Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer cannot reach Internet but has connectivity


  • Please log in to reply

#1
builder7

builder7

    New Member

  • Member
  • Pip
  • 2 posts
I haven't been able to reach the Internet while running Windows 7. The machine runs extremely slow. I got Avira and it did not update the virus definitions so it did not work. I tried to install them manually and that did not work. It disabled Malwarebytes. I ran the MS Malicious tool and it has found some issues which I am still working on. It said that there were two malware programs that couldn't be totally removed called Win32/hackdef and WinNT/hackdef. I ran Old Timer and I am including the log file here:

OTL Extras logfile created on: 9/14/2013 11:36:10 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\builder7\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 0.80 Gb Available Physical Memory | 10.03% Memory free
10.66 Gb Paging File | 2.03 Gb Available in Paging File | 19.00% Paging File free
Paging file location(s): c:\pagefile.sys 512 12286 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 179.54 Gb Free Space | 19.28% Space Free | Partition Type: NTFS
Drive D: | 102.54 Gb Total Space | 31.02 Gb Free Space | 30.26% Space Free | Partition Type: NTFS
Drive E: | 195.55 Gb Total Space | 62.47 Gb Free Space | 31.95% Space Free | Partition Type: NTFS
Drive G: | 29.80 Gb Total Space | 21.33 Gb Free Space | 71.57% Space Free | Partition Type: FAT32
Drive S: | 100.00 Mb Total Space | 31.83 Mb Free Space | 31.83% Space Free | Partition Type: NTFS
Drive Z: | 931.41 Gb Total Space | 179.54 Gb Free Space | 19.28% Space Free | Partition Type: CSC-CACHE

Computer Name: IRASCABLE | User Name: builder7 | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Nightly\firefox.exe (Mozilla Corporation)
.txt [@ = txtfile] -- C:\Program Files\Just Great Software\EditPad Lite 7\EditPadLite7.exe (Just Great Software)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{038B0E46-CFA0-453D-A49A-0684973F9769}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0752ECEE-550E-45DC-B2E3-CC34B5689A64}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{07FE5EFE-E6BB-4207-AFCB-7B802D857A44}" = rport=445 | protocol=6 | dir=out | app=system |
"{100959E5-3F53-437B-9621-432271B1CAD4}" = lport=139 | protocol=6 | dir=in | app=system |
"{1B3B3480-6A2D-4F68-928D-0FF32B29F547}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1CCF29B3-8ABE-43C3-B140-CFDC023F4933}" = lport=17944 | protocol=6 | dir=in | name=bitcomet 17944 tcp |
"{28DE0DD7-1240-4AB1-AE01-BA9C2CE7AB66}" = lport=138 | protocol=17 | dir=in | app=system |
"{4ABC9AA1-C409-4096-881E-3729EACDED02}" = lport=137 | protocol=17 | dir=in | app=system |
"{4B1A95D8-65D1-43FB-A592-4239A5C87D84}" = rport=138 | protocol=17 | dir=out | app=system |
"{6F411F73-1DF3-4B2B-B2E2-C67DA3171FA3}" = lport=17944 | protocol=17 | dir=in | name=bitcomet 17944 udp |
"{88859698-9291-4AEB-B692-A652DB5E1AE6}" = rport=137 | protocol=17 | dir=out | app=system |
"{B09ED051-95DD-4AF5-A906-4ED71D43F915}" = rport=139 | protocol=6 | dir=out | app=system |
"{C3CC6166-0FAA-4911-919D-EF3F7D87E12F}" = lport=445 | protocol=6 | dir=in | app=system |
"{D4804684-19B7-42E8-8471-7946AFDC7B34}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12F2AA39-172D-4E63-B106-84001F2327BA}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\pure networks shared\platform\nmsrvc.exe |
"{1731E527-4980-469D-BD3B-9B1A29A4C34C}" = protocol=1 | dir=in | [email protected],-28543 |
"{37593156-9544-43E3-A9F2-6504313A39EA}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\pure networks shared\platform\nmsrvc.exe |
"{72E9250E-EA39-4F8D-929A-D2273C0A3F90}" = protocol=6 | dir=in | app=c:\program files\ispy\ispy (64 bit)\ispy.exe |
"{87B57093-843B-43B3-AFF4-81BCBBD72E76}" = protocol=58 | dir=in | [email protected],-28545 |
"{8BB61FCD-CC27-4016-9B0B-113561E5AB73}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{C9007920-9D68-4C0B-9B88-8E42B6B308C6}" = protocol=17 | dir=in | app=c:\program files\ispy\ispy (64 bit)\ispy.exe |
"{D0D052A8-B6FD-4206-BF91-709357759F6D}" = protocol=58 | dir=out | [email protected],-28546 |
"{FD11C61E-D3A0-4D78-AFCE-A99ADEB2139F}" = protocol=1 | dir=out | [email protected],-28544 |
"{FDCCA12C-1EC1-4EB5-BCA4-CA1E14494578}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"TCP Query User{F4478AF5-A978-4DF7-A85B-DB670A12AA9A}C:\program files\ispy\ispy (64 bit)\ispy.exe" = protocol=6 | dir=in | app=c:\program files\ispy\ispy (64 bit)\ispy.exe |
"UDP Query User{ABDD70CF-BB5A-4C10-953C-F9893C70A3BE}C:\program files\ispy\ispy (64 bit)\ispy.exe" = protocol=17 | dir=in | app=c:\program files\ispy\ispy (64 bit)\ispy.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{09427FE8-E2F9-404F-94E5-3DD9B30AF2CF}" = iSpy (64 bit)
"{0C1DE303-E41B-44BA-8ABA-B7F09D857001}" = Oracle VM VirtualBox 4.2.12
"{1111706F-666A-4037-7777-203648764D10}" = JavaFX 2.0.3 (64-bit)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series" = Canon MP560 series MP Drivers
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2222706F-666A-4037-7777-203648764D10}" = JavaFX 2.0.3 SDK (64-bit)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417021FF}" = Java 7 Update 21 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5E5B7F6D-69D9-4D95-85EC-EB29F1CA280B}" = Windows 7 Manager
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0170030}" = Java™ SE Development Kit 7 Update 3 (64-bit)
"{64A3A4F4-B792-11D6-A78A-00B0D0170170}" = Java SE Development Kit 7 Update 17 (64-bit)
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 3.0.7
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6F7B851D-DEBC-4DC4-98A8-5B6F1364C74E}" = SCCM Client Center
"{73A207AA-ED1D-4395-98CC-119A1E45C93B}" = Microsoft Network Monitor: NetworkMonitor Parsers 3.4
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C5B5A11-CBF8-451B-B201-77FAB0D0B77D}" = Microsoft Network Monitor 3.4
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{90150000-002A-0000-1000-0000000FF1CE}" = Microsoft Office 64-bit Components 2013
"{90150000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2013
"{90150000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2013
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C0C31BCC-56FB-42a7-8766-D29E1BD74C7d}" = Python 2.7.3 (64-bit)
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2196}_is1" = SiSoftware Sandra Lite XII.SP2c
"{C74FB740-D02E-40EA-A09E-B19FC74F324F}" = Microsoft Deployment Toolkit 2012 Update 1 (6.1.2373.0)
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E452E727-86B8-4233-8CC3-41FD817AFAFF}" = VMware Player
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"{FD7DEB7B-8CEA-44E5-AB2D-7C66786C0563}" = Waterfox
"BitDefender Gonzales" = Bitdefender Antivirus Free Edition
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"Easy Duplicate Finder 4_is1" = EasyDuplicateFinder v4.2
"EditPad Lite" = EditPad Lite 7.2.3
"GIMP-2_is1" = GIMP 2.8.0
"GPL Ghostscript 9.05" = GPL Ghostscript
"Nightly 26.0a1 (x64 en-US)" = Nightly 26.0a1 (x64 en-US)
"Pale Moon 20.3-x64 (x64 en-US)" = Pale Moon 20.3-x64 (x64 en-US)
"Recuva" = Recuva
"Software Informer_is1" = Software Informer 1.2
"Speccy" = Speccy
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"Win2PDF_is1" = Win2PDF 7

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02C39DE9-B03A-4FE7-89F9-61E224FE65CC}" = IPCamSetup
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{107C666F-63C5-4263-8D40-8B9CFB5FED08}" = Microsoft Robocopy GUI
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{183B7569-90FB-4C56-9761-0EEB002CAB83}" = Adobe Camera Raw 4.0
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}" = Cool & Quiet
"{1DF3D1A1-2F6F-4DF9-8002-824E4AD0A285}" = Fluke Networks IP Inspector
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20B83B31-09C4-4F0E-9774-EF8A12A0A527}" = Adobe Device Central CS3
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{26A24AE4-039D-4CA4-87B4-2F83216043FF}" = Java™ 6 Update 43
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2A539CD9-0F75-4875-9A32-E06DD93C4114}" = Adobe Extension Manager CS3
"{2EEEC858-21F8-419B-8FE2-820621BFFCD7}" = GetDataBack for FAT
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{32A3A4F4-B792-11D6-A78A-00B0D0160430}" = Java™ SE Development Kit 6 Update 43
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3A12C952-61D5-4C3B-B68B-8CFBE47E22F1}" = Adobe Setup
"{3BC1AB78-2D98-4906-84B5-4230B5420DCC}" = Offline Course Player
"{412033BC-44CF-48D9-B813-4B835101F4D3}" = Adobe Illustrator 10.0.3
"{41C3C974-EC5E-494C-AFE6-E31D92E2E6CB}" = Adobe Version Cue CS3 Client
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BAD50CC-B9C6-469A-918E-380B5F83B022}" = iSpy
"{4DF98D0B-637E-42B4-B9D6-EB7693D2FBF8}" = Adobe ExtendScript Toolkit 2
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.7
"{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}" = GetDataBack for NTFS
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{604CD5A1-4520-4844-B064-A3D884B77E91}" = SpeedyPC Pro
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65A5E87D-7A3F-4819-807D-B86990D5F369}" = inSSIDer
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68CF6DD2-8BA3-4A70-81D8-7CC5F24C9BA2}" = Adobe Bridge CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{718B4606-2FEF-411B-B96E-4FC53B91EBC0}" = Secure Download Manager
"{733D84D6-AAFD-4368-A1D0-F2734F6B9082}" = Adobe Help Viewer CS3
"{7378A8C1-46B4-4F0D-84DA-32B63F058A7E}" = Nucleon Script Master
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A501E32-91D4-4098-9484-50D0B8919AE1}" = LogMeIn Rescue Technician Console
"{7AC0886A-CE48-4EB6-9CC3-4C56D427F2E1}" = Cisco Network Magic
"{7F3A2319-79CF-4701-95FB-034E99281808}" = Adobe Bridge Start Meeting
"{8148D4E2-D47C-4684-A2D9-226FCAF8BE5B}" = CloudFuze
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84BA4329-354E-4325-BAAC-EC16AE3D05FF}" = ClearSight Third Party Decode Engine
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8BC84ECC-EA87-49C0-93C0-2B5DF62745CD}" = Adobe Asset Services CS3
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D840E74-A760-487F-AE4E-A1B2CFDB28E1}_is1" = Yet Another Duplicate File Remover 1.0.0
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90150000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-0000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français
"{90150000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Español
"{90150000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2013
"{90150000-0054-0409-0000-0000000FF1CE}" = Microsoft Visio MUI (English) 2013
"{90150000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2013
"{90150000-00B4-0409-0000-0000000FF1CE}" = Microsoft Project MUI (English) 2013
"{90150000-00E1-0409-0000-0000000FF1CE}" = Microsoft Office OSM MUI (English) 2013
"{90150000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2013
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{91150000-003B-0000-0000-0000000FF1CE}" = Microsoft Project Professional 2013
"{91150000-0051-0000-0000-0000000FF1CE}" = Microsoft Visio Professional 2013
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{94367EE2-CC21-4523-B9EB-BDB3F4357B52}" = AudioDocs
"{95140000-0080-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A344FC3A-9422-4676-A1A6-43D1F9840A5C}" = ReliefJet Essentials for Outlook
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{A9F5E1E1-1281-4862-90B4-6CF8E6AF83CE}_is1" = Pegasus Mail HTML Renderer 2.4.7.2
"{AA0BD406-0855-4F6E-82B6-61E7634D47AD}" = Visible Analyst 2009
"{AA38CC00-F12C-495E-AF00-7EE413D3BFB2}" = Evince 2.32.0.145
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{AFECFED6-0A43-488F-8511-1DC6B52F31C3}_is1" = Fast Duplicate File Finder 3.2.0.1
"{B1F9C834-0594-4563-B344-4ED9599A5945}" = LibreOffice 3.5
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B829E117-D072-41EA-9606-9826A38D34C1}" = Sophos Virus Removal Tool
"{B9111814-9EEB-4C41-BADC-F3455CFEBA25}" = PHP 5.3.23
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BBB21AB1-2C45-435D-A05A-B563072E7B9B}" = Xirrus Wi-Fi Inspector
"{C268B5E1-A5DA-11DF-A289-005056C00008}" = Paragon Backup & Recovery™ 2013 Free
"{C2D4CD4A-AE20-40B3-8726-8ED1C03E8C15}" = Google Drive
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C3DAA3D9-0927-44A7-A7B6-90D2F32834AA}" = SpiderOak
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D1C59F81-66FD-4E8E-B9F7-F4B2442D5222}" = Adobe Update Manager CS3
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DC0C5A78-6DBF-3444-0120-0FE8F0134FCD}" = Adobe Download Assistant
"{DCA963D4-6AA2-11E2-80AA-984BE15F174E}" = Evernote v. 4.6.2
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E32FC3D8-D106-425E-9F9E-8BE6E2E79AC9}" = InstallShield Tuner 6.0.1 For Adobe Acrobat
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EA1FAE0F-2354-4E32-B423-ABAE8E358F91}" = RealDownloader
"{EBA24116-BAF3-4273-BE47-56575D46D77D}" = File Master 3
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{F01D5ED5-D53A-4468-B428-149DC2CB3110}" = Adobe Dreamweaver CS3
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0B6A46E-635B-4D37-8F5F-E543F54C3D5B}" = SearchDVS
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FA237125-51FF-408C-8BB8-30C2B3DFFF9C}" = Windows Resource Kit Tools
"{FC467B61-F890-4E29-8585-365DAB66F13E}" = Pure Networks Platform
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe PageMaker 7.0" = Adobe PageMaker 7.0
"Adobe Photoshop 7.0.1" = Adobe Photoshop 7.0.1
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Adobe_435a6af7459cb02a9c1138113a26e93" = Adobe Dreamweaver CS3
"Advanced Port Scanner v1.3" = Advanced Port Scanner v1.3
"AllDup_is1" = AllDup 3.3.14
"Analyzer 3.0a12_is1" = Analyzer 3.0 alpha 12 (Build Nov 15th, 2007)
"AngelPotion Video Codec V1" = AngelPotion Video Codec V1
"Aurora 22.0a2 (x86 en-US)" = Aurora 22.0a2 (x86 en-US)
"Avira AntiVir Desktop" = Avira Antivirus Premium
"AVS Audio Converter_is1" = AVS Audio Converter 7
"AVS Audio Editor_is1" = AVS Audio Editor 7.1
"AVS Audio Recorder_is1" = AVS Audio Recorder version 4.0
"AVS Disc Creator_is1" = AVS Disc Creator 5
"AVS Document Converter_is1" = AVS Document Converter 2.2.7
"AVS DVD Copy_is1" = AVS DVD Copy 4.1.2.283
"AVS Image Converter_is1" = AVS Image Converter 3.0.1.269
"AVS Media Player_is1" = AVS Media Player 4.2.1.103
"AVS Photo Editor_is1" = AVS Photo Editor
"AVS Registry Cleaner_is1" = AVS Registry Cleaner 2.2.3.237
"AVS Ringtone Maker 1.6_is1" = AVS Ringtone Maker version 1.6
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 6
"AVS Video Recorder_is1" = AVS Video Recorder 2.5
"AVS Video ReMaker_is1" = AVS Video ReMaker 4.2.1.152
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8
"AVSCoverEditor2_is1" = AVS Cover Editor 2.0.1.3
"BitComet" = BitComet 1.35
"BitComet_x64" = BitComet 1.36 64-bit
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"ConverterLite" = ConverterLite 1.6.3
"EaseUS Partition Master Home Edition_is1" = EaseUS Partition Master 9.1.1 Home Edition
"Easy Duplicate Finder_is1" = Easy Duplicate Finder v. 3.2
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"ESET Online Scanner" = ESET Online Scanner v3
"ffdshow_is1" = ffdshow v1.3.4513 [2013-05-25]
"File Repair_is1" = File Repair
"FileZilla Client" = FileZilla Client 3.7.3
"Free Studio_is1" = Free Studio version 2013
"GSurf_Pro" = GSurf_Pro
"InfoAtoms" = InfoAtoms
"InstallShield_{84BA4329-354E-4325-BAAC-EC16AE3D05FF}" = ClearSight Third Party Decode Engine
"IrfanView" = IrfanView (remove only)
"Karen's Computer Profiler" = Karen's Computer Profiler
"LastPass" = LastPass (uninstall only)
"Logitech Vid" = Logitech Vid HD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mozilla Firefox 18.0.1 (x86 en-US)" = Mozilla Firefox 18.0.1 (x86 en-US)
"Mozilla Thunderbird 17.0.5 (x86 en-US)" = Mozilla Thunderbird 17.0.5 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"MP Navigator EX 4.1" = Canon MP Navigator EX 4.1
"nbi-nb-base-7.3.0.0.201302132200" = NetBeans IDE 7.3
"NETGEAR Genie" = NETGEAR Genie
"Network MagicUninstall" = Network Magic
"Notepad++" = Notepad++
"OCX" = OCX
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Office15.PRJPROR" = Microsoft Project Professional 2013
"Office15.VISPROR" = Microsoft Visio Professional 2013
"Omnis Individual Desktop 2.02" = Omnis Individual Desktop 2.02
"Password Agent 2" = Password Agent 2.6.3
"Pegasus Mail" = Pegasus Mail
"Picasa 3" = Picasa 3
"RealPlayer 16.0" = RealPlayer
"Scribus 1.4.1" = Scribus 1.4.1
"Security Task Manager" = Security Task Manager 1.8g
"TeamViewer 4" = TeamViewer 4
"UltraDefrag" = Ultra Defragmenter
"UnfriendApp" = UnfriendApp
"Video Downloader_is1" = Video Downloader version 2.0
"VLC media player" = VLC media player 2.0.3
"VMware_Player" = VMware Player
"WebLog Expert Lite_is1" = WebLog Expert Lite 7.8
"Windows Grep_is1" = Windows Grep 2.3
"WinLiveSuite" = Windows Live Essentials
"WinMerge_is1" = WinMerge 2.12.4
"WinPcapInst" = WinPcap 4.1.2
"Wireshark" = Wireshark 1.8.0rc2 (64-bit)
"Wise Data Recovery_is1" = Wise Data Recovery 3.17
"X-Lite 1.5_is1" = X-Lite 3.0
"Zoiper" = Zoiper

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"@@[email protected]@SanDiskSecureAccess_Manager.exe" = SanDiskSecureAccess_Manager.exe
"Dropbox" = Dropbox
"Gnumeric" = Gnumeric Spreadsheet 1.10.16-20110616
"GoToMeeting" = GoToMeeting 5.5.0.1132
"JoinMe" = join.me
"pymongo-py2.7" = Python 2.7 pymongo-2.3

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 9/11/2013 6:27:39 PM | Computer Name = irascable | Source = VSS | ID = 8193
Description =

Error - 9/11/2013 6:27:39 PM | Computer Name = irascable | Source = System Restore | ID = 8193
Description =

Error - 9/12/2013 1:08:15 AM | Computer Name = irascable | Source = Outlook | ID = 34
Description = Failed to get the Crawl Scope Manager with error=0x8007043c.

Error - 9/12/2013 1:08:15 AM | Computer Name = irascable | Source = Outlook | ID = 34
Description = Failed to get the Crawl Scope Manager with error=0x8007043c.

Error - 9/12/2013 1:08:15 AM | Computer Name = irascable | Source = Outlook | ID = 35
Description = Failed to determine if the store is in the crawl scope (error=0x8007043c).

Error - 9/12/2013 1:08:15 AM | Computer Name = irascable | Source = Outlook | ID = 35
Description = Failed to determine if the store is in the crawl scope (error=0x8007043c).

Error - 9/12/2013 1:09:12 AM | Computer Name = irascable | Source = System Restore | ID = 8193
Description =

Error - 9/12/2013 1:09:38 AM | Computer Name = irascable | Source = System Restore | ID = 8193
Description =

Error - 9/12/2013 1:21:21 PM | Computer Name = irascable | Source = PerfNet | ID = 2004
Description =

Error - 9/13/2013 3:26:12 PM | Computer Name = irascable | Source = PerfNet | ID = 2004
Description =

[ System Events ]
Error - 9/14/2013 1:43:17 PM | Computer Name = irascable | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 9/14/2013 1:44:37 PM | Computer Name = irascable | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 9/14/2013 1:44:37 PM | Computer Name = irascable | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 9/14/2013 1:44:37 PM | Computer Name = irascable | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 9/14/2013 1:47:29 PM | Computer Name = irascable | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 9/14/2013 1:47:29 PM | Computer Name = irascable | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 9/14/2013 1:47:29 PM | Computer Name = irascable | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 9/14/2013 1:51:45 PM | Computer Name = irascable | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 9/14/2013 1:51:45 PM | Computer Name = irascable | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 9/14/2013 1:51:45 PM | Computer Name = irascable | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068


< End of report >

If anybody can help it would be appreciated.

builder7
  • 0

Advertisements


#2
Phel

Phel

    Trusted Helper

  • Malware Removal
  • 1,386 posts
Hello, builder7 and welcome to GeeksToGo!

You can call me Phel and this time I will try to help you with your trouble.

Please, spend some time to read these instructions carefully before we start. They contain very useful information.

  • Please, stay with us until the end. I know, Malware Removal isn't very fast procedure, it usually has multiple steps, but you should stay here till your computer will be absolutely clean from malware. If your main problem is solved, that doesn't mean that another malware isn't left in your computer. Your patience will be rewarded with absolutely clean computer. :)
  • Please, let me know, if you don't understand something. It is really important to understand every instruction. If you are in doubt, how to follow one or another instruction - feel free to ask me, how to do that. I am always glad to help you with that.
  • Please, don't fix anything by yourself. Please, don't run any tools unless they are required. Trying multiple tools in hope that one of them will help can lead to unrecoverable consequences. Sometimes malware removal tools, used without supervision, can harm your computer more than malware itself.
  • Please, feel free to notify me about changes in your PC's behavior. It's really interesting for me to know, how your computer is running after each portion of fixes.
  • Please note, that I'm currently in training. It doesn't mean that my help will be worse than expert help. My posts are carefully checked by experts before they are posted. Please note, that my replies sometimes can come with delays. However, usually it takes less than 24 hours to revise my message by expert and post to you it.
  • Finally, enjoy the fight! ;)
Can you please find OTL.txt file in C:\Users\builder7\Downloads folder? Please, post it's contents in your next message.
  • 0

#3
builder7

builder7

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
OTL logfile created on: 9/14/2013 11:36:10 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\builder7\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 0.80 Gb Available Physical Memory | 10.03% Memory free
10.66 Gb Paging File | 2.03 Gb Available in Paging File | 19.00% Paging File free
Paging file location(s): c:\pagefile.sys 512 12286 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.41 Gb Total Space | 179.54 Gb Free Space | 19.28% Space Free | Partition Type: NTFS
Drive D: | 102.54 Gb Total Space | 31.02 Gb Free Space | 30.26% Space Free | Partition Type: NTFS
Drive E: | 195.55 Gb Total Space | 62.47 Gb Free Space | 31.95% Space Free | Partition Type: NTFS
Drive G: | 29.80 Gb Total Space | 21.33 Gb Free Space | 71.57% Space Free | Partition Type: FAT32
Drive S: | 100.00 Mb Total Space | 31.83 Mb Free Space | 31.83% Space Free | Partition Type: NTFS
Drive Z: | 931.41 Gb Total Space | 179.54 Gb Free Space | 19.28% Space Free | Partition Type: CSC-CACHE

Computer Name: IRASCABLE | User Name: builder7 | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/09/14 11:35:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\builder7\Downloads\OTL(1).exe
PRC - [2013/07/23 15:27:40 | 000,073,656 | ---- | M] () -- C:\Program Files\iSpy\iSpy (64 bit)\iSpyMonitor.exe
PRC - [2013/06/11 18:47:41 | 000,389,016 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
PRC - [2012/04/25 10:36:36 | 002,388,336 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Safari\Safari.exe
PRC - [2012/04/24 20:18:16 | 000,014,184 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe


========== Modules (No Company Name) ==========

MOD - [2013/08/15 03:25:27 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\82d58d49946f82eb56bae40f3b097784\System.Xml.ni.dll
MOD - [2013/08/15 03:25:18 | 012,698,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\5f27b142c87d877c73ac245ab951a773\System.Windows.Forms.ni.dll
MOD - [2013/08/15 03:25:15 | 007,249,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\91e8082fd4520aabd77fecd38aca4c57\System.Data.ni.dll
MOD - [2013/08/15 03:25:05 | 006,998,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\a35e871c52b7a7aee64c969c02acfaa0\System.Core.ni.dll
MOD - [2013/08/15 03:25:04 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\cceaf9d7891fc325a90473aa9a661661\System.Drawing.ni.dll
MOD - [2013/08/15 03:24:57 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ac79b74f022d9a096de2b884f4249543\System.ni.dll
MOD - [2013/08/07 13:25:24 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2013/07/23 15:27:40 | 000,073,656 | ---- | M] () -- C:\Program Files\iSpy\iSpy (64 bit)\iSpyMonitor.exe
MOD - [2013/07/10 03:20:10 | 000,145,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\c4ae805ff0a785d6373936ba46340150\System.Numerics.ni.dll
MOD - [2013/07/10 03:20:06 | 016,547,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\bf2ecabcd96ec8238dc385b0a3ffa084\mscorlib.ni.dll
MOD - [2013/06/11 18:47:42 | 002,243,480 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
MOD - [2013/06/11 18:47:42 | 000,158,104 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2013/06/11 18:47:42 | 000,022,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2012/04/24 20:18:24 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Safari\Apple Application Support\zlib1.dll
MOD - [2012/04/24 20:18:06 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Safari\Apple Application Support\libxml2.dll
MOD - [2010/01/21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF


========== Services (SafeList) ==========

SRV:64bit: - [2013/08/29 09:32:17 | 000,064,224 | ---- | M] (Bitdefender) [Auto | Stopped] -- C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe -- (gzserv)
SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/04/20 02:04:20 | 000,203,776 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/12/28 02:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [On_Demand | Stopped] -- C:\Program Files\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV:64bit: - [2010/11/20 07:25:18 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\snmp.exe -- (SNMP)
SRV:64bit: - [2010/11/20 07:24:49 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 19:41:10 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\iprip.dll -- (iprip)
SRV:64bit: - [2009/07/13 19:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/13 19:39:56 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\WMSvc.exe -- (WMSVC)
SRV:64bit: - [2009/07/13 19:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)
SRV:64bit: - [2008/04/22 18:23:02 | 000,098,488 | ---- | M] (SiSoftware) [Auto | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2013/08/16 09:18:56 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/25 08:52:52 | 000,162,672 | ---- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/07/12 14:37:18 | 003,289,472 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/05/11 04:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/05/08 11:29:44 | 000,023,552 | ---- | M] (Fork Ltd.) [Auto | Stopped] -- E:\Security\Prey\platform\windows\cronsvc.exe -- (CronService)
SRV - [2013/04/15 11:08:51 | 000,117,160 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/04/07 05:39:20 | 000,232,192 | ---- | M] (NETGEAR) [Auto | Stopped] -- C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe -- (NETGEARGenieDaemon)
SRV - [2013/03/07 01:16:23 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/03/06 02:21:52 | 000,039,056 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2013/02/26 02:28:44 | 000,357,456 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2013/02/26 02:28:26 | 000,436,304 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2013/02/26 01:30:42 | 000,087,120 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
SRV - [2012/10/11 16:15:30 | 000,918,680 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/11/20 06:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/11/20 06:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010/11/20 06:18:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010/11/20 06:17:42 | 000,047,616 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\snmp.exe -- (SNMP)
SRV - [2010/06/25 11:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009/07/13 19:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)
SRV - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/23 03:35:14 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe -- (TeamViewer4)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2013/09/10 23:42:18 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013/09/08 11:49:58 | 000,121,928 | ---- | M] (Bitdefender SRL) [Kernel | System | Running] -- C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys -- (bdfwfpf)
DRV:64bit: - [2013/09/05 07:48:55 | 000,035,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys -- (WPRO_41_2001)
DRV:64bit: - [2013/07/18 17:26:17 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2013/05/28 12:12:19 | 000,382,536 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Stopped] -- C:\Windows\SysNative\drivers\trufos.sys -- (trufos)
DRV:64bit: - [2013/04/22 13:21:00 | 000,148,696 | ---- | M] (BitDefender LLC) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gzflt.sys -- (gzflt)
DRV:64bit: - [2013/04/17 14:59:58 | 000,593,144 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf)
DRV:64bit: - [2013/04/17 14:59:56 | 000,718,840 | ---- | M] (BitDefender) [File_System | Boot | Stopped] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3)
DRV:64bit: - [2013/04/12 11:41:28 | 000,131,856 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2013/04/11 11:06:54 | 000,039,504 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gfiark.sys -- (gfiark)
DRV:64bit: - [2013/04/09 09:41:35 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
DRV:64bit: - [2013/02/26 02:28:48 | 000,067,664 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2013/02/26 02:28:14 | 000,030,800 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2013/02/26 02:27:48 | 000,045,720 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2013/02/26 02:27:48 | 000,020,120 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2013/02/26 02:27:44 | 000,033,360 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2013/02/22 07:32:08 | 000,160,256 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV:64bit: - [2013/02/18 13:59:44 | 000,633,680 | ---- | M] (Paragon) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\Uim_IMx64.sys -- (Uim_IM)
DRV:64bit: - [2013/02/18 13:59:44 | 000,090,960 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\uimx64.sys -- (UimBus)
DRV:64bit: - [2013/02/18 13:59:42 | 000,390,352 | ---- | M] (Paragon) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\uim_vimx64.sys -- (Uim_VIM)
DRV:64bit: - [2013/02/18 13:59:42 | 000,039,248 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hotcore3.sys -- (hotcore3)
DRV:64bit: - [2012/10/24 14:17:14 | 000,070,296 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsock.sys -- (vsock)
DRV:64bit: - [2012/10/24 14:17:10 | 000,085,104 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2012/10/11 16:15:32 | 000,052,376 | ---- | M] (VMware, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2012/10/10 21:08:10 | 000,044,928 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam)
DRV:64bit: - [2012/08/23 08:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 08:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/05/25 13:14:24 | 000,057,976 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SBREDrv.sys -- (SBRE)
DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/08/01 09:28:58 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\PGdrivers\npf.sys -- (PGNPF)
DRV:64bit: - [2011/07/29 13:54:56 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv)
DRV:64bit: - [2011/07/29 13:54:56 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/20 02:44:50 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/04/20 01:22:34 | 000,306,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 07:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/06/09 17:10:16 | 000,046,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nm3.sys -- (nm3)
DRV:64bit: - [2009/12/30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/07 14:48:44 | 000,035,376 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\purendis.sys -- (purendis)
DRV:64bit: - [2009/07/07 14:48:44 | 000,033,328 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\pnarp.sys -- (pnarp)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/14 09:26:24 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2008/11/11 13:42:00 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2008/07/26 15:26:34 | 000,050,072 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2008/07/26 15:22:34 | 002,624,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI)
DRV - [2013/02/28 23:13:26 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\npf.sys -- (NPF)
DRV - [2013/02/18 13:59:50 | 000,019,792 | ---- | M] (Paragon Software GmbH) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Paragon Software\Backup and Recovery 2013 Free\program\biontdrv.sys -- (BioNTDrv)
DRV - [2011/07/29 13:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv)
DRV - [2011/07/29 13:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 35 C1 66 C8 10 2C CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {10093E20-17CA-46F8-9E1F-1FF3E8158C20}
IE - HKCU\..\SearchScopes\{10093E20-17CA-46F8-9E1F-1FF3E8158C20}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{2AFC9E60-72AF-45AA-A8DD-49917837221C}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://lavasoft.blek...q={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear
IE - HKCU\..\SearchScopes\{D0573BEA-F999-406D-9EA7-016E6D568D40}: "URL" = http://websearch.ask...74-993F11365E27
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:8080

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://duckduckgo.com"
FF - prefs.js..extensions.enabledAddons: donottrackplus%40abine.com:2.2.9.618
FF - prefs.js..extensions.enabledAddons: support%40lastpass.com:2.5.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0a1
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@lastpass.com/NPLastPass: C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@lastpass.com/NPLastPass: C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.1.18: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.1.18: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Nightly 26.0a1\extensions\\Components: C:\PROGRAM FILES\NIGHTLY\COMPONENTS [2013/09/11 15:09:58 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Nightly 26.0a1\extensions\\Plugins: C:\PROGRAM FILES\NIGHTLY\PLUGINS [2013/09/11 15:09:59 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Pale Moon 20.3-x64\extensions\\Components: C:\PROGRAM FILES\PALE MOON\COMPONENTS [2013/08/17 04:32:35 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Pale Moon 20.3-x64\extensions\\Plugins: C:\PROGRAM FILES\PALE MOON\PLUGINS
FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 22.0a2\extensions\\Components: C:\Program Files (x86)\Aurora\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 22.0a2\extensions\\Plugins: C:\Program Files (x86)\Aurora\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DAC3F861-B30D-40dd-9166-F4E75327FAC7}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/03/23 04:08:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/03/23 04:08:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Mozilla Firefox1\extensions\[email protected] [2013/04/30 12:05:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ [2013/05/09 18:31:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox1\components [2013/05/01 18:18:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox1\plugins [2013/07/05 19:41:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/06/11 18:47:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Waterfox 18.0.1\extensions\\Components: C:\Program Files\\Waterfox\components [2013/05/12 15:16:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Waterfox 18.0.1\extensions\\Plugins: C:\Program Files\\Waterfox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Aurora 22.0a2\extensions\\Components: C:\Program Files (x86)\Aurora\components
FF - HKEY_CURRENT_USER\software\mozilla\Aurora 22.0a2\extensions\\Plugins: C:\Program Files (x86)\Aurora\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\builder7\AppData\Roaming\Mozilla\Firefox\Profiles/4i7bpzy7.default\extensions\[email protected]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\UnfriendApp\Firefox\ [2013/01/20 21:09:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/08/19 20:15:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/06/11 18:47:29 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2012/05/06 09:57:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\builder7\AppData\Roaming\Mozilla\Extensions
[2013/09/12 09:16:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\builder7\AppData\Roaming\Mozilla\Firefox\Profiles\vjf2w9ho.default-1378021061295\extensions
[2013/09/05 08:16:07 | 000,000,000 | ---D | M] (DoNotTrackMe) -- C:\Users\builder7\AppData\Roaming\Mozilla\Firefox\Profiles\vjf2w9ho.default-1378021061295\extensions\[email protected]
[2013/09/12 09:15:08 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\builder7\AppData\Roaming\Mozilla\Firefox\Profiles\vjf2w9ho.default-1378021061295\extensions\[email protected]
[2011/06/03 04:00:08 | 000,061,440 | ---- | M] (Element K Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPOlp32.dll

O1 HOSTS File: ([2013/09/11 16:45:28 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O2 - BHO: (no name) - {5CFDB93C-BE46-41D7-8B8E-7E57F6C2706A} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O2 - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O3:64bit: - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {41564952-412D-5637-00A7-7A786E7484D7} - No CLSID value found.
O4:64bit: - HKLM..\Run: [InstallerLauncher] C:\Program Files\Bitdefender\Antivirus Free Edition\Install\setuplauncher.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [nmapp] C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [nmctxth] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [SpybotSnD] G:\SpybotPortable\App\Spybot\SpybotSD.exe (Safer Networking Limited)
O4 - Startup: C:\Users\builder7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: Add to Evernote 4 - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html ()
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O8:64bit: - Extra context menu item: LastPass - file://C:\Users\builder7\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8:64bit: - Extra context menu item: LastPass Fill Forms - file://C:\Users\builder7\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O8:64bit: - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Add to Evernote 4 - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O8 - Extra context menu item: LastPass - file://C:\Users\builder7\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Users\builder7\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()
O9:64bit: - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O9:64bit: - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: sharepoint.com ([snhu] https in Trusted sites)
O15 - HKCU\..Trusted Domains: sharepoint.com ([snhu-my] https in Trusted sites)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} http://192.168.2.2/c.../DVM_IPCam2.cab (DVM_IPCam2 Control)
O16 - DPF: {CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_43)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.2.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{585C91D7-C5DC-4A1D-B5D9-322A2CD5B8DF}: DhcpNameServer = 192.168.0.1 205.171.2.25
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/04/08 14:44:18 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013/08/21 15:26:08 | 000,000,000 | ---D | M] - G:\Auto Insurance -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/09/11 18:56:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/09/11 18:56:32 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/09/11 18:56:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/09/11 16:48:29 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/09/11 15:55:39 | 000,000,000 | ---D | C] -- C:\ccb4e67aeefd12df2990156a5d
[2013/09/11 15:09:58 | 000,000,000 | ---D | C] -- C:\Program Files\Nightly
[2013/09/10 23:20:13 | 000,000,000 | ---D | C] -- C:\Users\builder7\AppData\Local\VS Revo Group
[2013/09/10 23:20:09 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys
[2013/09/10 23:20:09 | 000,000,000 | ---D | C] -- C:\ProgramData\VS Revo Group
[2013/09/10 23:20:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
[2013/09/10 23:20:08 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013/09/10 22:41:26 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/09/10 22:29:14 | 000,000,000 | ---D | C] -- C:\Users\builder7\AppData\Local\ElevatedDiagnostics
[2013/09/08 11:27:05 | 000,000,000 | ---D | C] -- C:\Users\builder7\AppData\Roaming\Avira
[2013/09/08 11:26:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013/09/08 11:22:35 | 000,132,088 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013/09/08 11:22:35 | 000,105,344 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013/09/08 11:22:35 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013/09/08 11:22:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2013/09/08 00:16:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Password Agent
[2013/09/08 00:16:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Password Agent
[2013/09/07 19:59:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2013/09/07 18:13:34 | 000,000,000 | ---D | C] -- C:\Users\builder7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
[2013/09/07 18:13:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2013/09/07 16:53:37 | 000,000,000 | ---D | C] -- C:\Users\builder7\AppData\Roaming\EurekaLog
[2013/09/07 16:34:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013/09/07 16:33:01 | 000,000,000 | ---D | C] -- C:\Users\builder7\Desktop\mbar
[2013/09/07 13:20:35 | 000,000,000 | ---D | C] -- C:\Users\builder7\Desktop\SpybotPortable
[2013/09/07 00:58:12 | 000,045,936 | ---- | C] (GFI Software) -- C:\Windows\SysNative\sbbd.exe
[2013/09/07 00:58:11 | 000,057,976 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2013/09/07 00:57:32 | 000,000,000 | ---D | C] -- C:\VIPRERESCUE
[2013/09/06 21:34:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safari
[2013/09/06 12:07:26 | 000,000,000 | ---D | C] -- C:\Users\builder7\Documents\ProcAlyzer Dumps
[2013/09/04 23:25:28 | 000,000,000 | ---D | C] -- C:\Users\builder7\Documents\IrfanView Sandbox
[2013/09/04 22:52:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Association Manager
[2013/09/02 09:49:15 | 000,000,000 | ---D | C] -- C:\Users\builder7\AppData\Local\CounterPath
[2013/09/01 01:37:54 | 000,000,000 | ---D | C] -- C:\Users\builder7\Desktop\Old Firefox Data
[2013/08/31 13:59:00 | 000,000,000 | ---D | C] -- C:\Users\builder7\AppData\Roaming\SpeedyPC Software
[2013/08/31 13:59:00 | 000,000,000 | ---D | C] -- C:\Users\builder7\AppData\Roaming\DriverCure
[2013/08/31 13:58:25 | 000,000,000 | ---D | C] -- C:\Users\builder7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedyPC Software
[2013/08/29 23:56:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xirrus
[2013/08/29 23:56:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xirrus
[2013/08/29 23:53:16 | 000,000,000 | ---D | C] -- C:\Users\builder7\AppData\Roaming\Xirrus
[2013/08/27 20:49:58 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2013/08/27 20:49:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager
[2013/08/27 20:49:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager
[2013/08/27 16:59:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Analyzer
[2013/08/27 16:59:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Analyzer
[2013/08/17 15:16:29 | 000,000,000 | ---D | C] -- C:\Users\builder7\djigzo-virtual-appliance-2.5.0-4
[2013/08/17 15:12:44 | 000,067,664 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmx86.sys
[2013/08/17 15:12:39 | 000,033,360 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\VMkbd.sys
[2013/08/17 15:11:46 | 000,357,456 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnetdhcp.exe
[2013/08/17 15:11:38 | 000,436,304 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnat.exe
[2013/08/17 15:11:37 | 000,030,800 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmnetuserif.sys
[2013/08/17 15:11:24 | 000,933,968 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vnetlib64.dll
[2013/08/17 15:11:08 | 000,052,376 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\hcmon.sys
[2013/08/03 14:30:35 | 015,641,088 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/09/13 10:56:55 | 000,885,252 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/09/13 10:56:55 | 000,736,028 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/09/13 10:56:55 | 000,148,012 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/09/12 09:15:09 | 000,002,114 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk
[2013/09/12 09:15:08 | 015,641,088 | ---- | M] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
[2013/09/12 09:15:08 | 000,002,114 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
[2013/09/12 09:15:08 | 000,001,192 | ---- | M] () -- C:\Users\builder7\Application Data\Microsoft\Internet Explorer\Quick Launch\My LastPass Vault.lnk
[2013/09/12 09:14:44 | 000,001,192 | ---- | M] () -- C:\Users\Public\Desktop\My LastPass Vault.lnk
[2013/09/11 18:56:33 | 000,001,137 | ---- | M] () -- C:\Users\builder7\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2013/09/11 18:56:33 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/09/11 16:45:28 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/09/11 14:51:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/11 14:51:48 | 2146,832,383 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/11 14:43:23 | 000,025,232 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/11 14:43:23 | 000,025,232 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/11 14:35:47 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/11 14:35:45 | 000,000,514 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Update Version3 Startup Task.job
[2013/09/11 14:35:44 | 000,000,029 | ---- | M] () -- C:\Windows\SysWow64\TempWmicBatchFile.bat
[2013/09/11 12:04:02 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/11 11:52:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/09/11 02:15:30 | 000,000,418 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Pro.job
[2013/09/10 23:51:48 | 000,002,070 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013/09/10 23:42:18 | 000,132,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013/09/10 23:42:18 | 000,105,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013/09/10 23:42:18 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013/09/10 23:20:10 | 000,001,101 | ---- | M] () -- C:\Users\builder7\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2013/09/10 23:20:10 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2013/09/10 15:19:30 | 000,000,872 | ---- | M] () -- C:\Users\builder7\Application Data\Microsoft\Internet Explorer\Quick Launch\UltraDefrag.lnk
[2013/09/10 15:19:30 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\UltraDefrag.lnk
[2013/09/10 15:00:26 | 000,009,260 | ---- | M] () -- C:\Users\Public\Documents\cc_20130910_145934.reg
[2013/09/08 18:00:00 | 000,000,490 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Registration3.job
[2013/09/08 14:15:00 | 000,000,462 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Update Version3.job
[2013/09/08 00:16:48 | 000,001,046 | ---- | M] () -- C:\Users\Public\Desktop\Password Agent.lnk
[2013/09/07 21:55:34 | 000,000,315 | ---- | M] () -- C:\Windows\wininit.ini
[2013/09/07 18:13:34 | 000,003,221 | ---- | M] () -- C:\Users\builder7\Desktop\Sophos Virus Removal Tool.lnk
[2013/09/07 00:58:22 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\SBRC.dat
[2013/09/06 21:34:44 | 000,002,515 | ---- | M] () -- C:\Users\builder7\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2013/09/06 21:34:44 | 000,002,491 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2013/09/06 12:54:54 | 000,011,747 | ---- | M] () -- C:\Users\builder7\Desktop\passwordSec.pwa - Shortcut.lnk
[2013/09/06 12:52:56 | 000,011,738 | ---- | M] () -- C:\Users\builder7\Desktop\CardsBak.pwa - Shortcut (2).lnk
[2013/09/06 12:52:20 | 000,011,730 | ---- | M] () -- C:\Users\builder7\Desktop\Cards2.pwa - Shortcut.lnk
[2013/09/06 12:52:14 | 000,011,735 | ---- | M] () -- C:\Users\builder7\Desktop\Cards2.old3 - Shortcut.lnk
[2013/09/06 12:52:09 | 000,011,735 | ---- | M] () -- C:\Users\builder7\Desktop\Cards2.old2 - Shortcut.lnk
[2013/09/06 12:52:05 | 000,011,735 | ---- | M] () -- C:\Users\builder7\Desktop\Cards2.old1 - Shortcut.lnk
[2013/09/06 12:15:36 | 000,012,976 | ---- | M] () -- C:\Users\builder7\Desktop\Cards.pwa - Shortcut.lnk
[2013/09/06 12:15:22 | 000,013,011 | ---- | M] () -- C:\Users\builder7\Desktop\CardsBak.pwa - Shortcut.lnk
[2013/09/05 21:23:35 | 000,007,669 | ---- | M] () -- C:\Users\builder7\AppData\Local\resmon.resmoncfg
[2013/09/05 07:48:55 | 000,035,344 | ---- | M] () -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys
[2013/09/01 15:58:38 | 000,000,891 | ---- | M] () -- C:\Quarantine.lst
[2013/08/31 13:58:25 | 000,001,205 | ---- | M] () -- C:\Users\builder7\Desktop\SpeedyPC Pro.lnk
[2013/08/29 23:56:34 | 000,001,266 | ---- | M] () -- C:\Users\Public\Desktop\Xirrus Wi-Fi Inspector.lnk
[2013/08/29 23:56:34 | 000,001,244 | ---- | M] () -- C:\Users\builder7\Application Data\Microsoft\Internet Explorer\Quick Launch\Xirrus Wi-Fi Inspector.lnk
[2013/08/27 17:03:38 | 000,000,947 | ---- | M] () -- C:\Users\builder7\Desktop\Analyzer.lnk
[2013/08/27 16:53:22 | 000,001,284 | ---- | M] () -- C:\Users\builder7\AppData\Local\recently-used.xbel
[2013/08/24 18:20:31 | 000,010,614 | ---- | M] () -- C:\Users\Public\Documents\cc_20130824_182027.reg
[2013/08/24 18:16:33 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/08/17 15:10:39 | 000,002,120 | ---- | M] () -- C:\Users\Public\Desktop\VMware Player.lnk
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/09/12 09:15:09 | 000,002,114 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk
[2013/09/12 09:15:08 | 000,002,114 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
[2013/09/12 09:15:07 | 000,001,192 | ---- | C] () -- C:\Users\builder7\Application Data\Microsoft\Internet Explorer\Quick Launch\My LastPass Vault.lnk
[2013/09/12 09:14:44 | 000,001,192 | ---- | C] () -- C:\Users\Public\Desktop\My LastPass Vault.lnk
[2013/09/11 18:56:33 | 000,001,137 | ---- | C] () -- C:\Users\builder7\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2013/09/11 18:56:33 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/09/10 23:20:10 | 000,001,101 | ---- | C] () -- C:\Users\builder7\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
[2013/09/10 23:20:10 | 000,001,077 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
[2013/09/10 14:59:56 | 000,009,260 | ---- | C] () -- C:\Users\Public\Documents\cc_20130910_145934.reg
[2013/09/08 11:26:01 | 000,002,070 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013/09/08 00:16:48 | 000,001,046 | ---- | C] () -- C:\Users\Public\Desktop\Password Agent.lnk
[2013/09/07 18:13:34 | 000,003,221 | ---- | C] () -- C:\Users\builder7\Desktop\Sophos Virus Removal Tool.lnk
[2013/09/07 00:58:22 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\SBRC.dat
[2013/09/06 21:34:44 | 000,002,515 | ---- | C] () -- C:\Users\builder7\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2013/09/06 21:34:44 | 000,002,503 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
[2013/09/06 21:34:44 | 000,002,491 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2013/09/06 17:44:16 | 000,001,346 | ---- | C] () -- C:\Quarantine.reg
[2013/09/06 17:44:07 | 000,000,891 | ---- | C] () -- C:\Quarantine.lst
[2013/09/06 12:54:54 | 000,011,747 | ---- | C] () -- C:\Users\builder7\Desktop\passwordSec.pwa - Shortcut.lnk
[2013/09/06 12:52:56 | 000,011,738 | ---- | C] () -- C:\Users\builder7\Desktop\CardsBak.pwa - Shortcut (2).lnk
[2013/09/06 12:52:20 | 000,011,730 | ---- | C] () -- C:\Users\builder7\Desktop\Cards2.pwa - Shortcut.lnk
[2013/09/06 12:52:14 | 000,011,735 | ---- | C] () -- C:\Users\builder7\Desktop\Cards2.old3 - Shortcut.lnk
[2013/09/06 12:52:09 | 000,011,735 | ---- | C] () -- C:\Users\builder7\Desktop\Cards2.old2 - Shortcut.lnk
[2013/09/06 12:52:05 | 000,011,735 | ---- | C] () -- C:\Users\builder7\Desktop\Cards2.old1 - Shortcut.lnk
[2013/09/06 12:15:36 | 000,012,976 | ---- | C] () -- C:\Users\builder7\Desktop\Cards.pwa - Shortcut.lnk
[2013/09/06 12:15:22 | 000,013,011 | ---- | C] () -- C:\Users\builder7\Desktop\CardsBak.pwa - Shortcut.lnk
[2013/09/05 07:48:55 | 000,035,344 | ---- | C] () -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys
[2013/08/31 13:58:25 | 000,001,205 | ---- | C] () -- C:\Users\builder7\Desktop\SpeedyPC Pro.lnk
[2013/08/29 23:56:34 | 000,001,266 | ---- | C] () -- C:\Users\Public\Desktop\Xirrus Wi-Fi Inspector.lnk
[2013/08/29 23:56:34 | 000,001,244 | ---- | C] () -- C:\Users\builder7\Application Data\Microsoft\Internet Explorer\Quick Launch\Xirrus Wi-Fi Inspector.lnk
[2013/08/27 16:59:41 | 000,000,947 | ---- | C] () -- C:\Users\builder7\Desktop\Analyzer.lnk
[2013/08/27 16:53:22 | 000,001,284 | ---- | C] () -- C:\Users\builder7\AppData\Local\recently-used.xbel
[2013/08/24 18:20:29 | 000,010,614 | ---- | C] () -- C:\Users\Public\Documents\cc_20130824_182027.reg
[2013/08/14 22:45:20 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013/08/11 21:13:58 | 040,794,068 | ---- | C] () -- C:\Users\builder7\iSpy64_5_3_8_0.zip
[2013/07/25 10:33:23 | 040,782,166 | ---- | C] () -- C:\Users\builder7\iSpy64_5_3_4_0.zip
[2013/07/23 11:48:55 | 040,781,495 | ---- | C] () -- C:\Users\builder7\iSpy64_5_3_2_0.zip
[2013/07/14 14:17:38 | 001,176,629 | ---- | C] () -- C:\Users\builder7\ProcessExplorer.zip
[2013/06/12 20:12:11 | 000,042,483 | ---- | C] () -- C:\Windows\ICCCODES.DAT
[2013/06/12 20:12:11 | 000,039,095 | ---- | C] () -- C:\Windows\Iccsigs.dat
[2013/06/12 20:12:11 | 000,000,156 | ---- | C] () -- C:\Windows\KPCMS.INI
[2013/06/12 20:11:59 | 000,210,944 | ---- | C] () -- C:\Windows\SysWow64\MSVCRT10.DLL
[2013/06/12 19:38:18 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\FileOps.exe
[2013/06/04 23:45:52 | 000,001,811 | ---- | C] () -- C:\Users\builder7\SSA Disability Award
[2013/05/10 00:12:40 | 000,199,192 | ---- | C] () -- C:\Users\builder7\Crossbow_with_trigger_flipped.stl
[2013/05/08 09:27:41 | 052,980,714 | ---- | C] () -- C:\Users\builder7\audiodoc-2.2.1.zip
[2013/04/09 13:18:12 | 000,000,315 | ---- | C] () -- C:\Windows\wininit.ini
[2013/04/04 21:15:27 | 004,678,826 | R--- | C] () -- C:\Users\builder7\txpeng700.zip
[2013/04/03 20:04:40 | 000,773,120 | ---- | C] () -- C:\Users\builder7\SDM_EN.msi
[2013/04/02 16:20:17 | 000,150,816 | ---- | C] () -- C:\Windows\SysWow64\WIN2PDFS.DLL
[2013/04/02 16:20:16 | 000,000,002 | ---- | C] () -- C:\Windows\1way.ini
[2013/03/30 00:21:07 | 001,169,609 | ---- | C] () -- C:\Windows\unins000.exe
[2013/03/30 00:21:07 | 000,085,627 | ---- | C] () -- C:\Windows\unins000.dat
[2013/02/15 14:53:24 | 002,582,876 | ---- | C] () -- C:\Users\builder7\GetFoldersizePortable.zip
[2013/02/01 00:28:00 | 384,246,784 | ---- | C] () -- C:\Users\builder7\Outlook.pst
[2012/12/11 22:43:40 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\APmpg4v1.dll
[2012/11/28 19:48:02 | 000,000,023 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2012/11/27 11:43:04 | 000,000,000 | ---- | C] () -- C:\Users\builder7\InSDIDer 2.1.gpx
[2012/11/18 11:39:46 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/11/18 11:39:46 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/11/18 11:39:46 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/11/18 11:39:46 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/11/18 11:39:46 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/10/28 21:33:23 | 000,002,722 | ---- | C] () -- C:\Users\builder7\.dbshell
[2012/10/28 21:31:55 | 000,000,000 | ---- | C] () -- C:\Users\builder7\.mongorc.js
[2012/09/21 19:21:56 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/09/19 21:22:52 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
[2012/09/10 05:57:56 | 002,468,520 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2012/09/10 05:57:56 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2012/09/10 05:57:55 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2012/09/10 05:57:55 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2012/09/10 05:57:55 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2012/08/10 21:11:27 | 000,001,311 | ---- | C] () -- C:\Windows\SysWow64\DfsMgmt.dll.config
[2012/08/10 21:09:26 | 000,001,315 | ---- | C] () -- C:\Windows\DfsrAdmin.exe.config
[2012/07/30 15:00:10 | 000,004,096 | -H-- | C] () -- C:\Users\builder7\AppData\Local\keyfile3.drm
[2012/07/29 17:17:45 | 000,838,273 | ---- | C] () -- C:\Users\builder7\AppData\Local\census.cache
[2012/07/29 17:16:02 | 000,152,139 | ---- | C] () -- C:\Users\builder7\AppData\Local\ars.cache
[2012/07/26 18:14:54 | 001,917,028 | ---- | C] () -- C:\Users\builder7\numberplate.zip
[2012/07/25 23:13:12 | 007,118,848 | ---- | C] () -- C:\ProgramData\sandra.mda
[2012/07/20 12:40:59 | 000,000,036 | ---- | C] () -- C:\Users\builder7\AppData\Local\housecall.guid.cache
[2012/07/10 20:59:10 | 000,622,969 | R--- | C] () -- C:\Users\builder7\face.zip
[2012/06/12 12:19:22 | 000,003,584 | ---- | C] () -- C:\Users\builder7\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/30 22:22:57 | 000,877,374 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/05/27 13:22:45 | 000,007,669 | ---- | C] () -- C:\Users\builder7\AppData\Local\resmon.resmoncfg
[2012/05/25 14:54:38 | 000,000,288 | ---- | C] () -- C:\Users\builder7\AppData\Roaming\.backup.dm
[2012/05/19 21:48:09 | 000,000,266 | ---- | C] () -- C:\Users\builder7\.JavaPowUpload.properties
[2012/05/12 18:14:33 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/05/09 13:48:49 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2012/05/09 13:48:49 | 000,013,368 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2012/05/09 13:48:41 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2012/05/09 13:48:41 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2012/05/08 12:00:59 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
[2012/05/08 12:00:59 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\clauth2.dll
[2012/05/08 12:00:59 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\clauth1.dll
[2012/05/08 12:00:59 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
[2012/05/08 12:00:59 | 000,000,073 | ---- | C] () -- C:\Windows\SysWow64\ssprs.dll
[2011/09/20 03:22:32 | 004,009,984 | ---- | C] () -- C:\Windows\SysWow64\gs_h264_dec.dll
[2011/09/20 03:01:44 | 000,839,694 | ---- | C] () -- C:\Windows\SysWow64\avcodec-52.dll
[2011/09/20 03:01:44 | 000,097,294 | ---- | C] () -- C:\Windows\SysWow64\avutil-50.dll

========== ZeroAccess Check ==========

[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/26 23:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/26 22:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/04/02 17:13:40 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\4Team
[2013/07/05 00:57:59 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\Ad-Aware Antivirus
[2013/04/27 18:09:43 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\AllDup
[2012/05/30 22:24:14 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\Ashisoft
[2012/09/06 22:24:53 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\AVG2012
[2013/09/14 11:48:10 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\BitComet
[2012/07/24 19:51:27 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\Canon
[2013/08/08 21:32:24 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/11/14 12:43:02 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
[2013/07/25 10:27:47 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\ConverterLite
[2013/08/31 13:59:00 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\DriverCure
[2013/03/07 14:42:43 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\Dropbox
[2013/05/09 18:33:52 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\DVDVideoSoft
[2013/05/09 18:33:52 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\DVDVideoSoftIEHelpers
[2013/04/03 19:53:06 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\e-academy Inc
[2013/08/08 22:11:45 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\Easy Duplicate Finder
[2012/12/18 19:54:35 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\EasyDuplicateFinder
[2013/09/07 16:53:37 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\EurekaLog
[2013/07/12 21:56:55 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\FileZilla
[2013/03/23 17:31:46 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\GetRightToGo
[2012/08/11 10:47:27 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\GHISLER
[2013/05/09 12:07:00 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\gtk-2.0
[2013/09/04 23:29:27 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\IrfanView
[2013/09/13 13:26:03 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\iSpy
[2013/07/15 09:47:51 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\iSpyServer
[2012/06/05 12:59:05 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\JGsoft
[2012/08/14 20:14:34 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\KeePass
[2012/07/23 11:24:45 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\LibreOffice
[2013/05/22 00:29:18 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\Moonchild Productions
[2013/04/01 21:27:47 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\NetBeans
[2013/03/03 16:13:16 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\Notepad++
[2013/04/24 10:11:00 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\Nucleon Software
[2013/07/03 02:35:45 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\PCHC
[2013/05/09 11:33:49 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\Pegasus Mail
[2013/04/12 08:29:07 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\player
[2013/02/27 10:01:33 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\QuickScan
[2012/05/27 09:36:52 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\SanDisk
[2012/05/25 14:58:03 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\SanDisk SecureAccess
[2012/12/10 12:38:00 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\Scribus
[2013/09/08 23:23:57 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\Software Informer
[2013/08/31 13:59:00 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\SpeedyPC Software
[2013/03/24 15:21:35 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\SpiderOak
[2013/04/03 19:59:35 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\Strongvault
[2012/11/19 11:59:20 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\TeamViewer
[2012/05/14 19:01:42 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\Thunderbird
[2013/05/12 15:17:31 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\Waterfox Limited
[2013/01/05 10:55:56 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\Wireshark
[2013/04/02 17:12:15 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\XemiComputers
[2013/08/29 23:53:16 | 000,000,000 | ---D | M] -- C:\Users\builder7\AppData\Roaming\Xirrus

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 312 bytes -> C:\ProgramData\TEMP:9A870F8B
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:12DCF8FC

< End of report >
  • 0

#4
Phel

Phel

    Trusted Helper

  • Malware Removal
  • 1,386 posts
Hello,

Can you please list all files, whose were marked as infected by Malicious Software Removal Tool?

Warning! You are using 2 Antivirus products in one system.

I have noticed, that you are using 2 antiviruses - BitDefender and Avira in one computer. It can lead to several hangs and in the worst case - to the crash of the whole system. It could be the reason, why your computer is so slow. So, please, remove one of these AV's, and keep in your PC only one antivirus program installed.

I don't see any active malware on this computer, but let's examine it deeper.

  • Run OTL.
  • Click on Scan All Users checkbox, which is located near Quick Scan button.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

    BASESERVICES
  • Then click the Run Scan button at the top.
  • Let the program run unhindered.
  • When the scan completes, it will open notepad window - OTL.Txt. This is saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file and post them in your topic.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP