Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Ads In Browser

Started by HKim42 , Jun 11 2012 06:46 PM

  • Please log in to reply

#31
HKim42
Posted 07 July 2012 - 01:04 PM

HKim42

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
I actually just noticed that the location of the icons of my desktop gets reset every time i restart my computer. I think this is an issue with all the folders.
  • 0

Advertisements

#32
Amlak
Posted 10 July 2012 - 05:35 PM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Is it the same sort order as the Downloads folder?
  • 0

#33
HKim42
Posted 11 July 2012 - 03:11 AM

HKim42

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
I'm not entirely sure what is going on. Earlier I moved icons around and restarted specifically to see if the icons moved, and they did. Since then, I have tried doing the same thing again, and my desktop icons now seem to be in place. Like the downloads folder, the desktop folder is sorted alphabetically by item type (first shortcuts are listed alphabetically, then folders, then other things). Different types of folders seem to have a certain default setting, and every time I close and reopen a folder, it will go back to this setting. Like I said, If I change downloads by date modified and open it again, it will be back to being sorted alphabetically. If I choose to arrange a music folder by Album, Artist, Song, or whatever, reopening it will default it back to arranging by folder.
  • 0

#34
Amlak
Posted 12 July 2012 - 02:20 AM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Please try the following:

64-bit_Windows_7_Reset_All_Folders_To_Default_Folder_Views.reg

Restart. Then choose your preferred sort order and let me know what happens.
  • 0

#35
HKim42
Posted 13 July 2012 - 02:31 PM

HKim42

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
This did not work.
  • 0

#36
Amlak
Posted 14 July 2012 - 10:51 PM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
When did this start happening exactly? Or has this always been the case?

Do you have Auto Arrange enabled on the Desktop?
  • 0

#37
HKim42
Posted 16 July 2012 - 03:18 AM

HKim42

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
This definitely was not happening before a couple weeks ago. Auto arrange is not on.
  • 0

#38
Amlak
Posted 17 July 2012 - 04:31 PM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Ok, I'll look again into this soon, but for now:

ESET Online Scanner
I'd like us to scan your machine with ESET Online Scan

Note: It is recommended to disable on-board anti-virus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your anti-virus along with your anti-spyware programs.


  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Make sure that the option "Remove found threats" is Unchecked
  • When the Computer scan settings display shows, click the Advanced option, the place a check next to the following (if it is not already checked):
    • Enable Anti-Stealth technology
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin
    scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as
    ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image

  • 0

#39
HKim42
Posted 21 July 2012 - 12:22 AM

HKim42

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Here it is

C:\Program Files (x86)\Mozilla Firefox\Project64k 0.31\Project64k 0.31\Tools\FreeRAM\BOOM.exe BAT/BadJoke.C trojan
C:\Qoobox\Quarantine\C\Windows\assembly\GAC_32\Desktop.ini.vir Win32/Sirefef.DN trojan
C:\Qoobox\Quarantine\C\Windows\assembly\GAC_64\Desktop.ini.vir Win64/Sirefef.G trojan
C:\Qoobox\Quarantine\C\Windows\System32\consrv.dll.vir Win64/Sirefef.G trojan
C:\TDSSKiller_Quarantine\12.05.2012_01.25.59\zaea0000\svc0000\tsk0000.dta Win64/Sirefef.W trojan
C:\Users\Eric\AppData\Local\{3CE0F853-9B2F-11E1-826E-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan
C:\Users\Eric\Downloads\Game_of_Thrones_S02E01_HDTV_x264_ASAP.exe multiple threats
C:\_OTL\MovedFiles\06132012_120752\C_Users\Eric\AppData\Local\Temp\cehtf.dll a variant of Win32/Medfos.AD trojan
C:\_OTL\MovedFiles\06132012_120752\C_Windows\assembly\GAC_32\Desktop.ini Win32/Sirefef.EZ trojan
C:\_OTL\MovedFiles\06132012_120752\C_Windows\assembly\GAC_64\Desktop.ini Win64/Sirefef.AD trojan
C:\_OTL\MovedFiles\06132012_120752\C_Windows\Installer\{378f9e5f-edf7-fe3a-963c-4d6fd8141575}\n Win64/Sirefef.W trojan
C:\_OTL\MovedFiles\06132012_120752\C_Windows\Installer\{378f9e5f-edf7-fe3a-963c-4d6fd8141575}\U\00000008.@ Win64/Agent.BA trojan
C:\_OTL\MovedFiles\06132012_120752\C_Windows\Installer\{378f9e5f-edf7-fe3a-963c-4d6fd8141575}\U\000000cb.@ Win64/Sirefef.AI trojan
C:\_OTL\MovedFiles\06132012_120752\C_Windows\Installer\{378f9e5f-edf7-fe3a-963c-4d6fd8141575}\U\80000000.@ Win64/Sirefef.AE trojan
C:\_OTL\MovedFiles\06132012_120752\C_Windows\Installer\{378f9e5f-edf7-fe3a-963c-4d6fd8141575}\U\80000032.@ Win32/Sirefef.EU trojan
C:\_OTL\MovedFiles\06132012_120752\C_Windows\Installer\{378f9e5f-edf7-fe3a-963c-4d6fd8141575}\U\80000064.@ Win64/Sirefef.AE trojan
  • 0

#40
Amlak
Posted 21 July 2012 - 10:47 AM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Run OTL.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image

    :Files
C:\Program Files (x86)\Mozilla Firefox\Project64k 0.31\Project64k 0.31\Tools\FreeRAM\BOOM.exe
C:\Users\Eric\AppData\Local\{3CE0F853-9B2F-11E1-826E-B8AC6F996F26}
C:\Users\Eric\Downloads\Game_of_Thrones_S02E01_HDTV_x264_ASAP.exe
  • Then click the Run Fix button at the top.
  • Let the program run unhindered.
  • Post the log it produces in your next reply.

******
NEXT
******

  • Double click OTL again (if closed). Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Quick Scan button.
  • When the scan completes, it will open a notepad windows. OTL.Txt.
  • Post the OTL log in your next reply.

  • 0

Advertisements

#41
HKim42
Posted 21 July 2012 - 04:43 PM

HKim42

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
========== FILES ==========
C:\Program Files (x86)\Mozilla Firefox\Project64k 0.31\Project64k 0.31\Tools\FreeRAM\BOOM.exe moved successfully.
C:\Users\Eric\AppData\Local\{3CE0F853-9B2F-11E1-826E-B8AC6F996F26}\chrome\content folder moved successfully.
C:\Users\Eric\AppData\Local\{3CE0F853-9B2F-11E1-826E-B8AC6F996F26}\chrome folder moved successfully.
C:\Users\Eric\AppData\Local\{3CE0F853-9B2F-11E1-826E-B8AC6F996F26} folder moved successfully.
C:\Users\Eric\Downloads\Game_of_Thrones_S02E01_HDTV_x264_ASAP.exe moved successfully.

OTL by OldTimer - Version 3.2.53.0 log created on 07212012_183042


OTL logfile created on: 7/21/2012 6:31:34 PM - Run 10
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\Eric\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

4.00 Gb Total Physical Memory | 2.07 Gb Available Physical Memory | 51.87% Memory free
8.00 Gb Paging File | 5.62 Gb Available in Paging File | 70.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.50 Gb Total Space | 275.06 Gb Free Space | 29.53% Space Free | Partition Type: NTFS
Drive G: | 931.51 Gb Total Space | 134.04 Gb Free Space | 14.39% Space Free | Partition Type: NTFS

Computer Name: ERIC-PC | User Name: Eric | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/18 13:48:46 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/07/16 14:52:53 | 001,536,712 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
PRC - [2012/07/03 12:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/07/03 12:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/06/28 20:20:47 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Eric\Downloads\OTL.exe
PRC - [2012/06/20 07:51:12 | 000,529,232 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2012/04/04 01:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/11/22 21:20:13 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2011/10/15 01:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/09/14 05:11:28 | 002,006,528 | ---- | M] () -- C:\Program Files (x86)\foobar2000\foobar2000.exe
PRC - [2011/08/02 03:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010/10/05 12:32:58 | 001,811,800 | ---- | M] (Logitech©) -- C:\Program Files (x86)\Logitech\G35\G35.exe
PRC - [2009/12/21 11:00:50 | 000,081,920 | ---- | M] (Realtime Soft Ltd) -- C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
PRC - [2009/12/15 14:17:08 | 003,278,728 | ---- | M] (Razer USA Ltd) -- C:\Program Files (x86)\Razer\Mamba\RazerTray.exe
PRC - [2009/08/13 20:37:44 | 000,522,760 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/18 13:48:45 | 002,003,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/07/16 14:52:53 | 009,465,032 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
MOD - [2012/07/13 20:28:14 | 000,253,952 | ---- | M] () -- C:\Users\Eric\AppData\Roaming\foobar2000\user-components\foo_verifier\foo_verifier.dll
MOD - [2012/07/13 20:25:52 | 000,318,464 | ---- | M] () -- C:\Users\Eric\AppData\Roaming\foobar2000\user-components\foo_adpcm\foo_adpcm.dll
MOD - [2012/06/20 07:51:12 | 020,313,384 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/06/20 07:51:08 | 000,895,312 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/06/20 07:51:08 | 000,190,776 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/06/20 07:51:08 | 000,123,192 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012/06/20 07:51:07 | 001,099,576 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2011/12/03 00:12:40 | 000,098,304 | ---- | M] () -- C:\Users\Eric\AppData\Roaming\foobar2000\user-components\foo_input_alac\foo_input_alac.dll
MOD - [2011/10/15 01:54:26 | 000,265,536 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2011/09/20 13:21:14 | 001,457,664 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_input_std.dll
MOD - [2011/09/14 05:11:28 | 002,006,528 | ---- | M] () -- C:\Program Files (x86)\foobar2000\foobar2000.exe
MOD - [2011/09/14 05:10:12 | 000,276,480 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_dsp_std.dll
MOD - [2011/09/14 05:09:52 | 000,365,056 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_albumlist.dll
MOD - [2011/09/14 05:09:46 | 001,130,496 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_ui_std.dll
MOD - [2011/09/14 05:09:40 | 000,299,008 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_cdda.dll
MOD - [2011/09/14 05:09:32 | 000,480,256 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_converter.dll
MOD - [2011/09/14 05:09:32 | 000,283,136 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_rgscan.dll
MOD - [2011/09/14 05:09:06 | 000,171,008 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_unpack.dll
MOD - [2011/09/14 05:08:24 | 000,275,456 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_fileops.dll
MOD - [2011/09/14 05:08:22 | 000,237,568 | ---- | M] () -- C:\Program Files (x86)\foobar2000\components\foo_freedb2.dll
MOD - [2011/09/14 05:07:44 | 000,148,480 | ---- | M] () -- C:\Program Files (x86)\foobar2000\shared.dll
MOD - [2010/04/21 08:48:00 | 000,066,560 | ---- | M] () -- C:\Program Files (x86)\foobar2000\zlib1.dll
MOD - [2007/07/19 15:50:12 | 000,104,520 | ---- | M] () -- C:\Windows\SysWOW64\OSD.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/07/03 12:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/06/17 03:34:18 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/06/20 07:51:12 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/06/16 13:08:38 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/04 01:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/15 01:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/03 12:21:52 | 000,958,400 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/07/03 12:21:52 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/07/03 12:21:52 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/07/03 12:21:52 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/07/03 12:21:52 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/07/03 12:21:51 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/03/01 02:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/12 09:28:48 | 000,057,976 | R--- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SBREDrv.sys -- (SBRE)
DRV:64bit: - [2011/11/01 00:15:36 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/06/16 23:10:08 | 001,308,160 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CAHS164.sys -- (CorsairCAHS1)
DRV:64bit: - [2011/05/10 09:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/09/29 14:34:50 | 000,377,176 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ladfSBVMamd64.sys -- (LADF_SBVM)
DRV:64bit: - [2010/09/29 14:34:48 | 000,062,168 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ladfDHP2amd64.sys -- (LADF_DHP2)
DRV:64bit: - [2010/07/14 13:51:56 | 000,087,600 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2009/07/14 18:36:28 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/19 22:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2005/03/29 04:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/11/14 05:11:42 | 000,020,512 | ---- | M] (Realtime Soft Ltd) [Kernel | Auto | Running] -- C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys -- (UltraMonUtility)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-CA
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A4 DE ED AF 3C 2F CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Eric\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Eric\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/07/13 23:35:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/18 13:48:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/04/14 20:02:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{3CE0F853-9B2F-11E1-826E-B8AC6F996F26}: C:\Users\Eric\AppData\Local\{3CE0F853-9B2F-11E1-826E-B8AC6F996F26}\
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F9416C60-A787-11E1-8270-B8AC6F996F26}: C:\Users\Eric\AppData\Local\{3CE0F853-9B2F-11E1-826E-B8AC6F996F26}\

[2012/02/06 21:59:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eric\AppData\Roaming\Mozilla\Extensions
[2012/07/11 01:38:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\wa5svetl.default\extensions
[2012/06/07 15:06:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/07/11 01:38:23 | 000,525,390 | ---- | M] () (No name found) -- C:\USERS\ERIC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WA5SVETL.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2012/06/26 01:14:35 | 000,082,787 | ---- | M] () (No name found) -- C:\USERS\ERIC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WA5SVETL.DEFAULT\EXTENSIONS\[email protected]
[2012/07/18 13:48:46 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/10/12 17:33:32 | 000,124,344 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll
[2010/10/12 17:37:06 | 000,070,592 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll
[2010/10/12 17:35:42 | 000,091,576 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll
[2010/10/12 17:34:56 | 000,022,464 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll
[2011/09/20 23:22:13 | 000,611,224 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/10/12 19:16:54 | 000,484,768 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll
[2011/12/09 13:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010/10/12 17:37:02 | 000,024,000 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll
[2012/06/01 11:39:16 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/01 11:39:16 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Eric\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Eric\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Eric\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Eric\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 7.0.0.147 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Eric\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: Gmail = C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/06/07 15:38:01 | 000,000,798 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Logitech G35] C:\Program Files (x86)\Logitech\G35\G35.exe (Logitech©)
O4 - HKLM..\Run: [Razer Mamba Driver] C:\Program Files (x86)\Razer\Mamba\RazerTray.exe (Razer USA Ltd)
O4 - HKCU..\Run: [\\IOMEGA-0A4E29\Printer1] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICJA.EXE /FU "C:\Windows\TEMP\E_S7637.tmp" /EF "HKCU" File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - %SystemRoot%\System32\nwprovau.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.0.0)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{83CA3A17-9CC8-402C-8A9D-DC90054C809C}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-ica - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica; charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=euc-jp - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=ISO-8859-1 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS936 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS949 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=MS950 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF8 - No CLSID value found
O18:64bit: - Protocol\Filter\application/x-ica;charset=UTF-8 - No CLSID value found
O18:64bit: - Protocol\Filter\ica - No CLSID value found
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/21 16:26:16 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{2221A71F-8352-4CA9-888C-FDD15143B583}
[2012/07/21 16:26:05 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{D3191A77-6873-4B44-B7F1-8DBA348A4F28}
[2012/07/21 04:25:39 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{A7BF7EE2-BD7A-4696-A2BF-534323ADC7CC}
[2012/07/21 04:25:27 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{EF2F7749-30C1-4D07-A623-02F596BBEAAD}
[2012/07/20 22:21:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012/07/20 16:25:13 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{05C2F405-6035-4D1E-8DB4-CD26FEEF43FB}
[2012/07/20 16:25:02 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{DD984DDF-0374-475A-BB66-ADC7DE162F81}
[2012/07/20 04:24:35 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{B090B710-24BB-4F44-BE8D-F6AAB6C641D1}
[2012/07/20 04:24:22 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{DC04A688-B1BB-4084-80AD-60AC67B8D4BA}
[2012/07/19 16:24:08 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{4639B044-A0CB-4F38-815C-A19E16D9F68F}
[2012/07/19 16:23:57 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{1DB556E9-25DB-4B98-8231-6D492CEC302E}
[2012/07/19 04:23:30 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{A33AD716-F7DE-43AD-A3AB-6017FBE26AAA}
[2012/07/18 16:23:05 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{ADAE5FE1-0F5E-413A-BA72-EA47D6202A4F}
[2012/07/18 16:22:53 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{01E40328-CB4E-479D-B943-912C4AC35E7F}
[2012/07/18 04:22:25 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{6381D827-ACDB-4751-9585-5E2A9DDD9123}
[2012/07/17 16:21:59 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{879E7933-B718-4B53-8189-46870C18C0EC}
[2012/07/17 16:21:48 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{16E9F336-BFA1-47BA-A0A7-D9D52A84AC56}
[2012/07/17 04:21:21 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{2CAB0A78-6F50-4E88-8F73-5DF8968D1D5C}
[2012/07/17 04:21:09 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{C7135934-447D-442A-B429-42AA8C4AC56A}
[2012/07/16 16:20:55 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{B8F489D4-1430-407C-A9F7-8E6ECA277DF5}
[2012/07/16 16:20:44 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{642D69B8-2B70-4000-9502-8CF7B7E6EB26}
[2012/07/16 04:20:18 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{503DFCFD-E16B-4383-AE40-F34C71864245}
[2012/07/16 04:20:06 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{769A5F3F-3FF9-4261-81F8-031394AC4C27}
[2012/07/15 16:19:52 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{08604E0A-424C-4397-9F5F-7DCA22A34548}
[2012/07/15 16:19:37 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{C96CB0D2-A31F-4893-B586-C901A9E76AEC}
[2012/07/15 03:34:21 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{31EA6EE0-F4C9-4DA0-AE24-37433C9479E5}
[2012/07/15 03:34:10 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{1261B623-08B0-4157-A0FB-5AF032E992DA}
[2012/07/14 15:33:56 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{5F93ADC2-C5DD-43E1-8AC6-AAB73E89A24A}
[2012/07/14 15:33:45 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{018E8BE9-DE6E-424A-B21E-BB031C217200}
[2012/07/14 03:33:18 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{3EEF9651-DE81-4806-A5FC-604D7ED42BA8}
[2012/07/13 15:32:52 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{2145DAF6-795E-4807-92A3-A50242C07B11}
[2012/07/13 15:32:27 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{9DD4C0B6-2B50-4D75-A0A9-31C8A62A889F}
[2012/07/13 03:10:04 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{72884ED0-CF45-4185-BDCB-4B9D79039B1A}
[2012/07/13 03:09:52 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{1C745A78-0431-4532-8991-7D10CD01D8CA}
[2012/07/12 15:09:25 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{42F2734C-56D7-4E56-899B-61049DCDDF35}
[2012/07/12 15:09:14 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{D4AE4019-24DB-4C6B-A4F5-1632ADDD02A9}
[2012/07/12 03:08:47 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{349BA1DD-2E1C-4001-B8C4-E5A101F97195}
[2012/07/12 03:08:36 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{17F79178-FD49-4F1C-9E96-A0EC5A45D51B}
[2012/07/11 15:08:09 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{5DE5E482-B139-4FA9-8F31-46E1CD38C91A}
[2012/07/11 15:07:57 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{88DFDF0A-D2B4-4888-8266-7AB8AEAE28F3}
[2012/07/11 03:07:30 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{78F2DCF2-E525-4D2E-BEE7-B5DCC905C28D}
[2012/07/11 03:07:18 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{A0C4F588-8969-4F2F-93CA-5A039445F009}
[2012/07/10 15:06:51 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{54A51466-DE26-4465-BC60-D39F2A8DEABB}
[2012/07/10 15:06:39 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{AFE0CB8F-E9EF-40B2-AA33-9C1C499289CC}
[2012/07/10 03:06:13 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{CF450FEC-F0B4-44AB-902A-88CEA6DD2B16}
[2012/07/09 15:05:48 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{559B208A-F06C-42A1-A402-9AED6BCC3DC3}
[2012/07/09 15:05:37 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{DC54D11A-E856-4F24-AC87-9824B6DFAD44}
[2012/07/09 05:32:35 | 000,000,000 | ---D | C] -- C:\Users\Eric\Desktop\Rating
[2012/07/09 03:05:09 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{346215A4-D7FB-4492-A37C-2591743896F1}
[2012/07/09 03:04:58 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{CAC1E204-FEE8-4368-8FC4-77F99AEA567D}
[2012/07/08 15:04:44 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{9F9DC8A7-D81C-438B-9A4F-2EFA6A1F47F0}
[2012/07/08 15:04:33 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{8441F251-43D7-4F81-84D9-C419A0C006B0}
[2012/07/08 03:04:06 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{5FACF1F0-43E5-4A99-B5B4-79BC4EF661ED}
[2012/07/07 15:03:40 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{58E3FDE2-80D8-433C-A69C-D92F8C4DB6BC}
[2012/07/07 15:03:00 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{B3A12B9E-9F35-4848-940C-B8C7CB7BF003}
[2012/07/07 00:33:25 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{307B4720-A491-4BEB-AC65-BBEFC890767A}
[2012/07/07 00:33:13 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{C5ECE952-56C4-4B64-9650-E97C4CE81F97}
[2012/07/06 12:32:46 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{C7732337-1886-4689-98A3-4256F3581270}
[2012/07/06 12:32:14 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{DFB1749B-6AE7-4CCA-B786-30DC648FD492}
[2012/07/05 18:05:17 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{C5203E51-225F-4EF7-9CDC-885DFB35EA30}
[2012/07/05 18:04:33 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{0BA74F98-E155-4C65-B217-683ECBC00009}
[2012/07/05 05:31:48 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{598D445B-3375-4518-8489-E75B65C4B873}
[2012/07/04 17:31:23 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{821831B6-9FFB-4FEE-93DD-B8A4E1F1302D}
[2012/07/04 17:30:56 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{AB47D536-CD07-4FAF-BFD6-A5C3520CB9A9}
[2012/07/04 05:11:49 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{379580BD-EF1D-4316-B6DA-F7F5C890E50E}
[2012/07/03 17:11:24 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{0992A92B-13C8-471A-97AA-3D4DBD6EBB47}
[2012/07/03 17:10:58 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{160AC4E7-DF02-4A13-8B34-CA42D6168C91}
[2012/07/03 02:31:21 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{DC864222-194D-4182-AB6C-27F7223A408F}
[2012/07/02 14:30:55 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{EEEA926A-0695-4756-A8CB-711C82C2C27A}
[2012/07/02 02:30:14 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{30F63D9E-FE53-479C-BC15-A43F2DA3011A}
[2012/07/02 02:30:03 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{DAD9477F-6D50-4FC1-9E3A-68480537EAD4}
[2012/07/01 15:53:18 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\Cockatrice
[2012/07/01 15:48:09 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cockatrice
[2012/07/01 15:48:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cockatrice
[2012/07/01 15:48:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cockatrice
[2012/07/01 14:29:23 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{26B6F4DB-FEE8-4F6D-9F7A-78899061A26F}
[2012/07/01 14:29:10 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{13073610-C136-428B-8BF8-EF8C62381399}
[2012/07/01 01:38:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Workstation
[2012/07/01 01:38:30 | 000,000,000 | ---D | C] -- C:\Magic Workstation
[2012/07/01 00:20:40 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/07/01 00:03:54 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/06/30 23:53:17 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/06/30 23:53:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/06/30 23:53:16 | 000,355,856 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/06/30 23:53:11 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/06/30 23:53:10 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/06/30 23:53:09 | 000,958,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/06/30 23:53:05 | 000,071,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/06/30 23:53:04 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/06/30 23:52:24 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/06/30 23:52:23 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/06/30 23:52:09 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/06/30 23:52:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/06/30 21:46:11 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{FF74E8DD-0261-4334-8CA2-DB6927F67F0D}
[2012/06/30 21:46:00 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{D7CA2C19-78E7-48DD-B347-FD0973753E9C}
[2012/06/30 09:45:47 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{A4EAFF49-739A-4AD6-A9E6-AE3FCE2FE6EF}
[2012/06/30 09:45:36 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{80F29513-EA05-4A60-90B6-EEB9567BC3BB}
[2012/06/29 21:45:22 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{5D3CEDB7-5C16-4D85-A523-A46520A8A9A7}
[2012/06/29 21:45:10 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{1DB8B44B-1A51-4D7F-99B4-0FB0A08BC4FE}
[2012/06/29 09:09:39 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{5E0D4EBC-0D1C-46FF-BFB8-655E8677DAA0}
[2012/06/29 09:09:27 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{031ECC38-18B1-4F6B-A121-7FBE028F01D5}
[2012/06/28 15:52:28 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{D360B007-1EE5-4CBA-B512-6C2577330319}
[2012/06/28 15:52:17 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{CC04BAC4-7882-46A5-85F9-6939DECC61B0}
[2012/06/28 03:51:51 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{B6668820-DB01-46B6-AD70-6B96F423676A}
[2012/06/28 03:51:39 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{4883655B-658C-4A08-ACFC-F71417B62DA3}
[2012/06/27 15:51:13 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{8173F3E1-408D-4CD1-AF19-322B0C50402A}
[2012/06/27 15:51:02 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{3B440507-B6A8-4F5C-834E-140C9CAC2F81}
[2012/06/27 15:11:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Monolith Productions
[2012/06/27 03:50:36 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{F4D2F5AA-1D17-46EC-93C3-7ADA0FED0B55}
[2012/06/27 03:50:24 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{424CB919-C4B5-4E5A-862D-D0CE8DC0AEC7}
[2012/06/26 15:50:11 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{AE49BF78-CDF7-4862-AF23-05B30B2F133A}
[2012/06/26 15:50:00 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{8B05FADB-9D82-4796-B85C-D51832107EB3}
[2012/06/26 03:49:33 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{9E04E700-DC3D-4E8E-BB4F-42B79482313E}
[2012/06/26 03:49:22 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{32ECC2B9-785A-4C32-8831-A6FE4DF463AD}
[2012/06/25 15:48:53 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{297219CC-6077-4BB2-A781-97AEB80BD99D}
[2012/06/25 15:48:35 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{7CDBDC56-410F-43BF-8850-AD391EFBFD29}
[2012/06/25 03:02:12 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{6A9D98DB-0071-4456-97CA-99059320852B}
[2012/06/25 03:02:00 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{36B39624-3EEC-437B-9E26-544354EEFD5D}
[2012/06/24 15:01:42 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{09B00BA2-BEFF-4FA1-B708-D34964D5EEE3}
[2012/06/24 15:01:30 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{B2960B32-8A96-46C0-A728-D005C636D524}
[2012/06/24 02:04:13 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{AE1F570F-EA79-4638-8496-C2B044D94DAC}
[2012/06/24 02:04:01 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{99B8524C-D070-404D-9254-9D0ED811DD9B}
[2012/06/24 00:49:42 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/06/24 00:47:15 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/06/24 00:14:48 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2012/06/23 23:57:06 | 000,000,000 | ---D | C] -- C:\Tweaking.com_Windows_Repair_Logs
[2012/06/23 23:57:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2012/06/23 23:57:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com
[2012/06/23 14:03:35 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{F71A01E5-1E64-4DCF-8B77-04FC6BFCCCA7}
[2012/06/23 14:03:23 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{0C159E2D-D908-46FD-A546-2591063282EE}
[2012/06/23 02:02:55 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{CA6510FD-5F5B-437B-896A-3281A2E2755B}
[2012/06/23 02:02:44 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{8045956C-0071-42FE-A75E-B4B918AB070C}
[2012/06/23 00:08:21 | 000,000,000 | ---D | C] -- C:\Users\Eric\Documents\how_to_dominate
[2012/06/22 14:02:28 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{E48E9968-CCFF-4D90-8DBD-84F5DD437B1D}
[2012/06/22 14:02:15 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{D0213C3C-F486-4649-B3AF-4B948AEDDBD4}
[2012/06/21 23:20:29 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{560D1617-E1F0-4FC9-BCD3-7B42A0A2C953}
[2012/06/21 23:20:18 | 000,000,000 | ---D | C] -- C:\Users\Eric\AppData\Local\{F89F4F28-CC6B-46CA-87D3-2E8B8EDCF646}

========== Files - Modified Within 30 Days ==========

[2012/07/21 18:15:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3477742905-201720883-3428496350-1001UA.job
[2012/07/21 17:04:47 | 000,003,240 | ---- | M] () -- C:\Users\Eric\AppData\Roaming\Profile3.dat
[2012/07/21 17:04:47 | 000,001,772 | ---- | M] () -- C:\Users\Eric\AppData\Roaming\Profile4.dat
[2012/07/21 17:04:47 | 000,001,770 | ---- | M] () -- C:\Users\Eric\AppData\Roaming\Profile0.dat
[2012/07/21 17:04:47 | 000,001,768 | ---- | M] () -- C:\Users\Eric\AppData\Roaming\Profile1.dat
[2012/07/21 17:04:47 | 000,001,766 | ---- | M] () -- C:\Users\Eric\AppData\Roaming\Profile2.dat
[2012/07/21 15:43:44 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/21 15:43:44 | 000,628,414 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/21 15:43:44 | 000,110,598 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/21 15:42:54 | 000,017,168 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/21 15:42:54 | 000,017,168 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/21 15:37:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/21 15:37:09 | 3220,475,904 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/21 04:15:22 | 000,030,601 | ---- | M] () -- C:\Users\Eric\Desktop\1342858241436.jpg
[2012/07/21 00:15:09 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3477742905-201720883-3428496350-1001Core.job
[2012/07/20 23:38:55 | 000,031,295 | ---- | M] () -- C:\Users\Eric\Desktop\20090312.gif
[2012/07/20 22:40:25 | 003,549,780 | ---- | M] () -- C:\Users\Eric\Desktop\1342828777405.gif
[2012/07/20 01:45:17 | 001,650,307 | ---- | M] () -- C:\Users\Eric\Desktop\f4pqid.gif
[2012/07/13 23:35:40 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/07/12 17:56:13 | 000,087,870 | ---- | M] () -- C:\Users\Eric\Desktop\20120712.gif
[2012/07/12 17:42:12 | 000,129,561 | ---- | M] () -- C:\Users\Eric\Desktop\1342126371094.jpg
[2012/07/12 01:01:14 | 000,228,979 | ---- | M] () -- C:\Users\Eric\Desktop\1342066463059.jpg
[2012/07/11 23:12:36 | 000,310,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/11 14:08:07 | 101,868,504 | ---- | M] () -- C:\Users\Eric\Desktop\The_Garden_of_Earthly_Delights_by_Bosch_High_Resolution.jpg
[2012/07/10 00:30:44 | 000,045,681 | ---- | M] () -- C:\Users\Eric\Desktop\benalish_commander.jpg
[2012/07/10 00:29:41 | 000,011,825 | ---- | M] () -- C:\Users\Eric\Desktop\riders.jpg
[2012/07/10 00:24:14 | 000,016,731 | ---- | M] () -- C:\Users\Eric\Desktop\coat of arms.jpg
[2012/07/09 21:31:51 | 000,047,055 | ---- | M] () -- C:\Users\Eric\Desktop\1341874366332.jpg
[2012/07/09 01:33:34 | 000,751,506 | ---- | M] () -- C:\Users\Eric\Documents\Untitled.png
[2012/07/09 00:58:43 | 000,086,979 | ---- | M] () -- C:\Users\Eric\Desktop\1341798808551.png
[2012/07/08 22:34:40 | 000,306,546 | ---- | M] () -- C:\Users\Eric\Desktop\1341799010577.jpg
[2012/07/07 02:27:07 | 000,323,301 | ---- | M] () -- C:\Users\Eric\Documents\entp.png
[2012/07/07 00:51:12 | 000,024,543 | ---- | M] () -- C:\Users\Eric\Desktop\1341635865013.gif
[2012/07/06 19:33:15 | 000,442,256 | ---- | M] () -- C:\Users\Eric\Desktop\1341616896036.png
[2012/07/06 03:50:12 | 000,328,266 | ---- | M] () -- C:\Users\Eric\Desktop\1341559379819.jpg
[2012/07/06 03:47:08 | 000,202,347 | ---- | M] () -- C:\Users\Eric\Desktop\1341559029038.jpg
[2012/07/06 03:39:25 | 000,149,368 | ---- | M] () -- C:\Users\Eric\Desktop\1341554342035.jpg
[2012/07/06 03:38:39 | 000,163,036 | ---- | M] () -- C:\Users\Eric\Desktop\1341554202021.jpg
[2012/07/06 03:36:47 | 000,182,151 | ---- | M] () -- C:\Users\Eric\Desktop\1341559426582.png
[2012/07/06 03:36:22 | 000,294,472 | ---- | M] () -- C:\Users\Eric\Desktop\1341559423067.jpg
[2012/07/03 12:21:52 | 000,958,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/07/03 12:21:52 | 000,355,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/07/03 12:21:52 | 000,071,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/07/03 12:21:52 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/07/03 12:21:52 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/07/03 12:21:51 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/07/03 12:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/07/03 12:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/07/03 12:21:18 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/07/02 02:26:16 | 000,127,025 | ---- | M] () -- C:\Users\Eric\Desktop\20110515.gif
[2012/07/01 01:38:35 | 000,000,667 | ---- | M] () -- C:\Users\Eric\Desktop\Magic Workstation.lnk
[2012/07/01 01:38:35 | 000,000,620 | ---- | M] () -- C:\Users\Eric\Desktop\MWS Online Play.lnk
[2012/07/01 00:21:59 | 000,001,885 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/06/26 13:39:27 | 000,109,778 | ---- | M] () -- C:\Users\Eric\Desktop\1340727718138.jpg
[2012/06/24 00:47:25 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2012/06/24 00:47:25 | 000,000,042 | ---- | M] () -- C:\repairs_running.dat
[2012/06/23 23:57:02 | 000,002,287 | ---- | M] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk

========== Files Created - No Company Name ==========

[2012/07/21 04:15:22 | 000,030,601 | ---- | C] () -- C:\Users\Eric\Desktop\1342858241436.jpg
[2012/07/20 23:38:55 | 000,031,295 | ---- | C] () -- C:\Users\Eric\Desktop\20090312.gif
[2012/07/20 22:40:25 | 003,549,780 | ---- | C] () -- C:\Users\Eric\Desktop\1342828777405.gif
[2012/07/20 01:45:17 | 001,650,307 | ---- | C] () -- C:\Users\Eric\Desktop\f4pqid.gif
[2012/07/12 17:56:13 | 000,087,870 | ---- | C] () -- C:\Users\Eric\Desktop\20120712.gif
[2012/07/12 17:42:12 | 000,129,561 | ---- | C] () -- C:\Users\Eric\Desktop\1342126371094.jpg
[2012/07/12 01:01:14 | 000,228,979 | ---- | C] () -- C:\Users\Eric\Desktop\1342066463059.jpg
[2012/07/11 14:05:47 | 101,868,504 | ---- | C] () -- C:\Users\Eric\Desktop\The_Garden_of_Earthly_Delights_by_Bosch_High_Resolution.jpg
[2012/07/10 00:30:43 | 000,045,681 | ---- | C] () -- C:\Users\Eric\Desktop\benalish_commander.jpg
[2012/07/10 00:29:40 | 000,011,825 | ---- | C] () -- C:\Users\Eric\Desktop\riders.jpg
[2012/07/10 00:24:11 | 000,016,731 | ---- | C] () -- C:\Users\Eric\Desktop\coat of arms.jpg
[2012/07/09 21:31:51 | 000,047,055 | ---- | C] () -- C:\Users\Eric\Desktop\1341874366332.jpg
[2012/07/09 01:33:33 | 000,751,506 | ---- | C] () -- C:\Users\Eric\Documents\Untitled.png
[2012/07/09 00:58:43 | 000,086,979 | ---- | C] () -- C:\Users\Eric\Desktop\1341798808551.png
[2012/07/08 22:34:40 | 000,306,546 | ---- | C] () -- C:\Users\Eric\Desktop\1341799010577.jpg
[2012/07/07 02:27:07 | 000,323,301 | ---- | C] () -- C:\Users\Eric\Documents\entp.png
[2012/07/07 00:51:12 | 000,024,543 | ---- | C] () -- C:\Users\Eric\Desktop\1341635865013.gif
[2012/07/06 19:33:15 | 000,442,256 | ---- | C] () -- C:\Users\Eric\Desktop\1341616896036.png
[2012/07/06 03:50:12 | 000,328,266 | ---- | C] () -- C:\Users\Eric\Desktop\1341559379819.jpg
[2012/07/06 03:47:08 | 000,202,347 | ---- | C] () -- C:\Users\Eric\Desktop\1341559029038.jpg
[2012/07/06 03:39:25 | 000,149,368 | ---- | C] () -- C:\Users\Eric\Desktop\1341554342035.jpg
[2012/07/06 03:38:39 | 000,163,036 | ---- | C] () -- C:\Users\Eric\Desktop\1341554202021.jpg
[2012/07/06 03:36:47 | 000,182,151 | ---- | C] () -- C:\Users\Eric\Desktop\1341559426582.png
[2012/07/06 03:36:22 | 000,294,472 | ---- | C] () -- C:\Users\Eric\Desktop\1341559423067.jpg
[2012/07/02 02:26:16 | 000,127,025 | ---- | C] () -- C:\Users\Eric\Desktop\20110515.gif
[2012/07/01 01:38:35 | 000,000,667 | ---- | C] () -- C:\Users\Eric\Desktop\Magic Workstation.lnk
[2012/07/01 01:38:35 | 000,000,620 | ---- | C] () -- C:\Users\Eric\Desktop\MWS Online Play.lnk
[2012/06/30 23:53:17 | 000,001,885 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/06/30 23:53:04 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012/06/26 13:39:27 | 000,109,778 | ---- | C] () -- C:\Users\Eric\Desktop\1340727718138.jpg
[2012/06/24 00:46:29 | 000,000,042 | ---- | C] () -- C:\repairs_running.dat
[2012/06/23 23:57:02 | 000,002,287 | ---- | C] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2012/05/21 00:57:17 | 000,066,936 | -HS- | C] () -- C:\Windows\dlinfo_0.drv
[2012/05/19 15:41:10 | 000,086,528 | ---- | C] () -- C:\Windows\bnetunin.exe
[2012/05/19 15:41:10 | 000,061,440 | ---- | C] () -- C:\Windows\diabunin.exe
[2012/03/12 21:56:19 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/03/12 21:56:19 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/03/12 21:56:19 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/03/12 21:56:19 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/03/12 21:56:19 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/02/09 21:57:53 | 000,000,468 | ---- | C] () -- C:\Program Files (x86)\cod5key.reg
[2012/02/09 21:57:53 | 000,000,090 | ---- | C] () -- C:\Program Files (x86)\visit-forum.bat
[2012/02/07 01:19:01 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/02/07 01:19:01 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2012/01/07 02:49:51 | 000,126,712 | ---- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/01/02 04:21:54 | 000,005,632 | ---- | C] () -- C:\Users\Eric\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/15 01:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/09/09 06:26:10 | 000,000,448 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/08/30 06:16:37 | 000,007,603 | ---- | C] () -- C:\Users\Eric\AppData\Local\resmon.resmoncfg
[2011/08/11 02:00:29 | 000,001,772 | ---- | C] () -- C:\Users\Eric\AppData\Roaming\Profile4.dat
[2011/08/10 22:51:33 | 000,003,240 | ---- | C] () -- C:\Users\Eric\AppData\Roaming\Profile3.dat
[2011/08/10 22:51:33 | 000,001,770 | ---- | C] () -- C:\Users\Eric\AppData\Roaming\Profile0.dat
[2011/08/10 22:51:33 | 000,001,768 | ---- | C] () -- C:\Users\Eric\AppData\Roaming\Profile1.dat
[2011/08/10 22:51:33 | 000,001,766 | ---- | C] () -- C:\Users\Eric\AppData\Roaming\Profile2.dat
[2011/08/10 22:41:56 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini

========== LOP Check ==========

[2011/11/01 00:16:52 | 000,000,000 | ---D | M] -- C:\Users\Eric\AppData\Roaming\DAEMON Tools Lite
[2012/07/21 15:54:33 | 000,000,000 | ---D | M] -- C:\Users\Eric\AppData\Roaming\foobar2000
[2011/11/29 02:34:10 | 000,000,000 | ---D | M] -- C:\Users\Eric\AppData\Roaming\ICAClient
[2011/10/11 01:04:45 | 000,000,000 | ---D | M] -- C:\Users\Eric\AppData\Roaming\ImgBurn
[2011/08/12 04:18:03 | 000,000,000 | ---D | M] -- C:\Users\Eric\AppData\Roaming\Leadertech
[2011/11/20 01:43:14 | 000,000,000 | ---D | M] -- C:\Users\Eric\AppData\Roaming\LolClient
[2012/04/16 04:32:02 | 000,000,000 | ---D | M] -- C:\Users\Eric\AppData\Roaming\RenPy
[2011/08/11 02:06:18 | 000,000,000 | ---D | M] -- C:\Users\Eric\AppData\Roaming\SharePod
[2012/01/25 00:35:13 | 000,000,000 | ---D | M] -- C:\Users\Eric\AppData\Roaming\SystemRequirementsLab
[2012/07/21 05:46:01 | 000,000,000 | ---D | M] -- C:\Users\Eric\AppData\Roaming\uTorrent
[2012/02/08 01:45:46 | 000,000,000 | ---D | M] -- C:\Users\Eric\AppData\Roaming\Youtube Downloader HD
[2012/07/14 15:05:42 | 000,032,552 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

#42
Amlak
Posted 22 July 2012 - 08:17 AM

Amlak

    Member 1K

  • Member
  • PipPipPipPip
  • 1,470 posts
Hi, HKim42. For the folder sorting issue, please go here and post a new thread about it. Link to this thread and tell them the malware helper has declared your system clean of malware, and that he thinks it might be some non-malware Windows issue.

Congratulations, your computer seems all good now. Time to wrap things up for good this time!

Remove ComboFix
  • Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
  • In the Run box, type in ComboFix /Uninstall
    (Notice the space between the "x" and "/")
    then click OK

    Posted Image
  • Follow the prompts on the screen
  • A message should appear confirming that ComboFix was uninstalled

Run OTL and hit the Cleanup button. It will remove all the program we may have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use may change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Now it's time to clear those restore points.

  • Right click on My Computer and select Properties.
  • In the System Restore tab, check "Turn off System Restore on all drives" and then click Apply.
  • Click Yes and then OK.
  • Once again, right click on My Computer and select Properties.
  • In the System Restore tab, uncheck "Turn off System Restore on all drives" and then click Apply.
  • When the Apply button greys out, click OK.

Now that you are clean, to help protect your computer in the future I recommend that you get/keep the following free programmes:

Posted Image Malwarebytes.

Update and run weekly to keep your system clean

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

Enjoy your computer.
  • 0

#43
HKim42
Posted 30 July 2012 - 11:09 PM

HKim42

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Ok, thanks.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP