Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Problems with slow computer and log in issues

Started by sdockery , Sep 07 2013 02:18 PM

  • Please log in to reply

#1
sdockery
Posted 07 September 2013 - 02:18 PM

sdockery

    Member

  • Member
  • PipPip
  • 15 posts
Some thing disabled my Microsoft Security Essentials Virus Protection and my computer is running very slow. I also cannot login to my websites from my computer neither wordpress admin nor cpanel yet Hostgator is able to login from their side so I figure it must be my computer.

Here's My OTL:

OTL logfile created on: 9/7/2013 2:35:55 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Steph\Downloads
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.23 Mb Total Physical Memory | 292.46 Mb Available Physical Memory | 28.86% Memory free
2.37 Gb Paging File | 1.31 Gb Available in Paging File | 55.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.95 Gb Total Space | 48.02 Gb Free Space | 35.06% Space Free | Partition Type: NTFS

Computer Name: STEPH-PC | User Name: Steph | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/09/07 14:33:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Steph\Downloads\OTL(1).exe
PRC - [2013/08/21 10:49:45 | 001,861,512 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
PRC - [2013/08/20 10:04:45 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/07/24 13:40:47 | 000,217,992 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
PRC - [2013/06/20 18:05:14 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/06/20 17:25:44 | 000,995,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013/05/09 03:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/05/09 03:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/01/20 09:35:47 | 000,295,072 | ---- | M] (RealNetworks, Inc.) -- c:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012/11/29 21:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012/11/22 21:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/08/13 11:57:02 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2012/08/13 11:57:02 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/10/07 02:49:50 | 001,157,640 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2009/09/30 17:47:36 | 000,703,008 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
PRC - [2009/09/30 17:47:14 | 000,727,584 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
PRC - [2009/09/30 17:46:28 | 000,469,536 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
PRC - [2009/09/10 08:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
PRC - [2009/08/28 04:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Registration\GregHSRW.exe
PRC - [2009/08/23 21:30:12 | 000,107,016 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\dsiwmis.exe
PRC - [2009/08/04 00:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
PRC - [2009/07/10 18:18:18 | 000,708,608 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe
PRC - [2009/07/10 05:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe
PRC - [2009/07/03 21:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2009/06/04 22:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 22:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/06/20 16:04:20 | 000,046,432 | ---- | M] (Microsoft® Corporation) -- C:\Program Files\Microsoft Works\WkCalRem.exe


========== Modules (No Company Name) ==========

MOD - [2013/08/21 10:49:43 | 016,166,280 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_8_800_94.dll
MOD - [2013/08/20 10:04:40 | 003,551,640 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/08/07 14:25:24 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2013/05/08 08:51:49 | 000,019,056 | ---- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\ViewerPS.dll
MOD - [2012/08/27 21:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/08/27 21:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/08/10 17:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2013/08/21 10:49:53 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/08/20 10:04:42 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/20 18:05:14 | 000,295,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/06/20 18:05:14 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/05/26 23:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/05/09 03:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/11/29 21:31:04 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2009/09/30 17:47:14 | 000,727,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2009/09/10 08:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009/08/28 04:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009/08/23 21:30:12 | 000,107,016 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2009/07/10 05:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2009/07/03 21:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2009/06/04 22:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2009/05/22 13:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\Acer Games\Acer Game Console\GameConsoleService.exe -- (GameConsoleService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Steph\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2013/09/07 14:34:52 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{18AD0F34-64D7-4110-8D0D-9214AC30181C}\MpKsl8f4e8f5f.sys -- (MpKsl8f4e8f5f)
DRV - [2013/08/18 15:38:06 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/08/18 15:38:06 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/08/18 15:38:06 | 000,175,176 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/06/18 21:50:08 | 000,107,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2013/05/09 03:59:10 | 000,061,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013/05/09 03:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/05/09 03:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/05/09 03:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/05/09 03:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/12/29 15:59:38 | 000,024,184 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\System32\speedfan.sys -- (speedfan)
DRV - [2010/11/20 05:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 05:06:36 | 000,117,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST)
DRV - [2009/11/23 02:30:06 | 000,103,296 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\EUCR6SK.sys -- (EUCR)
DRV - [2009/11/05 23:53:58 | 001,227,776 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/09/04 00:37:44 | 000,054,784 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2009/07/13 18:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 18:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/06/02 06:15:40 | 000,060,976 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV - [2009/06/02 06:15:38 | 000,016,432 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV - [2009/06/02 06:15:34 | 000,018,992 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV - [1996/04/03 14:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?...40DHP&dt=080513
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...1I7GGNI_enUS533
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{E0D25CFB-0051-47E9-8F85-2A2C84007DA4}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\5BB3A429B3744023B7F20A292791C105: "URL" = http://www.google.co...1I7GGNI_enUS533
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing "
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.selectedEngine: "Bing "
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/?...0DHP&dt=080513"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1489
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - prefs.js..keyword.URL: "http://www.bing.com/...0&dt=080513&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Steph\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Steph\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Steph\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Steph\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Steph\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/01/20 09:38:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/01/20 09:38:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/08/18 15:37:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013/06/19 10:28:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steph\AppData\Roaming\Mozilla\Extensions
[2013/05/14 23:46:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steph\AppData\Roaming\Mozilla\Firefox\Profiles\6bmd2cxl.default-1361383091021\extensions
[2013/05/14 23:46:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steph\AppData\Roaming\Mozilla\Firefox\Profiles\6bmd2cxl.default-1361383091021\extensions\[email protected]
[2013/08/05 17:39:03 | 000,002,402 | ---- | M] () -- C:\Users\Steph\AppData\Roaming\Mozilla\Firefox\Profiles\2jx1k7e6.default\searchplugins\bingp.xml
[2013/08/20 10:03:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/08/20 10:03:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/08/20 10:04:48 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/08/18 15:37:05 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://search.yahoo....r=spigot-yhp-ie
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Steph\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Steph\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Steph\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U21 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks™ RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.210.11 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpplugin.dll
CHR - Extension: SEOquake = C:\Users\Steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc\1.0.17.1_0\
CHR - Extension: Google Docs = C:\Users\Steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Make Me Fast = C:\Users\Steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\apbfphfpbpkmpeljdopikeamjjgponla\0.0.43_0\
CHR - Extension: Google Drive = C:\Users\Steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: AddThis - Share & Bookmark (new) = C:\Users\Steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde\3.0.0_0\
CHR - Extension: Google Search = C:\Users\Steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\Steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0\
CHR - Extension: We Heart It = C:\Users\Steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblenkmcolcdonmlfknbpbgjebabcoae\3.1.0_0\
CHR - Extension: Shareaholic for Google Chrome\u2122 = C:\Users\Steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmipnjdeifmobkhgogdnomkihhgojep\5.7.0_0\
CHR - Extension: YSlow = C:\Users\Steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\ninejjcohidippngpapiilnmkgllmakh\3.1.2_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\
CHR - Extension: Gmail = C:\Users\Steph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/08/15 21:38:12 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - No CLSID value found.
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files\Acer\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [mwlDaemon] C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - Startup: C:\Users\Steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wkcalrem.LNK = C:\Program Files\Microsoft Works\WkCalRem.exe (Microsoft® Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AD612608-98F2-447D-8306-503349FBF900}: NameServer = 12.69.180.11,12.69.180.12
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/09/06 22:03:52 | 000,000,000 | ---D | C] -- C:\Users\Steph\Documents\e-Sword
[2013/08/22 10:05:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-Sword
[2013/08/22 10:04:46 | 000,000,000 | ---D | C] -- C:\Program Files\e-Sword
[2013/08/22 10:04:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EzTools
[2013/08/22 10:00:56 | 000,000,000 | ---D | C] -- C:\Users\Steph\AppData\Local\Downloaded Installations
[2013/08/21 14:46:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArticleVisa Magic Article Generator
[2013/08/21 14:46:20 | 000,000,000 | ---D | C] -- C:\Program Files\ArticleVisa
[2013/08/21 14:29:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dr Essay Article Generator
[2013/08/21 14:29:54 | 000,000,000 | ---D | C] -- C:\Program Files\Dr Essay
[2013/08/21 13:34:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/08/21 08:28:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/08/21 08:27:44 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/08/21 08:27:39 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/08/21 08:27:39 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/08/21 08:21:19 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/08/21 08:07:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013/08/21 08:06:54 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2013/08/20 10:03:09 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/08/18 15:37:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013/08/18 15:37:49 | 000,369,584 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013/08/18 15:37:49 | 000,061,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2013/08/18 15:37:49 | 000,029,816 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013/08/18 15:37:48 | 000,770,344 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013/08/18 15:37:48 | 000,056,080 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013/08/18 15:37:42 | 000,066,336 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013/08/18 15:37:40 | 000,229,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013/08/18 15:36:19 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/08/18 15:35:24 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/08/18 15:30:29 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/08/16 19:01:16 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/08/16 15:25:38 | 000,000,000 | ---D | C] -- C:\Users\Steph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2013/08/16 15:25:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2013/08/16 15:25:37 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2013/08/16 14:40:12 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/08/16 14:40:10 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/08/16 14:40:10 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/08/16 14:40:09 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/08/16 14:40:08 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/08/16 14:40:06 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/08/16 14:40:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/08/16 14:40:03 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/08/15 22:02:44 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2013/08/15 21:58:27 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/08/15 21:43:45 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/08/15 21:43:37 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/08/15 21:43:37 | 000,000,000 | ---D | C] -- C:\Users\Steph\AppData\Local\temp
[2013/08/15 16:37:43 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/08/15 16:01:06 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2013/08/15 15:59:53 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/08/15 15:59:52 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/08/15 15:59:38 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2013/08/14 21:30:01 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/08/10 17:01:06 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/08/10 17:01:06 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/08/10 17:01:06 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/08/10 16:54:04 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/08/10 16:53:10 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/08/10 12:58:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT

========== Files - Modified Within 30 Days ==========

[2013/09/07 14:47:03 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/09/07 14:33:29 | 000,002,385 | ---- | M] () -- C:\Users\Steph\Documents\Make millions blogging stuff.rtf
[2013/09/07 14:15:50 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/07 14:15:13 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/07 13:43:31 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateXML_Steph.job
[2013/09/07 12:45:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/06 19:33:07 | 000,000,613 | ---- | M] () -- C:\Users\Steph\Documents\Big Content Search stuff.rtf
[2013/09/06 13:42:25 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateFiles_Steph.job
[2013/09/06 13:42:15 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Steph.job
[2013/09/06 10:23:37 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/06 10:23:37 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/06 10:16:01 | 796,831,744 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/06 10:06:21 | 000,003,057 | ---- | M] () -- C:\Users\Steph\Documents\Make Money with Meghan stuff.rtf
[2013/09/06 07:55:43 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2013/09/05 18:30:37 | 000,002,093 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/09/04 16:26:12 | 000,003,229 | ---- | M] () -- C:\Users\Steph\Documents\Easy Paycheck Formula stuff.rtf
[2013/09/04 16:22:17 | 000,001,780 | ---- | M] () -- C:\Users\Steph\Documents\Forever Affiliate stuff.rtf
[2013/09/04 13:24:24 | 000,000,143 | ---- | M] () -- C:\Users\Steph\Documents\SAHM work at home cb links.rtf
[2013/09/03 23:42:59 | 000,001,910 | ---- | M] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2013/08/31 19:18:41 | 000,001,671 | ---- | M] () -- C:\Users\Steph\Documents\Amazon Prime stuff.rtf
[2013/08/31 18:30:49 | 000,146,446 | ---- | M] () -- C:\Users\Steph\Documents\ClickbankSreenShot.jpg
[2013/08/30 18:35:44 | 000,001,518 | ---- | M] () -- C:\Users\Steph\Documents\Hostgator,paidsocialmedia,hyperfbtraf.rtf
[2013/08/30 12:18:18 | 000,001,757 | ---- | M] () -- C:\Users\Steph\Documents\Affilorama stuff.rtf
[2013/08/28 15:27:07 | 000,000,515 | ---- | M] () -- C:\Users\Steph\Documents\Christian Cinema Links n Stuff.rtf
[2013/08/24 14:31:57 | 000,009,431 | ---- | M] () -- C:\Users\Steph\Documents\Ex back links & banners stuff.rtf
[2013/08/23 17:11:33 | 000,359,512 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/08/23 16:56:43 | 000,000,948 | ---- | M] () -- C:\Users\Steph\Documents\lifestuff.info stuff.rtf
[2013/08/23 16:55:53 | 000,000,452 | ---- | M] () -- C:\Users\Steph\Documents\Skimlinks stuff.rtf
[2013/08/23 13:53:24 | 000,001,340 | ---- | M] () -- C:\Users\Steph\Documents\Aug23FBCwTracey.rtf
[2013/08/22 18:45:40 | 000,000,765 | ---- | M] () -- C:\Users\Steph\Documents\Refer affiliates and vendors stuff.rtf
[2013/08/22 18:45:01 | 000,001,111 | ---- | M] () -- C:\Users\Steph\Documents\IM Marketers Club Clickbank stuff.rtf
[2013/08/22 18:38:41 | 000,000,570 | ---- | M] () -- C:\Users\Steph\Documents\Niche Blueprint 2.0 stuff.rtf
[2013/08/22 18:05:49 | 000,002,632 | ---- | M] () -- C:\Users\Steph\Documents\List Building aff stuff.rtf
[2013/08/22 14:21:39 | 000,000,996 | ---- | M] () -- C:\Users\Steph\Documents\Nicheology Stuff.rtf
[2013/08/22 14:14:47 | 000,000,936 | ---- | M] () -- C:\Users\Steph\Documents\Click Funnel Stuff.rtf
[2013/08/22 10:05:32 | 000,001,867 | ---- | M] () -- C:\Users\Public\Desktop\e-Sword.lnk
[2013/08/21 20:42:01 | 000,001,391 | ---- | M] () -- C:\Users\Steph\Documents\Curation Soft Info.rtf
[2013/08/21 19:36:38 | 000,001,929 | ---- | M] () -- C:\Users\Steph\Documents\My Sites and other CPA stuff.rtf
[2013/08/21 19:36:24 | 000,027,860 | ---- | M] () -- C:\Users\Steph\Documents\The Marriage Bed stuff.rtf
[2013/08/21 19:36:15 | 000,001,344 | ---- | M] () -- C:\Users\Steph\Documents\Traffic Recon stuff.rtf
[2013/08/21 16:52:22 | 000,001,213 | ---- | M] () -- C:\Users\Steph\Documents\Authority Pro aff stuff.rtf
[2013/08/21 14:46:22 | 000,001,226 | ---- | M] () -- C:\Users\Public\Desktop\Magic Article Generator.lnk
[2013/08/21 14:30:01 | 000,001,163 | ---- | M] () -- C:\Users\Public\Desktop\Dr Essay Article Generator.lnk
[2013/08/21 14:25:29 | 000,003,868 | ---- | M] () -- C:\Users\Steph\Documents\Social Traffic Dashboard stuff.rtf
[2013/08/21 13:34:53 | 000,000,773 | ---- | M] () -- C:\Users\Steph\Documents\Covert Store Builder stuff.rtf
[2013/08/21 13:34:50 | 000,000,988 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/08/21 13:34:45 | 000,002,391 | ---- | M] () -- C:\Users\Steph\Documents\Insta Builder Squeeze Pages and other stuff.rtf
[2013/08/21 10:49:46 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/08/21 10:49:45 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/08/21 08:28:39 | 000,001,717 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/08/21 08:07:42 | 000,001,779 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013/08/20 12:36:12 | 000,000,599 | ---- | M] () -- C:\Users\Steph\Documents\Guide to Creating Spa Products stuff.rtf
[2013/08/20 12:10:07 | 000,000,788 | ---- | M] () -- C:\Users\Steph\Documents\New Paleo Cookbook stuff.rtf
[2013/08/20 11:28:00 | 000,001,650 | ---- | M] () -- C:\Users\Steph\Documents\Insta product Make your own ebooks.rtf
[2013/08/20 10:03:26 | 000,002,809 | ---- | M] () -- C:\Users\Steph\Documents\Plugin Aff Stuff.rtf
[2013/08/18 15:38:06 | 000,770,344 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013/08/18 15:38:06 | 000,369,584 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013/08/18 15:38:06 | 000,175,176 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/08/18 15:38:06 | 000,000,175 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys.sum
[2013/08/18 15:38:06 | 000,000,175 | ---- | M] () -- C:\Windows\System32\drivers\aswSP.sys.sum
[2013/08/18 15:38:06 | 000,000,175 | ---- | M] () -- C:\Windows\System32\drivers\aswSnx.sys.sum
[2013/08/18 15:37:50 | 000,002,039 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/08/18 15:37:42 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/08/18 14:50:47 | 000,000,099 | ---- | M] () -- C:\Users\Steph\Documents\Davelovelace.com
[2013/08/18 14:33:24 | 000,000,530 | ---- | M] () -- C:\Users\Steph\Documents\Green and energy saving aff stuff.rtf
[2013/08/18 14:26:58 | 000,003,442 | ---- | M] () -- C:\Users\Steph\Documents\Traffic aff stuff.rtf
[2013/08/18 11:35:32 | 000,000,360 | ---- | M] () -- C:\Users\Steph\Documents\Money from Home aff stuff.rtf
[2013/08/18 05:15:01 | 000,001,864 | ---- | M] () -- C:\Users\Steph\Documents\SEO Products Aff stuff.rtf
[2013/08/18 04:17:55 | 000,000,565 | ---- | M] () -- C:\Users\Steph\Documents\Blogging aff stuff.rtf
[2013/08/18 03:56:49 | 000,000,771 | ---- | M] () -- C:\Users\Steph\Documents\Free Memberships stuff.rtf
[2013/08/18 02:56:09 | 000,000,630 | ---- | M] () -- C:\Users\Steph\Documents\Michael Rasmussen stuff.rtf
[2013/08/16 15:25:39 | 000,000,929 | ---- | M] () -- C:\Users\Steph\Desktop\SpeedFan.lnk
[2013/08/16 15:25:37 | 000,000,045 | ---- | M] () -- C:\Windows\System32\initdebug.nfo
[2013/08/16 14:51:50 | 000,660,318 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/08/16 14:51:50 | 000,121,214 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/08/16 00:12:39 | 000,000,401 | ---- | M] () -- C:\Users\Steph\Documents\Instant Software Store.rtf
[2013/08/15 21:38:12 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/08/14 08:21:26 | 000,003,008 | ---- | M] () -- C:\Users\Steph\Documents\Online Income Masterclass email swipe.rtf
[2013/08/13 12:22:14 | 000,001,800 | ---- | M] () -- C:\Users\Steph\Documents\Unique Article Wizard stuff.rtf
[2013/08/13 02:55:31 | 000,000,540 | ---- | M] () -- C:\Users\Steph\Documents\Spin Rewriter stuff.rtf
[2013/08/13 00:50:46 | 000,004,391 | ---- | M] () -- C:\Users\Steph\Documents\Keyword research tools aff stuff.rtf
[2013/08/12 23:43:17 | 000,001,009 | ---- | M] () -- C:\Users\Steph\Documents\Insta Profit Sniper.rtf
[2013/08/12 20:15:38 | 000,000,364 | ---- | M] () -- C:\Users\Steph\Documents\Get Money from Home stuff.rtf
[2013/08/12 19:48:55 | 000,001,342 | ---- | M] () -- C:\Users\Steph\Documents\CB Passive Income.rtf
[2013/08/12 19:38:58 | 000,000,426 | ---- | M] () -- C:\Users\Steph\Documents\Kick Butt Cellulite Removal Program stuff.rtf
[2013/08/12 19:05:50 | 000,000,563 | ---- | M] () -- C:\Users\Steph\Documents\Paid Social Media Jobs stuff.rtf
[2013/08/12 18:11:28 | 000,000,578 | ---- | M] () -- C:\Users\Steph\Documents\Feel the traffic stuff.rtf
[2013/08/11 21:40:30 | 000,119,325 | ---- | M] () -- C:\Users\Steph\Documents\FA Free Strategy Guide-rbr.pdf
[2013/08/11 11:04:13 | 000,023,794 | ---- | M] () -- C:\Users\Steph\Documents\Increase your blog earnings with a niche blog-article.odt
[2013/08/10 12:57:56 | 000,002,155 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/08/09 14:41:03 | 000,000,385 | ---- | M] () -- C:\Users\Steph\Documents\Home School Cash stuff.rtf

========== Files Created - No Company Name ==========

[2013/09/06 19:33:05 | 000,000,613 | ---- | C] () -- C:\Users\Steph\Documents\Big Content Search stuff.rtf
[2013/09/06 13:42:14 | 000,000,376 | ---- | C] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Steph.job
[2013/09/06 13:42:12 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateFiles_Steph.job
[2013/09/06 13:42:09 | 000,000,366 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateXML_Steph.job
[2013/09/06 07:54:42 | 000,003,057 | ---- | C] () -- C:\Users\Steph\Documents\Make Money with Meghan stuff.rtf
[2013/09/03 23:42:59 | 000,001,910 | ---- | C] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2013/08/31 19:15:29 | 000,001,671 | ---- | C] () -- C:\Users\Steph\Documents\Amazon Prime stuff.rtf
[2013/08/31 18:30:46 | 000,146,446 | ---- | C] () -- C:\Users\Steph\Documents\ClickbankSreenShot.jpg
[2013/08/30 10:36:07 | 000,001,518 | ---- | C] () -- C:\Users\Steph\Documents\Hostgator,paidsocialmedia,hyperfbtraf.rtf
[2013/08/28 15:27:05 | 000,000,515 | ---- | C] () -- C:\Users\Steph\Documents\Christian Cinema Links n Stuff.rtf
[2013/08/23 13:53:20 | 000,001,340 | ---- | C] () -- C:\Users\Steph\Documents\Aug23FBCwTracey.rtf
[2013/08/23 09:03:21 | 000,000,452 | ---- | C] () -- C:\Users\Steph\Documents\Skimlinks stuff.rtf
[2013/08/22 18:38:39 | 000,000,570 | ---- | C] () -- C:\Users\Steph\Documents\Niche Blueprint 2.0 stuff.rtf
[2013/08/22 16:42:39 | 000,000,765 | ---- | C] () -- C:\Users\Steph\Documents\Refer affiliates and vendors stuff.rtf
[2013/08/22 14:20:26 | 000,000,996 | ---- | C] () -- C:\Users\Steph\Documents\Nicheology Stuff.rtf
[2013/08/22 13:17:03 | 000,000,936 | ---- | C] () -- C:\Users\Steph\Documents\Click Funnel Stuff.rtf
[2013/08/22 10:05:32 | 000,001,867 | ---- | C] () -- C:\Users\Public\Desktop\e-Sword.lnk
[2013/08/21 20:30:17 | 000,001,391 | ---- | C] () -- C:\Users\Steph\Documents\Curation Soft Info.rtf
[2013/08/21 19:51:43 | 000,001,089 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CurationSoft.lnk
[2013/08/21 16:14:24 | 000,001,213 | ---- | C] () -- C:\Users\Steph\Documents\Authority Pro aff stuff.rtf
[2013/08/21 14:46:22 | 000,001,226 | ---- | C] () -- C:\Users\Public\Desktop\Magic Article Generator.lnk
[2013/08/21 14:30:01 | 000,001,163 | ---- | C] () -- C:\Users\Public\Desktop\Dr Essay Article Generator.lnk
[2013/08/21 13:54:50 | 000,003,868 | ---- | C] () -- C:\Users\Steph\Documents\Social Traffic Dashboard stuff.rtf
[2013/08/21 13:34:50 | 000,000,988 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/08/21 08:28:39 | 000,001,717 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/08/21 08:07:42 | 000,001,779 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013/08/20 12:31:30 | 000,000,599 | ---- | C] () -- C:\Users\Steph\Documents\Guide to Creating Spa Products stuff.rtf
[2013/08/20 12:24:37 | 000,001,111 | ---- | C] () -- C:\Users\Steph\Documents\IM Marketers Club Clickbank stuff.rtf
[2013/08/20 11:43:15 | 000,000,773 | ---- | C] () -- C:\Users\Steph\Documents\Covert Store Builder stuff.rtf
[2013/08/20 10:54:51 | 000,000,788 | ---- | C] () -- C:\Users\Steph\Documents\New Paleo Cookbook stuff.rtf
[2013/08/20 10:30:48 | 000,001,650 | ---- | C] () -- C:\Users\Steph\Documents\Insta product Make your own ebooks.rtf
[2013/08/18 15:38:06 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys.sum
[2013/08/18 15:38:06 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSP.sys.sum
[2013/08/18 15:38:06 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSnx.sys.sum
[2013/08/18 15:37:50 | 000,002,039 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/08/18 15:37:47 | 000,175,176 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/08/18 15:37:47 | 000,049,376 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/08/18 14:49:49 | 000,000,099 | ---- | C] () -- C:\Users\Steph\Documents\Davelovelace.com
[2013/08/18 14:33:22 | 000,000,530 | ---- | C] () -- C:\Users\Steph\Documents\Green and energy saving aff stuff.rtf
[2013/08/18 12:30:16 | 000,002,391 | ---- | C] () -- C:\Users\Steph\Documents\Insta Builder Squeeze Pages and other stuff.rtf
[2013/08/18 11:35:32 | 000,000,360 | ---- | C] () -- C:\Users\Steph\Documents\Money from Home aff stuff.rtf
[2013/08/18 04:20:41 | 000,002,809 | ---- | C] () -- C:\Users\Steph\Documents\Plugin Aff Stuff.rtf
[2013/08/18 04:16:35 | 000,000,565 | ---- | C] () -- C:\Users\Steph\Documents\Blogging aff stuff.rtf
[2013/08/18 03:58:16 | 000,003,442 | ---- | C] () -- C:\Users\Steph\Documents\Traffic aff stuff.rtf
[2013/08/18 03:53:17 | 000,000,771 | ---- | C] () -- C:\Users\Steph\Documents\Free Memberships stuff.rtf
[2013/08/18 03:07:23 | 000,002,632 | ---- | C] () -- C:\Users\Steph\Documents\List Building aff stuff.rtf
[2013/08/18 02:54:52 | 000,000,630 | ---- | C] () -- C:\Users\Steph\Documents\Michael Rasmussen stuff.rtf
[2013/08/18 02:47:08 | 000,001,864 | ---- | C] () -- C:\Users\Steph\Documents\SEO Products Aff stuff.rtf
[2013/08/16 15:25:39 | 000,000,929 | ---- | C] () -- C:\Users\Steph\Desktop\SpeedFan.lnk
[2013/08/16 15:25:34 | 000,000,045 | ---- | C] () -- C:\Windows\System32\initdebug.nfo
[2013/08/16 00:12:39 | 000,000,401 | ---- | C] () -- C:\Users\Steph\Documents\Instant Software Store.rtf
[2013/08/15 15:28:57 | 000,027,860 | ---- | C] () -- C:\Users\Steph\Documents\The Marriage Bed stuff.rtf
[2013/08/13 02:18:34 | 000,000,540 | ---- | C] () -- C:\Users\Steph\Documents\Spin Rewriter stuff.rtf
[2013/08/12 20:12:30 | 000,000,364 | ---- | C] () -- C:\Users\Steph\Documents\Get Money from Home stuff.rtf
[2013/08/12 19:38:57 | 000,000,426 | ---- | C] () -- C:\Users\Steph\Documents\Kick Butt Cellulite Removal Program stuff.rtf
[2013/08/12 19:32:10 | 000,001,342 | ---- | C] () -- C:\Users\Steph\Documents\CB Passive Income.rtf
[2013/08/12 19:04:41 | 000,000,563 | ---- | C] () -- C:\Users\Steph\Documents\Paid Social Media Jobs stuff.rtf
[2013/08/12 18:31:51 | 000,001,344 | ---- | C] () -- C:\Users\Steph\Documents\Traffic Recon stuff.rtf
[2013/08/12 18:16:39 | 000,001,009 | ---- | C] () -- C:\Users\Steph\Documents\Insta Profit Sniper.rtf
[2013/08/12 18:07:55 | 000,000,578 | ---- | C] () -- C:\Users\Steph\Documents\Feel the traffic stuff.rtf
[2013/08/11 21:40:29 | 000,119,325 | ---- | C] () -- C:\Users\Steph\Documents\FA Free Strategy Guide-rbr.pdf
[2013/08/11 11:04:10 | 000,023,794 | ---- | C] () -- C:\Users\Steph\Documents\Increase your blog earnings with a niche blog-article.odt
[2013/08/10 18:51:44 | 000,004,391 | ---- | C] () -- C:\Users\Steph\Documents\Keyword research tools aff stuff.rtf
[2013/08/10 17:01:06 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/08/10 17:01:06 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/08/10 17:01:06 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/08/10 17:01:06 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/08/10 17:01:06 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/08/09 14:41:02 | 000,000,385 | ---- | C] () -- C:\Users\Steph\Documents\Home School Cash stuff.rtf
[2013/08/09 14:20:55 | 000,001,780 | ---- | C] () -- C:\Users\Steph\Documents\Forever Affiliate stuff.rtf
[2013/04/13 01:16:16 | 000,002,082 | ---- | C] () -- C:\Users\Steph\AppData\Local\recently-used.xbel
[2013/04/11 14:34:00 | 000,003,582 | ---- | C] () -- C:\Users\Steph\redirect.html
[2013/04/11 14:33:59 | 000,011,911 | ---- | C] () -- C:\Users\Steph\index.html
[2013/04/11 14:33:59 | 000,001,612 | ---- | C] () -- C:\Users\Steph\Read_Me.html
[2013/03/16 15:53:35 | 000,014,061 | ---- | C] () -- C:\Users\Steph\arrows.gif
[2013/03/16 15:53:35 | 000,000,993 | ---- | C] () -- C:\Users\Steph\download.html
[2013/03/16 15:53:35 | 000,000,334 | ---- | C] () -- C:\Users\Steph\checkpw.html
[2013/02/20 22:25:52 | 000,000,072 | ---- | C] () -- C:\Windows\EurekaLog.ini
[2013/02/04 22:50:50 | 000,000,088 | ---- | C] () -- C:\Users\Steph\.95d691779473f3e03bc4b4e56319d74c.key
[2013/01/22 00:17:13 | 000,000,073 | ---- | C] () -- C:\Windows\Brian_Kumar niche mktg-EBrander.INI
[2013/01/12 19:46:49 | 000,000,214 | ---- | C] () -- C:\Users\Steph\AppData\Roaming\wklnhst.dat
[2013/01/12 17:47:10 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2013/01/05 23:55:05 | 000,158,244 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2012/12/03 05:04:00 | 000,000,582 | ---- | C] () -- C:\Windows\System32\tx19_ic.ini
[2012/10/18 08:42:03 | 000,007,604 | ---- | C] () -- C:\Users\Steph\AppData\Local\Resmon.ResmonCfg

========== ZeroAccess Check ==========

[2009/07/13 23:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/26 23:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 20:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

Edited by sdockery, 08 September 2013 - 07:18 AM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP