Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

*Neewbie who needs help with Malware checklist* [Closed]


  • This topic is locked This topic is locked

#1
StueyF33

StueyF33

    New Member

  • Member
  • Pip
  • 2 posts
:confused: Hi to anyone who reads this post, I would like it if you could please read through this log file and post back if there is anything wrong, I would be very grteful for any feed back Thankyou. :confused:








OTL logfile created on: 15/04/2013 01:33:09 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Stuart\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

5.68 Gb Total Physical Memory | 3.12 Gb Available Physical Memory | 54.96% Memory free
11.36 Gb Paging File | 8.22 Gb Available in Paging File | 72.38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 305.55 Gb Total Space | 99.35 Gb Free Space | 32.51% Space Free | Partition Type: NTFS
Drive D: | 64.29 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 265.52 Gb Total Space | 24.56 Gb Free Space | 9.25% Space Free | Partition Type: NTFS
Drive H: | 14.42 Gb Total Space | 0.00 Gb Free Space | 0.01% Space Free | Partition Type: NTFS

Computer Name: STUART-PC | User Name: Stuart | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/04/15 01:32:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Stuart\Downloads\OTL.exe
PRC - [2013/04/09 09:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/03/28 11:52:10 | 002,074,768 | ---- | M] () -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
PRC - [2013/03/22 08:38:32 | 000,286,704 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2013/03/19 22:26:44 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/01/24 17:30:10 | 002,615,368 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
PRC - [2012/12/19 09:01:24 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) -- C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe
PRC - [2012/11/26 14:21:38 | 001,851,088 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
PRC - [2012/08/30 23:26:56 | 000,202,328 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe
PRC - [2012/04/05 16:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2011/11/17 20:29:26 | 000,901,800 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/07/01 03:51:14 | 000,418,896 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2011/07/01 03:51:14 | 000,343,632 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2011/07/01 03:51:12 | 001,103,440 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2011/07/01 03:51:12 | 000,353,360 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2011/05/26 07:40:48 | 000,029,696 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2011/05/20 12:13:06 | 000,120,104 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
PRC - [2011/05/20 12:13:04 | 000,169,352 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
PRC - [2011/04/24 02:29:20 | 000,256,832 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
PRC - [2011/04/24 02:28:38 | 000,297,280 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
PRC - [2011/04/02 22:09:38 | 000,173,424 | ---- | M] (Egis Technology Inc. ) -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
PRC - [2010/09/08 11:45:10 | 001,034,752 | ---- | M] () -- C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe
PRC - [2010/03/18 05:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/03/18 05:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/01/28 14:48:00 | 010,035,448 | ---- | M] (3Connect) -- C:\Program Files (x86)\3 Mobile Broadband\3Connect\Wilog.exe
PRC - [2010/01/28 14:47:44 | 001,737,464 | ---- | M] () -- C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe
PRC - [2009/12/21 18:34:38 | 000,743,992 | ---- | M] (Infowatch) -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe


========== Modules (No Company Name) ==========

MOD - [2013/04/14 03:11:54 | 000,369,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\83596232d0f20049567d6cc181b83fcf\System.ServiceModel.Routing.ni.dll
MOD - [2013/04/14 03:11:53 | 001,140,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\28ec5c157703b1816451954d6c52d5a4\System.ServiceModel.Discovery.ni.dll
MOD - [2013/04/14 03:11:51 | 000,082,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\cc4f8731475c522e454265d5b1da958d\System.ServiceModel.Channels.ni.dll
MOD - [2013/04/14 03:11:50 | 001,393,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\e8488b8ed53ddd598c6d7d799ca54f28\System.ServiceModel.Activities.ni.dll
MOD - [2013/04/14 03:10:06 | 001,078,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\8e092d89921648308ac103bb08bfd370\System.IdentityModel.ni.dll
MOD - [2013/04/14 03:10:05 | 018,080,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\e464dc608a88955a0edccba917d207de\System.ServiceModel.ni.dll
MOD - [2013/04/14 03:09:42 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\cbb7db665b3ba25a931258eb702527f5\System.Xaml.ni.dll
MOD - [2013/04/14 03:09:35 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\22c60ca3c2b18e041ebff2578c90cba3\System.Runtime.DurableInstancing.ni.dll
MOD - [2013/04/14 03:09:34 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\48ee0e1de873152ec7e85d7456c1cc09\System.Runtime.Serialization.ni.dll
MOD - [2013/04/14 03:09:34 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\62d047ff6c2865139d95eb19545b1cc6\SMDiagnostics.ni.dll
MOD - [2013/04/14 03:03:44 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\08fca556cf3fe582233fa080cdbec8f1\System.Windows.Forms.ni.dll
MOD - [2013/04/14 03:03:36 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b83993cc955262507c8ead67567c8060\System.Drawing.ni.dll
MOD - [2013/04/14 03:02:51 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d884c684ee3f738a60e3c50dd5d88caa\System.Xml.ni.dll
MOD - [2013/04/14 03:02:46 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\cb72ac8478a5ea7e2d570bb710ecb1c1\System.Configuration.ni.dll
MOD - [2013/04/14 03:02:44 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\08bebcf66ad666dfdf2a4a934d79c0f9\System.Core.ni.dll
MOD - [2013/04/14 03:02:37 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\df418085cedae9fa2efee87e20a419a4\System.ni.dll
MOD - [2013/04/14 03:02:30 | 014,413,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\60c214b6ad5691e368a16ec65d127c27\mscorlib.ni.dll
MOD - [2013/04/09 09:57:07 | 000,390,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll
MOD - [2013/04/09 09:57:06 | 013,130,704 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
MOD - [2013/04/09 09:57:05 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013/04/09 09:56:15 | 000,598,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libglesv2.dll
MOD - [2013/04/09 09:56:14 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libegl.dll
MOD - [2013/04/09 09:56:13 | 001,606,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2012/08/30 23:24:20 | 007,422,392 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\qtgui4.dll
MOD - [2012/08/30 23:24:18 | 001,270,200 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\qtscript4.dll
MOD - [2012/08/30 23:24:18 | 000,192,952 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\qtsql4.dll
MOD - [2012/08/30 23:24:16 | 002,453,944 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\qtdeclarative4.dll
MOD - [2012/08/30 23:24:16 | 002,126,264 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\qtcore4.dll
MOD - [2012/08/30 23:24:16 | 000,795,064 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\qtnetwork4.dll
MOD - [2012/08/30 23:23:02 | 000,459,192 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\dblite.dll
MOD - [2011/09/05 20:36:52 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\imageformats\qgif4.dll
MOD - [2011/09/05 20:36:50 | 000,180,224 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\imageformats\qjpeg4.dll
MOD - [2011/05/20 12:13:04 | 000,206,216 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
MOD - [2011/05/20 12:13:04 | 000,169,352 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
MOD - [2011/04/24 02:29:56 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
MOD - [2010/01/28 14:35:24 | 000,194,560 | ---- | M] () -- C:\Program Files (x86)\3 Mobile Broadband\3Connect\SocketMgr.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/03/22 08:38:32 | 000,015,344 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV:64bit: - [2013/01/24 23:43:06 | 003,724,472 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2013/01/24 23:42:44 | 000,158,928 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
SRV:64bit: - [2012/04/05 16:48:02 | 000,255,376 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV:64bit: - [2010/09/23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/09/08 11:42:42 | 000,288,256 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/04/14 15:11:39 | 000,024,576 | ---- | M] (Realtek Semiconductor.) [Auto | Stopped] -- C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe -- (SetupARService)
SRV - [2013/03/28 11:52:10 | 002,074,768 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2013/03/19 22:26:44 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/02/28 19:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/01/30 22:33:05 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/01/24 17:30:10 | 002,615,368 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe -- (CCDMonitorService)
SRV - [2012/12/19 09:01:24 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe -- (CLPSLauncher)
SRV - [2012/11/26 14:21:38 | 001,851,088 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe -- (GeekBuddyRSP)
SRV - [2012/09/07 22:06:26 | 002,464,400 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012/08/30 23:26:56 | 000,202,328 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe -- (AVP)
SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/07/01 03:51:12 | 000,353,360 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2011/05/26 07:40:48 | 000,029,696 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2011/04/24 02:29:20 | 000,256,832 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2011/04/02 22:09:38 | 000,173,424 | ---- | M] (Egis Technology Inc. ) [Auto | Running] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/09/08 11:45:10 | 001,034,752 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2010/09/08 11:44:42 | 000,485,376 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2010/06/01 23:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 05:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/18 05:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/01/28 14:47:44 | 001,737,464 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe -- (BecHelperService)
SRV - [2009/12/21 18:34:38 | 000,743,992 | ---- | M] (Infowatch) [Auto | Running] -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe -- (CSObjectsSrv)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/03/22 08:38:18 | 000,678,384 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2013/03/22 08:38:18 | 000,028,656 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2013/02/19 13:44:10 | 012,312,928 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/02/04 19:40:34 | 000,009,216 | ---- | M] (SpeedJet Technology INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SjtWinIo.sys -- (SjtWinIo)
DRV:64bit: - [2013/01/31 17:28:09 | 000,636,760 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2013/01/16 20:51:44 | 000,023,176 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd)
DRV:64bit: - [2012/11/26 21:18:00 | 002,811,904 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2012/10/16 02:09:30 | 000,435,512 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2012/08/29 18:48:16 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2012/08/23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/10 17:39:56 | 000,315,280 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/26 16:06:04 | 000,062,776 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2011/10/26 16:06:04 | 000,022,648 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2011/10/26 16:06:04 | 000,020,520 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2011/10/20 12:48:00 | 000,458,032 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2011/10/20 12:48:00 | 000,013,616 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/10 19:36:24 | 000,029,488 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2011/03/10 05:01:45 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2011/03/10 05:01:45 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/04/13 10:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/03/25 10:08:46 | 000,120,704 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2010/03/24 13:58:36 | 000,249,856 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2010/03/20 11:56:56 | 000,114,560 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev)
DRV:64bit: - [2010/02/27 00:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/12/14 13:44:24 | 000,085,048 | ---- | M] (Infowatch) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\CSCrySec.sys -- (CSCrySec)
DRV:64bit: - [2009/12/14 13:44:24 | 000,066,104 | ---- | M] (Infowatch) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys -- (CSVirtualDiskDrv)
DRV:64bit: - [2009/11/02 21:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009/09/17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013/03/17 12:53:12 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2010/01/28 14:35:24 | 000,010,240 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\mdvrmng.sys -- (mdvrmng)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.atcomet.com/m/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://uk.search.yah...}&fr=chr-comodo
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Stuart\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\[email protected] [2013/01/31 17:29:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\[email protected] [2013/01/31 17:29:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\[email protected] [2013/01/31 17:28:24 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://uk.yahoo.com?fr=fpc-comodo
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Stuart\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.131.2_0\McChPlg.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: Google Docs = C:\Users\Stuart\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Stuart\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Search = C:\Users\Stuart\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Kaspersky URL Advisor = C:\Users\Stuart\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.2.733_0\
CHR - Extension: Virtual Keyboard = C:\Users\Stuart\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.2.733_0\
CHR - Extension: Skype Click to Call = C:\Users\Stuart\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.7.0.12055_0\
CHR - Extension: Anti-Banner = C:\Users\Stuart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.2.733_0\

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (VirtualDJ Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll (Kaspersky Lab ZAO)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (VirtualDJ Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe (COMODO)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [gbrspcontrol] C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKCU..\Run: [BitComet] "C:\Program Files (x86)\BitComet\BitComet.exe" /tray File not found
O4 - HKCU..\Run: [Facebook Update] C:\Users\Stuart\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4:64bit: - HKLM..\RunOnce: [WinSat] winsat dwm -xml results.xml File not found
O4 - HKLM..\RunOnce: [RealtekHDAUpgrade] RealtekHDAUpgrade File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ie_banner_deny.htm ()
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ie_banner_deny.htm ()
O9:64bit: - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll (Kaspersky Lab ZAO)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2BC020BE-1307-46AD-A978-50F72B5F4FCC}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88B9891D-1132-4A77-8E9D-9ADDC4240E3D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8B38B534-E006-4977-9CB3-EA96BDB19D19}: NameServer = 217.171.132.1 217.171.132.1
O18:64bit: - Protocol\Handler\belarc - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/12/03 15:48:35 | 000,000,085 | RH-- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{0592b138-6bc1-11e2-8356-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0592b138-6bc1-11e2-8356-806e6f6e6963}\Shell\AutoRun\command - "" = D:\start.exe -- [2012/11/06 14:46:26 | 000,727,488 | R--- | M] ()
O33 - MountPoints2\{1baf0ddd-6b24-11e2-ab5d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1baf0ddd-6b24-11e2-ab5d-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.exe
O33 - MountPoints2\{3590b9d9-753d-11e2-aedb-001e101f57d0}\Shell - "" = AutoRun
O33 - MountPoints2\{3590b9d9-753d-11e2-aedb-001e101f57d0}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{40f3ebd9-7aa5-11e2-a381-001e101f21c1}\Shell - "" = AutoRun
O33 - MountPoints2\{40f3ebd9-7aa5-11e2-a381-001e101f21c1}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{430473fa-705b-11e2-a4bc-dc0ea11be57b}\Shell - "" = AutoRun
O33 - MountPoints2\{430473fa-705b-11e2-a4bc-dc0ea11be57b}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{5585d3ff-a468-11e2-b25a-001e101f9843}\Shell - "" = AutoRun
O33 - MountPoints2\{5585d3ff-a468-11e2-b25a-001e101f9843}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{868e8674-6f97-11e2-8d1f-dc0ea11be57b}\Shell - "" = AutoRun
O33 - MountPoints2\{868e8674-6f97-11e2-8d1f-dc0ea11be57b}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{868e8689-6f97-11e2-8d1f-dc0ea11be57b}\Shell - "" = AutoRun
O33 - MountPoints2\{868e8689-6f97-11e2-8d1f-dc0ea11be57b}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{9fa5a2c3-76d5-11e2-ac3d-001e101fb45e}\Shell - "" = AutoRun
O33 - MountPoints2\{9fa5a2c3-76d5-11e2-ac3d-001e101fb45e}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/04/14 15:15:11 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2013/04/14 15:13:22 | 000,000,000 | ---D | C] -- C:\Users\Stuart\Intel
[2013/04/14 03:00:32 | 000,000,000 | ---D | C] -- C:\fdbd9f1cadb8e9b7ed3c2b3ce520
[2013/04/14 00:02:47 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2013/04/13 23:56:44 | 000,000,000 | ---D | C] -- C:\Intel
[2013/04/13 23:26:56 | 001,001,472 | ---- | C] (DiBcom SA) -- C:\Windows\SysNative\drivers\mod7700.sys
[2013/04/13 23:26:56 | 000,249,856 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbnet.sys
[2013/04/13 23:26:56 | 000,120,704 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys
[2013/04/13 23:26:56 | 000,114,560 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbdev.sys
[2013/04/13 23:26:56 | 000,032,768 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\SysNative\drivers\ewdcsc.sys
[2013/04/13 23:26:56 | 000,013,952 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys
[2013/04/12 03:01:28 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/04/12 03:01:28 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/04/12 03:01:27 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/04/12 03:01:26 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/04/12 03:01:26 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/04/12 03:01:26 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/04/12 03:01:26 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/04/12 03:01:26 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/04/12 03:01:26 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/04/12 03:01:26 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/04/12 03:01:26 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/04/12 03:01:26 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/04/12 03:01:24 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/04/12 03:01:24 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/04/12 03:01:23 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/04/11 23:02:37 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013/04/11 23:02:37 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013/04/11 23:02:36 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013/04/11 23:02:36 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013/04/11 23:02:36 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013/04/11 23:02:36 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013/04/11 23:02:27 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/04/11 23:02:26 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/04/11 23:02:26 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/04/11 23:02:26 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013/04/11 23:02:26 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013/04/11 23:02:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013/04/06 16:12:10 | 000,000,000 | ---D | C] -- C:\Users\Stuart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torchlight 2
[2013/04/06 16:12:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Torchlight 2
[2013/04/06 16:08:34 | 000,000,000 | ---D | C] -- C:\Users\Stuart\Documents\My Games
[2013/04/05 19:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN Watchdog
[2013/04/05 19:05:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Anonyproz Ltd
[2013/04/05 19:04:18 | 000,000,000 | ---D | C] -- C:\Users\Stuart\AppData\Local\EgisTec
[2013/03/27 16:10:49 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/03/27 16:10:33 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/03/27 16:10:33 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/03/27 16:10:33 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/03/27 16:10:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013/03/24 01:22:07 | 000,000,000 | ---D | C] -- C:\Users\Stuart\Documents\Fireglow Games
[2013/03/24 01:12:52 | 000,000,000 | ---D | C] -- C:\Downloads
[2013/03/22 22:11:01 | 000,000,000 | ---D | C] -- C:\Users\Stuart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual DJ
[2013/03/22 22:11:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual DJ
[2013/03/22 20:55:28 | 000,000,000 | ---D | C] -- C:\Firefox
[2013/03/22 20:55:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2013/03/22 20:54:54 | 000,000,000 | ---D | C] -- C:\Users\Stuart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
[2013/03/22 20:54:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDJ
[2013/03/22 20:54:51 | 000,000,000 | ---D | C] -- C:\Users\Stuart\Documents\VirtualDJ
[2013/03/22 08:38:18 | 000,678,384 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorA.sys
[2013/03/22 08:38:18 | 000,028,656 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorF.sys
[2013/03/20 05:02:57 | 000,000,000 | ---D | C] -- C:\Users\Stuart\AppData\Local\Facebook
[2013/03/17 12:53:12 | 000,021,712 | ---- | C] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
[2013/03/17 12:53:12 | 000,000,000 | ---D | C] -- C:\Users\Stuart\AppData\Local\eSupport.com
[2013/03/17 01:27:06 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013/03/17 01:27:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/03/17 01:27:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[8 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/04/15 01:08:06 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-502545572-1131743726-992450891-1000UA.job
[2013/04/14 04:08:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-502545572-1131743726-992450891-1000Core.job
[2013/04/13 23:32:36 | 000,746,462 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/04/13 23:32:36 | 000,638,506 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/04/13 23:32:36 | 000,119,514 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/04/13 23:32:23 | 000,024,400 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/13 23:32:23 | 000,024,400 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/13 19:31:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/13 19:31:28 | 277,901,311 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/12 03:23:16 | 000,291,600 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/04/11 17:56:06 | 000,002,187 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/04/05 19:06:00 | 000,002,117 | ---- | M] () -- C:\Users\Public\Desktop\OpenVPN Watchdog.lnk
[2013/04/01 14:02:18 | 000,056,072 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll
[2013/04/01 14:02:18 | 000,047,368 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll
[2013/04/01 01:58:52 | 514,288,810 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/03/27 16:10:27 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013/03/27 16:10:27 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013/03/27 16:10:27 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/03/27 16:10:27 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/03/27 16:10:27 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/03/27 16:10:27 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/03/24 01:21:46 | 000,001,225 | ---- | M] () -- C:\Users\Stuart\Desktop\Sudden Strike Crimea.lnk
[2013/03/22 22:11:56 | 000,000,822 | ---- | M] () -- C:\Users\Stuart\Desktop\Virtual DJ Pro.lnk
[2013/03/22 20:54:57 | 000,001,050 | ---- | M] () -- C:\Users\Stuart\Desktop\VirtualDJ Home FREE.lnk
[2013/03/22 08:38:18 | 000,678,384 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorA.sys
[2013/03/22 08:38:18 | 000,028,656 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStorF.sys
[2013/03/19 07:04:06 | 005,550,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/03/19 06:46:56 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013/03/19 06:04:13 | 003,968,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/03/19 06:04:10 | 003,913,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/03/19 05:47:50 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013/03/19 04:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013/03/17 12:53:13 | 000,001,062 | ---- | M] () -- C:\Users\Stuart\Desktop\BiosAgent Plus.lnk
[2013/03/17 12:53:12 | 000,021,712 | ---- | M] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
[8 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/04/05 19:06:00 | 000,002,117 | ---- | C] () -- C:\Users\Public\Desktop\OpenVPN Watchdog.lnk
[2013/03/24 01:21:46 | 000,001,225 | ---- | C] () -- C:\Users\Stuart\Desktop\Sudden Strike Crimea.lnk
[2013/03/22 22:11:56 | 000,000,822 | ---- | C] () -- C:\Users\Stuart\Desktop\Virtual DJ Pro.lnk
[2013/03/22 20:54:57 | 000,001,050 | ---- | C] () -- C:\Users\Stuart\Desktop\VirtualDJ Home FREE.lnk
[2013/03/20 05:03:09 | 000,000,932 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-502545572-1131743726-992450891-1000UA.job
[2013/03/20 05:03:08 | 000,000,910 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-502545572-1131743726-992450891-1000Core.job
[2013/03/17 12:53:13 | 000,001,062 | ---- | C] () -- C:\Users\Stuart\Desktop\BiosAgent Plus.lnk
[2013/02/19 13:43:58 | 013,913,600 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2013/02/09 20:45:00 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013/02/08 02:28:33 | 000,000,190 | ---- | C] () -- C:\Windows\wininit.ini
[2013/02/06 13:36:19 | 000,758,018 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013/02/06 13:36:19 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013/02/05 21:09:08 | 000,071,259 | ---- | C] () -- C:\Windows\Huawei ModemsUninstall.exe
[2013/02/05 21:08:58 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\drivers\mdvrmng.sys
[2013/01/31 17:31:17 | 000,017,408 | ---- | C] () -- C:\Users\Stuart\AppData\Local\WebpageIcons.db
[2013/01/30 23:34:23 | 000,723,668 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/01/30 23:20:18 | 000,000,017 | ---- | C] () -- C:\Users\Stuart\AppData\Local\resmon.resmoncfg
[2012/01/10 15:27:26 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2012/01/10 15:27:26 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2012/01/10 15:27:26 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
  • 0

Advertisements


#2
1972vet

1972vet

    Trusted Helper

  • Malware Removal
  • 99 posts
There may be more, but what glares at me on first glance are two problems:
1) Installation of p2p software
2) Multiple antivirus programs installed running real time protection

Tell us...what issues are you having (besides the huge slowdown and the occasional system crash)?
  • 0

#3
StueyF33

StueyF33

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Truthly im no expert but take advice well, If i have multiple real time protection running then im very unaware of that, Is there a way to correct this?
  • 0

#4
1972vet

1972vet

    Trusted Helper

  • Malware Removal
  • 99 posts
What you should do is decide which of these to keep, and uninstall the other:
Kaspersky
Comodo

...and you should uninstall the p2p program(s). You still haven't said what issues you are experiencing.
  • 0

#5
1972vet

1972vet

    Trusted Helper

  • Malware Removal
  • 99 posts
Due to lack of response, this topic will now be closed to prevent others from posting here. If you need continued support, please begin a new thread, and provide a link to this topic. This applies only to the original topic starter.

Other members who need assistance please start your own topic in a new thread. Thanks!

The fixes and advice in this thread are for this machine only. Do not apply the instructions from this thread to your own machine. Please start a new thread describing your issue and someone will be along to assist you.
  • 0

#6
1972vet

1972vet

    Trusted Helper

  • Malware Removal
  • 99 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP