I received such wonderful help with my last computer problem that I knew exactly where to come to for help with this one.
In the midst of working on a research paper for one of my classes, my computer seems to have picked up some virus from one of links. So far, it has done little noticeable damage and appears to be merely a redirect virus. When I tried to follow a link from a Google search in either Firefox or Internet Explorer, I found myself redirected more than half of the time. Sometimes, it would say something along the lines of "click.getamazingresults" in the address bar and have a white webpage with a big green arrow before taking me to some random (or sometimes related) webpage. In addition to this, I believe it slowed my browsers down to some extent. I ran multiple different virus detection programs (Malwarebytes' AntiMalware, Spyware Doctor, Kingsoft PC Doctor, and Anvisoft SmartDefender) many times, and although some would occasionally find and remove high level infections, the problem did not appear to be fixed by these attempts.
I'd also like to add that my computer actually began having this problem a couple of weeks back, but I have been on this computer relatively little, due to my college schedule, so I have not found much time to deal with the issue, despite knowing that I should have done so earlier.
However, today, the problem seems to have stopped, without me doing anything. Now, I can click Google links and it's actually taking me to where I mean to go. Yesterday, Spyware Doctor did a scheduled quick scan and detected a few minor issues, but I sort of doubt that it cleared up the entire issue. So, I'm guessing that there's probably some of the problem remaining, whether it's obvious to me or not, and I would like to see what I can do in terms of verifying this and taking care of the problem, if it is persisting.
Thank you for reading, and I appreciate any help you can give me!
~ Destiny
OTL logfile created on: 9/22/2012 10:05:01 AM - Run 1
OTL by OldTimer - Version 3.2.65.1 Folder = C:\Users\Destiny\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.95 Gb Total Physical Memory | 5.49 Gb Available Physical Memory | 69.11% Memory free
15.90 Gb Paging File | 13.05 Gb Available in Paging File | 82.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 687.39 Gb Total Space | 576.60 Gb Free Space | 83.88% Space Free | Partition Type: NTFS
Drive D: | 354.32 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: ALCHEMIST | User Name: Destiny | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/09/22 10:04:48 | 000,600,576 | ---- | M] (OldTimer Tools) -- C:\Users\Destiny\Downloads\OTL.com
PRC - [2012/09/13 19:27:04 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/08/23 05:42:52 | 001,229,104 | ---- | M] (Anvisoft) -- C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe
PRC - [2012/08/23 05:42:50 | 000,686,896 | ---- | M] (Anvisoft) -- C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe
PRC - [2012/06/22 15:34:12 | 002,673,624 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe
PRC - [2012/06/22 15:34:12 | 001,118,680 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe
PRC - [2012/06/22 14:21:50 | 000,402,368 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe
PRC - [2012/06/22 14:21:46 | 000,071,008 | ---- | M] (PC Tools) -- C:\Program Files (x86)\PC Tools\PC Tools Security\TFEngine\TFService.exe
PRC - [2012/06/22 11:38:46 | 000,575,448 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2012/04/10 23:26:24 | 001,308,064 | ---- | M] (Kingsoft Corporation) -- C:\Program Files (x86)\Kingsoft\PCDoctor\KSafeTray.exe
PRC - [2012/04/10 23:26:22 | 000,452,512 | ---- | M] (Kingsoft Corporation) -- C:\Program Files (x86)\Kingsoft\PCDoctor\KSafeSvc.exe
PRC - [2012/04/04 00:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/03/21 12:23:14 | 000,793,048 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2012/03/21 12:23:12 | 000,103,896 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2011/03/08 17:06:10 | 001,635,696 | ---- | M] () -- C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
PRC - [2010/11/10 10:51:20 | 000,014,792 | ---- | M] (Alienware) -- C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
PRC - [2010/11/10 10:45:08 | 000,069,584 | ---- | M] (Alienware Corporation) -- C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
PRC - [2010/11/10 10:40:28 | 000,016,832 | ---- | M] () -- C:\Program Files\Alienware\Command Center\AlienFusionController.exe
PRC - [2010/09/13 18:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/09/13 18:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
========== Modules (No Company Name) ==========
MOD - [2012/09/13 19:27:04 | 002,244,064 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/08/23 05:42:40 | 000,784,688 | ---- | M] () -- C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\sqlite3.dll
MOD - [2012/07/24 22:56:11 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2012/06/13 16:12:49 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\09557e6c5a83a1cb68c7c50a841c8064\IAStorUtil.ni.dll
MOD - [2012/06/13 13:41:29 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/13 13:41:23 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/06/13 03:06:20 | 018,000,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll
MOD - [2012/06/13 03:06:09 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll
MOD - [2012/06/13 03:06:06 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
MOD - [2012/06/13 03:06:00 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll
MOD - [2012/06/13 03:05:59 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
MOD - [2012/05/14 23:19:18 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/09 22:40:13 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0c2b0d52156447592f33edf4116b7e7d\System.Management.ni.dll
MOD - [2012/05/09 22:38:48 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\94b346f2ab12d38efb1331ded5783396\System.Runtime.Remoting.ni.dll
MOD - [2012/05/09 22:38:17 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll
MOD - [2012/05/09 22:36:16 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\220b0516e45e7f9bbf6a631490c1243a\IAStorCommon.ni.dll
MOD - [2012/05/09 22:22:15 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/09 22:21:35 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/09 22:21:32 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/09 22:21:31 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/09 22:21:26 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/05/09 22:10:14 | 006,815,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\99d0f7ba920eea1117e45dcd9fec0eb5\System.Data.ni.dll
MOD - [2012/05/09 22:10:09 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
MOD - [2012/05/09 22:10:07 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
MOD - [2012/05/09 22:10:04 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
MOD - [2012/05/09 22:10:03 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
MOD - [2012/05/09 22:09:59 | 000,145,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\7b7719d46a4da2e91e8c501347e48ab9\System.Numerics.ni.dll
MOD - [2012/05/09 22:09:58 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2011/10/21 04:01:48 | 000,140,664 | ---- | M] () -- C:\Program Files (x86)\Kingsoft\PCDoctor\zlib1.dll
MOD - [2011/10/21 04:01:40 | 000,075,160 | ---- | M] () -- C:\Program Files (x86)\Kingsoft\PCDoctor\json.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011/03/08 17:06:10 | 001,635,696 | ---- | M] () -- C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
MOD - [2010/11/10 10:40:28 | 000,016,832 | ---- | M] () -- C:\Program Files\Alienware\Command Center\AlienFusionController.exe
MOD - [2009/12/18 11:07:06 | 000,577,536 | ---- | M] () -- C:\Program Files (x86)\Alienware On-Screen Display\EMSC.dll
========== Services (SafeList) ==========
SRV:64bit: - [2011/03/17 06:14:56 | 000,297,984 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/12/02 13:30:26 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/11/10 10:40:46 | 000,015,296 | ---- | M] (Alienware) [Auto | Running] -- C:\Program Files\Alienware\Command Center\AlienFusionService.exe -- (AlienFusionService)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/03 04:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2012/09/13 19:27:04 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/23 05:42:50 | 000,686,896 | ---- | M] (Anvisoft) [Auto | Running] -- C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe -- (asdsrv)
SRV - [2012/06/22 15:34:12 | 001,118,680 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2012/06/22 14:21:50 | 000,402,368 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2012/06/22 14:21:46 | 000,071,008 | ---- | M] (PC Tools) [On_Demand | Running] -- C:\Program Files (x86)\PC Tools\PC Tools Security\TFEngine\TFService.exe -- (ThreatFire)
SRV - [2012/06/22 11:38:46 | 000,575,448 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2012/04/10 23:26:22 | 000,452,512 | ---- | M] (Kingsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Kingsoft\PCDoctor\KSafeSvc.exe -- (KSafeSvc)
SRV - [2012/04/04 00:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/03/21 12:23:14 | 000,793,048 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2011/11/06 23:21:03 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/08/18 10:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [On_Demand | Stopped] -- C:\Program Files (x86)\AlienRespawn\SftService.exe -- (SftService)
SRV - [2010/11/25 05:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 05:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/09/13 18:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/08/20 04:23:36 | 000,023,376 | ---- | M] (Anvisoft) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\asdrs.sys -- (asdrs)
DRV:64bit: - [2012/08/20 04:23:36 | 000,018,768 | ---- | M] (Anvisoft) [File_System | System | Running] -- C:\Windows\SysNative\drivers\asdrm.sys -- (asdrm)
DRV:64bit: - [2012/08/20 04:23:36 | 000,017,232 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\asdws.sys -- (asdws)
DRV:64bit: - [2012/07/07 20:55:41 | 000,030,496 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hitmanpro36.sys -- (hitmanpro36)
DRV:64bit: - [2012/06/22 15:35:22 | 000,092,928 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pctplsg64.sys -- (pctplsg)
DRV:64bit: - [2012/06/22 15:35:00 | 000,251,560 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\PCTSD64.sys -- (PCTSD)
DRV:64bit: - [2012/06/22 15:29:48 | 000,341,200 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pctgntdi64.sys -- (pctgntdi)
DRV:64bit: - [2012/06/22 14:21:48 | 000,706,776 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfSysMon.sys -- (TFSysMon)
DRV:64bit: - [2012/06/22 14:21:48 | 000,065,664 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfFsMon.sys -- (TfFsMon)
DRV:64bit: - [2012/06/22 14:21:48 | 000,041,968 | --S- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TfNetMon.sys -- (TfNetMon)
DRV:64bit: - [2012/06/22 11:39:20 | 000,085,224 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PCTBD64.sys -- (PCTBD)
DRV:64bit: - [2012/04/23 12:36:50 | 000,426,616 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/28 11:43:18 | 001,096,176 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pctEFA64.sys -- (pctEFA)
DRV:64bit: - [2012/02/28 11:43:12 | 000,453,896 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pctDS64.sys -- (pctDS)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/07/19 02:02:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/07/19 02:02:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/05/03 21:39:26 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/03/17 06:14:56 | 000,521,728 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/03/03 19:18:22 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011/03/03 19:18:22 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011/01/20 11:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2010/12/09 11:38:18 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/12/02 15:05:22 | 008,123,392 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/12/02 12:55:00 | 000,288,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/11/30 08:48:38 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/11/30 08:32:36 | 000,326,760 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2010/11/29 11:03:06 | 001,395,760 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/04 10:36:24 | 012,178,816 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2010/09/24 11:46:32 | 000,116,752 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/09/13 18:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/09/07 08:41:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)
DRV:64bit: - [2010/08/20 13:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2010/08/17 08:17:46 | 000,344,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010/08/17 08:17:46 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/08/17 08:17:46 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/07/15 07:59:30 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/26 15:43:42 | 000,016,752 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EMSC.sys -- (EMSC)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2006/11/01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2012/04/10 23:26:58 | 000,021,320 | ---- | M] (Kingsoft Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Kingsoft\PCDoctor\ksfmonsys64.sys -- (ksfmonsys)
DRV - [2011/12/19 20:58:08 | 000,133,096 | ---- | M] (Kingsoft Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Kingsoft\PCDoctor\kmodurl64.sys -- (kmodurl)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/06/26 15:43:42 | 000,013,680 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\drivers\EMSC.sys -- (EMSC)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1375248461-4089892005-1521417111-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://AlienwareArena.com
IE - HKU\S-1-5-21-1375248461-4089892005-1521417111-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://accounts.goo...lt<mplcache=2
IE - HKU\S-1-5-21-1375248461-4089892005-1521417111-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.geekstogo...timers-list-it/
IE - HKU\S-1-5-21-1375248461-4089892005-1521417111-1000\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKU\S-1-5-21-1375248461-4089892005-1521417111-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1375248461-4089892005-1521417111-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7GGNI_enUS442
IE - HKU\S-1-5-21-1375248461-4089892005-1521417111-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1375248461-4089892005-1521417111-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "https://www.google.c...e=2&from=login"
FF - prefs.js..extensions.enabledAddons: [email protected]:1.0
FF - prefs.js..extensions.enabledAddons: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:13.0.0
FF - prefs.js..extensions.enabledAddons: [email protected]:2.0.6
FF - prefs.js..keyword.URL: "http://www.startnow....6.1-x64-SP1&q="
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\ [2012/09/15 11:06:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/13 19:27:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/09/13 19:27:03 | 000,000,000 | ---D | M]
[2011/07/26 16:04:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Destiny\AppData\Roaming\mozilla\Extensions
[2012/09/15 19:16:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Destiny\AppData\Roaming\mozilla\Firefox\Profiles\66fgyw4v.default\extensions
[2012/09/15 19:16:59 | 000,000,000 | ---D | M] (LavaFox V2-Blue) -- C:\Users\Destiny\AppData\Roaming\mozilla\Firefox\Profiles\66fgyw4v.default\extensions\[email protected]
[2012/09/15 17:52:50 | 000,000,000 | ---D | M] (LavaFox V2) -- C:\Users\Destiny\AppData\Roaming\mozilla\Firefox\Profiles\66fgyw4v.default\extensions\[email protected]
[1832/11/28 23:44:26 | 000,004,819 | ---- | M] () (No name found) -- C:\Users\Destiny\AppData\Roaming\mozilla\firefox\profiles\66fgyw4v.default\extensions\[email protected]
[2012/06/05 22:10:34 | 000,030,312 | ---- | M] () (No name found) -- C:\Users\Destiny\AppData\Roaming\mozilla\firefox\profiles\66fgyw4v.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi
[2011/08/01 16:24:17 | 000,002,259 | ---- | M] () -- C:\Users\Destiny\AppData\Roaming\mozilla\firefox\profiles\66fgyw4v.default\searchplugins\bing-zugo.xml
[2012/09/13 19:27:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/09/13 19:27:04 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml.old
[2012/08/30 07:49:15 | 000,002,253 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2012/07/17 04:41:21 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-1375248461-4089892005-1521417111-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [Command Center Controllers] C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe (Microsoft)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [AlienwareOn-ScreenDisplay] C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe ()
O4 - HKLM..\Run: [Anvi Smart Defender] C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe (Anvisoft)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISTray] C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [KSafeTray] C:\Program files (x86)\Kingsoft\PCDoctor\KSafeTray.exe (Kingsoft Corporation)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-1375248461-4089892005-1521417111-1000\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-1375248461-4089892005-1521417111-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKU\S-1-5-21-1375248461-4089892005-1521417111-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutorun = 12
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000018 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0DC12889-B7C1-491F-AAD2-34351363AC01}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{502F97DC-F1BA-46C0-B856-9190B84350D5}: DhcpNameServer = 184.63.0.68 184.63.0.69
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012/09/21 10:31:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WCID
[2012/09/15 22:07:17 | 000,706,776 | --S- | C] (PC Tools) -- C:\Windows\SysNative\drivers\TfSysMon.sys
[2012/09/15 22:07:17 | 000,065,664 | --S- | C] (PC Tools) -- C:\Windows\SysNative\drivers\TfFsMon.sys
[2012/09/15 22:07:17 | 000,041,968 | --S- | C] (PC Tools) -- C:\Windows\SysNative\drivers\TfNetMon.sys
[2012/09/15 15:17:15 | 000,000,000 | ---D | C] -- C:\Users\Destiny\Documents\College Work
[2012/09/15 15:13:25 | 000,000,000 | ---D | C] -- C:\Users\Destiny\Documents\Old Schoolwork
[2012/09/15 11:06:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
[2012/09/13 19:27:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/09/09 00:51:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
[2012/09/09 00:51:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Anvisoft
========== Files - Modified Within 30 Days ==========
[2012/09/22 09:53:03 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/22 09:45:17 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/22 09:45:17 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/22 09:39:22 | 002,178,039 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2012/09/22 09:38:18 | 000,000,306 | ---- | M] () -- C:\Windows\tasks\RMAutoUpdate.job
[2012/09/22 09:38:17 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/22 09:37:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/22 09:37:37 | 2106,449,919 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/20 19:10:50 | 000,779,266 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/09/20 19:10:50 | 000,660,530 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/20 19:10:50 | 000,121,426 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/09/15 11:06:16 | 000,002,277 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2012/09/09 00:51:19 | 000,001,190 | ---- | M] () -- C:\Users\Public\Desktop\Anvi Smart Defender.lnk
[2012/09/06 09:17:38 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
========== Files Created - No Company Name ==========
[2012/09/15 11:06:48 | 002,178,039 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2012/09/15 11:06:16 | 000,002,277 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2012/09/09 00:51:19 | 000,017,232 | ---- | C] () -- C:\Windows\SysNative\drivers\asdws.sys
[2012/09/09 00:51:19 | 000,001,190 | ---- | C] () -- C:\Users\Public\Desktop\Anvi Smart Defender.lnk
[2012/07/07 15:40:00 | 000,767,960 | ---- | C] () -- C:\Windows\BDTSupport.dll0957.old
[2012/07/07 15:40:00 | 000,767,960 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2012/01/27 16:26:26 | 000,000,021 | ---- | C] () -- C:\Windows\KA.INI
[2012/01/27 01:07:33 | 000,000,300 | ---- | C] () -- C:\Windows\EReg515.dat
[2012/01/27 01:07:24 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2012/01/27 01:05:51 | 000,001,459 | ---- | C] () -- C:\Windows\disney.ini
[2012/01/26 23:30:07 | 000,000,000 | ---- | C] () -- C:\Windows\setup32.INI
[2011/07/19 01:50:56 | 000,960,812 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/07/19 01:50:55 | 000,206,952 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/07/19 01:50:53 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/07/19 01:50:50 | 000,002,888 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/07/19 00:47:06 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/07/19 00:39:23 | 000,002,888 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2011/02/10 11:10:51 | 000,773,482 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/11/10 10:50:38 | 000,098,232 | ---- | C] () -- C:\Windows\SysWow64\CCBiosSupportAPI.dll
========== ZeroAccess Check ==========
[2012/07/07 13:15:32 | 000,000,082 | ---- | M] () -- C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BNS6KBSW\t.cxt.ms\lso.swf\u.sol
[2008/09/26 09:19:04 | 000,000,165 | ---- | M] () -- C:\Users\All Users\Macrovision\FLEXnet Connect\11\ui\images\u.gif
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
========== LOP Check ==========
[2012/09/09 00:51:34 | 000,000,000 | ---D | M] -- C:\Users\Destiny\AppData\Roaming\Anvisoft
[2012/07/09 02:42:55 | 000,000,000 | ---D | M] -- C:\Users\Destiny\AppData\Roaming\DriverCure
[2011/07/26 19:45:06 | 000,000,000 | ---D | M] -- C:\Users\Destiny\AppData\Roaming\IDT
[2012/02/14 21:41:38 | 000,000,000 | ---D | M] -- C:\Users\Destiny\AppData\Roaming\kingsoft
[2012/02/14 21:19:02 | 000,000,000 | ---D | M] -- C:\Users\Destiny\AppData\Roaming\KSafe
[2012/07/11 04:23:33 | 000,000,000 | ---D | M] -- C:\Users\Destiny\AppData\Roaming\MP3Rocket
[2011/07/27 11:02:42 | 000,000,000 | ---D | M] -- C:\Users\Destiny\AppData\Roaming\Origin
[2012/07/08 17:04:27 | 000,000,000 | ---D | M] -- C:\Users\Destiny\AppData\Roaming\Product_RM
[2012/07/08 19:01:03 | 000,000,000 | ---D | M] -- C:\Users\Destiny\AppData\Roaming\Registry Mechanic
[2012/07/09 02:42:54 | 000,000,000 | ---D | M] -- C:\Users\Destiny\AppData\Roaming\SpeedyPC Software
[2012/07/07 15:37:34 | 000,000,000 | ---D | M] -- C:\Users\Destiny\AppData\Roaming\TestApp
[2012/07/02 21:58:19 | 000,000,000 | ---D | M] -- C:\Users\E n d i n g\AppData\Roaming\KSafe
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 199 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
< End of report >