Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Avast keeps stoping random website attempts [Solved]


  • This topic is locked This topic is locked

#1
HBrian

HBrian

    Member

  • Member
  • PipPip
  • 25 posts
I've been working on cleaning up a computer for a couple of days and it is a lot better than it was. Currently the only thing I see it do out of the norm is that Avast will occasionally pop up a box that says it blocked a website attempt to a malicious website when nothing is going on on the computer. Below is the OTL log. Please review and let me know if there is anything that stands out to you.


OTL logfile created on: 6/18/2013 12:07:02 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\cceac\Desktop\OTL
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 2.77 Gb Available Physical Memory | 74.00% Memory free
7.50 Gb Paging File | 6.47 Gb Available in Paging File | 86.32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 686.54 Gb Total Space | 621.47 Gb Free Space | 90.52% Space Free | Partition Type: NTFS
Drive J: | 1008.22 Mb Total Space | 50.06 Mb Free Space | 4.97% Space Free | Partition Type: FAT

Computer Name: CCEAC-PC | User Name: cceac | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/17 23:59:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\cceac\Desktop\OTL\OTL.exe
PRC - [2013/05/09 03:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/05/09 03:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/06/19 13:44:22 | 000,777,728 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
PRC - [2012/06/18 21:13:46 | 000,394,712 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
PRC - [2009/09/15 10:17:16 | 000,061,760 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\ASTSRV.EXE
PRC - [2009/08/24 13:25:30 | 000,024,576 | ---- | M] (Sage Software, Inc.) -- C:\Program Files (x86)\ACT\Act for Windows\ACT Network Sync\Act.Framework.Synchronization.Service.exe
PRC - [2009/08/24 13:25:26 | 000,413,696 | ---- | M] (Sage Software, Inc.) -- C:\Program Files (x86)\ACT\Act for Windows\ACT Network Sync\Act.Framework.Synchronization.Service.UI.exe
PRC - [2009/06/18 15:41:50 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2008/02/08 07:41:12 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe


========== Modules (No Company Name) ==========

MOD - [2013/06/14 22:34:56 | 004,232,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Act.Shared.Windows.#\fef3ba0c8c18652f749c95b0995ff1b1\Act.Shared.Windows.Forms.ni.dll
MOD - [2013/06/14 22:34:47 | 000,116,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Act.Shared.Diagnost#\51be2c48c87860d7740624b1ea008a03\Act.Shared.Diagnostics.ni.dll
MOD - [2013/06/14 22:34:35 | 001,390,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Act.Framework.Synch#\b1add39d8341324f006f3af2dcaf6629\Act.Framework.Synchronization.ni.dll
MOD - [2013/06/14 22:10:21 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\bfceac53dda4bf7ba2f5020573f80163\System.ServiceProcess.ni.dll
MOD - [2013/06/14 22:09:22 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\05682429807d34d6ff05a77ea153935f\System.Windows.Forms.ni.dll
MOD - [2013/06/14 22:09:12 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\e2ee5d77ebe0bd025e7a7a317a43d677\System.Drawing.ni.dll
MOD - [2013/06/14 22:08:44 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10aba2c167cc1119b80159fd9ac71ca8\System.Xml.ni.dll
MOD - [2013/06/14 22:08:37 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\96a3b737db1e72adaf32d2b350e50c23\System.Configuration.ni.dll
MOD - [2013/06/14 22:08:36 | 007,974,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c54750e64ba10d0fb7b6a636fb3695ca\System.ni.dll
MOD - [2013/06/14 22:08:25 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b0b8554c05f194f546a8ed531320760b\mscorlib.ni.dll
MOD - [2010/11/04 20:30:16 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Act.Shared.Win32\12.1.181.0__ebf6b2ff4d0a08aa\Act.Shared.Win32.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/05/09 03:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/16 07:38:34 | 000,077,824 | ---- | M] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) [Auto | Stopped] -- C:\Windows\SysNative\PrintCtrl.exe -- (Printer Control)
SRV:64bit: - [2009/04/19 11:34:48 | 000,625,184 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)
SRV:64bit: - [2009/04/19 11:34:48 | 000,207,904 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV:64bit: - [2007/05/25 09:42:22 | 000,034,224 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxddserv.exe -- (lxddCATSCustConnectService)
SRV:64bit: - [2007/05/25 09:42:12 | 000,567,216 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxddcoms.exe -- (lxdd_device)
SRV - [2013/06/13 23:45:33 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/11 17:26:17 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/19 22:32:20 | 001,259,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/06/19 13:44:22 | 000,777,728 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe -- (Kodak AiO Status Monitor Service)
SRV - [2012/06/18 21:13:46 | 000,394,712 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)
SRV - [2010/01/20 21:23:24 | 000,081,920 | ---- | M] (Sage Software, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\ACT\Act for Windows\Act.Scheduler.exe -- (ACT! Scheduler)
SRV - [2009/09/15 10:17:16 | 000,061,760 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\ASTSRV.EXE -- (astcc)
SRV - [2009/08/25 13:38:06 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/08/24 13:25:30 | 000,024,576 | ---- | M] (Sage Software, Inc.) [Auto | Running] -- C:\Program Files (x86)\ACT\Act for Windows\ACT Network Sync\Act.Framework.Synchronization.Service.exe -- (ACT! Network Sync Service)
SRV - [2009/06/18 15:41:50 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/02/08 07:41:12 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/05/25 09:42:22 | 000,034,224 | ---- | M] () [Auto | Running] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxddserv.exe -- (lxddCATSCustConnectService)
SRV - [2007/05/25 09:41:38 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxddcoms.exe -- (lxdd_device)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/05/09 03:59:07 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/05/09 03:59:07 | 000,378,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/05/09 03:59:07 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/05/09 03:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/05/09 03:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/05/09 03:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/05/09 03:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/05/09 03:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/03/01 01:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/30 02:15:00 | 001,254,464 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AE2500w764.sys -- (Linksys_adapter_H)
DRV:64bit: - [2011/03/11 01:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/08/12 12:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009/08/02 06:56:28 | 000,900,608 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/13 14:47:44 | 000,033,072 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\purendis.sys -- (purendis)
DRV:64bit: - [2009/05/13 14:47:42 | 000,031,536 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\pnarp.sys -- (pnarp)
DRV - [2009/10/26 02:33:39 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emac...95v1j5r4441s200
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emac...95v1j5r4441s200
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emac...95v1j5r4441s200
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emac...95v1j5r4441s200
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACEW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emac...95v1j5r4441s200
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emac...95v1j5r4441s200
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {19B9863E-515D-43AC-A8C5-77766FDD53E4}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{19B9863E-515D-43AC-A8C5-77766FDD53E4}: "URL" = http://ws.infospace....r?_iceUrl=true user_id=%userid&tool_id=60231&qkw={searchTerms}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...EW_enUS380US383
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://finance.yahoo...dgereport.com/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.3
FF - prefs.js..extensions.enabledItems: [email protected]:7.2.5
FF - prefs.js..extensions.enabledItems: [email protected]:3.8.0.100007
FF - prefs.js..extensions.enabledItems: {3ED591BC-7CC7-495B-A526-B2431356EDC1}:2.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {524B8EF8-C312-11DB-8039-536F56D89593}:3.7.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:2.4
FF - prefs.js..extensions.enabledItems: [email protected]:1.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.2.1
FF - prefs.js..extensions.enabledItems: {080955ad-b8bb-4500-806f-d2b9ad73d72e}:1.8.65


FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/06/13 23:53:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/06/14 00:07:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/06/15 21:48:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.3\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010/09/09 07:19:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2010/06/04 10:43:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\cceac\AppData\Roaming\Mozilla\Extensions
[2010/06/04 10:43:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\cceac\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013/06/14 00:10:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\cceac\AppData\Roaming\Mozilla\Firefox\Profiles\udicpczh.default\extensions
[2013/06/14 00:03:20 | 000,751,583 | ---- | M] () (No name found) -- C:\Users\cceac\AppData\Roaming\Mozilla\Firefox\Profiles\udicpczh.default\extensions\{080955ad-b8bb-4500-806f-d2b9ad73d72e}.xpi
[2010/06/22 10:24:23 | 000,001,449 | ---- | M] () -- C:\Users\cceac\AppData\Roaming\Mozilla\Firefox\Profiles\udicpczh.default\searchplugins\100-search-engines.xml
[2010/06/22 10:23:12 | 000,001,820 | ---- | M] () -- C:\Users\cceac\AppData\Roaming\Mozilla\Firefox\Profiles\udicpczh.default\searchplugins\bing.xml
[2010/06/23 13:45:21 | 000,002,131 | ---- | M] () -- C:\Users\cceac\AppData\Roaming\Mozilla\Firefox\Profiles\udicpczh.default\searchplugins\bmrk-file-host-search.xml
[2010/06/22 10:24:48 | 000,000,958 | ---- | M] () -- C:\Users\cceac\AppData\Roaming\Mozilla\Firefox\Profiles\udicpczh.default\searchplugins\facebook.xml
[2010/08/10 12:13:54 | 000,001,630 | ---- | M] () -- C:\Users\cceac\AppData\Roaming\Mozilla\Firefox\Profiles\udicpczh.default\searchplugins\gazarocom.xml
[2010/06/22 10:24:41 | 000,004,855 | ---- | M] () -- C:\Users\cceac\AppData\Roaming\Mozilla\Firefox\Profiles\udicpczh.default\searchplugins\google-images.xml
[2010/06/16 10:35:17 | 000,001,622 | ---- | M] () -- C:\Users\cceac\AppData\Roaming\Mozilla\Firefox\Profiles\udicpczh.default\searchplugins\multifilesearch.xml
[2010/07/28 13:44:36 | 000,002,139 | ---- | M] () -- C:\Users\cceac\AppData\Roaming\Mozilla\Firefox\Profiles\udicpczh.default\searchplugins\pdf-search.xml
[2010/08/10 12:13:12 | 000,008,449 | ---- | M] () -- C:\Users\cceac\AppData\Roaming\Mozilla\Firefox\Profiles\udicpczh.default\searchplugins\product-seeker-search.xml
[2010/06/16 10:35:41 | 000,001,115 | ---- | M] () -- C:\Users\cceac\AppData\Roaming\Mozilla\Firefox\Profiles\udicpczh.default\searchplugins\rapidshare-filefinder.xml
[2010/06/16 10:35:05 | 000,002,824 | ---- | M] () -- C:\Users\cceac\AppData\Roaming\Mozilla\Firefox\Profiles\udicpczh.default\searchplugins\rapidshare-files-search.xml
[2010/06/16 10:35:21 | 000,001,976 | ---- | M] () -- C:\Users\cceac\AppData\Roaming\Mozilla\Firefox\Profiles\udicpczh.default\searchplugins\rapidshare-google-arama.xml
[2010/06/22 10:27:29 | 000,002,397 | ---- | M] () -- C:\Users\cceac\AppData\Roaming\Mozilla\Firefox\Profiles\udicpczh.default\searchplugins\software-search-via-software112com.xml
[2010/06/22 10:23:49 | 000,000,705 | ---- | M] () -- C:\Users\cceac\AppData\Roaming\Mozilla\Firefox\Profiles\udicpczh.default\searchplugins\webster.xml
[2010/06/22 10:24:06 | 000,001,032 | ---- | M] () -- C:\Users\cceac\AppData\Roaming\Mozilla\Firefox\Profiles\udicpczh.default\searchplugins\wikipedia-eng.xml
[2010/06/09 13:50:08 | 000,004,140 | ---- | M] () -- C:\Users\cceac\AppData\Roaming\Mozilla\Firefox\Profiles\udicpczh.default\searchplugins\youtube.xml
[2013/06/14 00:07:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/06/14 00:07:58 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Act! Preloader] C:\Program Files (x86)\ACT\Act for Windows\ActSage.exe (Sage Software, Inc.)
O4 - HKLM..\Run: [ACTSyncServiceUI] "C:\Program Files (x86)\ACT\ACT for Windows\ACT Network Sync\Act.Framework.Synchronization.Service.UI.exe" -Dfalse File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found
O4 - HKCU..\Run: [HP Deskjet 3050A J611 series (NET)] C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files%20(x86)/Adventures%20of%20Robinson%20Crusoe/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {89CABCDA-5762-481c-8967-2FDB904FE071} http://192.168.1.99/...NetVideoOCX.cab (GENetVideoOCX Control)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files%20(x86)/Adventures%20of%20Robinson%20Crusoe/Images/armhelper.ocx (ArmHelper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.67.222.222 208.67.220.220 208.67.220.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{189A7EA4-E3E5-4BEB-805A-E0A751964664}: DhcpNameServer = 208.67.222.222 208.67.220.220 208.67.220.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2AFC4200-EDFC-4698-9CE6-E56A2AA10152}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{997361D0-885C-4BF5-BEF6-4CC52F950CEF}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C98EC102-8A88-4A53-94E4-8F8312D4F93A}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/06/18 00:03:15 | 000,000,000 | ---D | C] -- C:\Users\cceac\Desktop\Malware Removal
[2013/06/18 00:02:18 | 000,000,000 | ---D | C] -- C:\Users\cceac\Desktop\OTL
[2013/06/18 00:01:48 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/06/15 16:10:16 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/06/15 16:00:50 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013/06/15 12:10:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013/06/15 12:08:53 | 000,061,216 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013/06/15 12:08:53 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013/06/15 12:06:33 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013/06/15 00:56:34 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2013/06/15 00:56:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2013/06/14 07:11:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
[2013/06/14 06:57:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/06/14 06:55:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/06/14 06:55:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/06/13 23:55:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/06/13 23:55:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/06/13 23:55:13 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2013/06/13 23:55:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013/06/13 23:55:12 | 000,378,432 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013/06/13 23:55:09 | 000,072,016 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2013/06/13 23:55:08 | 001,025,808 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013/06/13 23:55:08 | 000,064,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2013/06/13 23:55:02 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013/06/13 23:55:01 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013/06/13 23:53:26 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/06/13 23:53:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013/06/13 23:52:55 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/06/13 23:52:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/06/13 23:49:44 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2013/06/13 23:49:33 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/06/13 23:45:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2010/07/19 09:51:13 | 021,046,160 | ---- | C] (Sage Software ) -- C:\Users\cceac\AppData\Roaming\ACT1200HotFix_SS.exe
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/06/18 00:08:08 | 000,783,328 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/06/18 00:08:08 | 000,664,734 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/06/18 00:08:08 | 000,121,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/06/18 00:04:59 | 000,002,516 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2013/06/18 00:04:54 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/18 00:04:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/18 00:04:22 | 3019,399,168 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/18 00:02:26 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/18 00:01:02 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/18 00:01:02 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/17 22:44:48 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/17 21:48:50 | 000,001,410 | ---- | M] () -- C:\Users\cceac\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/06/17 20:37:19 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/06/17 20:37:18 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/06/17 20:29:48 | 000,429,024 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/06/17 20:29:06 | 463,277,298 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/06/15 15:29:57 | 000,000,168 | RHS- | M] () -- C:\ProgramData\78E46A236E.sys
[2013/06/14 23:59:54 | 000,000,134 | ---- | M] () -- C:\Users\cceac\Desktop\Internet Explorer Troubleshooting.url
[2013/06/14 00:08:07 | 000,002,057 | ---- | M] () -- C:\Users\cceac\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/06/14 00:08:07 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/06/13 23:55:14 | 000,001,931 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/06/13 23:55:02 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013/06/13 23:31:55 | 000,001,082 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/06/17 20:37:19 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/06/17 20:37:18 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/06/16 12:56:56 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/06/16 12:55:35 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/06/14 23:59:54 | 000,000,134 | ---- | C] () -- C:\Users\cceac\Desktop\Internet Explorer Troubleshooting.url
[2013/06/13 23:55:14 | 000,001,931 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/06/13 23:55:07 | 000,189,936 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013/06/13 23:55:06 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2013/06/13 23:55:01 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2013/06/13 23:45:35 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/13 23:31:55 | 000,001,082 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/06/15 10:26:52 | 000,000,008 | RHS- | C] () -- C:\ProgramData\604A3AB463.sys
[2012/05/25 10:14:11 | 000,000,019 | ---- | C] () -- C:\Windows\popcinfo.dat
[2012/01/30 14:34:50 | 000,053,299 | R--- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2011/10/12 20:24:53 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2010/07/19 10:50:15 | 000,000,000 | ---- | C] () -- C:\Users\cceac\AppData\Roaming\wklnhst.dat
[2010/07/12 14:24:12 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010/07/12 14:24:12 | 000,000,168 | RHS- | C] () -- C:\ProgramData\78E46A236E.sys

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[2010/11/04 20:30:32 | 000,000,000 | ---D | M] -- C:\Windows\assembly\GAC_MSIL\Act.Outlook.Service.Desktop

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 20:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2010/06/10 11:19:17 | 000,000,000 | ---D | M] -- C:\Users\cceac\AppData\Roaming\5000 Series
[2010/11/04 20:30:41 | 000,000,000 | ---D | M] -- C:\Users\cceac\AppData\Roaming\ACT
[2011/04/20 11:31:52 | 000,000,000 | ---D | M] -- C:\Users\cceac\AppData\Roaming\Boomzap
[2012/05/07 07:52:08 | 000,000,000 | ---D | M] -- C:\Users\cceac\AppData\Roaming\DMCache
[2011/02/15 08:06:08 | 000,000,000 | ---D | M] -- C:\Users\cceac\AppData\Roaming\doctor
[2010/07/23 07:18:45 | 000,000,000 | ---D | M] -- C:\Users\cceac\AppData\Roaming\Downloaded Installations
[2011/02/09 12:50:24 | 000,000,000 | ---D | M] -- C:\Users\cceac\AppData\Roaming\EleFun Games
[2010/06/08 13:30:55 | 000,000,000 | ---D | M] -- C:\Users\cceac\AppData\Roaming\Foxit
[2010/06/11 07:47:46 | 000,000,000 | ---D | M] -- C:\Users\cceac\AppData\Roaming\Foxit Software
[2012/08/09 09:13:34 | 000,000,000 | ---D | M] -- C:\Users\cceac\AppData\Roaming\IDM
[2010/07/12 14:24:11 | 000,000,000 | ---D | M] -- C:\Users\cceac\AppData\Roaming\IsolatedStorage
[2011/02/03 12:48:49 | 000,000,000 | ---D | M] -- C:\Users\cceac\AppData\Roaming\Jewel Keepers Easter Island
[2010/06/04 07:37:18 | 000,000,000 | ---D | M] -- C:\Users\cceac\AppData\Roaming\JGsoft
[2010/09/30 11:37:25 | 000,000,000 | ---D | M] -- C:\Users\cceac\AppData\Roaming\Lexmark Productivity Studio
[2012/04/19 09:06:29 | 000,000,000 | ---D | M] -- C:\Users\cceac\AppData\Roaming\Nitro PDF
[2011/05/18 13:34:40 | 000,000,000 | ---D | M] -- C:\Users\cceac\AppData\Roaming\RobinsonCrusoeOM
[2011/03/31 11:59:37 | 000,000,000 | ---D | M] -- C:\Users\cceac\AppData\Roaming\SpinTop
[2011/02/09 12:45:45 | 000,000,000 | ---D | M] -- C:\Users\cceac\AppData\Roaming\Supermarket Mania 2
[2010/06/30 07:27:38 | 000,000,000 | ---D | M] -- C:\Users\cceac\AppData\Roaming\system32
[2012/04/16 14:12:52 | 000,000,000 | ---D | M] -- C:\Users\cceac\AppData\Roaming\Temp
[2011/08/16 09:21:56 | 000,000,000 | ---D | M] -- C:\Users\cceac\AppData\Roaming\Template
[2010/06/04 10:43:09 | 000,000,000 | ---D | M] -- C:\Users\cceac\AppData\Roaming\Thunderbird
[2013/06/15 19:15:00 | 000,000,000 | ---D | M] -- C:\Users\cceac\AppData\Roaming\WildTangent
[2010/10/25 11:34:51 | 000,000,000 | ---D | M] -- C:\Users\cceac\AppData\Roaming\WildTangentv1002
[2010/06/16 13:21:47 | 000,000,000 | ---D | M] -- C:\Users\cceac\AppData\Roaming\XemiComputers

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#2
HBrian

HBrian

    Member

  • Topic Starter
  • Member
  • PipPip
  • 25 posts
I have resolved this issue. Thank you.
  • 0

#3
SweetTech

SweetTech

    Sir SpamAlot

  • Retired Staff
  • 7,671 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP