OTL Extras logfile created on: 6/2/2013 10:24:17 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Computer\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.87 Gb Total Physical Memory | 1.49 Gb Available Physical Memory | 51.80% Memory free
5.75 Gb Paging File | 3.88 Gb Available in Paging File | 67.56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.73 Gb Total Space | 183.36 Gb Free Space | 63.95% Space Free | Partition Type: NTFS
Drive D: | 11.26 Gb Total Space | 1.55 Gb Free Space | 13.74% Space Free | Partition Type: NTFS
Computer Name: COMPUTER-PC | User Name: Computer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1616691C-42B0-4B5D-BE9D-A50BC2AA88B5}" = rport=139 | protocol=6 | dir=out | app=system |
"{20435B27-E906-40DE-8521-5CADA1B48340}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{228F9CD5-6D04-405C-91BD-ACCFA095E8E2}" = lport=445 | protocol=6 | dir=in | app=system |
"{2EC7B26E-1346-43A6-B4C0-D1CF7A46C586}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3123FA88-9CA3-4CD4-B29E-3066F1A59887}" = rport=138 | protocol=17 | dir=out | app=system |
"{3453AAA6-D327-454F-B232-F4B34B727A78}" = lport=137 | protocol=17 | dir=in | app=system |
"{38B85D40-168A-4FEC-A25C-74A200B11196}" = lport=138 | protocol=17 | dir=in | app=system |
"{3FB1C05C-40DB-49EF-8450-FD97F0471CB5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{47ED249A-1B33-44B5-A853-5283C95FBD32}" = rport=137 | protocol=17 | dir=out | app=system |
"{48A6B900-5E9A-447C-98DC-8E3C4ACC2625}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{56278329-44B2-4C6B-A6A6-55A55BC6FF17}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{578813E6-BB07-4780-9662-759507CD854A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6F598156-8870-4082-A843-0A0E9C6D6354}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{8C6776F0-2018-497A-B6B4-6026577C6B13}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9672CEB8-096D-4B79-8DA0-8200A223963D}" = rport=445 | protocol=6 | dir=out | app=system |
"{A8C88D50-9CC5-4407-85B8-F66C2B3EA149}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BB46C2B6-FA55-4EE8-9601-5FC294C5408B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C0276AE3-98D7-45DB-AAE4-27BDDD315473}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DD843F0A-F9A7-4FDE-9CE8-B9E4D8D61736}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E5821FA7-291A-4542-BBDF-08A2139ECD5E}" = lport=139 | protocol=6 | dir=in | app=system |
"{E64CEE2E-3F45-4B1C-944A-F4909EBB1AB1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F29AD1D9-4426-45BC-93B9-6D207248DE3B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F683310C-3AD0-4581-9538-F3C3C74F991F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F85A0D02-6DA5-4694-AF1D-475A10017234}" = lport=10243 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{004D0018-C1AB-41EC-9845-48CDBBECC580}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{00516A98-BBB2-4EFD-ACB2-2E5A794675F7}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{011F006C-90E5-4DCB-96B8-4E237B0F2C55}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{03E9708D-EA33-4457-B2E5-4B30136FF306}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{03F49ED1-EA78-4D8C-B8F7-3D6B812DE2D8}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{065137A4-09C9-4FDE-A949-470BD0A9AC3C}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{13EBACDB-2FCC-4935-838A-B8D08E01494F}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{158FF4AC-A677-4B3D-BF4B-72FCC8D5BA74}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{192BAE89-3715-4156-9E5D-B21E4D2AE93F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{24B80B77-844C-452E-9B11-6FD5E1CDC30C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2903F068-6801-419F-83A1-7C35A74D8EA0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2996E274-D547-4C02-9F73-4A47F57451CC}" = protocol=17 | dir=in | app=c:\program files\goforfiles\goforfiles.exe |
"{29B14869-D066-4B5A-9417-78771B213D66}" = protocol=17 | dir=in | app=c:\program files\goforfiles\goforfilesdl.exe |
"{2DD57C2E-6B7F-4001-A2E0-E3916CA01F0D}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{2F2D702F-A010-45E0-ABF2-898DA59FBE73}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{3B86D229-D7E0-4B76-959A-86AB341ECA84}" = protocol=1 | dir=out | [email protected],-28544 |
"{3F7D21ED-FB00-41BB-8389-43DD6BDD20E4}" = protocol=6 | dir=in | app=c:\users\dean\appdata\roaming\dropbox\bin\dropbox.exe |
"{41733DAE-7C69-4B5F-B1FF-754636B1947B}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{41D3965B-08E7-46B8-9DB8-0AC76B0FD2FE}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{4483AFAA-B023-4446-BACE-D6F04BD1D966}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{496FECD1-EAD9-40C6-A0BE-3EE04B7CF5E6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4AF7EC42-3645-48C5-8653-F6BCFB9C6921}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{55150C3D-207A-466E-B0CF-0945774E9353}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{597605F0-45B8-479E-9ADB-F632DD02CA93}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5BD003A5-4E04-4F03-966B-F3F22CE4A744}" = protocol=58 | dir=out | [email protected],-28546 |
"{5BE4A9A9-AB60-4ED3-94A8-A3FDA19E9835}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{6A8D4ECE-4244-47D1-9E33-974A04B49F82}" = protocol=6 | dir=in | app=c:\program files\adawaretb\dtuser.exe |
"{6EAA3046-14B0-46FB-9A1D-48CB18F4544E}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{74BA126D-E190-4F54-9C35-E94FE9627C28}" = protocol=1 | dir=in | [email protected],-28543 |
"{7F3FB200-7FD9-46D6-A51D-3E068CD5ED42}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{84A7EC73-E11C-48FF-BABB-192526AED1D1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{88BFF825-1B1F-4111-9114-58270B0A4AF9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{915B3B48-6B0A-4660-9A75-2961585FAA77}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{992EF86A-1BBA-4802-B54F-D6326A8E2723}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9ED519F9-08E1-4DEE-8B0F-B586BB9B597F}" = protocol=17 | dir=in | app=c:\program files\adawaretb\dtuser.exe |
"{A4F9EDB8-547A-43A3-A4A7-046AABCDBE52}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{ABAD32E5-B77D-4D76-9798-DA5901EABF91}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{BDB9B0DE-B303-4D20-B67F-537F2466312A}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{C0BA934C-C926-4B6B-9419-E7529382FAA4}" = protocol=17 | dir=in | app=c:\users\dean\appdata\roaming\dropbox\bin\dropbox.exe |
"{CAF20F82-4A40-4778-BF55-B7780072A1D7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CF4729F5-B53D-4A96-8AD8-53D250C3AD32}" = protocol=6 | dir=in | app=c:\program files\goforfiles\goforfiles.exe |
"{D11C275D-4A44-4213-9A98-AE8D00C35790}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DB3B76DE-FE52-48BA-97F9-F3136697F7D8}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{E25298A0-4D4C-40A6-AF00-5DDBB6DB72BA}" = protocol=6 | dir=out | app=system |
"{EA19AD2B-802B-4E5D-9649-0E99D04ECE5B}" = protocol=6 | dir=in | app=c:\program files\goforfiles\goforfilesdl.exe |
"{F641C0D6-2815-4D4B-855A-D32F3107637B}" = protocol=58 | dir=in | [email protected],-28545 |
"{FF2F7075-4B28-4FF4-84AE-8286EA77023E}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"TCP Query User{28240F47-6E93-4E96-AB09-59AB067EECA3}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{4E2CAB9F-14D0-4266-A4A9-AA0D06FCCCA4}C:\users\dean\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\dean\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{818CC4CF-94AD-4AFF-A279-0B04A6A92BB8}C:\users\computer\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\computer\appdata\local\akamai\netsession_win.exe |
"TCP Query User{A34920C7-854E-4EC7-BAA7-D65A333505F7}C:\users\chris\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\chris\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{B3DDEB49-3B25-4003-B2AD-08076DE31F52}C:\users\dean\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\dean\appdata\local\akamai\netsession_win.exe |
"TCP Query User{CB7E5442-40A4-42F1-B09F-4D02B3E8F05D}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{D1135454-008A-4E57-9E5B-47C1CF5D0FFC}C:\users\dean\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\dean\appdata\local\akamai\netsession_win.exe |
"UDP Query User{2ADA8EE4-14F1-482F-8ABC-413095CD245E}C:\users\chris\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\chris\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{363843DB-A07E-443E-AD64-20168049BB86}C:\users\computer\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\computer\appdata\local\akamai\netsession_win.exe |
"UDP Query User{5243742B-92A3-40CC-BBCA-3190CF3CFBE1}C:\users\dean\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\dean\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{5AA4EDE1-B6ED-42C4-98CB-514D170966BB}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{ACCB7545-A4E4-4CCD-A3F4-E3DBAD032A6F}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{D4115764-CB33-42DE-8330-00D6E4DF0FC5}C:\users\dean\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\dean\appdata\local\akamai\netsession_win.exe |
"UDP Query User{E9EF89F0-FA36-488E-B7E6-0FD54C01A8FB}C:\users\dean\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\dean\appdata\local\akamai\netsession_win.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}" = Quicken 2012
"{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}" = iSEEK AnswerWorks English Runtime
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216037FF}" = Java 6 Update 37
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_PRJPRO_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_VISPRO_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_PRJPRO_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_VISPRO_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PRJPRO_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}_VISPRO_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2007
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}" = Microsoft Office Visio 2007 Service Pack 3 (SP3)
"{90120000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2007
"{90120000-0054-0409-0000-0000000FF1CE}_VISPRO_{7DA87C7E-E8A7-473E-ADFF-1B6BECCCADA7}" = Microsoft Office Visio 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}_PRJPRO_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}_VISPRO_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2007
"{90120000-00B4-0409-0000-0000000FF1CE}_PRJPRO_{F3CD3F3F-726C-4414-A1FE-5CD0968313EA}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}_PRJPRO_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}_VISPRO_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.7)
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{E3D98871-36D1-492B-95B4-AB8BC64E1E4C}" = ACER ICONIA TAB Driver Installation
"{F075020E-43B2-4F2C-9723-C81CE162E7B6}" = Ad-Aware Antivirus
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"55A28800-614C-47F2-A956-9D85A4E10922_is1" = Shin Megami Tensei Imagine
"adawaretb" = Ad-Aware Security Add-on
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"BitTorrent" = BitTorrent
"BitTorrentBar2 Toolbar" = BitTorrentBar2 Toolbar
"CCleaner" = CCleaner
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Calendar Sync" = Google Calendar Sync
"Google Chrome" = Google Chrome
"InstallShield_{E3D98871-36D1-492B-95B4-AB8BC64E1E4C}" = ACER ICONIA TAB Driver Installation
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"MediaHuman YouTube to MP3 Converter_is1" = MediaHuman YouTube to MP3 Converter version 2.4.5
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 21.0 (x86 en-US)" = Mozilla Firefox 21.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Pivot Stickfigure Animator_is1" = Pivot Stickfigure Animator version 2.2.7
"Pretty Good Solitaire_is1" = Pretty Good Solitaire version 12.1.0
"PRJPRO" = Microsoft Office Project Professional 2007
"Shin Megami Tensei - Imagine Online" = Shin Megami Tensei - Imagine Online
"Steam App 440" = Team Fortress 2
"Sumotori Dreams" = Sumotori Dreams
"VISPRO" = Microsoft Office Visio Professional 2007
"WinAVI All in One Converter" = WinAVI All in One Converter
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 5/27/2013 8:40:47 AM | Computer Name = Computer-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\Acer Inc\acer
iconia tab\Win7\ADB\x64\dpinst.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 5/27/2013 10:52:29 AM | Computer Name = Computer-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\Acer Inc\acer
iconia tab\Win7\ADB\x64\dpinst.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 5/27/2013 3:48:48 PM | Computer Name = Computer-PC | Source = Application Hang | ID = 1002
Description = The program Steam.exe version 1.74.87.19 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: a4c Start
Time: 01ce5acb19777860 Termination Time: 83 Application Path: C:\Program Files\Steam\Steam.exe
Report
Id: 62ef0921-c706-11e2-8674-00248c9d2640
Error - 5/27/2013 3:49:23 PM | Computer Name = Computer-PC | Source = Application Hang | ID = 1002
Description = The program Steam.exe version 1.74.87.19 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: c18 Start
Time: 01ce5b1335f8ef80 Termination Time: 141 Application Path: C:\Program Files\Steam\Steam.exe
Report
Id: 84b95d81-c706-11e2-8674-00248c9d2640
Error - 5/27/2013 3:52:14 PM | Computer Name = Computer-PC | Source = Application Hang | ID = 1002
Description = The program Steam.exe version 1.74.87.19 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 166c Start
Time: 01ce5b138874a0b0 Termination Time: 0 Application Path: C:\Program Files\Steam\Steam.exe
Report
Id: e6643411-c706-11e2-8674-00248c9d2640
Error - 5/28/2013 6:08:25 PM | Computer Name = Computer-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\Acer Inc\acer
iconia tab\Win7\ADB\x64\dpinst.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 5/28/2013 9:40:05 PM | Computer Name = Computer-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\Acer Inc\acer
iconia tab\Win7\ADB\x64\dpinst.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 5/30/2013 6:36:06 PM | Computer Name = Computer-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\Acer Inc\acer
iconia tab\Win7\ADB\x64\dpinst.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 5/30/2013 8:13:37 PM | Computer Name = Computer-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\Acer Inc\acer
iconia tab\Win7\ADB\x64\dpinst.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 5/31/2013 9:22:00 PM | Computer Name = Computer-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\Acer Inc\acer
iconia tab\Win7\ADB\x64\dpinst.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
[ Media Center Events ]
Error - 12/21/2011 3:24:27 PM | Computer Name = Computer-PC | Source = MCUpdate | ID = 0
Description = 2:24:27 PM - Error connecting to the internet. 2:24:27 PM - Unable
to contact server..
Error - 12/23/2011 4:09:19 PM | Computer Name = Computer-PC | Source = MCUpdate | ID = 0
Description = 3:09:19 PM - Error connecting to the internet. 3:09:19 PM - Unable
to contact server..
Error - 12/23/2011 4:09:30 PM | Computer Name = Computer-PC | Source = MCUpdate | ID = 0
Description = 3:09:24 PM - Error connecting to the internet. 3:09:24 PM - Unable
to contact server..
Error - 12/28/2011 10:48:28 AM | Computer Name = Computer-PC | Source = MCUpdate | ID = 0
Description = 9:48:12 AM - Error connecting to the internet. 9:48:12 AM - Unable
to contact server..
Error - 12/28/2011 12:39:39 PM | Computer Name = Computer-PC | Source = MCUpdate | ID = 0
Description = 11:39:38 AM - Error connecting to the internet. 11:39:38 AM - Unable
to contact server..
Error - 12/28/2011 1:39:55 PM | Computer Name = Computer-PC | Source = MCUpdate | ID = 0
Description = 12:39:54 PM - Error connecting to the internet. 12:39:54 PM - Unable
to contact server..
Error - 12/28/2011 6:22:52 PM | Computer Name = Computer-PC | Source = MCUpdate | ID = 0
Description = 5:22:52 PM - Error connecting to the internet. 5:22:52 PM - Unable
to contact server..
Error - 12/28/2011 6:22:58 PM | Computer Name = Computer-PC | Source = MCUpdate | ID = 0
Description = 5:22:57 PM - Error connecting to the internet. 5:22:57 PM - Unable
to contact server..
[ OSession Events ]
Error - 11/14/2012 9:13:11 AM | Computer Name = Computer-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 91
seconds with 0 seconds of active time. This session ended with a crash.
Error - 11/14/2012 9:50:19 AM | Computer Name = Computer-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 442
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 6/1/2013 6:02:06 AM | Computer Name = Computer-PC | Source = Service Control Manager | ID = 7001
Description = The TCP/IP NetBIOS Helper service depends on the NetBT service which
failed to start because of the following error: %%2
Error - 6/1/2013 7:20:27 AM | Computer Name = Computer-PC | Source = Service Control Manager | ID = 7000
Description = The NetBT service failed to start due to the following error: %%2
Error - 6/1/2013 7:20:27 AM | Computer Name = Computer-PC | Source = Service Control Manager | ID = 7001
Description = The TCP/IP NetBIOS Helper service depends on the NetBT service which
failed to start because of the following error: %%2
Error - 6/1/2013 8:23:50 AM | Computer Name = Computer-PC | Source = DCOM | ID = 10010
Description =
Error - 6/2/2013 9:11:36 AM | Computer Name = Computer-PC | Source = Service Control Manager | ID = 7000
Description = The NetBT service failed to start due to the following error: %%2
Error - 6/2/2013 9:11:36 AM | Computer Name = Computer-PC | Source = Service Control Manager | ID = 7001
Description = The TCP/IP NetBIOS Helper service depends on the NetBT service which
failed to start because of the following error: %%2
Error - 6/2/2013 10:29:33 AM | Computer Name = Computer-PC | Source = Service Control Manager | ID = 7000
Description = The NetBT service failed to start due to the following error: %%2
Error - 6/2/2013 10:29:33 AM | Computer Name = Computer-PC | Source = Service Control Manager | ID = 7001
Description = The TCP/IP NetBIOS Helper service depends on the NetBT service which
failed to start because of the following error: %%2
Error - 6/2/2013 10:29:42 AM | Computer Name = Computer-PC | Source = Service Control Manager | ID = 7000
Description = The NetBT service failed to start due to the following error: %%2
Error - 6/2/2013 10:29:42 AM | Computer Name = Computer-PC | Source = Service Control Manager | ID = 7001
Description = The TCP/IP NetBIOS Helper service depends on the NetBT service which
failed to start because of the following error: %%2
< End of report >
OTL logfile created on: 6/2/2013 10:24:17 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Computer\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.87 Gb Total Physical Memory | 1.49 Gb Available Physical Memory | 51.80% Memory free
5.75 Gb Paging File | 3.88 Gb Available in Paging File | 67.56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.73 Gb Total Space | 183.36 Gb Free Space | 63.95% Space Free | Partition Type: NTFS
Drive D: | 11.26 Gb Total Space | 1.55 Gb Free Space | 13.74% Space Free | Partition Type: NTFS
Computer Name: COMPUTER-PC | User Name: Computer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/06/02 10:23:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Computer\Downloads\OTL.exe
PRC - [2013/05/17 22:39:29 | 003,093,624 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2013/05/16 19:27:26 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/05/16 10:59:00 | 003,830,224 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2013/05/16 10:56:34 | 001,033,688 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2013/05/16 10:56:30 | 001,817,560 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2013/05/16 09:54:56 | 000,942,504 | ---- | M] (Lavasoft) -- C:\ProgramData\Search Protection\SearchProtection.exe
PRC - [2013/05/15 13:21:32 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013/05/15 11:17:34 | 000,554,408 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2013/05/14 21:57:54 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
PRC - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/05/09 04:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2013/03/18 03:25:46 | 001,236,336 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
PRC - [2013/03/18 03:25:44 | 018,828,128 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Ad-Aware Antivirus\AdAware.exe
PRC - [2013/03/12 03:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Users\Dean\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/01/26 07:08:30 | 004,480,768 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Dean\AppData\Local\Akamai\netsession_win.exe
PRC - [2013/01/04 17:31:52 | 000,102,056 | ---- | M] (Visicom Media Inc.) -- C:\Program Files\adawaretb\ffHelper.exe
PRC - [2012/11/22 22:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/09/20 05:39:12 | 003,677,000 | ---- | M] (GFI Software) -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
PRC - [2011/04/08 08:50:02 | 000,542,264 | ---- | M] (Google) -- C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
========== Modules (No Company Name) ==========
MOD - [2013/05/16 19:27:25 | 003,128,728 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/05/16 10:55:28 | 000,161,112 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2013/05/16 10:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2013/05/16 10:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2013/05/14 21:57:53 | 016,033,160 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_202.dll
MOD - [2011/03/02 13:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - [2013/05/16 19:27:26 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/14 21:58:25 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/10 03:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/05/03 19:35:30 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/04/19 15:14:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/03/18 03:25:46 | 001,236,336 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service)
SRV - [2012/09/20 05:39:12 | 003,677,000 | ---- | M] (GFI Software) [Auto | Running] -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc)
SRV - [2011/10/19 03:01:27 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | Boot | Stopped] -- system32\drivers\szkgfs.sys -- (szkgfs)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\szkg.sys -- (szkg5)
DRV - File not found [Kernel | System | Stopped] -- System32\DRIVERS\netbt.sys -- (NetBT)
DRV - File not found [Kernel | Boot | Stopped] -- system32\drivers\is3srv.sys -- (is3srv)
DRV - [2013/05/31 08:58:50 | 000,013,560 | ---- | M] (GFI Software) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\gfibto.sys -- (gfibto)
DRV - [2013/05/09 04:59:10 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/05/09 04:59:10 | 000,368,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/05/09 04:59:10 | 000,174,664 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/05/09 04:59:10 | 000,061,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013/05/09 04:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/05/09 04:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/05/09 04:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/05/09 04:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/01/05 03:29:00 | 000,025,728 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\androidusb.sys -- (androidusb)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/07/29 00:25:02 | 000,025,112 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ivusb.sys -- (ivusb)
DRV - [2009/07/29 08:41:00 | 009,790,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/07/13 19:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/07/13 18:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AGERESoftModem)
DRV - [2009/07/13 18:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: {656461ef-40f6-4115-9ff1-bced9812ccbb} - C:\Program Files\BitTorrentBar2\prxtbBitT.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3045275
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securedsearch...F416451A89F267D
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BC DD 3A 9D 98 FD CD 01 [binary data]
IE - HKCU\..\URLSearchHook: {656461ef-40f6-4115-9ff1-bced9812ccbb} - C:\Program Files\BitTorrentBar2\prxtbBitT.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://securedsearch...q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3045275
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:21320
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: autofillForms%40blueimp.net:0.9.9.0
FF - prefs.js..extensions.enabledAddons: %7B656461ef-40f6-4115-9ff1-bced9812ccbb%7D:3.18.0.7
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1489
FF - prefs.js..extensions.enabledAddons: %7B87934c42-161d-45bc-8cef-ef18abe2a30c%7D:3.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..keyword.URL: "http://securedsearch...soft&ent=bs&q="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 54141
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Computer\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013/05/17 23:04:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/31 09:02:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/16 19:27:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/31 09:02:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/16 19:27:18 | 000,000,000 | ---D | M]
[2011/10/18 13:34:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Computer\AppData\Roaming\mozilla\Extensions
[2013/05/31 09:01:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Computer\AppData\Roaming\mozilla\Firefox\Profiles\wevy5ckh.default\extensions
[2013/05/15 15:26:57 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Computer\AppData\Roaming\mozilla\Firefox\Profiles\wevy5ckh.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013/02/12 10:46:41 | 000,000,000 | ---D | M] (BitTorrentBar2 Community Toolbar) -- C:\Users\Computer\AppData\Roaming\mozilla\Firefox\Profiles\wevy5ckh.default\extensions\{656461ef-40f6-4115-9ff1-bced9812ccbb}
[2013/05/31 09:01:47 | 000,000,000 | ---D | M] (Ad-Aware Security Add-on) -- C:\Users\Computer\AppData\Roaming\mozilla\Firefox\Profiles\wevy5ckh.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
[2012/04/15 20:07:31 | 000,000,000 | ---D | M] (TheBflix) -- C:\Users\Computer\AppData\Roaming\mozilla\Firefox\Profiles\wevy5ckh.default\extensions\[email protected]
[2012/09/25 10:27:18 | 000,005,369 | ---- | M] () (No name found) -- C:\Users\Computer\AppData\Roaming\mozilla\firefox\profiles\wevy5ckh.default\extensions\[email protected]
[2012/12/10 17:46:10 | 000,149,045 | ---- | M] () (No name found) -- C:\Users\Computer\AppData\Roaming\mozilla\firefox\profiles\wevy5ckh.default\extensions\[email protected]
[2013/01/07 14:43:21 | 000,190,000 | ---- | M] () (No name found) -- C:\Users\Computer\AppData\Roaming\mozilla\firefox\profiles\wevy5ckh.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2013/04/19 19:14:30 | 001,107,661 | ---- | M] () (No name found) -- C:\Users\Computer\AppData\Roaming\mozilla\firefox\profiles\wevy5ckh.default\extensions\{ff356687-aa08-463d-a46c-11c451824939}.xpi
[2012/04/15 20:07:18 | 000,003,915 | ---- | M] () -- C:\Users\Computer\AppData\Roaming\mozilla\firefox\profiles\wevy5ckh.default\searchplugins\sweetim.xml
[2013/05/16 19:27:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/05/16 19:27:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/05/16 19:27:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/05/16 19:27:27 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/05/17 23:04:13 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
[2011/12/15 14:53:45 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2011/03/18 14:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/03/18 14:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2013/05/13 08:12:06 | 000,000,644 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\adawaretb.xml
O1 HOSTS File: ([2013/06/01 06:26:03 | 000,447,858 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 15378 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (BitTorrentBar2 Toolbar) - {656461ef-40f6-4115-9ff1-bced9812ccbb} - C:\Program Files\BitTorrentBar2\prxtbBitT.dll (Conduit Ltd.)
O2 - BHO: (Ad-Aware Security Add-on) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (BitTorrentBar2 Toolbar) - {656461ef-40f6-4115-9ff1-bced9812ccbb} - C:\Program Files\BitTorrentBar2\prxtbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ad-Aware Security Add-on) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar2 Toolbar) - {656461EF-40F6-4115-9FF1-BCED9812CCBB} - C:\Program Files\BitTorrentBar2\prxtbBitT.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [Search Protection] C:\ProgramData\Search Protection\SearchProtection.exe (Lavasoft)
O4 - HKCU..\Run: [BitTorrent] C:\Program Files\BitTorrent\BitTorrent.exe (BitTorrent Inc.)
O4 - HKCU..\RunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f File not found
O4 - HKCU..\RunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.21.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{225B6366-C854-438B-8416-7A00E37DF294}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\Users\Computer\AppData\Roaming\94B7C\9D264.exe) - File not found
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{2070bdbf-f5b4-11e1-9748-00248c9d2640}\Shell - "" = AutoRun
O33 - MountPoints2\{2070bdbf-f5b4-11e1-9748-00248c9d2640}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/06/01 06:03:04 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\LavasoftStatistics
[2013/05/31 14:23:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Antivirus
[2013/05/31 09:02:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2013/05/31 09:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2013/05/31 09:02:25 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus
[2013/05/31 09:02:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2013/05/31 09:02:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Search Protection
[2013/05/31 09:02:05 | 000,000,000 | ---D | C] -- C:\ProgramData\blekko toolbars
[2013/05/31 09:02:05 | 000,000,000 | ---D | C] -- C:\ProgramData\adawaretb
[2013/05/31 09:02:04 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\adawarebp
[2013/05/31 09:02:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2013/05/31 09:01:55 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Cleaner
[2013/05/31 09:01:36 | 000,000,000 | ---D | C] -- C:\Program Files\adawaretb
[2013/05/31 08:58:51 | 000,013,560 | ---- | C] (GFI Software) -- C:\Windows\System32\drivers\gfibto.sys
[2013/05/31 08:58:50 | 000,044,424 | ---- | C] (GFI Software) -- C:\Windows\System32\sbbd.exe
[2013/05/31 08:58:48 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Roaming\Ad-Aware Antivirus
[2013/05/31 08:56:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/05/31 08:56:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013/05/31 08:56:01 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\Windows\System32\sdnclean.exe
[2013/05/31 08:55:48 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
[2013/05/31 08:55:24 | 000,000,000 | ---D | C] -- C:\Users\Computer\AppData\Local\Programs
[2013/05/29 16:20:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/05/29 13:43:42 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine 6.2
[2013/05/26 22:09:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2013/05/26 22:09:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013/05/26 22:09:40 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2013/05/18 12:06:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atlus Online
[2013/05/18 11:54:14 | 000,000,000 | ---D | C] -- C:\Program Files\raptr
[2013/05/18 11:54:14 | 000,000,000 | ---D | C] -- C:\Atlus Online
[2013/05/17 23:06:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sumotori Dreams Demo
[2013/05/17 22:56:10 | 000,000,000 | ---D | C] -- C:\Program Files\gravitysensation.com
[2013/05/16 19:27:16 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/05/13 15:42:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/05/13 15:42:17 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2013/05/13 15:42:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013/05/13 15:42:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013/05/11 08:48:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
========== Files - Modified Within 30 Days ==========
[2013/06/02 10:18:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1031511220-1319934591-3059643299-1002UA.job
[2013/06/02 09:57:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/02 09:38:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/02 09:23:24 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/02 09:19:57 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1031511220-1319934591-3059643299-1002Core.job
[2013/06/02 09:16:05 | 000,001,826 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2013/06/02 09:11:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/01 06:26:03 | 000,447,858 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/05/31 08:58:50 | 000,044,424 | ---- | M] (GFI Software) -- C:\Windows\System32\sbbd.exe
[2013/05/31 08:58:50 | 000,013,560 | ---- | M] (GFI Software) -- C:\Windows\System32\drivers\gfibto.sys
[2013/05/31 08:56:10 | 000,002,123 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/05/31 07:52:16 | 000,017,838 | ---- | M] () -- C:\Users\Computer\Documents\cc_20130531_075212.reg
[2013/05/30 17:38:26 | 000,002,229 | ---- | M] () -- C:\Users\Computer\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/05/29 16:20:08 | 000,002,205 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/05/27 19:58:27 | 000,018,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/27 19:58:26 | 000,018,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/27 11:11:23 | 000,623,940 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/05/27 11:11:23 | 000,106,316 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/05/26 22:09:58 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2013/05/26 21:51:36 | 2314,067,968 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/17 23:04:50 | 000,000,062 | ---- | M] () -- C:\Windows\wininit.ini
[2013/05/17 23:04:15 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/05/15 03:32:05 | 000,409,752 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/05/12 19:50:50 | 000,000,632 | RHS- | M] () -- C:\Users\Computer\ntuser.pol
[2013/05/09 04:59:10 | 000,765,736 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013/05/09 04:59:10 | 000,368,944 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013/05/09 04:59:10 | 000,174,664 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/05/09 04:59:10 | 000,061,680 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2013/05/09 04:59:10 | 000,056,080 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013/05/09 04:59:10 | 000,049,376 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/05/09 04:59:09 | 000,066,336 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013/05/09 04:59:08 | 000,029,816 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013/05/09 04:58:37 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/05/09 04:58:28 | 000,229,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
========== Files Created - No Company Name ==========
[2013/05/31 09:02:31 | 000,001,826 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2013/05/31 08:56:10 | 000,002,135 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013/05/31 08:56:10 | 000,002,123 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/05/31 07:52:13 | 000,017,838 | ---- | C] () -- C:\Users\Computer\Documents\cc_20130531_075212.reg
[2013/05/30 17:38:26 | 000,002,229 | ---- | C] () -- C:\Users\Computer\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/05/29 16:20:08 | 000,002,205 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/05/29 15:33:26 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/29 15:33:25 | 000,000,878 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/26 22:09:58 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2013/05/15 20:18:56 | 000,000,062 | ---- | C] () -- C:\Windows\wininit.ini
[2013/03/17 09:33:06 | 000,174,664 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/03/17 09:33:05 | 000,049,376 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2012/02/20 17:09:23 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011/12/07 09:48:49 | 000,004,608 | ---- | C] () -- C:\Users\Computer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/15 18:47:32 | 000,002,202 | ---- | C] () -- C:\Users\Computer\AppData\Roaming\ldr.ini
[2011/11/03 08:44:34 | 000,000,162 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/10/18 14:39:14 | 000,000,120 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2011/10/18 08:21:23 | 000,000,632 | RHS- | C] () -- C:\Users\Computer\ntuser.pol
========== ZeroAccess Check ==========
[2009/07/14 00:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 21:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2011/11/16 22:48:25 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\7CB76
[2011/11/18 09:28:10 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\94B7C
[2013/06/02 09:12:53 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\Ad-Aware Antivirus
[2013/05/31 07:49:44 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\BitTorrent
[2011/12/15 14:53:45 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\Catalina Marketing Corp
[2011/11/15 21:31:01 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\cF3pnG5aQ6W7
[2011/11/17 19:39:35 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\Goodsol
[2011/11/16 15:00:32 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\iXwjUCelIrPyA
[2011/11/16 15:00:32 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\kuvS2obF3m5Q6W8
[2011/11/15 18:47:32 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\lSS22ibD3pnG4Q6
[2011/11/15 21:31:02 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\qRL9gTXqjCkVzNx
[2011/11/15 18:47:28 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\qVVrlBtxP0yc1io
[2011/11/15 18:47:27 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\uaaaQHH6s
[2011/11/15 18:47:32 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\VWWWK77fEL9TqjC
[2011/11/17 16:03:36 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\WinAVI
[2011/10/15 17:30:18 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\WinBatch
[2011/11/16 15:10:35 | 000,000,000 | ---D | M] -- C:\Users\Computer\AppData\Roaming\xZZqqjYYCwIVrON
========== Purity Check ==========
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB30471$] -> Error: Cannot create file handle -> Unknown point type
< End of report >