Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Blue screen, randomly running slow

Started by praxidice , Jul 02 2012 05:40 AM

  • Please log in to reply

#1
praxidice
Posted 02 July 2012 - 05:40 AM

praxidice

    Member

  • Member
  • PipPipPip
  • 164 posts
Hello there,

My system is having a series of random (at least to me) problems.
1. Startup is taking longer and longer, from pushing the power button to the login screen and again from login to loading.
2. The internet sometimes slows to a total crawl (very unusual)
3. Random programs will start to run very slowly (sometimes PowerPoint, sometimes Picasa)

Once, out of nowhere, my computer quit and went to the blue screen with a serious error message.

I have run Avast antivirus and Malwarebytes anti-malware, and I have Outpost firewall always running.

Help...?

Thank you,
A.

OTL Log:

OTL logfile created on: 7/2/2012 7:34:10 PM - Run 2
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\XXXX\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.91 Gb Total Physical Memory | 1.15 Gb Available Physical Memory | 29.35% Memory free
7.81 Gb Paging File | 4.64 Gb Available in Paging File | 59.41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 282.04 Gb Total Space | 31.81 Gb Free Space | 11.28% Space Free | Partition Type: NTFS
Drive D: | 15.86 Gb Total Space | 2.58 Gb Free Space | 16.25% Space Free | Partition Type: NTFS
Drive F: | 149.05 Gb Total Space | 42.06 Gb Free Space | 28.22% Space Free | Partition Type: NTFS

Computer Name: XXXX-PC | User Name: XXXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/02 19:30:52 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\XXXX\Downloads\OTL.exe
PRC - [2012/06/13 16:53:48 | 001,014,112 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
PRC - [2012/06/12 06:22:29 | 000,686,280 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe
PRC - [2012/05/25 03:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\XXXX\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/05/08 15:13:28 | 000,185,856 | ---- | M] () -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
PRC - [2012/03/26 09:00:48 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2012/03/21 23:41:57 | 000,180,648 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.111\GoogleCrashHandler.exe
PRC - [2012/03/07 09:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/07 09:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/02/14 00:20:27 | 000,213,279 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Windows\SysWOW64\npnj5Agent.exe
PRC - [2012/02/14 00:20:08 | 000,250,145 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Windows\SysWOW64\npstartersvc.exe
PRC - [2012/01/03 22:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/14 15:01:50 | 000,994,360 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psia.exe
PRC - [2011/10/14 15:01:48 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
PRC - [2011/10/14 15:01:46 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
PRC - [2011/07/29 08:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/07/17 08:20:43 | 000,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2010/05/07 11:09:06 | 000,415,638 | ---- | M] (Old McDonald's Farm) -- C:\Program Files (x86)\Autorun Eater\billy.exe
PRC - [2010/05/07 10:59:36 | 000,516,216 | ---- | M] (Old McDonald's Farm) -- C:\Program Files (x86)\Autorun Eater\oldmcdonald.exe
PRC - [2009/12/24 06:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
PRC - [2009/12/02 05:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
PRC - [2009/12/02 05:37:46 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
PRC - [2009/07/24 13:45:52 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/07/24 04:37:16 | 000,206,120 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/28 19:28:56 | 000,438,296 | ---- | M] () -- C:\Users\XXXX\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppgooglenaclpluginchrome.dll
MOD - [2012/06/28 19:28:54 | 003,972,120 | ---- | M] () -- C:\Users\XXXX\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll
MOD - [2012/06/28 19:27:40 | 000,554,520 | ---- | M] () -- C:\Users\XXXX\AppData\Local\Google\Chrome\Application\20.0.1132.47\libglesv2.dll
MOD - [2012/06/28 19:27:38 | 000,117,784 | ---- | M] () -- C:\Users\XXXX\AppData\Local\Google\Chrome\Application\20.0.1132.47\libegl.dll
MOD - [2012/06/28 19:27:29 | 000,140,328 | ---- | M] () -- C:\Users\XXXX\AppData\Local\Google\Chrome\Application\20.0.1132.47\avutil-51.dll
MOD - [2012/06/28 19:27:28 | 000,262,184 | ---- | M] () -- C:\Users\XXXX\AppData\Local\Google\Chrome\Application\20.0.1132.47\avformat-54.dll
MOD - [2012/06/28 19:27:26 | 002,386,984 | ---- | M] () -- C:\Users\XXXX\AppData\Local\Google\Chrome\Application\20.0.1132.47\avcodec-54.dll
MOD - [2012/06/28 17:27:26 | 009,252,040 | ---- | M] () -- C:\Users\XXXX\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
MOD - [2012/05/08 15:13:20 | 000,162,816 | ---- | M] () -- C:\Program Files\Web Assistant\Extension32.dll
MOD - [2012/03/16 15:42:58 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
MOD - [2012/03/16 15:42:56 | 000,433,664 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
MOD - [2011/10/05 03:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
MOD - [2011/07/29 08:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/29 08:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2010/06/17 04:48:34 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2010/06/17 04:48:32 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2010/06/17 04:48:32 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2009/07/24 04:37:14 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
MOD - [2009/02/28 08:39:29 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\AcroTray.DEU
MOD - [2009/02/28 08:32:27 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\AcroTray.FRA


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/05/08 15:13:28 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)
SRV:64bit: - [2012/03/07 09:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/05/14 10:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011/04/04 10:57:32 | 003,501,696 | ---- | M] (Agnitum Ltd.) [Auto | Stopped] -- C:\Program Files\Agnitum\Outpost Security Suite Free\acs.exe -- (acssrv)
SRV:64bit: - [2010/08/30 03:53:59 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010/03/24 06:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/07/14 10:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/03 19:13:02 | 000,721,712 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vfsFPService.exe -- (vfsFPService)
SRV:64bit: - [2009/03/03 10:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters)
SRV - [2012/06/12 06:22:32 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/14 00:20:08 | 000,250,145 | ---- | M] (INCA Internet Co., Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\npstartersvc.exe -- (nPStarterSVC)
SRV - [2012/01/03 22:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/12/03 00:23:17 | 000,209,216 | ---- | M] (INCA Internet Co., Ltd.) [Auto | Stopped] -- C:\Windows\SysWOW64\npkcmsvc.exe -- (npkcmsvc)
SRV - [2011/10/14 15:01:50 | 000,994,360 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2011/10/14 15:01:48 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2010/07/17 08:20:43 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/24 06:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe -- (STacSV)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/24 06:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009/12/02 05:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe -- (DpHost) @C:\Program Files (x86)
SRV - [2009/06/11 06:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/03 19:12:50 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vfsFPService.exe -- (vfsFPService)
SRV - [2009/03/03 10:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters)
SRV - [2008/08/15 21:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/05/31 13:10:48 | 000,126,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2012/03/07 09:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/03/07 09:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/03/07 09:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/03/07 09:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/03/07 09:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/03/07 09:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/03/01 15:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/14 00:27:14 | 000,141,848 | ---- | M] (Kings Information & Network) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\kcrtx64.sys -- (kcrtx64)
DRV:64bit: - [2012/02/14 00:27:14 | 000,013,848 | ---- | M] (SoftForum Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\JRSKD24.SYS -- (JRSKD24)
DRV:64bit: - [2011/07/27 02:49:12 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2011/05/14 10:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/14 10:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/03/21 16:29:04 | 001,097,672 | ---- | M] (Agnitum Ltd.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\SandBox64.sys -- (SandBox)
DRV:64bit: - [2011/03/21 16:28:12 | 000,042,976 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Filt\VBFilt64.dll -- (VBFilt)
DRV:64bit: - [2011/03/21 16:28:06 | 000,049,168 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Filt\ASWFilt64.dll -- (ASWFilt)
DRV:64bit: - [2011/03/11 15:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 15:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/02 17:04:24 | 000,293,048 | ---- | M] (VirusBuster Kft.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBEngNT.sys -- (VBEngNT)
DRV:64bit: - [2010/09/27 15:38:44 | 000,424,040 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\afwcore.sys -- (afwcore)
DRV:64bit: - [2010/09/01 17:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
DRV:64bit: - [2010/08/12 13:07:46 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/08/11 03:35:12 | 000,139,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV:64bit: - [2010/08/11 03:35:08 | 007,369,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/08/11 03:33:17 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/04/20 16:02:50 | 000,039,528 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afw.sys -- (afw)
DRV:64bit: - [2010/03/24 06:53:06 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/10/10 11:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/07/14 10:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 10:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 10:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 10:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 09:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/11 06:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/11 06:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/11 06:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/11 05:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/11 05:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel®
DRV:64bit: - [2009/06/11 05:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 05:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 05:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 05:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/23 15:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/21 07:09:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2009/05/13 11:39:00 | 000,239,152 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/04/30 00:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2008/11/08 06:15:40 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2008/06/27 23:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV - [2011/12/03 00:23:16 | 000,048,960 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npkcft64.sys -- (npkcft64)
DRV - [2009/07/14 10:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/08/14 23:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)
DRV - [2002/07/18 09:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ASPI32.SYS -- (ASPI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {32FFA210-F5D7-4372-A473-53E7C3F68BE2}
IE:64bit: - HKLM\..\SearchScopes\{32FFA210-F5D7-4372-A473-53E7C3F68BE2}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{362748E6-961E-41FA-B443-81E5EFD75453}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {32FFA210-F5D7-4372-A473-53E7C3F68BE2}
IE - HKLM\..\SearchScopes\{32FFA210-F5D7-4372-A473-53E7C3F68BE2}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{362748E6-961E-41FA-B443-81E5EFD75453}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incre...6OyGe6SRCY&i=26
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...s}&locale=en_US
IE - HKCU\..\SearchScopes\{32FFA210-F5D7-4372-A473-53E7C3F68BE2}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{362748E6-961E-41FA-B443-81E5EFD75453}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear
IE - HKCU\..\SearchScopes\{88D5CC8F-CC88-45F3-962B-96707339C89E}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-06-17 22:59:42&v=11.1.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{B0BFB43E-FE04-4E50-9E20-91D325C494BF}: "URL" = http://search.condui...&ctid=CT3072253
IE - HKCU\..\SearchScopes\{c99fdc39-a1ae-4b24-8d71-e5274f8d7c54}: "URL" = http://search.hotspo...q={searchTerms}
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...6OyGe6SRCY&i=26
IE - HKCU\..\SearchScopes\{E2961E57-0DD3-4E86-BCA8-E6C621B0EDF0}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@interezen.co.kr/npi3gmanager: C:\Program Files (x86)\Interezen\Plugins\NPI3GManager.dll (Interezen © Interezen.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@softforum.com/npKeyPro: C:\Windows\system32\npKeyPro.dll (SoftForum Co., Ltd.)
FF - HKLM\Software\MozillaPlugins\@softforum.com/npxwebplugins: C:\Program Files (x86)\SoftForum\XecureWeb\ActiveX\npxwebplugin.dll (SoftForum Co., Ltd.)
FF - HKLM\Software\MozillaPlugins\@softforum.com/npxwebplugins_file: C:\Program Files (x86)\SoftForum\XecureWeb\ActiveX\npxwebplugin_file.dll (SoftForum Co., Ltd.)
FF - HKLM\Software\MozillaPlugins\@spaceinter.com/EZKeytecPlugin: C:\Program Files (x86)\Space International\Easykeytec v2.0\npEZKeytecPlugin.dll (Space International, Inc. )
FF - HKLM\Software\MozillaPlugins\@spaceinter.com/EZKeytecPlugins: C:\Program Files (x86)\Space International\Easykeytec v2.0\npEZKeytecPlugins.dll (Space International, Inc. )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wizvera.com/npverain: C:\Program Files (x86)\Wizvera\Verain\npverain.dll ( )
FF - HKLM\Software\MozillaPlugins\@wizvera.com/npVeraport20: C:\Program Files (x86)\Wizvera\Veraport20\npveraport20.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\XXXX\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\XXXX\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012/06/27 23:27:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009/08/25 03:31:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files (x86)\Google\Google Gears\Firefox\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/03/23 21:46:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/05/12 23:31:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012/06/27 23:27:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/14 11:40:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/14 11:40:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\DigitalPersona\Bin\firefoxext

[2012/04/23 22:56:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\extensions
[2012/04/23 22:56:44 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2011/11/12 00:25:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\qvltjbgi.default\extensions
[2011/11/12 00:25:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\qvltjbgi.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/02/05 21:13:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/04/19 05:33:04 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011/11/11 19:08:02 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\XXXX\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\XXXX\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\XXXX\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: NPI3GManager © Interezen. plugin (Enabled) = C:\Program Files (x86)\Interezen\Plugins\NPI3GManager.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: SoftForum XecureWeb Control Plug-in (Enabled) = C:\Program Files (x86)\SoftForum\XecureWeb\ActiveX\npxwebplugin.dll
CHR - plugin: SoftForum XecureWeb File Control Plug-in (Enabled) = C:\Program Files (x86)\SoftForum\XecureWeb\ActiveX\npxwebplugin_file.dll
CHR - plugin: Space International - EasyKeytec-plugin (Enabled) = C:\Program Files (x86)\Space International\Easykeytec v2.0\npEZKeytecPlugin.dll
CHR - plugin: Space International - EasyKeytec-plugins (Enabled) = C:\Program Files (x86)\Space International\Easykeytec v2.0\npEZKeytecPlugins.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Wizvera Mozilla Browser Control (Enabled) = C:\Program Files (x86)\Wizvera\Verain\npverain.dll
CHR - plugin: Veraport Mozilla Plugin (Enabled) = C:\Program Files (x86)\Wizvera\Veraport20\npveraport20.dll
CHR - plugin: TVU Web Player for FireFox (Enabled) = C:\Windows\system32\TVUAx\npTVUAx.dll
CHR - plugin: Client Keeper KeyPro (Enabled) = C:\Windows\system32\npKeyPro.dll
CHR - Extension: YouTube = C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: feedly = C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob\10.2.437_0\
CHR - Extension: avast! WebRep = C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1426_0\
CHR - Extension: Skype Click to Call = C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\
CHR - Extension: Save in Delicious = C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnaelnkmidnndgikjbiifihgklnocljd\1.1_0\
CHR - Extension: HP Product Detection Plugin = C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnhbepgnjnaoahohppnffanmkjkjoglp\1.0.15.0_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Evernote Web Clipper = C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\5.5.1_0\
CHR - Extension: Gmail = C:\Users\XXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2011/07/19 06:27:27 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll ()
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found.
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (³×À̹ö Åø¹Ù µµ¿ì¹Ì) - {67C41E9E-2EBF-4F2B-AF74-314F0D793172} - C:\Program Files (x86)\naver\NaverToolbar\NaverTB_4_0_4_156.dll (NHN Corp.)
O2 - BHO: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (uTorrentControl2 Toolbar) - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - No CLSID value found.
O3 - HKLM\..\Toolbar: (네이버 툴바) - {D09CFF09-A42A-4EDC-9804-E61224F59CA1} - C:\Program Files (x86)\naver\NaverToolbar\NaverTB_4_0_4_156.dll (NHN Corp.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentControl2 Toolbar) - {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Security Suite Free\feedback.exe (Agnitum Ltd.)
O4:64bit: - HKLM..\Run: [OutpostMonitor] C:\Program Files\Agnitum\Outpost Security Suite Free\op_mon.exe (Agnitum Ltd.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Autorun Eater] C:\Program Files (x86)\Autorun Eater\oldmcdonald.exe (Old McDonald's Farm)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)
O4 - HKLM..\Run: [HOfficeViewerUpdate] C:\Program Files (x86)\HNC\HOfficeViewer80\HncUtils\HncViewerChecker.exe (Hancom Inc(HNC).)
O4 - HKCU..\Run: [cdloader] C:\Users\XXXX\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\XXXX\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Add to QQ Customized Panel - C:\Program Files (x86)\Tencent\QQ\AddPanel.htm File not found
O8:64bit: - Extra context menu item: Add to QQ Emoticons - C:\Program Files (x86)\Tencent\QQ\AddEmotion.htm File not found
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8:64bit: - Extra context menu item: Send picture by MMS - C:\Program Files (x86)\Tencent\QQ\SendMMS.htm File not found
O8:64bit: - Extra context menu item: Send the Picture by QQ MMS - C:\Program Files (x86)\Tencent\QQ\SendMMS.htm File not found
O8:64bit: - Extra context menu item: 네이버 검색 - C:\Program Files (x86)\naver\NaverToolbar\NaverTB_4_0_4_146.dll (NHN Corp.)
O8:64bit: - Extra context menu item: 네이버 메모하기 - C:\Program Files (x86)\naver\NaverToolbar\NaverTB_4_0_4_146.dll (NHN Corp.)
O8:64bit: - Extra context menu item: 네이버 북마크하기 - C:\Program Files (x86)\naver\NaverToolbar\NaverTB_4_0_4_146.dll (NHN Corp.)
O8:64bit: - Extra context menu item: 네이버 사전 검색 - C:\Program Files (x86)\naver\NaverToolbar\NaverTB_4_0_4_146.dll (NHN Corp.)
O8:64bit: - Extra context menu item: 네이버 오픈캐스트 링크등록 - C:\Program Files (x86)\naver\NaverToolbar\NaverTB_4_0_4_146.dll (NHN Corp.)
O8:64bit: - Extra context menu item: 네이버 일한 번역 - C:\Program Files (x86)\naver\NaverToolbar\NaverTB_4_0_4_146.dll (NHN Corp.)
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Add to QQ Customized Panel - C:\Program Files (x86)\Tencent\QQ\AddPanel.htm File not found
O8 - Extra context menu item: Add to QQ Emoticons - C:\Program Files (x86)\Tencent\QQ\AddEmotion.htm File not found
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send picture by MMS - C:\Program Files (x86)\Tencent\QQ\SendMMS.htm File not found
O8 - Extra context menu item: Send the Picture by QQ MMS - C:\Program Files (x86)\Tencent\QQ\SendMMS.htm File not found
O8 - Extra context menu item: 네이버 검색 - C:\Program Files (x86)\naver\NaverToolbar\NaverTB_4_0_4_146.dll (NHN Corp.)
O8 - Extra context menu item: 네이버 메모하기 - C:\Program Files (x86)\naver\NaverToolbar\NaverTB_4_0_4_146.dll (NHN Corp.)
O8 - Extra context menu item: 네이버 북마크하기 - C:\Program Files (x86)\naver\NaverToolbar\NaverTB_4_0_4_146.dll (NHN Corp.)
O8 - Extra context menu item: 네이버 사전 검색 - C:\Program Files (x86)\naver\NaverToolbar\NaverTB_4_0_4_146.dll (NHN Corp.)
O8 - Extra context menu item: 네이버 오픈캐스트 링크등록 - C:\Program Files (x86)\naver\NaverToolbar\NaverTB_4_0_4_146.dll (NHN Corp.)
O8 - Extra context menu item: 네이버 일한 번역 - C:\Program Files (x86)\naver\NaverToolbar\NaverTB_4_0_4_146.dll (NHN Corp.)
O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16:64bit: - DPF: {6CE20149-ABE3-462E-A1B4-5B549971AA38} Reg Error: Key error. (Reg Error: Key error.)
O16:64bit: - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (Reg Error: Key error.)
O16 - DPF: {6AC69002-DAD5-11D4-B065-00C04F0CD404} http://www.hikorea.g.../xw_install.cab (FileAccess Class)
O16 - DPF: {6CE20149-ABE3-462E-A1B4-5B549971AA38} http://www.hikorea.g...Pro3023_32k.cab (XecureCKKB Class)
O16 - DPF: {79B9399C-6B30-43DC-BA89-7BA3F9459B12} http://video.learnen...urce/BznAtx.cab (BznAtx Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {B8677403-AAE2-40AB-8DB1-5FA6C4E4A9E5} http://dist.cdnetwor...uaWebPlayer.cab (AquaWebPlayer Class)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} http://update.nprote...kcx_1103081.cab (NPKCX Control)
O16 - DPF: {D96D2F74-0B74-47D2-964F-B67E9F69F1CD} http://www.congnamul...p_V2_0_0_19.cab (CongnamulMap4Asp Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 168.126.63.1 168.126.63.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DD188E90-85FF-43A9-8047-BDA1D33B68AB}: DhcpNameServer = 168.126.63.1 168.126.63.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ED3B826A-19B6-446C-B8DB-A00C9F83C938}: DhcpNameServer = 210.220.163.82 219.250.36.130
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hoo~1.dll) - c:\Program Files\Agnitum\Outpost Security Suite Free\wl_hook64.dll (Agnitum Ltd.)
O20 - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hook.dll) - c:\Program Files\Agnitum\Outpost Security Suite Free\wl_hook.dll (Agnitum Ltd.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (bootalyac.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/29 22:14:20 | 000,000,000 | ---D | C] -- C:\Users\XXXX\Desktop\Czech Language Learning Pack (Updated)
[2012/06/29 22:02:24 | 000,000,000 | ---D | C] -- C:\Users\XXXX\Desktop\Newerest
[2012/06/27 23:27:29 | 000,000,000 | ---D | C] -- C:\Program Files\Web Assistant
[2012/06/27 23:15:32 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2012/06/26 12:29:54 | 000,000,000 | ---D | C] -- C:\Users\XXXX\Desktop\JLS
[2012/06/25 20:24:33 | 000,000,000 | ---D | C] -- C:\Users\XXXX\Desktop\Nicholas Lyons
[2012/06/24 23:58:10 | 000,000,000 | ---D | C] -- C:\Users\XXXX\Desktop\Newer
[2012/06/20 10:55:02 | 000,000,000 | ---D | C] -- C:\Users\XXXX\Desktop\Czech-Slovak Learning Pack
[2012/06/19 20:21:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
[2012/06/19 20:21:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Evernote
[2012/06/19 19:47:50 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/06/19 19:37:12 | 000,000,000 | ---D | C] -- C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/06/19 19:37:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012/06/17 23:03:06 | 000,000,000 | ---D | C] -- C:\Users\XXXX\AppData\Roaming\PowerISO
[2012/06/17 23:00:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
[2012/06/17 22:58:06 | 000,126,944 | ---- | C] (Power Software Ltd) -- C:\Windows\SysNative\drivers\scdemu.sys
[2012/06/17 22:57:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PowerISO
[2012/06/15 21:23:28 | 000,000,000 | ---D | C] -- C:\Users\XXXX\Desktop\New
[2012/06/13 22:07:47 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/06/09 22:16:19 | 000,000,000 | ---D | C] -- C:\Users\XXXX\Desktop\Brit comedy
[2012/06/06 22:42:30 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2012/06/04 22:07:07 | 000,000,000 | ---D | C] -- C:\Users\XXXX\Desktop\New Books
[2012/06/04 09:38:28 | 000,000,000 | ---D | C] -- C:\Users\XXXX\Desktop\Photo
[2010/11/28 15:02:12 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Program Files (x86)\TFC.exe
[2 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/07/02 19:58:55 | 000,087,766 | ---- | M] () -- C:\Users\XXXX\Desktop\Basic B +÷+˜+++ß_Lesson 16-1.jpg
[2012/07/02 19:58:04 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/02 19:57:56 | 000,023,620 | ---- | M] () -- C:\Users\XXXX\Desktop\Basic B +÷+˜+++ß_Lesson 16-1.pdf
[2012/07/02 19:47:56 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/02 19:27:00 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-965545590-1978782907-1710215557-1000UA.job
[2012/07/02 05:27:00 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-965545590-1978782907-1710215557-1000Core.job
[2012/07/02 05:22:18 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/02 05:22:18 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/02 05:14:51 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/02 05:11:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/02 05:11:22 | 3144,908,800 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/01 15:56:50 | 001,513,594 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/01 15:56:50 | 000,419,392 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/01 15:56:50 | 000,006,418 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/01 14:53:19 | 000,043,601 | ---- | M] () -- C:\Users\XXXX\Desktop\takeaheart.jpg
[2012/06/28 11:29:23 | 003,090,256 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/06/28 05:26:28 | 000,100,746 | ---- | M] () -- C:\Users\XXXX\Desktop\Document1.jpg
[2012/06/27 23:28:55 | 000,000,280 | ---- | M] () -- C:\Windows\wininit.ini
[2012/06/27 23:28:37 | 000,000,453 | ---- | M] () -- C:\user.js
[2012/06/27 21:38:10 | 556,427,807 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/06/27 19:00:59 | 000,000,927 | ---- | M] () -- C:\Users\XXXX\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/06/25 01:19:07 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForXXXX.job
[2012/06/20 22:33:04 | 000,014,336 | ---- | M] () -- C:\Users\XXXX\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/20 10:50:33 | 001,012,795 | ---- | M] () -- C:\Users\XXXX\Desktop\Learn Czech.pdf
[2012/06/17 23:00:17 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\PowerISO.lnk
[2012/06/15 19:24:33 | 000,199,713 | ---- | M] () -- C:\Users\XXXX\Documents\Scan0001.pdf
[2012/06/10 16:57:14 | 000,004,096 | -H-- | M] () -- C:\Users\XXXX\AppData\Local\keyfile3.drm
[2012/06/08 11:58:48 | 000,001,090 | ---- | M] () -- C:\Users\XXXX\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
[2012/06/06 22:42:15 | 000,000,057 | ---- | M] () -- C:\ProgramData\Ament.ini
[2012/06/03 15:42:18 | 000,001,053 | ---- | M] () -- C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/07/01 14:53:32 | 000,043,601 | ---- | C] () -- C:\Users\XXXX\Desktop\takeaheart.jpg
[2012/06/28 05:26:28 | 000,100,746 | ---- | C] () -- C:\Users\XXXX\Desktop\Document1.jpg
[2012/06/27 23:28:03 | 000,000,453 | ---- | C] () -- C:\user.js
[2012/06/20 10:52:11 | 001,012,795 | ---- | C] () -- C:\Users\XXXX\Desktop\Learn Czech.pdf
[2012/06/17 23:00:17 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\PowerISO.lnk
[2012/06/15 19:24:32 | 000,199,713 | ---- | C] () -- C:\Users\XXXX\Documents\Scan0001.pdf
[2012/06/10 16:57:14 | 000,004,096 | -H-- | C] () -- C:\Users\XXXX\AppData\Local\keyfile3.drm
[2012/06/06 22:44:40 | 000,000,962 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
[2012/06/06 22:42:15 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/05/20 23:39:36 | 000,000,034 | -H-- | C] () -- C:\Windows\SysWow64\VideoConverter_sysquict.dat
[2012/05/20 23:38:44 | 000,755,027 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012/05/20 23:38:43 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2012/05/20 23:38:43 | 000,159,839 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012/05/20 23:38:34 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/05/17 19:17:48 | 000,372,304 | ---- | C] () -- C:\Windows\SysWow64\NJUninst.exe
[2012/05/13 00:04:53 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/04/20 19:40:18 | 000,000,280 | ---- | C] () -- C:\Windows\wininit.ini
[2012/02/14 00:23:18 | 000,458,752 | ---- | C] () -- C:\Windows\SysWow64\IniSignedDataVerify.dll
[2012/02/14 00:21:56 | 000,072,272 | ---- | C] () -- C:\Windows\SysWow64\cosa.dll
[2012/02/14 00:21:56 | 000,015,512 | ---- | C] () -- C:\Windows\SysWow64\IRTrace.dll
[2012/02/07 23:05:04 | 000,000,069 | ---- | C] () -- C:\Windows\hjimesv.ini
[2012/02/07 23:04:43 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\winhdb85.ini
[2011/07/19 14:42:57 | 000,132,597 | ---- | C] () -- C:\Program Files\Flash_Disinfector.exe
[2010/12/24 14:11:37 | 000,001,854 | ---- | C] () -- C:\Users\XXXX\AppData\Roaming\GhostObjGAFix.xml
[2010/12/12 12:33:56 | 000,018,760 | ---- | C] () -- C:\Windows\SysWow64\QQVistaHelper.dll
[2010/12/07 09:44:18 | 000,000,286 | ---- | C] () -- C:\Windows\reimage.ini
[2010/12/01 07:56:41 | 000,777,658 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/09/29 15:34:26 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/09/25 14:03:12 | 000,014,336 | ---- | C] () -- C:\Users\XXXX\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/01 05:40:50 | 002,347,340 | ---- | C] () -- C:\Users\XXXX\AppData\Local\tmpFROM MOM'S CAMERA 8-2010 193.JPG
[2010/08/26 07:57:16 | 000,552,680 | ---- | C] () -- C:\Users\XXXX\AppData\Local\tmpHPIM2609.0
[2010/08/26 07:57:16 | 000,425,833 | ---- | C] () -- C:\Users\XXXX\AppData\Local\tmpHPIM2609.JPG
[2010/08/26 07:55:47 | 000,585,872 | ---- | C] () -- C:\Users\XXXX\AppData\Local\tmpHPIM2608.0
[2010/08/26 07:55:47 | 000,477,029 | ---- | C] () -- C:\Users\XXXX\AppData\Local\tmpHPIM2608.JPG
[2010/08/26 07:55:16 | 000,604,540 | ---- | C] () -- C:\Users\XXXX\AppData\Local\tmpHPIM2607.0
[2010/08/26 07:55:16 | 000,485,343 | ---- | C] () -- C:\Users\XXXX\AppData\Local\tmpHPIM2607.JPG
[2010/08/26 07:54:13 | 000,604,532 | ---- | C] () -- C:\Users\XXXX\AppData\Local\tmpHPIM2606.0
[2010/08/26 07:54:13 | 000,480,148 | ---- | C] () -- C:\Users\XXXX\AppData\Local\tmpHPIM2606.JPG
[2010/08/26 07:52:51 | 000,568,880 | ---- | C] () -- C:\Users\XXXX\AppData\Local\tmpHPIM2605.0
[2010/08/26 07:52:51 | 000,457,293 | ---- | C] () -- C:\Users\XXXX\AppData\Local\tmpHPIM2605.JPG
[2010/08/26 07:52:09 | 000,681,992 | ---- | C] () -- C:\Users\XXXX\AppData\Local\tmpHPIM2604.0
[2010/08/26 07:52:09 | 000,507,189 | ---- | C] () -- C:\Users\XXXX\AppData\Local\tmpHPIM2604.JPG
[2010/08/26 07:50:03 | 000,895,180 | ---- | C] () -- C:\Users\XXXX\AppData\Local\tmpHPIM2602.0
[2010/08/26 07:50:03 | 000,671,106 | ---- | C] () -- C:\Users\XXXX\AppData\Local\tmpHPIM2602.JPG
[2010/08/26 07:49:40 | 000,853,644 | ---- | C] () -- C:\Users\XXXX\AppData\Local\tmpHPIM2601.0
[2010/08/26 07:49:40 | 000,641,213 | ---- | C] () -- C:\Users\XXXX\AppData\Local\tmpHPIM2601.JPG
[2010/08/26 07:47:05 | 000,489,252 | ---- | C] () -- C:\Users\XXXX\AppData\Local\tmpHPIM2593.0
[2010/08/26 07:47:05 | 000,385,084 | ---- | C] () -- C:\Users\XXXX\AppData\Local\tmpHPIM2593.JPG
[2010/08/11 03:35:15 | 000,439,300 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2010/08/09 00:12:25 | 000,254,990 | ---- | C] () -- C:\Users\XXXX\AppData\Local\tmp24300008.0
[2010/08/09 00:12:25 | 000,112,309 | ---- | C] () -- C:\Users\XXXX\AppData\Local\tmp24300008.JPG
[2010/08/09 00:11:19 | 000,231,699 | ---- | C] () -- C:\Users\XXXX\AppData\Local\tmp24300009.0
[2010/08/09 00:11:19 | 000,097,579 | ---- | C] () -- C:\Users\XXXX\AppData\Local\tmp24300009.JPG
[2010/07/30 04:44:31 | 000,007,030 | ---- | C] () -- C:\Users\XXXX\AppData\Local\tmpCOUCH.JPG
[2010/07/30 04:44:31 | 000,004,662 | ---- | C] () -- C:\Users\XXXX\AppData\Local\tmpCOUCH.0

========== LOP Check ==========

[2011/11/05 16:42:23 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\Agnitum
[2011/12/12 23:06:52 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\Broad Intelligence
[2012/01/09 19:32:42 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\calibre
[2010/11/28 14:50:49 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\CheckPoint
[2011/04/14 12:09:53 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/07/25 01:49:21 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\DigitalPersona
[2012/07/02 20:06:39 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\Dropbox
[2011/07/25 01:51:13 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\foobar2000
[2011/07/25 01:51:13 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\FreeAudioPack
[2011/07/25 01:51:14 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\GetRightToGo
[2012/02/07 21:29:09 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\HNC
[2012/04/14 15:10:58 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\Mapi2Xml
[2012/01/17 23:26:06 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\mjusbsp
[2012/02/14 00:25:04 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\nprotect
[2010/11/04 14:11:07 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\OverDrive
[2010/12/01 01:36:13 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\Philipp Winterberg
[2012/06/17 23:03:06 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\PowerISO
[2011/07/25 01:51:17 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\REAPER
[2010/07/19 13:57:30 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\Steinberg
[2011/07/25 01:49:40 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\Tencent
[2012/07/02 19:28:23 | 000,000,000 | ---D | M] -- C:\Users\XXXX\AppData\Roaming\uTorrent
[2012/06/27 18:38:56 | 000,032,614 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:C765C323

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP