C-4799-BD87-1C66A0A32FFF}
[2012/06/13 02:31:32 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{58A0AD33-1906-425C-8270-31398FBC71FC}
[2012/06/12 14:31:06 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{6B8C9543-BEC9-484D-B3EF-8304AAEAF27D}
[2012/06/12 14:30:55 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{6FD654FC-AEE8-4DFD-8500-FC07AB31745B}
[2012/06/12 02:30:28 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{A21E0CCE-BEDF-4D46-92FF-9480A924CE54}
[2012/06/12 02:30:17 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{B3C72098-35C0-4C36-B4C5-BF11C30AFC81}
[2012/06/11 14:30:04 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{5FD9B8C6-36FD-493C-9E98-D99BB78E59B2}
[2012/06/11 14:29:53 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{F96426ED-BF56-4ECA-AAB7-BAC7BEA3FBE6}
[2012/06/11 02:29:27 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{D0BA3D0B-3DD6-44B7-85C3-6DEDED2C6D40}
[2012/06/11 02:29:15 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{704B973B-242E-4342-870E-BEC6C7407E87}
[2012/06/10 14:29:01 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{5E1B8F7A-363A-4C33-87E4-C1F32A7489E2}
[2012/06/10 14:28:50 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{C5996DAF-6C9A-48BF-843F-66B154879D03}
[2012/06/10 13:25:55 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\Macromedia
[2012/06/10 02:28:23 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{85C0CC2E-F6E6-4544-8A48-AD853007683C}
[2012/06/10 02:28:11 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{6179B1C1-0087-4C45-B782-1576D20CD56F}
[2012/06/09 14:27:58 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{AE6359EC-685E-4F5B-8CB6-C8B63F3F59C9}
[2012/06/09 14:27:47 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{13092FFF-BEA6-4DDA-8273-347FE77D9079}
[2012/06/09 02:27:20 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{B8229D78-8426-449A-A4D3-FEBAA3625656}
[2012/06/09 02:27:09 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{87845579-475E-4AA2-9C00-58EAF285DE0E}
[2012/06/08 14:26:56 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{E87B8A95-D838-4735-ADFA-81F52231696A}
[2012/06/08 14:26:45 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{411C21B8-3F6E-4A9A-BADB-DBDF138B6371}
[2012/06/08 02:26:17 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{3D134B4D-587C-4CCF-8E14-CEE40E287B26}
[2012/06/08 02:26:05 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{4A28CA09-B072-485B-995A-2CA2826F294D}
[2012/06/07 15:17:54 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2012/06/07 14:25:37 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{85E2331B-CE1B-4895-873E-B683FA48A9A5}
[2012/06/07 14:25:26 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{9AD3E5B3-91FE-40CD-8E28-BB7B463FB0AB}
[2012/06/07 02:25:00 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{09F40F87-D5FC-488B-AFA1-8B23E7162D72}
[2012/06/07 02:24:49 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{A919D19E-67CD-4B47-B260-24CDF6E60C31}
[2012/06/06 14:24:23 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{5827305A-40AA-43A6-B4FE-D4638409A755}
[2012/06/06 14:24:11 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{DAB66442-FEE4-480B-888E-9BB518AFAF0A}
[2012/06/06 02:23:44 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{5DDC4E63-8057-44AF-AE8E-BFE1C67E7DBB}
[2012/06/06 02:23:32 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{C93E81CB-D272-48D8-9F0D-DF52FDE09F91}
[2012/06/05 23:58:13 | 000,000,000 | ---D | C] -- C:\Users\Eric\Desktop\New folder
[2012/06/05 14:23:06 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{62A7ED40-5012-4351-9894-5694FC26F832}
[2012/06/05 14:22:55 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{539D4615-48AB-4786-BF33-E715380CD3DB}
[2012/06/05 02:22:28 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{848546B9-F4F1-414D-BB92-93716F43ACC0}
[2012/06/05 02:22:16 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{CDA8DF88-4804-457D-9FEB-83A2131768DA}
[2012/06/04 14:21:50 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{0C369753-E3A3-491A-BA4E-D5215E1AC31B}
[2012/06/04 14:21:39 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{F70394B0-4975-4D0D-ACE0-3F0B8391CB43}
[2012/06/04 02:21:12 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{B7581378-DCCA-486E-A7F8-7712F61CB539}
[2012/06/04 02:21:01 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{22B29B15-9DCA-4DC8-9297-604188944C4F}
[2012/06/03 15:08:44 | 000,000,000 | ---D | C] -- C:\Users\Eric\Desktop\ISUGUI
[2012/06/03 14:20:47 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{124063D9-EA1A-4093-9240-B25566419985}
[2012/06/03 14:20:36 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{4AFB7035-30DB-460E-A3BB-6A913B057855}
[2012/06/03 02:20:10 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{1B588D20-9577-4065-B16E-2D3D9CF91ED6}
[2012/06/03 02:19:59 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{94E239B9-8E33-45ED-89EA-B72F9D87E541}
[2012/06/02 14:19:45 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{4B0B53D9-EF2D-40B5-9ED0-8CFF3568DEE5}
[2012/06/02 14:19:34 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{452F196E-53B7-4283-9E54-A418F6D8FD66}
[2012/06/02 02:19:07 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{0F165025-BA63-4F0A-BD3B-C28D165BB6E5}
[2012/06/02 02:18:55 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{7C5E0AD0-3388-4D9C-89CE-6D1C33769667}
[2012/06/01 14:18:27 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{CF173F53-5353-470F-82DC-9C7FB6848BCE}
[2012/06/01 14:18:15 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{3B854175-76A8-4C3F-9ED7-8460AE465483}
[2012/05/31 21:30:05 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{1B8FF632-9AAA-4E81-84BF-771BCB6B5072}
[2012/05/31 21:29:53 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{2D489DB5-E953-4220-8178-EB9095A9D738}
[2012/05/31 20:50:15 | 000,057,976 | R--- | C] (GFI Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2012/05/31 09:29:27 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{2CE13985-C32D-41DA-9BB7-C3D6B928CE14}
[2012/05/31 09:29:15 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{82BED44A-BCD2-4CB9-A14A-AD60D05E23A7}
[2012/05/31 00:49:20 | 000,000,000 | ---D | C] -- C:\Users\Eric\Desktop\GooredFix Backups
[2012/05/30 23:32:14 | 000,000,000 | ---D | C] -- C:\Users\Eric\.netbeans-derby
[2012/05/30 23:31:47 | 000,000,000 | ---D | C] -- C:\Users\Eric\.netbeans-registration
[2012/05/30 23:30:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NetBeans 6.7.1
[2012/05/30 17:11:58 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{D4C772FB-8086-46F9-9214-B77F89251BA3}
[2012/05/30 17:11:47 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{1D15F7BE-8A01-41A9-9943-0003970E86BB}
[2012/05/30 02:51:42 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{149CFB29-1115-4385-B7BE-F319A2A77B12}
[2012/05/30 02:51:31 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{D34EFD1B-C513-4338-B990-0221A665E4BA}

========== Files - Modified Within 30 Days ==========

[2012/06/28 20:10:01 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3477742905-201720883-3428496350-1001UA.job
[2012/06/28 16:10:01 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3477742905-201720883-3428496350-1001Core.job
[2012/06/28 15:14:40 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/06/28 15:14:40 | 000,628,414 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/06/28 15:14:40 | 000,110,598 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/06/28 15:13:47 | 000,017,168 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/28 15:13:47 | 000,017,168 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/28 15:08:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/28 15:08:30 | 3220,475,904 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/26 13:39:27 | 000,109,778 | ---- | M] () -- C:\Users\Eric\Desktop\1340727718138.jpg
[2012/06/24 00:49:46 | 000,310,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/06/24 00:47:25 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2012/06/24 00:47:25 | 000,000,042 | ---- | M] () -- C:\repairs_running.dat
[2012/06/23 23:57:02 | 000,002,287 | ---- | M] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2012/06/21 02:49:18 | 000,828,579 | ---- | M] () -- C:\Users\Eric\Desktop\1340260216739.jpg
[2012/06/18 17:05:48 | 000,003,240 | ---- | M] () -- C:\Users\Eric\AppData\Roaming\Profile3.dat
[2012/06/18 17:05:48 | 000,001,772 | ---- | M] () -- C:\Users\Eric\AppData\Roaming\Profile4.dat
[2012/06/18 17:05:48 | 000,001,770 | ---- | M] () -- C:\Users\Eric\AppData\Roaming\Profile0.dat
[2012/06/18 17:05:48 | 000,001,768 | ---- | M] () -- C:\Users\Eric\AppData\Roaming\Profile1.dat
[2012/06/18 17:05:48 | 000,001,766 | ---- | M] () -- C:\Users\Eric\AppData\Roaming\Profile2.dat
[2012/06/15 17:47:24 | 000,000,512 | ---- | M] () -- C:\Users\Eric\Desktop\MBR.dat
[2012/06/13 12:09:46 | 000,160,690 | ---- | M] () -- C:\Users\Eric\Desktop\otl.png
[2012/06/07 15:38:01 | 000,000,798 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/06/07 15:34:53 | 000,000,448 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012/06/07 15:06:35 | 000,001,049 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/06/03 15:08:30 | 000,032,918 | ---- | M] () -- C:\Users\Eric\Desktop\ISUGUI.rar
[2012/05/30 23:31:17 | 000,002,075 | ---- | M] () -- C:\Users\Public\Desktop\NetBeans IDE 6.7.1.lnk

========== Files Created - No Company Name ==========

[2012/06/26 13:39:27 | 000,109,778 | ---- | C] () -- C:\Users\Eric\Desktop\1340727718138.jpg
[2012/06/24 00:46:29 | 000,000,042 | ---- | C] () -- C:\repairs_running.dat
[2012/06/23 23:57:02 | 000,002,287 | ---- | C] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2012/06/21 02:49:15 | 000,828,579 | ---- | C] () -- C:\Users\Eric\Desktop\1340260216739.jpg
[2012/06/13 12:09:46 | 000,160,690 | ---- | C] () -- C:\Users\Eric\Desktop\otl.png
[2012/06/12 15:48:38 | 000,000,512 | ---- | C] () -- C:\Users\Eric\Desktop\MBR.dat
[2012/06/03 15:08:29 | 000,032,918 | ---- | C] () -- C:\Users\Eric\Desktop\ISUGUI.rar
[2012/05/30 23:31:17 | 000,002,075 | ---- | C] () -- C:\Users\Public\Desktop\NetBeans IDE 6.7.1.lnk
[2012/05/21 00:57:17 | 000,066,936 | -HS- | C] () -- C:\Windows\dlinfo_0.drv
[2012/05/19 15:41:10 | 000,086,528 | ---- | C] () -- C:\Windows\bnetunin.exe
[2012/05/19 15:41:10 | 000,061,440 | ---- | C] () -- C:\Windows\diabunin.exe
[2012/03/12 21:56:19 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/03/12 21:56:19 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/03/12 21:56:19 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/03/12 21:56:19 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/03/12 21:56:19 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/02/09 21:57:53 | 000,000,468 | ---- | C] () -- C:\Program Files (x86)\cod5key.reg
[2012/02/09 21:57:53 | 000,000,090 | ---- | C] () -- C:\Program Files (x86)\visit-forum.bat
[2012/02/07 01:19:01 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/02/07 01:19:01 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2012/01/07 02:49:51 | 000,126,712 | ---- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/01/02 04:21:54 | 000,005,632 | ---- | C] () -- C:\Users\Eric\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/15 01:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/09/09 06:26:10 | 000,000,448 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/08/30 06:16:37 | 000,007,603 | ---- | C] () -- C:\Users\Eric\AppData\Local\resmon.resmoncfg
[2011/08/11 02:00:29 | 000,001,772 | ---- | C] () -- C:\Users\Eric\AppData\Roaming\Profile4.dat
[2011/08/10 22:51:33 | 000,003,240 | ---- | C] () -- C:\Users\Eric\AppData\Roaming\Profile3.dat
[2011/08/10 22:51:33 | 000,001,770 | ---- | C] () -- C:\Users\Eric\AppData\Roaming\Profile0.dat
[2011/08/10 22:51:33 | 000,001,768 | ---- | C] () -- C:\Users\Eric\AppData\Roaming\Profile1.dat
[2011/08/10 22:51:33 | 000,001,766 | ---- | C] () -- C:\Users\Eric\AppData\Roaming\Profile2.dat
[2011/08/10 22:41:56 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini

========== LOP Check ==========

[2011/11/01 00:16:52 | 000,000,000 | ---D | M] -- C:\Users\Eric\AppData\Roaming\DAEMON Tools Lite
[2012/06/28 15:27:37 | 000,000,000 | ---D | M] -- C:\Users\Eric\AppData\Roaming\foobar2000
[2011/11/29 02:34:10 | 000,000,000 | ---D | M] -- C:\Users\Eric\AppData\Roaming\ICAClient
[2011/10/11 01:04:45 | 000,000,000 | ---D | M] -- C:\Users\Eric\AppData\Roaming\ImgBurn
[2011/08/12 04:18:03 | 000,000,000 | ---D | M] -- C:\Users\Eric\AppData\Roaming\Leadertech
[2011/11/20 01:43:14 | 000,000,000 | ---D | M] -- C:\Users\Eric\AppData\Roaming\LolClient
[2012/04/16 04:32:02 | 000,000,000 | ---D | M] -- C:\Users\Eric\AppData\Roaming\RenPy
[2011/08/11 02:06:18 | 000,000,000 | ---D | M] -- C:\Users\Eric\AppData\Roaming\SharePod
[2012/01/25 00:35:13 | 000,000,000 | ---D | M] -- C:\Users\Eric\AppData\Roaming\SystemRequirementsLab
[2012/06/22 21:41:13 | 000,000,000 | ---D | M] -- C:\Users\Eric\AppData\Roaming\uTorrent
[2012/02/08 01:45:46 | 000,000,000 | ---D | M] -- C:\Users\Eric\AppData\Roaming\Youtube Downloader HD
[2012/05/02 20:31:14 | 000,032,652 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

#24
Amlak
Posted 29 June 2012 - 07:31 AM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Hi, HKim42. I still don't see any antivirus installed on your system. Please download and install one now before you proceed with the following steps. An antivirus is necessary for Windows as it significantly reduces the likelihood of your Windows being infected, and if your Windows gets reinfected again because you didn't have an antivirus installed, it would be an unnecessary waste of both your time and the helper's time should you choose to come back here and ask for help.

I understand you may be concerned about potential speed and performance issues by having an antivirus installed. So pick just one of the following three (each of them is known to be light and with a good detection rate):

Avast

Microsoft Security Essentials

Avira

Whichever antivirus you choose, download it, install it and then update its database to the latest version.

******
NEXT:
******

Please download JavaRa to the Desktop and unzip it to its own folder.
  • Run JavaRa.exe, pick the language of your choice and click Select.
  • Then click Remove Older Versions. Accept any prompts.
  • Open JavaRa.exe again and select Search For Updates.
  • Select Update Using Sun Java's Website then click Search and click on the Open Webpage button.
  • Download and install the latest Java Runtime Environment (JRE) version for your computer.

******
NEXT:
******

You have a P2P program called uTorrent. Please keep in mind that it's programs like uTorrent that can open gates to more malware infections for your system. Depending on what you download from such programs, you may end up with a virus/malware attack worse than the one your computer had. Not to mention that such programs are often abused to download illegal software which not only have the potential to carry viruses and malware but might also put you at legal risk. If you believe you have no use for it, please uninstall it. If, however, you really do need it for valid and legit purposes, then by all means, keep it. Just be careful how you use it.

******
NEXT:
******

Concerning the sorting issue with your Downloads folder, please try the following:

  • Access the Control Panel.
  • Double-click Folder Options.
  • Click the View tab.
  • Under the Advanced settings menu, make sure the Remember each folder's view settings check box is selected.

If the above setting had already been selected, then the problem may a bit deeper. So please try the following tool:

Microsoft Fixit

Let me know how it goes.
  • 0

#25
HKim42
Posted 30 June 2012 - 10:16 PM

HKim42

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
I have done what you said, but I could not find the "Remember each folder's view settings" setting. I do not think it exists in Windows 7. The problem persists after running fixit.
  • 0

Advertisements

#26
Amlak
Posted 01 July 2012 - 05:12 PM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Hi, HKim42. Haven't forgotten you. Just looking further into this.
  • 0

#27
Amlak
Posted 02 July 2012 - 06:16 PM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
  • Access the Control Panel.
  • Double-click Folder Options.
  • Click the View tab.
  • Click the Reset Folders button near the top of the dialog box.
  • Then go to the concerned Downloads folder.
  • Click the heading Date modified near the top to sort the files by such.
  • Restart just to make sure.
  • Then let me know the outcome.

  • 0

#28
Amlak
Posted 05 July 2012 - 09:09 AM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
HKim42, has the problem been resolved with the latest instructions? Please let me know when you can.
  • 0

#29
HKim42
Posted 06 July 2012 - 04:41 PM

HKim42

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Sorry for late response. Reset folders button did not do anything.
  • 0

#30
Amlak
Posted 07 July 2012 - 05:27 AM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Is this only an issue with the Downloads folder?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP