Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Infected with zpyemhvct.exe


  • Please log in to reply

#1
Vako

Vako

    New Member

  • Member
  • Pip
  • 7 posts
A bunch of my programs wont even connect to the internet. My FTP software went crazy and doesnt even connect. My AV got dismantled to the point that even that i uninstalled it and cant even install it back again.

Its driving me crazy and I dont know what to do. Please assist me here. Thanks.


OTL logfile created on: 11/2/2013 4:53:12 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\TxnerT\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 5.63 Gb Available Physical Memory | 70.42% Memory free
9.99 Gb Paging File | 6.97 Gb Available in Paging File | 69.70% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 169.91 Gb Total Space | 103.18 Gb Free Space | 60.73% Space Free | Partition Type: NTFS
Drive D: | 48.39 Gb Total Space | 33.92 Gb Free Space | 70.10% Space Free | Partition Type: NTFS
Drive H: | 931.51 Gb Total Space | 819.35 Gb Free Space | 87.96% Space Free | Partition Type: NTFS

Computer Name: LEGEND | User Name: TxnerT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/02 16:51:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\TxnerT\Downloads\OTL.exe
PRC - [2013/10/26 02:21:09 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
PRC - [2013/10/08 20:02:45 | 000,844,752 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/10/03 22:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2013/10/01 08:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013/10/01 08:14:39 | 012,631,904 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
PRC - [2013/10/01 08:05:43 | 000,195,936 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
PRC - [2013/10/01 00:05:29 | 000,274,840 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/09/25 21:55:10 | 001,358,944 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
PRC - [2013/09/25 21:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2013/08/08 20:52:41 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/06/26 16:19:34 | 001,006,112 | ---- | M] () -- C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 8\WVSScheduler.exe
PRC - [2013/05/11 06:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/07 15:42:10 | 002,109,440 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtWLan.exe
PRC - [2012/05/10 10:38:06 | 000,036,864 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe
PRC - [2012/04/07 01:30:16 | 006,639,870 | ---- | M] () -- C:\Program Files (x86)\Common Files\Adobe\Adobe Flash Player\flashplayer_update.exe
PRC - [2010/05/21 13:34:38 | 000,013,624 | ---- | M] (Alienware) -- C:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exe
PRC - [2010/05/21 13:33:48 | 000,063,304 | ---- | M] (Alienware Corporation) -- C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
PRC - [2010/05/21 09:38:54 | 000,016,704 | ---- | M] () -- C:\Program Files\Alienware\Command Center\AlienFusionController.exe
PRC - [2010/04/04 14:44:10 | 000,095,560 | ---- | M] (Sensible Vision ) -- C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe
PRC - [2010/04/04 14:44:08 | 001,992,008 | ---- | M] (Sensible Vision ) -- C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe
PRC - [2010/04/04 14:43:38 | 002,409,800 | ---- | M] (Sensible Vision ) -- C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe
PRC - [2009/09/10 04:08:32 | 000,094,208 | ---- | M] (Microsoft) -- C:\Program Files\OSD\OSD_Main.exe
PRC - [2009/02/20 13:13:04 | 000,013,312 | ---- | M] () -- C:\Program Files\OSD\Service1.exe
PRC - [2009/02/19 14:45:42 | 000,020,480 | ---- | M] (Alienware Corporation) -- C:\Program Files\OSD\Launch_CC.exe


========== Modules (No Company Name) ==========

MOD - [2013/10/26 02:21:08 | 016,233,864 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
MOD - [2013/10/11 03:38:53 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\8f5b881951592b2fd05f710650bf7e04\System.Core.ni.dll
MOD - [2013/10/11 03:34:54 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll
MOD - [2013/10/11 03:34:40 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/10/11 03:34:33 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll
MOD - [2013/10/11 03:34:23 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
MOD - [2013/10/11 03:34:18 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/10/08 20:02:43 | 000,415,184 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll
MOD - [2013/10/08 20:02:41 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll
MOD - [2013/10/08 20:01:50 | 000,698,832 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
MOD - [2013/10/08 20:01:49 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libegl.dll
MOD - [2013/10/08 20:01:47 | 001,604,560 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
MOD - [2013/10/01 00:05:29 | 003,279,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/08/14 03:35:54 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll
MOD - [2013/08/14 03:29:25 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\764054efc88f51b54c8d7e44df26b671\System.Data.ni.dll
MOD - [2013/08/14 03:28:58 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/14 03:28:40 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c949e6e8d206e0d33d11ff711eda2745\System.Xml.ni.dll
MOD - [2013/08/14 03:28:32 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/07/11 03:33:10 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/03/19 04:35:22 | 004,790,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienwareAlienFXModelResources\1.0.92.0__bebb3c8816410241\AlienwareAlienFXModelResources.dll
MOD - [2013/03/19 04:35:22 | 000,443,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienwareAlienFXTools\1.0.92.0__bebb3c8816410241\AlienwareAlienFXTools.dll
MOD - [2013/03/19 04:35:22 | 000,075,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienLabsTools\1.0.92.0__bebb3c8816410241\AlienLabsTools.dll
MOD - [2013/03/19 04:35:22 | 000,037,712 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Alienlabs.CommandCenter.Tools\1.0.92.0__bebb3c8816410241\Alienlabs.CommandCenter.Tools.dll
MOD - [2013/03/19 04:35:22 | 000,036,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x514\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x514.dll
MOD - [2013/03/19 04:35:22 | 000,028,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x516\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x516.dll
MOD - [2013/03/19 04:35:22 | 000,027,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x515\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x515.dll
MOD - [2013/03/19 04:35:22 | 000,027,424 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LightFX\1.0.92.0__bebb3c8816410241\LightFX.dll
MOD - [2013/03/19 04:35:22 | 000,025,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.DeviceDiscovery\1.0.92.0__bebb3c8816410241\AlienFX.DeviceDiscovery.dll
MOD - [2013/03/19 04:35:22 | 000,024,904 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.XPS\1.0.92.0__bebb3c8816410241\AlienFX.Communication.XPS.dll
MOD - [2013/03/19 04:35:22 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienLabs.MasterIOBoard.Communication\1.0.92.0__bebb3c8816410241\AlienLabs.MasterIOBoard.Communication.dll
MOD - [2013/03/19 04:35:22 | 000,008,192 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienLabs.MasterIOBoard.Communication.Core\1.0.92.0__bebb3c8816410241\AlienLabs.MasterIOBoard.Communication.Core.dll
MOD - [2013/03/19 04:35:21 | 000,037,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x511\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x511.dll
MOD - [2013/03/19 04:35:21 | 000,036,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x512\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x512.dll
MOD - [2013/03/19 04:35:21 | 000,019,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x513\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x513.dll
MOD - [2013/03/19 04:35:21 | 000,017,224 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.Core\1.0.92.0__bebb3c8816410241\AlienFX.Communication.Core.dll
MOD - [2013/03/19 04:35:21 | 000,011,584 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication\1.0.92.0__bebb3c8816410241\AlienFX.Communication.dll
MOD - [2012/04/07 01:30:16 | 006,639,870 | ---- | M] () -- C:\Program Files (x86)\Common Files\Adobe\Adobe Flash Player\flashplayer_update.exe
MOD - [2010/11/20 23:24:08 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/05/21 09:39:00 | 000,154,424 | ---- | M] () -- C:\Program Files\Alienware\Command Center\AlienFusionDomain.dll
MOD - [2010/05/21 09:38:54 | 000,016,704 | ---- | M] () -- C:\Program Files\Alienware\Command Center\AlienFusionController.exe
MOD - [2010/04/04 14:45:06 | 000,089,416 | ---- | M] () -- C:\Windows\SysWOW64\FAIEExtension.dll
MOD - [2010/04/04 14:44:12 | 000,059,208 | ---- | M] () -- C:\Windows\SysWOW64\FAib.dll
MOD - [2010/04/04 14:42:44 | 000,247,624 | ---- | M] () -- C:\Windows\SysWOW64\FACrashRpt.dll


========== Services (SafeList) ==========

SRV:64bit: - [2010/12/28 04:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [On_Demand | Stopped] -- C:\Program Files\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV:64bit: - [2010/05/21 09:39:22 | 000,014,648 | ---- | M] (Alienware) [Auto | Running] -- C:\Program Files\Alienware\Command Center\AlienFusionService.exe -- (AlienFusionService)
SRV:64bit: - [2010/04/04 14:43:38 | 002,409,800 | ---- | M] (Sensible Vision ) [Auto | Running] -- C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe -- (FAService)
SRV:64bit: - [2009/02/20 13:13:04 | 000,013,312 | ---- | M] () [Auto | Running] -- C:\Program Files\OSD\Service1.exe -- (CustomSvc)
SRV - [2013/10/30 06:23:43 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/26 02:21:09 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/03 22:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/10/01 08:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/09/25 21:55:10 | 001,358,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgfws.exe -- (avgfws)
SRV - [2013/09/25 21:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2013/09/23 11:10:16 | 002,099,512 | ---- | M] (AVG) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2013/09/13 18:24:32 | 000,350,792 | ---- | M] (Verizon) [Disabled | Stopped] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/08/08 20:52:41 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/06/26 16:19:34 | 001,006,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 8\WVSScheduler.exe -- (AcuWVSSchedulerv8)
SRV - [2013/05/30 11:19:36 | 000,016,000 | ---- | M] (Seagate Technology LLC) [Disabled | Stopped] -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe -- (Seagate Dashboard Services)
SRV - [2013/05/11 06:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/19 17:03:24 | 000,489,256 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/05/10 10:38:06 | 000,036,864 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe -- (RealtekCU)
SRV - [2011/08/03 07:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/09/26 09:44:54 | 000,057,144 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2013/09/25 21:07:30 | 000,148,792 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2013/09/08 22:11:42 | 000,031,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2013/09/02 10:59:14 | 000,212,280 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/09/02 10:29:18 | 000,294,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/09/02 10:26:50 | 000,192,824 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/09/02 10:26:42 | 000,241,464 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/08/20 22:53:58 | 000,123,704 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013/08/19 01:57:27 | 006,544,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2013/08/09 01:13:08 | 002,355,416 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTWlanU.sys -- (RtlWlanu)
DRV:64bit: - [2013/08/01 16:07:06 | 000,251,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2013/07/13 02:44:57 | 000,035,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2013/05/09 16:36:16 | 000,076,288 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsn64.sys -- (risdptsk)
DRV:64bit: - [2013/05/09 16:35:26 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2013/05/09 16:35:23 | 000,067,072 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2013/05/09 16:35:19 | 000,054,784 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2013/05/07 21:52:00 | 000,020,024 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/08/24 03:56:56 | 000,126,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/15 13:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/11 09:35:24 | 000,806,400 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192cu.sys -- (RTL8192cu)
DRV:64bit: - [2010/11/20 23:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/09/30 15:00:06 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/09/30 15:00:06 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/08/12 12:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2010/07/13 08:57:08 | 000,069,736 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\itecir.sys -- (itecir)
DRV:64bit: - [2009/12/30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/10/23 13:27:12 | 000,307,760 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/09/24 22:36:14 | 000,238,848 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\facap.sys -- (FACAP)
DRV:64bit: - [2008/07/25 15:30:36 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | On_Demand | Running] -- C:\Program Files\OSD\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2013/09/18 11:14:34 | 000,014,112 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2013/07/13 02:26:43 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2011/06/02 10:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.c...MPIXc9QS694GYDw
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7BB042753D-F57E-4e8e-A01B-7379A6D4CEFB%7D:1.35
FF - prefs.js..extensions.enabledAddons: donottrackplus%40abine.com:2.2.9.618
FF - prefs.js..extensions.enabledAddons: %7Be5bbc237-c99b-4ced-a061-0be27703295f%7D:1.1
FF - prefs.js..extensions.enabledAddons: %7B4093c4de-454a-4329-8aff-c6b0b123c386%7D:0.8.12
FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.7.3
FF - prefs.js..extensions.enabledAddons: zigboom%40ymail.com:2.1.1
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: 0
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@ieinspector.com/ha_plugin: C:\Program Files (x86)\IEInspector\HTTPAnalyzerFullV7\firefox\Components File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\TxnerT\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/10/01 00:05:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/10/08 21:29:43 | 000,000,000 | ---D | M]

[2013/03/19 04:09:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Extensions
[2013/10/25 14:53:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions
[2013/03/19 05:10:33 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2013/07/12 00:24:38 | 000,000,000 | ---D | M] (DoNotTrackMe) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\[email protected]
[2013/10/05 12:10:18 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\[email protected]
[2013/09/26 22:38:08 | 000,000,000 | ---D | M] (LavaFox V2) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\[email protected]
[2013/09/28 20:05:02 | 000,000,000 | ---D | M] (LavaFox V2-Green) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\[email protected]
[2013/10/04 22:37:56 | 000,070,694 | ---- | M] () (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\[email protected]
[2013/06/11 19:45:56 | 000,021,637 | ---- | M] () (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\[email protected]
[2013/08/18 22:03:57 | 000,019,225 | ---- | M] () (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\[email protected]
[2013/10/25 14:53:44 | 000,348,260 | ---- | M] () (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\[email protected]
[2013/10/19 16:49:46 | 000,135,673 | ---- | M] () (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\{4093c4de-454a-4329-8aff-c6b0b123c386}.xpi
[2013/10/09 21:43:44 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/08/18 22:08:53 | 000,013,041 | ---- | M] () (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\{e5bbc237-c99b-4ced-a061-0be27703295f}.xpi
[2013/10/01 00:05:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\Extensions
[2013/10/01 00:05:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/10/01 00:05:30 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/01/12 04:58:30 | 000,917,816 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: BitCometAgent (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npBitCometAgent.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\TxnerT\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Better Pop Up Blocker = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpeeekfhbmikbdhlpjbfmnpgcbeggic\2.1.6_0\
CHR - Extension: Gmail = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Google Docs = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Better Pop Up Blocker = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpeeekfhbmikbdhlpjbfmnpgcbeggic\2.1.6_0\
CHR - Extension: Gmail = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/07/14 02:15:47 | 000,449,390 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 15458 more lines...
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (SSOIEAddonBHO Class) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files\Alienware\Command Center\AlienSense\FAIESSO.dll (Sensible Vision )
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [AlienFX Controller] C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (Alienware Corporation)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DBAgent] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe (Seagate Technology LLC)
O4 - HKLM..\Run: [FAStartup] File not found
O4 - HKLM..\Run: [FATrayAlert] C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe (Sensible Vision )
O4 - HKLM..\Run: [OSD] c:\Program Files\OSD\Launch.exe (HH)
O4 - HKCU..\Run: [] C:\Users\TxnerT\AppData\Roaming\Explorer\Explorer.exe File not found
O4 - HKCU..\Run: [Explorer] C:\Users\TxnerT\AppData\Local\Temp\Explorer\Explorer.exe ()
O4 - HKCU..\Run: [Launch_CC] c:\Program Files\OSD\Launch_CC.exe (Alienware Corporation)
O4 - HKCU..\Run: [LightShot] C:\Users\TxnerT\AppData\Local\Skillbrains\lightshot\LightShot.exe ()
O4 - HKCU..\Run: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (Seagate Technology LLC)
O4 - HKCU..\Run: [USB 2.0] C:\Program Files (x86)\Windows NT\usb2.0.exe (Mircosoft Corporation )
O4 - HKCU..\Run: [Win Update] C:\Users\TxnerT\AppData\Local\Temp\Win Update\Win Update.exe ()
O4 - Startup: C:\Users\TxnerT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zpyemhvct.exe (Hewlett-Packard Company)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{62C0D2E2-E787-4D21-8178-27121C96333C}: DhcpNameServer = 196.3.81.5 200.88.127.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C7328B24-C3A6-4F70-B5D6-CD1E64EF9317}: DhcpNameServer = 10.0.0.1
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - AppInit_DLLs: ({DLL_Str}) - File not found
O20 - AppInit_DLLs: ({DLL_Str}) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\FastAccess: DllName - (C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll) - C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\dashboard.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27:64bit: - HKLM IFEO\displayagent.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27:64bit: - HKLM IFEO\driverscanner.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27:64bit: - HKLM IFEO\dw20.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27:64bit: - HKLM IFEO\excel.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27:64bit: - HKLM IFEO\mc_client_preferences.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27:64bit: - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27:64bit: - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27:64bit: - HKLM IFEO\mspview.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27:64bit: - HKLM IFEO\mstore.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27:64bit: - HKLM IFEO\ois.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27:64bit: - HKLM IFEO\pcdlauncher.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27:64bit: - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27:64bit: - HKLM IFEO\proflwiz.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27:64bit: - HKLM IFEO\steam.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27:64bit: - HKLM IFEO\unins000.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27:64bit: - HKLM IFEO\vz in-home agent_uninst.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27:64bit: - HKLM IFEO\winword.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27 - HKLM IFEO\dashboard.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27 - HKLM IFEO\displayagent.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27 - HKLM IFEO\driverscanner.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27 - HKLM IFEO\dw20.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27 - HKLM IFEO\excel.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27 - HKLM IFEO\mc_client_preferences.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27 - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27 - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27 - HKLM IFEO\mspview.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27 - HKLM IFEO\mstore.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27 - HKLM IFEO\ois.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27 - HKLM IFEO\pcdlauncher.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27 - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27 - HKLM IFEO\proflwiz.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27 - HKLM IFEO\steam.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27 - HKLM IFEO\unins000.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27 - HKLM IFEO\vz in-home agent_uninst.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O27 - HKLM IFEO\winword.exe: Debugger - C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe (AVG)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/02 16:38:16 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\Desktop\RK_Quarantine
[2013/11/02 16:29:49 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/02 16:19:05 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Local\Avg2014
[2013/11/02 15:02:08 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Explorer
[2013/11/02 14:57:37 | 000,000,000 | -HSD | C] -- C:\Users\TxnerT\AppData\Roaming\msgr
[2013/11/02 14:36:24 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\vertex
[2013/11/02 04:18:32 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\0x90.org
[2013/11/02 04:18:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\0x90.org
[2013/11/02 03:52:46 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\Documents\BSQL Hacker Logs
[2013/11/02 03:29:48 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\Desktop\Pangolin.Professinal.Edition.v3.2.5.1137.incl.Keygen-FFF
[2013/11/02 02:54:56 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Local\BSQLGUI
[2013/11/02 02:47:34 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BSQL Hacker
[2013/10/30 07:41:37 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013/10/30 07:41:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2014
[2013/10/30 07:24:43 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\TuneUp Software
[2013/10/30 07:20:34 | 000,040,248 | ---- | C] (AVG) -- C:\Windows\SysNative\TURegOpt.exe
[2013/10/30 07:20:33 | 000,029,496 | ---- | C] (AVG) -- C:\Windows\SysNative\authuitu.dll
[2013/10/30 07:20:33 | 000,025,400 | ---- | C] (AVG) -- C:\Windows\SysWow64\authuitu.dll
[2013/10/30 07:20:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014
[2013/10/30 07:20:16 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\AVG
[2013/10/30 07:19:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2013/10/30 07:18:21 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG
[2013/10/30 07:18:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[2013/10/30 06:23:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013/10/27 04:22:01 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\Desktop\green icons
[2013/10/27 03:00:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013/10/26 14:47:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/10/26 04:55:02 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\Desktop\DepositfileCracker
[2013/10/26 03:21:40 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Local\gtk-2.0
[2013/10/26 03:21:22 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\.thumbnails
[2013/10/26 03:20:12 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Local\gegl-0.2
[2013/10/26 03:20:12 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\.gimp-2.8
[2013/10/26 02:30:58 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\Documents\GomPlayer
[2013/10/26 02:30:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
[2013/10/26 02:30:36 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\GRETECH
[2013/10/26 02:30:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GRETECH
[2013/10/26 02:24:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2013/10/26 02:02:49 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Serif
[2013/10/26 00:08:44 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\Desktop\VBstuff
[2013/10/25 00:03:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VyprVPN
[2013/10/25 00:03:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VyprVPN
[2013/10/24 23:32:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC SOFT
[2013/10/22 02:54:05 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\Desktop\Dbox
[2013/10/20 18:53:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acunetix Web Vulnerability Scanner 8
[2013/10/20 02:51:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NT OBJECTives
[2013/10/20 02:40:05 | 000,000,000 | ---D | C] -- C:\BlindCat
[2013/10/20 02:26:30 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2013/10/20 02:26:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2013/10/20 02:26:29 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Notepad++
[2013/10/20 02:26:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2013/10/16 18:11:59 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\FileZilla
[2013/10/15 21:32:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/10/15 21:32:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/10/15 21:31:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
[2013/10/15 21:31:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/10/15 21:23:02 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\.ssh
[2013/10/15 21:23:01 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\.sshterm
[2013/10/15 01:28:09 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Local\4A Games
[2013/10/11 19:21:51 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Mavituna Security Ltd
[2013/10/09 16:29:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Citrix
[2013/10/09 16:28:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Citrix
[2013/10/09 16:28:42 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Local\Citrix
[2013/10/07 18:08:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Globalscape
[2013/10/07 18:08:19 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Local\Globalscape
[2013/10/07 18:07:40 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Globalscape
[2013/10/07 18:07:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Globalscape
[2013/10/07 18:07:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Globalscape
[2013/10/05 15:09:12 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\Documents\EA Games
[2013/10/05 15:04:46 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Local\EA Games
[2013/04/06 05:59:12 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\TxnerT\AppData\Roaming\pcouffin.sys
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\TxnerT\AppData\Roaming\*.tmp files -> C:\Users\TxnerT\AppData\Roaming\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/11/02 16:48:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/02 16:44:26 | 000,024,496 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/02 16:44:26 | 000,024,496 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/02 16:37:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/02 14:29:00 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\update-S-1-5-21-3984871074-3827112338-3617424434-1000.job
[2013/11/02 12:14:00 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\update-sys.job
[2013/11/02 03:19:35 | 000,004,925 | ---- | M] () -- C:\ProgramData\aqmmpwnp.hgu
[2013/11/01 14:53:32 | 000,115,900 | ---- | M] () -- C:\Users\TxnerT\Desktop\invitacion.png
[2013/10/31 00:06:01 | 000,091,411 | ---- | M] () -- C:\Users\TxnerT\Desktop\1395096_10151928522486480_916997865_n.jpg
[2013/10/30 15:02:44 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/30 15:02:44 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/30 15:02:34 | 000,288,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/10/30 07:20:22 | 000,002,229 | ---- | M] () -- C:\Users\Public\Desktop\AVG 1-Click Maintenance.lnk
[2013/10/30 07:20:22 | 000,002,203 | ---- | M] () -- C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk
[2013/10/30 06:24:39 | 000,002,114 | ---- | M] () -- C:\Users\TxnerT\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2013/10/30 05:06:21 | 000,117,864 | ---- | M] () -- C:\Users\TxnerT\Desktop\pic_005_clean_790.jpg
[2013/10/29 19:39:34 | 144,790,821 | ---- | M] () -- C:\Users\TxnerT\AppData\Local\ACCCx2_2_0_248.zip.aamdownload
[2013/10/29 19:39:34 | 000,001,817 | ---- | M] () -- C:\Users\TxnerT\AppData\Local\ACCCx2_2_0_248.zip.aamdownload.aamd
[2013/10/26 15:22:36 | 000,032,202 | ---- | M] () -- C:\Users\TxnerT\Desktop\Bar.jpg
[2013/10/26 15:04:36 | 000,000,132 | ---- | M] () -- C:\Users\TxnerT\AppData\Roaming\Adobe GIF Format CS6 Prefs
[2013/10/26 03:25:35 | 000,001,548 | ---- | M] () -- C:\Users\TxnerT\AppData\Local\recently-used.xbel
[2013/10/26 02:15:35 | 000,358,142 | ---- | M] () -- C:\Users\TxnerT\Desktop\VIP Table.swf
[2013/10/25 12:26:00 | 000,009,677 | ---- | M] () -- C:\Users\TxnerT\Desktop\config.php
[2013/10/24 23:56:28 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/10/24 23:56:28 | 000,664,780 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/10/24 23:56:28 | 000,125,484 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/10/20 18:53:42 | 000,000,722 | ---- | M] () -- C:\Windows\WVS_InstDBLogFile.csv
[2013/10/18 06:27:00 | 000,037,070 | ---- | M] () -- C:\Users\TxnerT\Desktop\forumdisplay.php
[2013/10/16 23:41:00 | 000,000,600 | ---- | M] () -- C:\Users\TxnerT\AppData\Local\PUTTY.RND
[2013/10/11 19:07:15 | 000,001,229 | ---- | M] () -- C:\Users\Public\Desktop\Netsparker.lnk
[2013/10/11 03:09:37 | 000,764,746 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/10/09 16:29:37 | 000,000,017 | ---- | M] () -- C:\Users\TxnerT\AppData\Local\resmon.resmoncfg
[2013/10/09 16:28:41 | 000,103,832 | ---- | M] () -- C:\Users\TxnerT\GoToAssistDownloadHelper.exe
[2013/10/09 02:43:26 | 000,000,443 | ---- | M] () -- C:\Users\TxnerT\AppData\Local\UserProducts.xml
[2013/10/06 01:10:30 | 000,087,454 | ---- | M] () -- C:\Users\TxnerT\Desktop\pic_044_clean_790.jpg
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\TxnerT\AppData\Roaming\*.tmp files -> C:\Users\TxnerT\AppData\Roaming\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/11/02 03:19:35 | 000,004,925 | ---- | C] () -- C:\ProgramData\aqmmpwnp.hgu
[2013/11/01 22:58:10 | 000,037,070 | ---- | C] () -- C:\Users\TxnerT\Desktop\forumdisplay.php
[2013/11/01 14:53:32 | 000,115,900 | ---- | C] () -- C:\Users\TxnerT\Desktop\invitacion.png
[2013/10/31 00:06:01 | 000,091,411 | ---- | C] () -- C:\Users\TxnerT\Desktop\1395096_10151928522486480_916997865_n.jpg
[2013/10/30 15:02:12 | 000,288,952 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/10/30 07:20:22 | 000,002,229 | ---- | C] () -- C:\Users\Public\Desktop\AVG 1-Click Maintenance.lnk
[2013/10/30 07:20:22 | 000,002,215 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014.lnk
[2013/10/30 07:20:22 | 000,002,203 | ---- | C] () -- C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk
[2013/10/30 05:06:21 | 000,117,864 | ---- | C] () -- C:\Users\TxnerT\Desktop\pic_005_clean_790.jpg
[2013/10/29 19:39:17 | 144,790,821 | ---- | C] () -- C:\Users\TxnerT\AppData\Local\ACCCx2_2_0_248.zip.aamdownload
[2013/10/29 19:39:17 | 000,001,817 | ---- | C] () -- C:\Users\TxnerT\AppData\Local\ACCCx2_2_0_248.zip.aamdownload.aamd
[2013/10/26 17:01:04 | 000,009,677 | ---- | C] () -- C:\Users\TxnerT\Desktop\config.php
[2013/10/26 15:22:34 | 000,032,202 | ---- | C] () -- C:\Users\TxnerT\Desktop\Bar.jpg
[2013/10/26 15:04:36 | 000,000,132 | ---- | C] () -- C:\Users\TxnerT\AppData\Roaming\Adobe GIF Format CS6 Prefs
[2013/10/26 03:25:35 | 000,001,548 | ---- | C] () -- C:\Users\TxnerT\AppData\Local\recently-used.xbel
[2013/10/26 02:15:22 | 000,358,142 | ---- | C] () -- C:\Users\TxnerT\Desktop\VIP Table.swf
[2013/10/15 21:38:27 | 000,000,600 | ---- | C] () -- C:\Users\TxnerT\AppData\Local\PUTTY.RND
[2013/10/11 19:07:15 | 000,001,229 | ---- | C] () -- C:\Users\Public\Desktop\Netsparker.lnk
[2013/10/09 16:29:37 | 000,000,017 | ---- | C] () -- C:\Users\TxnerT\AppData\Local\resmon.resmoncfg
[2013/10/09 16:28:41 | 000,103,832 | ---- | C] () -- C:\Users\TxnerT\GoToAssistDownloadHelper.exe
[2013/10/06 01:10:28 | 000,087,454 | ---- | C] () -- C:\Users\TxnerT\Desktop\pic_044_clean_790.jpg
[2013/09/28 00:07:15 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013/09/28 00:07:15 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013/08/09 01:38:59 | 000,110,602 | ---- | C] () -- C:\Windows\SysWow64\xcdsfx32.bin
[2013/07/30 04:40:46 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dat
[2013/07/20 23:45:11 | 000,282,696 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/07/20 23:45:04 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/07/16 01:48:59 | 000,120,664 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2013/05/06 16:40:32 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2013/05/05 17:48:39 | 000,200,697 | ---- | C] () -- C:\Windows\SysWow64\poclbm121016GeForce GTX 280Mv1w256l4.bin
[2013/04/30 18:57:23 | 000,000,039 | ---- | C] () -- C:\Windows\spwdrp.INI
[2013/04/06 06:07:20 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2013/04/06 05:59:12 | 000,099,384 | ---- | C] () -- C:\Users\TxnerT\AppData\Roaming\inst.exe
[2013/04/06 05:59:12 | 000,007,859 | ---- | C] () -- C:\Users\TxnerT\AppData\Roaming\pcouffin.cat
[2013/04/06 05:59:12 | 000,001,167 | ---- | C] () -- C:\Users\TxnerT\AppData\Roaming\pcouffin.inf
[2013/04/04 00:43:08 | 000,007,020 | ---- | C] () -- C:\Windows\wininit.ini
[2013/03/31 17:32:29 | 000,000,109 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2013/03/31 17:29:06 | 000,764,746 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/03/26 17:24:40 | 000,043,008 | ---- | C] () -- C:\Windows\SysWow64\libgcc_s_dw2-1.dll
[2013/03/26 17:24:40 | 000,011,362 | ---- | C] () -- C:\Windows\SysWow64\mingwm10.dll
[2013/03/25 15:03:52 | 000,036,864 | ---- | C] () -- C:\Windows\runSW.exe
[2013/03/22 22:07:18 | 000,000,000 | ---- | C] () -- C:\Users\TxnerT\AppData\Local\license.ini
[2013/03/19 16:43:35 | 000,000,443 | ---- | C] () -- C:\Users\TxnerT\AppData\Local\UserProducts.xml
[2013/03/19 05:25:58 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2013/03/19 04:14:56 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe

========== ZeroAccess Check ==========

[2013/06/14 21:05:40 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{c88a1a61-dc37-ee2a-c6fa-9ff7f7fc636d}\L
[2013/06/15 00:21:06 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{c88a1a61-dc37-ee2a-c6fa-9ff7f7fc636d}\U
[2013/06/14 23:49:57 | 000,000,804 | ---- | M] () -- C:\Windows\Installer\{c88a1a61-dc37-ee2a-c6fa-9ff7f7fc636d}\L\00000004.@
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 22:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/10/30 07:20:16 | 000,000,000 | ---D | M] -- C:\Users\TxnerT\AppData\Roaming\AVG
[2013/11/02 16:33:31 | 000,000,000 | ---D | M] -- C:\Users\TxnerT\AppData\Roaming\BitComet
[2013/08/19 18:47:14 | 000,000,000 | ---D | M] -- C:\Users\TxnerT\AppData\Roaming\DarknessII
[2013/08/09 01:38:58 | 000,000,000 | ---D | M] -- C:\Users\TxnerT\AppData\Roaming\Driver Magician
[2013/11/02 15:02:08 | 000,000,000 | ---D | M] -- C:\Users\TxnerT\AppData\Roaming\Explorer
[2013/10/16 18:15:04 | 000,000,000 | ---D | M] -- C:\Users\TxnerT\AppData\Roaming\FileZilla
[2013/10/07 18:07:40 | 000,000,000 | ---D | M] -- C:\Users\TxnerT\AppData\Roaming\Globalscape
[2013/04/16 17:01:32 | 000,000,000 | ---D | M] -- C:\Users\TxnerT\AppData\Roaming\InfraRecorder
[2013/09/06 17:29:21 | 000,000,000 | ---D | M] -- C:\Users\TxnerT\AppData\Roaming\Leadertech
[2013/10/11 19:21:51 | 000,000,000 | ---D | M] -- C:\Users\TxnerT\AppData\Roaming\Mavituna Security Ltd
[2013/11/02 14:57:37 | 000,000,000 | -HSD | M] -- C:\Users\TxnerT\AppData\Roaming\msgr
[2013/10/20 02:47:29 | 000,000,000 | ---D | M] -- C:\Users\TxnerT\AppData\Roaming\Notepad++
[2013/06/26 21:56:37 | 000,000,000 | ---D | M] -- C:\Users\TxnerT\AppData\Roaming\PCDr
[2013/09/06 17:34:25 | 000,000,000 | ---D | M] -- C:\Users\TxnerT\AppData\Roaming\Seagate
[2013/10/26 02:02:49 | 000,000,000 | ---D | M] -- C:\Users\TxnerT\AppData\Roaming\Serif
[2013/07/03 04:25:33 | 000,000,000 | ---D | M] -- C:\Users\TxnerT\AppData\Roaming\SystemRequirementsLab
[2013/06/26 21:58:56 | 000,000,000 | ---D | M] -- C:\Users\TxnerT\AppData\Roaming\TeamViewer
[2013/05/02 22:52:50 | 000,000,000 | ---D | M] -- C:\Users\TxnerT\AppData\Roaming\Thunderbird
[2013/10/30 07:43:02 | 000,000,000 | ---D | M] -- C:\Users\TxnerT\AppData\Roaming\TuneUp Software
[2013/08/08 20:05:53 | 000,000,000 | ---D | M] -- C:\Users\TxnerT\AppData\Roaming\Ubisoft
[2013/11/02 16:34:47 | 000,000,000 | ---D | M] -- C:\Users\TxnerT\AppData\Roaming\Uniblue
[2013/11/02 14:36:24 | 000,000,000 | ---D | M] -- C:\Users\TxnerT\AppData\Roaming\vertex
[2013/04/06 06:02:07 | 000,000,000 | ---D | M] -- C:\Users\TxnerT\AppData\Roaming\Vso

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 168 bytes -> C:\ProgramData\TEMP:0CE7F3C9
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:E9EB8C3A

< End of report >

Attached Files

  • Attached File  OTL.Txt   136.11KB   70 downloads

  • 0

Advertisements


#2
Phel

Phel

    Trusted Helper

  • Malware Removal
  • 1,386 posts
Hello, Vako and welcome to GeeksToGo!

You can call me Phel and this time I will try to help you with your trouble.

Please, spend some time to read these instructions carefully before we start. They contain very useful information.

  • Please, stay with us until the end. I know, Malware Removal isn't very fast procedure, it usually has multiple steps, but you should stay here till your computer will be absolutely clean from malware. If your main problem is solved, that doesn't mean that another malware isn't left in your computer. Your patience will be rewarded with absolutely clean computer. :)
  • Please, let me know, if you don't understand something. It is really important to understand every instruction. If you are in doubt, how to follow one or another instruction - feel free to ask me, how to do that. I am always glad to help you with that.
  • Please, don't fix anything by yourself. Please, don't run any tools unless they are required. Trying multiple tools in hope that one of them will help can lead to unrecoverable consequences. Sometimes malware removal tools, used without supervision, can harm your computer more than malware itself.
  • Please, feel free to notify me about changes in your PC's behavior. It's really interesting for me to know, how your computer is running after each portion of fixes.
  • Finally, enjoy the fight! ;)
Okay, let's start. I suspect that your computer is infected with ZeroAccess rootkit. We'll need to run one tool to check if that's right.

Download RogueKiller to your desktop

Note: This is a French tool so don't be surprised when you find the page displays with some French.

  • Quit all running programs
  • For Vista/Seven, right click -> run as administrator, for XP simply run RogueKiller.exe
  • Wait until Prescan has finished...
  • Click on Scan

    Posted Image
  • Wait for the scan to finish.
  • The report is created on your desktop.
  • If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe
Please post the contents of RKreport.txt file from your desktop in your next Reply.
  • 0

#3
Vako

Vako

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
RogueKiller V8.7.6 [Oct 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.co...es/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : TxnerT [Admin rights]
Mode : Scan -- Date : 11/03/2013 16:25:55
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 21 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : LightShot (C:\Users\TxnerT\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue [7][x][x]) -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-3984871074-3827112338-3617424434-1000\[...]\Run : LightShot (C:\Users\TxnerT\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue [7][x][x]) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowUser (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowHelp (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts









¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST925042 1ASG SCSI Disk Device +++++
--- User ---
[MBR] 28b55198e591b5e34de0540ed0915da9
[BSP] 61b24c3130a07326cd6f31d268a8d417 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 173986 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 356530545 | Size: 49552 Mo
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 458024960 | Size: 14827 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE2 @ USB) Seagate Backup+ BK USB Device +++++
--- User ---
[MBR] 64fb71bd25abc5bdc2445d30c42e1fdb
[BSP] 450f24e25f129fd4144bb1a15072d9fb : Empty MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953868 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[0]_S_11032013_162555.txt >>
RKreport[0]_D_11032013_045220.txt;RKreport[0]_S_11022013_164133.txt;RKreport[0]_S_11022013_171829.txt
RKreport[0]_S_11032013_044920.txt;RKreport[0]_S_11032013_161251.txt
  • 0

#4
Phel

Phel

    Trusted Helper

  • Malware Removal
  • 1,386 posts
RogueKiller scan haven't shown anything malicious. Okay, seems that these were leftovers of ZeroAccess. Let's deal with them and the rest using OTL:

Step 1. OTL fix.

  • Run OTL.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

    :Commands
    [CREATERESTOREPOINT]
    
    :OTL
    O4:64bit: - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [FAStartup] File not found
    O4 - HKCU..\Run: [] C:\Users\TxnerT\AppData\Roaming\Explorer\Explorer.exe File not found
    O4 - HKCU..\Run: [Explorer] C:\Users\TxnerT\AppData\Local\Temp\Explorer\Explorer.exe ()
    O4 - HKCU..\Run: [Win Update] C:\Users\TxnerT\AppData\Local\Temp\Win Update\Win Update.exe ()
    O4 - HKCU..\Run: [USB 2.0] C:\Program Files (x86)\Windows NT\usb2.0.exe (Mircosoft Corporation )
    O4 - Startup: C:\Users\TxnerT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zpyemhvct.exe (Hewlett-Packard Company)
    [2013/11/02 15:02:08 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Explorer
    [2013/11/02 14:57:37 | 000,000,000 | -HSD | C] -- C:\Users\TxnerT\AppData\Roaming\msgr
    [2013/11/02 14:36:24 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\vertex
    [2013/11/02 03:19:35 | 000,004,925 | ---- | C] () -- C:\ProgramData\aqmmpwnp.hgu
    @Alternate Data Stream - 168 bytes -> C:\ProgramData\TEMP:0CE7F3C9
    @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:E9EB8C3A
    
    :Files
    C:\Windows\Installer\{c88a1a61-dc37-ee2a-c6fa-9ff7f7fc636d}
    C:\Program Files (x86)\Windows NT
    
    :Commands
    [EMPTYTEMP]
  • Then click the Run Fix button at the top.
  • Let the program run unhindered, reboot the PC when it is done.
Step 2. OTL scan.

  • Run OTL.
  • Click on Scan All Users checkbox, which is located near Quick Scan button.
  • Find in the OTL window Extra Registry section and change radiobutton there to the Use SafeList.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

    BASESERVICES
  • Then click the Run Scan button at the top.
  • Let the program run unhindered.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.
So, please, don't forget to post in your next message:

  • OTL.txt
  • Extras.txt

  • 0

#5
Vako

Vako

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
OTL Extras logfile created on: 11/4/2013 6:45:59 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\TxnerT\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 5.45 Gb Available Physical Memory | 68.20% Memory free
9.99 Gb Paging File | 7.32 Gb Available in Paging File | 73.25% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 169.91 Gb Total Space | 109.57 Gb Free Space | 64.49% Space Free | Partition Type: NTFS
Drive D: | 48.39 Gb Total Space | 34.06 Gb Free Space | 70.39% Space Free | Partition Type: NTFS
Drive H: | 931.51 Gb Total Space | 817.97 Gb Free Space | 87.81% Space Free | Partition Type: NTFS

Computer Name: LEGEND | User Name: TxnerT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-3984871074-3827112338-3617424434-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09576085-902D-4B17-A95B-6AF793388061}" = lport=23008 | protocol=6 | dir=in | name=bitcomet 23008 tcp |
"{2B9D1CE7-C984-4A94-B26B-CB8960051CCB}" = lport=26311 | protocol=6 | dir=in | name=bitcomet 26311 tcp |
"{3467325E-F788-4BB1-90C2-D9DC9DBCF79C}" = lport=11378 | protocol=17 | dir=in | name=bitcomet 11378 udp |
"{4D45B7D7-F8EC-4D91-9BBE-3436E2E3BA9B}" = lport=26311 | protocol=17 | dir=in | name=bitcomet 26311 udp |
"{5CB3EE03-4FBE-4640-8393-6C888C2E1F94}" = lport=23008 | protocol=17 | dir=in | name=bitcomet 23008 udp |
"{8FCEAA67-C63A-4FDD-9A4A-3AB63A51E7B2}" = lport=27751 | protocol=6 | dir=in | name=bitcomet 27751 tcp |
"{B99ADA06-7F1B-45E0-97CF-111F9757A78F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CA081A1F-28D9-4B7A-8EC2-A662A725DC17}" = lport=11378 | protocol=6 | dir=in | name=bitcomet 11378 tcp |
"{D35FCAD1-99C5-4214-8E47-A2D7ACB638EB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FA495FEF-5446-4E49-819A-BCEA02A15C5A}" = lport=27751 | protocol=17 | dir=in | name=bitcomet 27751 udp |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{CE0A4DB4-BA0B-45B1-BA05-380A47969563}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{FF4491D7-D8C7-4980-A1AC-5CE40D5669B1}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"TCP Query User{712BEC78-68B0-4C7B-AA93-BD8239530AC4}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{A8C53270-F40B-4E6E-A3AB-8DC6D0626822}C:\program files (x86)\common files\adobe\adobe flash player\flashplayer_update.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\adobe flash player\flashplayer_update.exe |
"UDP Query User{024F6D30-04AE-4C6D-843A-C229F570AE3C}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{A06E5A23-3C59-4602-9089-CC9851036270}C:\program files (x86)\common files\adobe\adobe flash player\flashplayer_update.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\adobe flash player\flashplayer_update.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{26A24AE4-039D-4CA4-87B4-2F86417025FF}" = Java 7 Update 25 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0170170}" = Java SE Development Kit 7 Update 17 (64-bit)
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 3.0.7
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{AE1E0DFB-A3D9-451C-AA7F-46FD390400D4}" = Command Center
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 280.26
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 280.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.4.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"1ECF77EA0B590A72334E5A399ACB5AB27C3D88EE" = Windows Driver Package - ITE Tech.Inc. (itecir) HIDClass (05/01/2009 5.1.0000.1)
"Bitdefender" = Bitdefender Total Security
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA Drivers" = NVIDIA Drivers
"PC-Doctor for Windows" = AlienAutopsy
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WhoCrashed_is1" = WhoCrashed 4.01

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01BD4FC9-2F86-4706-A62E-774BB7E9D308}" = AVG PC TuneUp 2014
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1" = lightshot-4.4.2.10
"{43C423D9-E6D6-4607-ADC9-EBB54F690C57}" = Seagate Dashboard 2.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.9
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6DC77B24-075D-4D58-A434-C83312C32BB7}_is1" = Eudemons Online
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{834265C4-CDF4-44D3-BD24-31531617EFB8}" = IHA_MessageCenter
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89B9E358-75C6-4C6B-BD38-803FF156CC4B}" = CuteFTP 9
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8CD86D42-C4DD-4E40-9211-164DFFBCA4DB}" = AVG PC TuneUp 2014 (en-US)
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.05)
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}" = System Requirements Lab for Intel
"{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{DBD76811-6CF0-4A15-9436-B779C3A36929}_is1" = Acunetix Web Vulnerability Scanner 8.0
"{E362724E-9320-4946-AF34-874E7B6B2927}" = System Requirements Lab CYRI
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F5CC2EF8-20A4-4366-A681-3FE849E65809}" = RICOH Media Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"AVG PC TuneUp 2014" = AVG PC TuneUp 2014
"BitComet_x64" = BitComet 1.35 64-bit
"Driver Magician_is1" = Driver Magician 3.9
"EaseUS Data Recovery Wizard 6.0_is1" = EaseUS Data Recovery Wizard 6.0
"FileHippo.com" = FileHippo.com Update Checker
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"InfraRecorder" = InfraRecorder
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty® 4 - Modern Warfare™ 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare™ 1.7 Patch
"InstallShield_{AE1E0DFB-A3D9-451C-AA7F-46FD390400D4}" = Command Center
"KeyFinder_is1" = Magical Jelly Bean KeyFinder
"mIRC" = mIRC
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 25.0 (x86 en-US)" = Mozilla Firefox 25.0 (x86 en-US)
"Mozilla Thunderbird 24.1.0 (x86 en-US)" = Mozilla Thunderbird 24.1.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Netsparker" = Netsparker - Web Application Security Scanner (2.3.0.0)
"Notepad++" = Notepad++
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"PowerISO" = PowerISO
"TeamViewer 8" = TeamViewer 8
"Uplay" = Uplay
"VLC media player" = VLC media player 2.0.8
"VyprVPN 1.4.1.601" = VyprVPN
"VzInHomeAgent" = Vz In-Home Agent
"Windows 7 - Codec Pack" = Windows 7 Codec Pack 2.5.0
"WinRAR archiver" = WinRAR archiver
"Xvid Video Codec 1.3.2" = Xvid Video Codec

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3984871074-3827112338-3617424434-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"8e3135b376bd523e" = Dell System Detect Bootstrapper
"9204f5692a8faf3b" = Dell System Detect

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11/4/2013 2:54:37 PM | Computer Name = Legend | Source = RasClient | ID = 20227
Description = CoId={412BE068-AD3A-4D5A-A62C-DA858833C4CA}: The user Legend\TxnerT
dialed a connection named VyprVPN which has failed. The error code returned on
failure is 691.

Error - 11/4/2013 2:55:05 PM | Computer Name = Legend | Source = RasClient | ID = 20227
Description = CoId={246F42B9-15E5-4695-9279-0548F855CFCB}: The user Legend\TxnerT
dialed a connection named VyprVPN which has failed. The error code returned on
failure is 691.

Error - 11/4/2013 2:55:32 PM | Computer Name = Legend | Source = RasClient | ID = 20227
Description = CoId={8F134A37-4F57-4251-B419-AE693E83647A}: The user Legend\TxnerT
dialed a connection named VyprVPN which has failed. The error code returned on
failure is 691.

Error - 11/4/2013 4:20:13 PM | Computer Name = Legend | Source = Application Error | ID = 1000
Description = Faulting application name: cuteftppro.exe, version: 9.0.5.7, time
stamp: 0x51c9af21 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x0023003b Faulting process id: 0x17b4 Faulting application
start time: 0x01ced99b444ce760 Faulting application path: C:\Program Files (x86)\Globalscape\CuteFTP\cuteftppro.exe
Faulting
module path: unknown Report Id: 825f4890-458e-11e3-befb-0026b96fdbf3

Error - 11/4/2013 4:20:17 PM | Computer Name = Legend | Source = Application Error | ID = 1000
Description = Faulting application name: cuteftppro.exe, version: 9.0.5.7, time
stamp: 0x51c9af21 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x0023003b Faulting process id: 0xb70 Faulting application
start time: 0x01ced99b46f59930 Faulting application path: C:\Program Files (x86)\Globalscape\CuteFTP\cuteftppro.exe
Faulting
module path: unknown Report Id: 84abd0a0-458e-11e3-befb-0026b96fdbf3

Error - 11/4/2013 5:45:34 PM | Computer Name = Legend | Source = Application Error | ID = 1000
Description = Faulting application name: cuteftppro.exe, version: 9.0.5.7, time
stamp: 0x51c9af21 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x0024003b Faulting process id: 0x12a0 Faulting application
start time: 0x01ced9a73033a5a0 Faulting application path: C:\Program Files (x86)\Globalscape\CuteFTP\cuteftppro.exe
Faulting
module path: unknown Report Id: 6edf3990-459a-11e3-b851-0026b96fdbf3

Error - 11/4/2013 5:46:19 PM | Computer Name = Legend | Source = VSS | ID = 8194
Description = Volume Shadow Copy Service error: Unexpected error querying for the
IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often
caused by incorrect security settings in either the writer or requestor process.


Operation:

Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}

Writer Name: System Writer Writer Instance ID: {a2cbb4b1-7036-40c8-a8c9-751386851382}

Error - 11/4/2013 5:53:30 PM | Computer Name = Legend | Source = Application Error | ID = 1000
Description = Faulting application name: cuteftppro.exe, version: 9.0.5.7, time
stamp: 0x51c9af21 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x0024003b Faulting process id: 0x7e0 Faulting application
start time: 0x01ced9a84b840740 Faulting application path: C:\Program Files (x86)\Globalscape\CuteFTP\cuteftppro.exe
Faulting
module path: unknown Report Id: 8a64b4f0-459b-11e3-b851-0026b96fdbf3

Error - 11/4/2013 5:57:34 PM | Computer Name = Legend | Source = Application Error | ID = 1000
Description = Faulting application name: cuteftppro.exe, version: 9.0.5.7, time
stamp: 0x51c9af21 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x001d003b Faulting process id: 0x92c Faulting application
start time: 0x01ced9a8dde5ef90 Faulting application path: C:\Program Files (x86)\Globalscape\CuteFTP\cuteftppro.exe
Faulting
module path: unknown Report Id: 1bcf6c00-459c-11e3-b851-0026b96fdbf3

Error - 11/4/2013 5:57:49 PM | Computer Name = Legend | Source = Application Error | ID = 1000
Description = Faulting application name: ftpte.exe, version: 9.0.5.7, time stamp:
0x51c9b063 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x0024002d Faulting process id: 0x1bc4 Faulting application
start time: 0x01ced9a8e6e3b960 Faulting application path: C:\Program Files (x86)\Globalscape\CuteFTP\ftpte.exe
Faulting
module path: unknown Report Id: 24a191f0-459c-11e3-b851-0026b96fdbf3

Error - 11/4/2013 5:58:00 PM | Computer Name = Legend | Source = Application Error | ID = 1000
Description = Faulting application name: cuteftppro.exe, version: 9.0.5.7, time
stamp: 0x51c9af21 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x0025003b Faulting process id: 0x1200 Faulting application
start time: 0x01ced9a8ed5f9340 Faulting application path: C:\Program Files (x86)\Globalscape\CuteFTP\cuteftppro.exe
Faulting
module path: unknown Report Id: 2b122130-459c-11e3-b851-0026b96fdbf3

[ Media Center Events ]
Error - 5/17/2013 12:06:37 AM | Computer Name = Legend | Source = MCUpdate | ID = 0
Description = 12:06:33 AM - Failed to retrieve Broadband (Error: The request failed
with HTTP status 403: Forbidden.)

Error - 5/17/2013 9:11:06 AM | Computer Name = Legend | Source = MCUpdate | ID = 0
Description = 9:11:06 AM - Failed to retrieve Directory (Error: The request failed
with HTTP status 403: Forbidden.)

Error - 5/17/2013 9:11:08 AM | Computer Name = Legend | Source = MCUpdate | ID = 0
Description = 9:11:07 AM - Failed to retrieve NetTV (Error: The request failed with
HTTP status 403: Forbidden.)

Error - 5/17/2013 9:11:12 AM | Computer Name = Legend | Source = MCUpdate | ID = 0
Description = 9:11:10 AM - Failed to retrieve MCEClientUX (Error: Invalid security
token.)

Error - 5/17/2013 9:11:13 AM | Computer Name = Legend | Source = MCUpdate | ID = 0
Description = 9:11:13 AM - Failed to retrieve SportsSchedule (Error: The request
failed with HTTP status 403: Forbidden.)

Error - 5/17/2013 9:11:15 AM | Computer Name = Legend | Source = MCUpdate | ID = 0
Description = 9:11:14 AM - Failed to retrieve Broadband (Error: The request failed
with HTTP status 403: Forbidden.)

Error - 5/17/2013 10:11:20 AM | Computer Name = Legend | Source = MCUpdate | ID = 0
Description = 10:11:20 AM - Failed to retrieve Directory (Error: Invalid security
token.)

Error - 5/17/2013 10:11:24 AM | Computer Name = Legend | Source = MCUpdate | ID = 0
Description = 10:11:23 AM - Failed to retrieve NetTV (Error: The request failed
with HTTP status 403: Forbidden.)

Error - 5/17/2013 10:11:25 AM | Computer Name = Legend | Source = MCUpdate | ID = 0
Description = 10:11:25 AM - Failed to retrieve MCEClientUX (Error: The request failed
with HTTP status 403: Forbidden.)

Error - 5/17/2013 10:11:32 AM | Computer Name = Legend | Source = MCUpdate | ID = 0
Description = 10:11:31 AM - Failed to retrieve Broadband (Error: The request failed
with HTTP status 403: Forbidden.)

[ System Events ]
Error - 7/3/2013 1:31:13 AM | Computer Name = Legend | Source = Service Control Manager | ID = 7024
Description = The AVGIDSAgent service terminated with service-specific error %%-536753637.

Error - 7/3/2013 1:31:14 AM | Computer Name = Legend | Source = Service Control Manager | ID = 7003
Description = The IKE and AuthIP IPsec Keying Modules service depends the following
service: BFE. This service might not be installed.

Error - 7/3/2013 1:31:14 AM | Computer Name = Legend | Source = Service Control Manager | ID = 7003
Description = The IPsec Policy Agent service depends the following service: BFE.
This service might not be installed.

Error - 7/3/2013 1:31:16 AM | Computer Name = Legend | Source = Service Control Manager | ID = 7024
Description = The AVG WatchDog service terminated with service-specific error %%-536805315.

Error - 7/3/2013 1:31:16 AM | Computer Name = Legend | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Avgldx64

Error - 7/3/2013 1:33:28 AM | Computer Name = Legend | Source = Service Control Manager | ID = 7023
Description = The Function Discovery Resource Publication service terminated with
the following error: %%-2147024891

Error - 7/3/2013 1:33:28 AM | Computer Name = Legend | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Resource
Publication service which failed to start because of the following error: %%-2147024891

Error - 7/3/2013 1:34:12 AM | Computer Name = Legend | Source = Service Control Manager | ID = 7023
Description = The Function Discovery Resource Publication service terminated with
the following error: %%-2147024891

Error - 7/3/2013 1:34:12 AM | Computer Name = Legend | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Resource
Publication service which failed to start because of the following error: %%-2147024891

Error - 7/3/2013 1:41:08 AM | Computer Name = Legend | Source = NVNET | ID = 5005
Description = NVIDIA nForce Networking Controller : Has encountered an internal
error and has failed.


< End of report >




OTL logfile created on: 11/4/2013 6:45:59 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\TxnerT\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 5.45 Gb Available Physical Memory | 68.20% Memory free
9.99 Gb Paging File | 7.32 Gb Available in Paging File | 73.25% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 169.91 Gb Total Space | 109.57 Gb Free Space | 64.49% Space Free | Partition Type: NTFS
Drive D: | 48.39 Gb Total Space | 34.06 Gb Free Space | 70.39% Space Free | Partition Type: NTFS
Drive H: | 931.51 Gb Total Space | 817.97 Gb Free Space | 87.81% Space Free | Partition Type: NTFS

Computer Name: LEGEND | User Name: TxnerT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/04 04:41:36 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/11/02 16:51:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\TxnerT\Downloads\OTL.exe
PRC - [2013/10/30 06:23:43 | 000,390,256 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
PRC - [2013/10/26 02:21:09 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
PRC - [2013/10/23 09:46:11 | 000,621,448 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
PRC - [2013/10/01 08:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013/10/01 08:14:39 | 012,631,904 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
PRC - [2013/10/01 08:05:43 | 000,195,936 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
PRC - [2013/09/27 13:39:50 | 000,313,120 | ---- | M] (Skillbrains) -- C:\Users\TxnerT\AppData\Local\Skillbrains\lightshot\4.4.2.10\Lightshot.exe
PRC - [2013/08/08 20:52:41 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/06/26 16:19:34 | 001,006,112 | ---- | M] () -- C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 8\WVSScheduler.exe
PRC - [2013/05/11 06:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/07 15:42:10 | 002,109,440 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtWLan.exe
PRC - [2012/05/10 10:38:06 | 000,036,864 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe
PRC - [2010/05/21 13:34:38 | 000,013,624 | ---- | M] (Alienware) -- C:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exe
PRC - [2010/05/21 13:33:48 | 000,063,304 | ---- | M] (Alienware Corporation) -- C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
PRC - [2010/04/04 14:44:10 | 000,095,560 | ---- | M] (Sensible Vision ) -- C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe
PRC - [2010/04/04 14:44:08 | 001,992,008 | ---- | M] (Sensible Vision ) -- C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe
PRC - [2010/04/04 14:43:38 | 002,409,800 | ---- | M] (Sensible Vision ) -- C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe
PRC - [2009/09/10 04:08:32 | 000,094,208 | ---- | M] (Microsoft) -- C:\Program Files\OSD\OSD_Main.exe
PRC - [2009/02/20 13:13:04 | 000,013,312 | ---- | M] () -- C:\Program Files\OSD\Service1.exe
PRC - [2009/02/19 14:45:42 | 000,020,480 | ---- | M] (Alienware Corporation) -- C:\Program Files\OSD\Launch_CC.exe


========== Modules (No Company Name) ==========

MOD - [2013/11/04 04:41:35 | 003,368,048 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/10/30 06:23:43 | 003,008,624 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
MOD - [2013/10/30 06:23:43 | 000,158,832 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2013/10/30 06:23:43 | 000,023,152 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2013/10/26 02:21:08 | 016,233,864 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
MOD - [2013/10/11 03:38:53 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\8f5b881951592b2fd05f710650bf7e04\System.Core.ni.dll
MOD - [2013/10/11 03:34:54 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll
MOD - [2013/10/11 03:34:40 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/10/11 03:34:33 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll
MOD - [2013/10/11 03:34:23 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
MOD - [2013/10/11 03:34:18 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/09/10 18:46:19 | 000,035,896 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender\antispam32\ffpwdman\components\ffpwdman.dll
MOD - [2013/08/14 03:35:54 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll
MOD - [2013/08/14 03:29:25 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\764054efc88f51b54c8d7e44df26b671\System.Data.ni.dll
MOD - [2013/08/14 03:28:58 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/14 03:28:40 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c949e6e8d206e0d33d11ff711eda2745\System.Xml.ni.dll
MOD - [2013/08/14 03:28:32 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/07/11 03:33:10 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/06/19 11:44:37 | 000,204,280 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender\antispam32\txmlutil.dll
MOD - [2013/03/19 04:35:22 | 004,790,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienwareAlienFXModelResources\1.0.92.0__bebb3c8816410241\AlienwareAlienFXModelResources.dll
MOD - [2013/03/19 04:35:22 | 000,443,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienwareAlienFXTools\1.0.92.0__bebb3c8816410241\AlienwareAlienFXTools.dll
MOD - [2013/03/19 04:35:22 | 000,075,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienLabsTools\1.0.92.0__bebb3c8816410241\AlienLabsTools.dll
MOD - [2013/03/19 04:35:22 | 000,037,712 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Alienlabs.CommandCenter.Tools\1.0.92.0__bebb3c8816410241\Alienlabs.CommandCenter.Tools.dll
MOD - [2013/03/19 04:35:22 | 000,036,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x514\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x514.dll
MOD - [2013/03/19 04:35:22 | 000,028,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x516\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x516.dll
MOD - [2013/03/19 04:35:22 | 000,027,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x515\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x515.dll
MOD - [2013/03/19 04:35:22 | 000,027,424 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LightFX\1.0.92.0__bebb3c8816410241\LightFX.dll
MOD - [2013/03/19 04:35:22 | 000,025,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.DeviceDiscovery\1.0.92.0__bebb3c8816410241\AlienFX.DeviceDiscovery.dll
MOD - [2013/03/19 04:35:22 | 000,024,904 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.XPS\1.0.92.0__bebb3c8816410241\AlienFX.Communication.XPS.dll
MOD - [2013/03/19 04:35:22 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienLabs.MasterIOBoard.Communication\1.0.92.0__bebb3c8816410241\AlienLabs.MasterIOBoard.Communication.dll
MOD - [2013/03/19 04:35:22 | 000,008,192 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienLabs.MasterIOBoard.Communication.Core\1.0.92.0__bebb3c8816410241\AlienLabs.MasterIOBoard.Communication.Core.dll
MOD - [2013/03/19 04:35:21 | 000,037,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x511\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x511.dll
MOD - [2013/03/19 04:35:21 | 000,036,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x512\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x512.dll
MOD - [2013/03/19 04:35:21 | 000,019,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x513\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x513.dll
MOD - [2013/03/19 04:35:21 | 000,017,224 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.Core\1.0.92.0__bebb3c8816410241\AlienFX.Communication.Core.dll
MOD - [2013/03/19 04:35:21 | 000,011,584 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication\1.0.92.0__bebb3c8816410241\AlienFX.Communication.dll
MOD - [2010/11/20 23:24:08 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/04/04 14:45:06 | 000,089,416 | ---- | M] () -- C:\Windows\SysWOW64\FAIEExtension.dll
MOD - [2010/04/04 14:44:12 | 000,059,208 | ---- | M] () -- C:\Windows\SysWOW64\FAib.dll
MOD - [2010/04/04 14:42:44 | 000,247,624 | ---- | M] () -- C:\Windows\SysWOW64\FACrashRpt.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/10/23 12:27:59 | 001,506,736 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender\vsserv.exe -- (VSSERV)
SRV:64bit: - [2013/10/15 08:02:22 | 000,077,120 | ---- | M] (Bitdefender) [Disabled | Stopped] -- C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe -- (BdDesktopParental)
SRV:64bit: - [2013/10/07 11:33:30 | 000,067,320 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe -- (UPDATESRV)
SRV:64bit: - [2013/07/08 14:59:09 | 000,094,624 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe -- (SafeBox)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/12/28 04:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [On_Demand | Stopped] -- C:\Program Files\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV:64bit: - [2010/05/21 09:39:22 | 000,014,648 | ---- | M] (Alienware) [Auto | Stopped] -- C:\Program Files\Alienware\Command Center\AlienFusionService.exe -- (AlienFusionService)
SRV:64bit: - [2010/04/04 14:43:38 | 002,409,800 | ---- | M] (Sensible Vision ) [Auto | Running] -- C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe -- (FAService)
SRV:64bit: - [2009/02/20 13:13:04 | 000,013,312 | ---- | M] () [Auto | Running] -- C:\Program Files\OSD\Service1.exe -- (CustomSvc)
SRV - [2013/11/04 04:41:35 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/26 02:21:09 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/01 08:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/09/23 11:10:16 | 002,099,512 | ---- | M] (AVG) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2013/09/13 18:24:32 | 000,350,792 | ---- | M] (Verizon) [Disabled | Stopped] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/08/08 20:52:41 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/06/26 16:19:34 | 001,006,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 8\WVSScheduler.exe -- (AcuWVSSchedulerv8)
SRV - [2013/05/30 11:19:36 | 000,016,000 | ---- | M] (Seagate Technology LLC) [Disabled | Stopped] -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe -- (Seagate Dashboard Services)
SRV - [2013/05/11 06:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/19 17:03:24 | 000,489,256 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/05/10 10:38:06 | 000,036,864 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe -- (RealtekCU)
SRV - [2011/08/03 07:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/08/23 12:48:49 | 000,150,256 | ---- | M] (BitDefender LLC) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\gzflt.sys -- (gzflt)
DRV:64bit: - [2013/08/19 01:57:27 | 006,544,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2013/08/09 01:13:08 | 002,355,416 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTWlanU.sys -- (RtlWlanu)
DRV:64bit: - [2013/08/07 12:46:28 | 000,389,240 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\trufos.sys -- (trufos)
DRV:64bit: - [2013/07/23 15:50:57 | 000,082,824 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bdsandbox.sys -- (BDSandBox)
DRV:64bit: - [2013/07/19 17:08:08 | 000,601,360 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf)
DRV:64bit: - [2013/07/19 17:04:54 | 000,727,592 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3)
DRV:64bit: - [2013/07/13 02:44:57 | 000,035,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2013/07/02 13:04:11 | 000,121,928 | ---- | M] (Bitdefender SRL) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys -- (bdfwfpf_pc)
DRV:64bit: - [2013/05/09 16:36:16 | 000,076,288 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsn64.sys -- (risdptsk)
DRV:64bit: - [2013/05/09 16:35:26 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2013/05/09 16:35:23 | 000,067,072 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2013/05/09 16:35:19 | 000,054,784 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2013/05/07 21:52:00 | 000,020,024 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2013/02/22 18:46:52 | 000,093,600 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- c:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys -- (BdfNdisf)
DRV:64bit: - [2012/11/02 13:17:46 | 000,261,056 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avchv.sys -- (avchv)
DRV:64bit: - [2012/08/24 03:56:56 | 000,126,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/04/17 13:34:26 | 000,076,944 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bdvedisk.sys -- (BDVEDISK)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/15 13:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011/11/14 19:16:37 | 000,103,504 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/11 09:35:24 | 000,806,400 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192cu.sys -- (RTL8192cu)
DRV:64bit: - [2010/11/20 23:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/09/30 15:00:06 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/09/30 15:00:06 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/08/12 12:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2010/07/13 08:57:08 | 000,069,736 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\itecir.sys -- (itecir)
DRV:64bit: - [2009/12/30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/10/23 13:27:12 | 000,307,760 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/09/24 22:36:14 | 000,238,848 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\facap.sys -- (FACAP)
DRV:64bit: - [2008/07/25 15:30:36 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | On_Demand | Running] -- C:\Program Files\OSD\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2013/09/18 11:14:34 | 000,014,112 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2013/07/13 02:26:43 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2011/06/02 10:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7BB042753D-F57E-4e8e-A01B-7379A6D4CEFB%7D:1.35
FF - prefs.js..extensions.enabledAddons: donottrackplus%40abine.com:2.2.9.618
FF - prefs.js..extensions.enabledAddons: %7Be5bbc237-c99b-4ced-a061-0be27703295f%7D:1.1
FF - prefs.js..extensions.enabledAddons: %7B4093c4de-454a-4329-8aff-c6b0b123c386%7D:0.8.12
FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.7.3
FF - prefs.js..extensions.enabledAddons: ffpwdman%40bitdefender.com:1.0
FF - prefs.js..extensions.enabledAddons: zigboom%40ymail.com:2.1.1
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: 0
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Bitdefender.com/PasswordManager;version=17.8: C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxnp.dll (Bitdefender)
FF - HKLM\Software\MozillaPlugins\@ieinspector.com/ha_plugin: C:\Program Files (x86)\IEInspector\HTTPAnalyzerFullV7\firefox\Components File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\TxnerT\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER\BDTBEXT [2013/10/28 21:41:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ [2013/10/28 21:41:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/11/04 04:41:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/11/04 04:41:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\Bitdefender\Bitdefender\bdtbext [2013/10/28 21:41:08 | 000,000,000 | ---D | M]

[2013/03/19 04:09:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Extensions
[2013/10/25 14:53:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions
[2013/03/19 05:10:33 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2013/07/12 00:24:38 | 000,000,000 | ---D | M] (DoNotTrackMe) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\[email protected]
[2013/10/05 12:10:18 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\[email protected]
[2013/09/26 22:38:08 | 000,000,000 | ---D | M] (LavaFox V2) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\[email protected]
[2013/09/28 20:05:02 | 000,000,000 | ---D | M] (LavaFox V2-Green) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\[email protected]
[2013/10/04 22:37:56 | 000,070,694 | ---- | M] () (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\[email protected]
[2013/06/11 19:45:56 | 000,021,637 | ---- | M] () (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\[email protected]
[2013/08/18 22:03:57 | 000,019,225 | ---- | M] () (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\[email protected]
[2013/10/25 14:53:44 | 000,348,260 | ---- | M] () (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\[email protected]
[2013/10/19 16:49:46 | 000,135,673 | ---- | M] () (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\{4093c4de-454a-4329-8aff-c6b0b123c386}.xpi
[2013/10/09 21:43:44 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/08/18 22:08:53 | 000,013,041 | ---- | M] () (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\{e5bbc237-c99b-4ced-a061-0be27703295f}.xpi
[2013/11/04 04:41:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\Extensions
[2013/11/04 04:41:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/11/04 04:41:41 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/10/28 21:41:18 | 000,000,000 | ---D | M] (Bitdefender Wallet) -- C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER\ANTISPAM32\FFPWDMAN
[2012/01/12 04:58:30 | 000,917,816 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: BitCometAgent (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npBitCometAgent.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\TxnerT\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Bitdefender Wallet = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl\17.19.0_0\
CHR - Extension: Google Search = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Better Pop Up Blocker = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpeeekfhbmikbdhlpjbfmnpgcbeggic\2.1.6_0\
CHR - Extension: Gmail = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Google Docs = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Bitdefender Wallet = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl\17.19.0_0\
CHR - Extension: Google Search = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Better Pop Up Blocker = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpeeekfhbmikbdhlpjbfmnpgcbeggic\2.1.6_0\
CHR - Extension: Gmail = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/11/04 17:15:39 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Bitdefender Wallet ) - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Bitdefender Wallet) - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\antispam32\pmbxie.dll (Bitdefender)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (SSOIEAddonBHO Class) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files\Alienware\Command Center\AlienSense\FAIESSO.dll (Sensible Vision )
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AlienFX Controller] C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (Alienware Corporation)
O4:64bit: - HKLM..\Run: [Bdagent] C:\Program Files\Bitdefender\Bitdefender\bdagent.exe (Bitdefender)
O4 - HKLM..\Run: [DBAgent] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe (Seagate Technology LLC)
O4 - HKLM..\Run: [FAStartup] File not found
O4 - HKLM..\Run: [FATrayAlert] C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe (Sensible Vision )
O4 - HKLM..\Run: [OSD] c:\Program Files\OSD\Launch.exe (HH)
O4 - HKU\.DEFAULT..\Run: [Bitdefender Wallet] C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe (Bitdefender)
O4 - HKU\.DEFAULT..\Run: [Bitdefender Wallet Agent] C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe (Bitdefender)
O4 - HKU\.DEFAULT..\Run: [Bitdefender Wallet Application Agent] C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe (Bitdefender)
O4 - HKU\S-1-5-18..\Run: [Bitdefender Wallet] C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe (Bitdefender)
O4 - HKU\S-1-5-18..\Run: [Bitdefender Wallet Agent] C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe (Bitdefender)
O4 - HKU\S-1-5-18..\Run: [Bitdefender Wallet Application Agent] C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe (Bitdefender)
O4 - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000..\Run: [Bitdefender Wallet] C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe (Bitdefender)
O4 - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000..\Run: [Bitdefender Wallet Agent] C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe (Bitdefender)
O4 - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000..\Run: [Bitdefender Wallet Application Agent] C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe (Bitdefender)
O4 - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000..\Run: [Launch_CC] c:\Program Files\OSD\Launch_CC.exe (Alienware Corporation)
O4 - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000..\Run: [LightShot] C:\Users\TxnerT\AppData\Local\Skillbrains\lightshot\LightShot.exe ()
O4 - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000..\Run: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (Seagate Technology LLC)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000\..Trusted Domains: dell.com ([]* in Trusted sites)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{056F4682-6B78-4BF6-B352-8A6B36D03D65}: NameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{62C0D2E2-E787-4D21-8178-27121C96333C}: DhcpNameServer = 196.3.81.5 200.88.127.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C7328B24-C3A6-4F70-B5D6-CD1E64EF9317}: DhcpNameServer = 10.0.0.1
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/04 18:36:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/11/04 18:06:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Globalscape
[2013/11/04 18:06:43 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Local\Globalscape
[2013/11/04 18:05:29 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Globalscape
[2013/11/04 18:05:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Globalscape
[2013/11/04 17:19:35 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/11/04 17:15:46 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/11/04 16:32:25 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2013/11/04 14:38:08 | 000,000,000 | ---D | C] -- C:\ProgramData\WinterSoft
[2013/11/04 04:41:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/11/04 04:24:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender
[2013/11/04 04:23:59 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2013/11/04 04:23:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VyprVPN
[2013/11/04 04:23:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VyprVPN
[2013/11/04 04:23:36 | 000,076,944 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\bdvedisk.sys
[2013/11/04 04:22:58 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\capicom.dll
[2013/11/04 04:22:58 | 000,093,600 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\BdfNdisf6.sys
[2013/11/04 04:22:58 | 000,082,824 | ---- | C] (BitDefender SRL) -- C:\Windows\SysNative\drivers\bdsandbox.sys
[2013/11/04 04:22:56 | 000,727,592 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys
[2013/11/04 04:22:56 | 000,601,360 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys
[2013/11/04 04:22:56 | 000,261,056 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avchv.sys
[2013/11/04 04:02:14 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Bitdefender
[2013/11/04 03:56:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender
[2013/11/04 03:56:58 | 000,150,256 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\gzflt.sys
[2013/11/04 03:56:57 | 000,389,240 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys
[2013/11/04 03:56:57 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2013/11/04 03:56:37 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\QuickScan
[2013/11/04 03:54:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2013/11/04 01:07:26 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/11/04 01:07:26 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/11/04 01:07:26 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/11/04 00:53:46 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/11/03 18:58:27 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Local\CrashDumps
[2013/11/03 17:15:43 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/11/03 17:12:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2
[2013/11/03 16:40:08 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/11/03 16:16:22 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2013/11/03 04:55:03 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/11/03 04:52:20 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe
[2013/11/03 04:43:54 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/11/03 01:37:56 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\Doctor Web
[2013/11/03 01:28:00 | 000,829,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll
[2013/11/03 01:28:00 | 000,773,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr100.dll
[2013/11/03 01:28:00 | 000,608,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp100.dll
[2013/11/03 01:28:00 | 000,421,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp100.dll
[2013/11/03 00:53:01 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Spamihilator
[2013/11/02 17:15:15 | 004,121,952 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\TxnerT\Desktop\tdsskiller.exe
[2013/11/02 16:44:14 | 005,143,677 | R--- | C] (Swearware) -- C:\Users\TxnerT\Desktop\ComboFix.exe
[2013/11/02 04:18:32 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\0x90.org
[2013/11/02 04:18:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\0x90.org
[2013/11/02 03:52:46 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\Documents\BSQL Hacker Logs
[2013/11/02 03:29:48 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\Desktop\Pangolin.Professinal.Edition.v3.2.5.1137.incl.Keygen-FFF
[2013/11/02 02:47:34 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BSQL Hacker
[2013/10/30 07:24:43 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\TuneUp Software
[2013/10/30 07:20:34 | 000,040,248 | ---- | C] (AVG) -- C:\Windows\SysNative\TURegOpt.exe
[2013/10/30 07:20:33 | 000,029,496 | ---- | C] (AVG) -- C:\Windows\SysNative\authuitu.dll
[2013/10/30 07:20:33 | 000,025,400 | ---- | C] (AVG) -- C:\Windows\SysWow64\authuitu.dll
[2013/10/30 07:20:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014
[2013/10/30 07:20:16 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\AVG
[2013/10/30 07:19:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2013/10/30 07:18:21 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG
[2013/10/30 07:18:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[2013/10/30 06:23:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013/10/28 03:01:18 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2013/10/27 04:22:01 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\Desktop\green icons
[2013/10/27 03:00:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013/10/26 14:47:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/10/26 04:55:02 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\Desktop\DepositfileCracker
[2013/10/26 03:21:22 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\.thumbnails
[2013/10/26 03:20:12 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\.gimp-2.8
[2013/10/26 02:30:58 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\Documents\GomPlayer
[2013/10/26 02:30:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
[2013/10/26 02:30:36 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\GRETECH
[2013/10/26 02:30:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GRETECH
[2013/10/26 02:24:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2013/10/26 02:02:49 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Serif
[2013/10/26 00:08:44 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\Desktop\VBstuff
[2013/10/24 23:32:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC SOFT
[2013/10/22 02:54:05 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\Desktop\Dbox
[2013/10/20 18:53:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acunetix Web Vulnerability Scanner 8
[2013/10/20 02:51:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NT OBJECTives
[2013/10/20 02:26:30 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2013/10/20 02:26:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2013/10/20 02:26:29 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Notepad++
[2013/10/20 02:26:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2013/10/16 18:11:59 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\FileZilla
[2013/10/15 21:32:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/10/15 21:32:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/10/15 21:32:13 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/10/15 21:32:09 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/10/15 21:32:09 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/10/15 21:32:09 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/10/15 21:31:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
[2013/10/15 21:31:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/10/15 21:23:02 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\.ssh
[2013/10/15 21:23:01 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\.sshterm
[2013/10/11 19:21:51 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Mavituna Security Ltd
[2013/10/11 03:12:12 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/10/11 03:12:12 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/10/11 03:12:11 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/10/11 03:12:11 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/10/11 03:12:11 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/10/11 03:12:11 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/10/11 03:12:11 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/10/11 03:12:11 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/10/11 03:12:11 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/10/11 03:12:11 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/10/11 03:12:11 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/10/11 03:12:10 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/10/11 03:12:09 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/10/11 03:12:09 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/10/11 03:12:09 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/10/10 05:33:50 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2013/10/10 05:33:49 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013/10/10 05:33:48 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013/10/10 05:33:48 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2013/10/10 05:33:48 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2013/10/10 05:33:48 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013/10/10 05:33:48 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2013/10/10 05:33:48 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013/10/10 05:33:48 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2013/10/10 05:33:46 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2013/10/10 05:33:46 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2013/10/10 05:33:45 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2013/10/10 05:33:40 | 005,549,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/10/10 05:33:38 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2013/10/10 05:33:37 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/10/10 05:33:37 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/10/10 05:33:37 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/10/10 05:33:37 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2013/10/10 05:33:37 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2013/10/10 05:33:36 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/10/10 05:33:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/10/10 05:33:36 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/10/10 05:33:36 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/10/10 05:33:36 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/10/10 05:33:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/10/10 05:33:31 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2013/10/10 05:33:31 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013/10/10 05:33:30 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2013/10/09 16:29:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Citrix
[2013/10/09 16:28:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Citrix
[2013/10/09 16:28:42 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Local\Citrix
[2013/04/06 05:59:12 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\TxnerT\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2013/11/04 18:48:04 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/04 18:44:53 | 000,024,496 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/04 18:44:53 | 000,024,496 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/04 18:38:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/04 18:30:44 | 000,041,068 | ---- | M] () -- C:\Users\TxnerT\Desktop\register.php
[2013/11/04 18:29:00 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\update-S-1-5-21-3984871074-3827112338-3617424434-1000.job
[2013/11/04 18:04:59 | 000,047,894 | ---- | M] () -- C:\Users\TxnerT\Desktop\CHBanner-v2.gif
[2013/11/04 17:15:39 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/11/04 16:46:02 | 001,329,178 | ---- | M] () -- C:\Users\TxnerT\Desktop\CH.gif
[2013/11/04 16:43:17 | 000,105,664 | ---- | M] () -- C:\Users\TxnerT\Desktop\CHBanner-v1.gif
[2013/11/04 16:41:08 | 000,002,188 | -H-- | M] () -- C:\Users\TxnerT\Documents\Default.rdp
[2013/11/04 16:32:25 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2013/11/04 16:14:00 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\update-sys.job
[2013/11/04 15:52:38 | 000,108,387 | ---- | M] () -- C:\Users\TxnerT\Desktop\CHBanner.gif
[2013/11/04 14:38:02 | 008,775,439 | ---- | M] () -- C:\Users\TxnerT\Desktop\5651FP04112013.7z
[2013/11/04 04:25:02 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
[2013/11/04 04:24:27 | 000,253,404 | -H-- | M] () -- C:\bdr-ld01
[2013/11/04 04:24:27 | 000,009,216 | -H-- | M] () -- C:\bdr-ld01.mbr
[2013/11/04 04:24:27 | 000,000,684 | -H-- | M] () -- C:\bdr-cf01
[2013/11/04 04:24:10 | 000,002,190 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Safepay.lnk
[2013/11/04 04:24:10 | 000,002,071 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Total Security.lnk
[2013/11/04 04:24:10 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2013/11/04 00:58:26 | 000,196,608 | ---- | M] () -- C:\Users\TxnerT\sxstrace.etl
[2013/11/04 00:53:27 | 005,143,677 | R--- | M] (Swearware) -- C:\Users\TxnerT\Desktop\ComboFix.exe
[2013/11/03 19:03:49 | 000,279,110 | ---- | M] () -- C:\Users\TxnerT\Desktop\MGlogs.zip
[2013/11/03 19:03:49 | 000,279,110 | ---- | M] () -- C:\MGlogs.zip
[2013/11/03 17:20:18 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/03 17:20:18 | 000,649,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/03 17:20:18 | 000,117,848 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/11/03 17:14:55 | 000,288,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/11/03 17:12:52 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/11/03 16:38:14 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-LEGEND-Microsoft-Windows-7-Home-Premium-(64-bit).dat
[2013/11/03 16:22:47 | 000,000,692 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2013/11/03 01:28:00 | 000,829,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll
[2013/11/03 01:28:00 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr100.dll
[2013/11/03 01:28:00 | 000,608,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp100.dll
[2013/11/03 01:28:00 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp100.dll
[2013/11/03 01:15:30 | 000,317,829 | ---- | M] () -- C:\Thunderbird 24.1.0 (en-US) - 2013-11-03.pcv
[2013/11/02 19:50:00 | 000,010,908 | ---- | M] () -- C:\Users\TxnerT\Desktop\dbtech_thanks.php
[2013/11/02 18:29:09 | 000,010,594 | ---- | M] () -- C:\Users\TxnerT\Desktop\Attach&ddsLogs.zip
[2013/11/02 17:15:31 | 004,121,952 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\TxnerT\Desktop\tdsskiller.exe
[2013/11/01 14:53:32 | 000,115,900 | ---- | M] () -- C:\Users\TxnerT\Desktop\invitacion.png
[2013/10/31 00:06:01 | 000,091,411 | ---- | M] () -- C:\Users\TxnerT\Desktop\1395096_10151928522486480_916997865_n.jpg
[2013/10/30 15:02:44 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/30 15:02:44 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/30 07:20:22 | 000,002,229 | ---- | M] () -- C:\Users\Public\Desktop\AVG 1-Click Maintenance.lnk
[2013/10/30 07:20:22 | 000,002,203 | ---- | M] () -- C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk
[2013/10/30 06:24:39 | 000,002,114 | ---- | M] () -- C:\Users\TxnerT\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2013/10/29 19:39:34 | 144,790,821 | ---- | M] () -- C:\Users\TxnerT\AppData\Local\ACCCx2_2_0_248.zip.aamdownload
[2013/10/29 19:39:34 | 000,001,817 | ---- | M] () -- C:\Users\TxnerT\AppData\Local\ACCCx2_2_0_248.zip.aamdownload.aamd
[2013/10/26 15:22:36 | 000,032,202 | ---- | M] () -- C:\Users\TxnerT\Desktop\Bar.jpg
[2013/10/26 15:04:36 | 000,000,132 | ---- | M] () -- C:\Users\TxnerT\AppData\Roaming\Adobe GIF Format CS6 Prefs
[2013/10/26 03:25:35 | 000,001,548 | ---- | M] () -- C:\Users\TxnerT\AppData\Local\recently-used.xbel
[2013/10/26 02:21:09 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/10/26 02:21:09 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/10/26 02:15:35 | 000,358,142 | ---- | M] () -- C:\Users\TxnerT\Desktop\VIP Table.swf
[2013/10/20 18:53:42 | 000,000,722 | ---- | M] () -- C:\Windows\WVS_InstDBLogFile.csv
[2013/10/16 23:41:00 | 000,000,600 | ---- | M] () -- C:\Users\TxnerT\AppData\Local\PUTTY.RND
[2013/10/11 19:07:15 | 000,001,229 | ---- | M] () -- C:\Users\Public\Desktop\Netsparker.lnk
[2013/10/11 03:09:37 | 000,764,746 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/10/09 16:29:37 | 000,000,017 | ---- | M] () -- C:\Users\TxnerT\AppData\Local\resmon.resmoncfg
[2013/10/09 16:28:41 | 000,103,832 | ---- | M] () -- C:\Users\TxnerT\GoToAssistDownloadHelper.exe
[2013/10/09 02:43:26 | 000,000,443 | ---- | M] () -- C:\Users\TxnerT\AppData\Local\UserProducts.xml
[2013/10/08 07:50:37 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/10/08 07:46:52 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/10/08 07:46:47 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/10/08 07:46:23 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/10/06 01:10:30 | 000,087,454 | ---- | M] () -- C:\Users\TxnerT\Desktop\pic_044_clean_790.jpg

========== Files Created - No Company Name ==========

[2013/11/04 18:09:50 | 000,010,908 | ---- | C] () -- C:\Users\TxnerT\Desktop\dbtech_thanks.php
[2013/11/04 17:54:30 | 000,047,894 | ---- | C] () -- C:\Users\TxnerT\Desktop\CHBanner-v2.gif
[2013/11/04 16:45:24 | 001,329,178 | ---- | C] () -- C:\Users\TxnerT\Desktop\CH.gif
[2013/11/04 16:37:37 | 000,041,068 | ---- | C] () -- C:\Users\TxnerT\Desktop\register.php
[2013/11/04 16:27:50 | 000,105,664 | ---- | C] () -- C:\Users\TxnerT\Desktop\CHBanner-v1.gif
[2013/11/04 15:07:58 | 000,108,387 | ---- | C] () -- C:\Users\TxnerT\Desktop\CHBanner.gif
[2013/11/04 14:36:43 | 008,775,439 | ---- | C] () -- C:\Users\TxnerT\Desktop\5651FP04112013.7z
[2013/11/04 04:25:02 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
[2013/11/04 04:24:27 | 000,000,684 | -H-- | C] () -- C:\bdr-cf01
[2013/11/04 04:24:10 | 000,002,190 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Safepay.lnk
[2013/11/04 04:24:10 | 000,002,071 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Total Security.lnk
[2013/11/04 04:24:10 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2013/11/04 04:01:59 | 003,271,472 | -H-- | C] () -- C:\bdr-bz01
[2013/11/04 04:01:59 | 000,009,216 | -H-- | C] () -- C:\bdr-ld01.mbr
[2013/11/04 04:01:58 | 046,879,860 | -H-- | C] () -- C:\bdr-im01.gz
[2013/11/04 04:01:58 | 000,253,404 | -H-- | C] () -- C:\bdr-ld01
[2013/11/04 01:07:26 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/11/04 01:07:26 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/11/04 01:07:26 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/11/04 01:07:26 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/11/04 01:07:26 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/11/04 00:58:14 | 000,196,608 | ---- | C] () -- C:\Users\TxnerT\sxstrace.etl
[2013/11/03 16:38:14 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-LEGEND-Microsoft-Windows-7-Home-Premium-(64-bit).dat
[2013/11/03 01:34:23 | 000,000,692 | ---- | C] () -- C:\Windows\SysNative\.crusader
[2013/11/03 01:15:18 | 000,317,829 | ---- | C] () -- C:\Thunderbird 24.1.0 (en-US) - 2013-11-03.pcv
[2013/11/02 18:29:09 | 000,010,594 | ---- | C] () -- C:\Users\TxnerT\Desktop\Attach&ddsLogs.zip
[2013/11/02 18:05:15 | 000,279,110 | ---- | C] () -- C:\Users\TxnerT\Desktop\MGlogs.zip
[2013/11/02 17:54:16 | 000,279,110 | ---- | C] () -- C:\MGlogs.zip
[2013/11/01 14:53:32 | 000,115,900 | ---- | C] () -- C:\Users\TxnerT\Desktop\invitacion.png
[2013/10/31 00:06:01 | 000,091,411 | ---- | C] () -- C:\Users\TxnerT\Desktop\1395096_10151928522486480_916997865_n.jpg
[2013/10/30 15:02:12 | 000,288,952 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/10/30 07:20:22 | 000,002,229 | ---- | C] () -- C:\Users\Public\Desktop\AVG 1-Click Maintenance.lnk
[2013/10/30 07:20:22 | 000,002,215 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014.lnk
[2013/10/30 07:20:22 | 000,002,203 | ---- | C] () -- C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk
[2013/10/29 19:39:17 | 144,790,821 | ---- | C] () -- C:\Users\TxnerT\AppData\Local\ACCCx2_2_0_248.zip.aamdownload
[2013/10/29 19:39:17 | 000,001,817 | ---- | C] () -- C:\Users\TxnerT\AppData\Local\ACCCx2_2_0_248.zip.aamdownload.aamd
[2013/10/26 15:22:34 | 000,032,202 | ---- | C] () -- C:\Users\TxnerT\Desktop\Bar.jpg
[2013/10/26 15:04:36 | 000,000,132 | ---- | C] () -- C:\Users\TxnerT\AppData\Roaming\Adobe GIF Format CS6 Prefs
[2013/10/26 03:25:35 | 000,001,548 | ---- | C] () -- C:\Users\TxnerT\AppData\Local\recently-used.xbel
[2013/10/26 02:15:22 | 000,358,142 | ---- | C] () -- C:\Users\TxnerT\Desktop\VIP Table.swf
[2013/10/15 21:38:27 | 000,000,600 | ---- | C] () -- C:\Users\TxnerT\AppData\Local\PUTTY.RND
[2013/10/11 19:07:15 | 000,001,229 | ---- | C] () -- C:\Users\Public\Desktop\Netsparker.lnk
[2013/10/09 16:29:37 | 000,000,017 | ---- | C] () -- C:\Users\TxnerT\AppData\Local\resmon.resmoncfg
[2013/10/09 16:28:41 | 000,103,832 | ---- | C] () -- C:\Users\TxnerT\GoToAssistDownloadHelper.exe
[2013/10/06 01:10:28 | 000,087,454 | ---- | C] () -- C:\Users\TxnerT\Desktop\pic_044_clean_790.jpg
[2013/09/28 00:07:15 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013/09/28 00:07:15 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013/08/09 01:38:59 | 000,110,602 | ---- | C] () -- C:\Windows\SysWow64\xcdsfx32.bin
[2013/07/20 23:45:11 | 000,282,696 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013/07/20 23:45:04 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013/07/16 01:48:59 | 000,120,664 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2013/05/06 16:40:32 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2013/05/05 17:48:39 | 000,200,697 | ---- | C] () -- C:\Windows\SysWow64\poclbm121016GeForce GTX 280Mv1w256l4.bin
[2013/04/30 18:57:23 | 000,000,039 | ---- | C] () -- C:\Windows\spwdrp.INI
[2013/04/06 06:07:20 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2013/04/06 05:59:12 | 000,007,859 | ---- | C] () -- C:\Users\TxnerT\AppData\Roaming\pcouffin.cat
[2013/04/06 05:59:12 | 000,001,167 | ---- | C] () -- C:\Users\TxnerT\AppData\Roaming\pcouffin.inf
[2013/03/31 17:32:29 | 000,000,109 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2013/03/31 17:29:06 | 000,764,746 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/03/26 17:24:40 | 000,043,008 | ---- | C] () -- C:\Windows\SysWow64\libgcc_s_dw2-1.dll
[2013/03/26 17:24:40 | 000,011,362 | ---- | C] () -- C:\Windows\SysWow64\mingwm10.dll
[2013/03/25 15:03:52 | 000,036,864 | ---- | C] () -- C:\Windows\runSW.exe
[2013/03/22 22:07:18 | 000,000,000 | ---- | C] () -- C:\Users\TxnerT\AppData\Local\license.ini
[2013/03/19 16:43:35 | 000,000,443 | ---- | C] () -- C:\Users\TxnerT\AppData\Local\UserProducts.xml
[2013/03/19 05:25:58 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2013/03/19 04:14:56 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 22:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

========== Base Services ==========
SRV:64bit: - [2009/07/13 21:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2013/02/27 01:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/13 21:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010/11/20 23:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/20 23:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2011/11/17 02:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 21:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 21:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/04 18:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013/07/09 01:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013/07/09 00:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/20 23:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/20 23:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 23:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011/03/03 02:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/13 21:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 21:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 21:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/13 21:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010/11/20 23:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/07/13 21:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 21:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 21:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 21:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 21:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012/10/03 13:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/13 21:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011/05/24 07:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/02/11 02:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2011/11/17 02:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/13 21:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/20 23:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/20 23:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/20 23:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2011/11/17 02:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/07/13 21:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/11/20 23:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/20 23:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 23:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/20 23:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/20 23:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 23:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/13 21:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/05/01 01:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/20 23:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/20 23:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/20 23:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/20 23:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/11/20 23:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/20 23:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/20 23:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/20 23:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/20 23:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/13 21:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/02 18:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV - [2012/02/02 16:39:22 | 001,914,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/20 23:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/13 21:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/20 23:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< End of report >
  • 0

#6
Phel

Phel

    Trusted Helper

  • Malware Removal
  • 1,386 posts
So, how your computer is running now? I don't see any signs of infection on your system, except some pieces of adware. Let's clean them out.

Step 1. OTL fix.

  • Run OTL.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

    :Commands
    [CREATERESTOREPOINT]
    
    :OTL
    64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox
    
    :Commands
    [REBOOT]
  • Then click the Run Fix button at the top.
  • Let the program run unhindered, reboot the PC when it is done.
Step 2. AdwCleaner scan.

  • Please, download AdwCleaner from here to your Desktop.
  • Right click on adwcleaner.exe file on your Desktop->Run as Administrator.
  • Adwcleaner window should appear.
  • Click on Scan button. Scan could take some time to proceed.
  • Click on the Clean button.
  • Click on OK.
  • Computer will be rebooted automatically, when program will finish it's job.
  • After fix Notepad window with report should appear. Post the contents of the report in your next message.
Step 3. OTL scan.

  • Run OTL.
  • Click on Scan All Users checkbox, which is located near Quick Scan button.
  • Then click the Run Scan button at the top.
  • Let the program run unhindered.
  • When the scan completes, it will open notepad window - OTL.Txt. This is saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file and post them in your topic.
So, please, don't forget to post in your next message:

  • OTL.txt
  • AdwCleaner log

  • 0

#7
Vako

Vako

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
OTL logfile created on: 11/6/2013 3:05:16 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\TxnerT\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.01 Gb Available Physical Memory | 75.17% Memory free
9.99 Gb Paging File | 7.66 Gb Available in Paging File | 76.60% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 169.91 Gb Total Space | 108.43 Gb Free Space | 63.82% Space Free | Partition Type: NTFS
Drive D: | 48.39 Gb Total Space | 34.06 Gb Free Space | 70.39% Space Free | Partition Type: NTFS
Drive H: | 931.51 Gb Total Space | 818.01 Gb Free Space | 87.82% Space Free | Partition Type: NTFS

Computer Name: LEGEND | User Name: TxnerT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/11/02 16:51:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\TxnerT\Downloads\OTL.exe
PRC - [2013/10/23 09:46:11 | 000,621,448 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
PRC - [2013/10/08 20:02:45 | 000,844,752 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/10/01 08:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013/10/01 08:14:39 | 012,631,904 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
PRC - [2013/10/01 08:05:43 | 000,195,936 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
PRC - [2013/09/27 13:39:50 | 000,313,120 | ---- | M] (Skillbrains) -- C:\Users\TxnerT\AppData\Local\Skillbrains\lightshot\4.4.2.10\Lightshot.exe
PRC - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) -- C:\Program Files (x86)\Skype\Updater\Updater.exe
PRC - [2013/06/26 16:19:34 | 001,006,112 | ---- | M] () -- C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 8\WVSScheduler.exe
PRC - [2013/05/11 06:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/07 15:42:10 | 002,109,440 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtWLan.exe
PRC - [2012/11/02 15:41:32 | 000,364,704 | ---- | M] (GoldenFrog) -- C:\Program Files (x86)\VyprVPN\VyprVPN.exe
PRC - [2012/05/10 10:38:06 | 000,036,864 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe
PRC - [2010/05/21 13:34:38 | 000,013,624 | ---- | M] (Alienware) -- C:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exe
PRC - [2010/05/21 13:33:48 | 000,063,304 | ---- | M] (Alienware Corporation) -- C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
PRC - [2010/04/04 14:44:10 | 000,095,560 | ---- | M] (Sensible Vision ) -- C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe
PRC - [2010/04/04 14:44:08 | 001,992,008 | ---- | M] (Sensible Vision ) -- C:\Program Files\Alienware\Command Center\AlienSense\FATrayAlert.exe
PRC - [2010/04/04 14:43:38 | 002,409,800 | ---- | M] (Sensible Vision ) -- C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe
PRC - [2009/02/20 13:13:04 | 000,013,312 | ---- | M] () -- C:\Program Files\OSD\Service1.exe
PRC - [2009/02/19 14:45:42 | 000,020,480 | ---- | M] (Alienware Corporation) -- C:\Program Files\OSD\Launch_CC.exe


========== Modules (No Company Name) ==========

MOD - [2013/10/11 03:38:53 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\8f5b881951592b2fd05f710650bf7e04\System.Core.ni.dll
MOD - [2013/10/11 03:34:54 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll
MOD - [2013/10/11 03:34:40 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/10/11 03:34:34 | 001,806,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\0a7b20934d7587787e7dae923d1614f4\System.Deployment.ni.dll
MOD - [2013/10/11 03:34:33 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll
MOD - [2013/10/11 03:34:23 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
MOD - [2013/10/11 03:34:20 | 000,688,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\65fa27da96ef57affcac61ac16c111e0\System.Security.ni.dll
MOD - [2013/10/11 03:34:18 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/10/08 20:02:43 | 000,415,184 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll
MOD - [2013/10/08 20:02:41 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll
MOD - [2013/10/08 20:01:50 | 000,698,832 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
MOD - [2013/10/08 20:01:49 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libegl.dll
MOD - [2013/10/08 20:01:47 | 001,604,560 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
MOD - [2013/08/14 03:35:54 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll
MOD - [2013/08/14 03:29:25 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\764054efc88f51b54c8d7e44df26b671\System.Data.ni.dll
MOD - [2013/08/14 03:28:58 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/14 03:28:40 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c949e6e8d206e0d33d11ff711eda2745\System.Xml.ni.dll
MOD - [2013/08/14 03:28:32 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/07/11 03:33:10 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/06/19 11:44:37 | 000,204,280 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender\antispam32\txmlutil.dll
MOD - [2013/03/19 04:35:22 | 004,790,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienwareAlienFXModelResources\1.0.92.0__bebb3c8816410241\AlienwareAlienFXModelResources.dll
MOD - [2013/03/19 04:35:22 | 000,443,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienwareAlienFXTools\1.0.92.0__bebb3c8816410241\AlienwareAlienFXTools.dll
MOD - [2013/03/19 04:35:22 | 000,075,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienLabsTools\1.0.92.0__bebb3c8816410241\AlienLabsTools.dll
MOD - [2013/03/19 04:35:22 | 000,037,712 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Alienlabs.CommandCenter.Tools\1.0.92.0__bebb3c8816410241\Alienlabs.CommandCenter.Tools.dll
MOD - [2013/03/19 04:35:22 | 000,036,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x514\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x514.dll
MOD - [2013/03/19 04:35:22 | 000,028,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x516\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x516.dll
MOD - [2013/03/19 04:35:22 | 000,027,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x515\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x515.dll
MOD - [2013/03/19 04:35:22 | 000,027,424 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LightFX\1.0.92.0__bebb3c8816410241\LightFX.dll
MOD - [2013/03/19 04:35:22 | 000,025,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.DeviceDiscovery\1.0.92.0__bebb3c8816410241\AlienFX.DeviceDiscovery.dll
MOD - [2013/03/19 04:35:22 | 000,024,904 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.XPS\1.0.92.0__bebb3c8816410241\AlienFX.Communication.XPS.dll
MOD - [2013/03/19 04:35:22 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienLabs.MasterIOBoard.Communication\1.0.92.0__bebb3c8816410241\AlienLabs.MasterIOBoard.Communication.dll
MOD - [2013/03/19 04:35:22 | 000,008,192 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienLabs.MasterIOBoard.Communication.Core\1.0.92.0__bebb3c8816410241\AlienLabs.MasterIOBoard.Communication.Core.dll
MOD - [2013/03/19 04:35:21 | 000,037,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x511\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x511.dll
MOD - [2013/03/19 04:35:21 | 000,036,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x512\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x512.dll
MOD - [2013/03/19 04:35:21 | 000,019,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x513\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x513.dll
MOD - [2013/03/19 04:35:21 | 000,017,224 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.Core\1.0.92.0__bebb3c8816410241\AlienFX.Communication.Core.dll
MOD - [2013/03/19 04:35:21 | 000,011,584 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AlienFX.Communication\1.0.92.0__bebb3c8816410241\AlienFX.Communication.dll
MOD - [2012/11/02 15:40:30 | 000,091,648 | ---- | M] () -- C:\Program Files (x86)\VyprVPN\Lib\VpnLib.dll
MOD - [2012/11/02 15:40:06 | 000,056,832 | ---- | M] () -- C:\Program Files (x86)\VyprVPN\Lib\libvyprweb.dll
MOD - [2012/11/02 15:39:08 | 000,248,832 | ---- | M] () -- C:\Program Files (x86)\VyprVPN\Lib\libcurl.dll
MOD - [2010/11/20 23:24:08 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/04/04 14:45:06 | 000,089,416 | ---- | M] () -- C:\Windows\SysWOW64\FAIEExtension.dll
MOD - [2010/04/04 14:44:12 | 000,059,208 | ---- | M] () -- C:\Windows\SysWOW64\FAib.dll
MOD - [2010/04/04 14:42:44 | 000,247,624 | ---- | M] () -- C:\Windows\SysWOW64\FACrashRpt.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/10/23 12:27:59 | 001,506,736 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender\vsserv.exe -- (VSSERV)
SRV:64bit: - [2013/10/15 08:02:22 | 000,077,120 | ---- | M] (Bitdefender) [Disabled | Stopped] -- C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe -- (BdDesktopParental)
SRV:64bit: - [2013/10/07 11:33:30 | 000,067,320 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe -- (UPDATESRV)
SRV:64bit: - [2013/07/08 14:59:09 | 000,094,624 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe -- (SafeBox)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/12/28 04:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [On_Demand | Stopped] -- C:\Program Files\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV:64bit: - [2010/05/21 09:39:22 | 000,014,648 | ---- | M] (Alienware) [Auto | Stopped] -- C:\Program Files\Alienware\Command Center\AlienFusionService.exe -- (AlienFusionService)
SRV:64bit: - [2010/04/04 14:43:38 | 002,409,800 | ---- | M] (Sensible Vision ) [Auto | Running] -- C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe -- (FAService)
SRV:64bit: - [2009/02/20 13:13:04 | 000,013,312 | ---- | M] () [Auto | Running] -- C:\Program Files\OSD\Service1.exe -- (CustomSvc)
SRV - [2013/11/04 04:41:35 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/26 02:21:09 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/01 08:14:40 | 005,087,584 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/09/23 11:10:16 | 002,099,512 | ---- | M] (AVG) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2013/09/13 18:24:32 | 000,350,792 | ---- | M] (Verizon) [Disabled | Stopped] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2013/09/05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/06/26 16:19:34 | 001,006,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 8\WVSScheduler.exe -- (AcuWVSSchedulerv8)
SRV - [2013/05/30 11:19:36 | 000,016,000 | ---- | M] (Seagate Technology LLC) [Disabled | Stopped] -- C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe -- (Seagate Dashboard Services)
SRV - [2013/05/11 06:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/19 17:03:24 | 000,489,256 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/05/10 10:38:06 | 000,036,864 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe -- (RealtekCU)
SRV - [2011/08/03 07:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/08/23 12:48:49 | 000,150,256 | ---- | M] (BitDefender LLC) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\gzflt.sys -- (gzflt)
DRV:64bit: - [2013/08/19 01:57:27 | 006,544,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2013/08/09 01:13:08 | 002,355,416 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTWlanU.sys -- (RtlWlanu)
DRV:64bit: - [2013/08/07 12:46:28 | 000,389,240 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\trufos.sys -- (trufos)
DRV:64bit: - [2013/07/23 15:50:57 | 000,082,824 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bdsandbox.sys -- (BDSandBox)
DRV:64bit: - [2013/07/19 17:08:08 | 000,601,360 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf)
DRV:64bit: - [2013/07/19 17:04:54 | 000,727,592 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3)
DRV:64bit: - [2013/07/13 02:44:57 | 000,035,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2013/07/02 13:04:11 | 000,121,928 | ---- | M] (Bitdefender SRL) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys -- (bdfwfpf_pc)
DRV:64bit: - [2013/05/09 16:36:16 | 000,076,288 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsn64.sys -- (risdptsk)
DRV:64bit: - [2013/05/09 16:35:26 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2013/05/09 16:35:23 | 000,067,072 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2013/05/09 16:35:19 | 000,054,784 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2013/05/07 21:52:00 | 000,020,024 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2013/02/22 18:46:52 | 000,093,600 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- c:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys -- (BdfNdisf)
DRV:64bit: - [2012/11/02 13:17:46 | 000,261,056 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avchv.sys -- (avchv)
DRV:64bit: - [2012/08/24 03:56:56 | 000,126,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/04/17 13:34:26 | 000,076,944 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bdvedisk.sys -- (BDVEDISK)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/15 13:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011/11/14 19:16:37 | 000,103,504 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/11 09:35:24 | 000,806,400 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192cu.sys -- (RTL8192cu)
DRV:64bit: - [2010/11/20 23:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/09/30 15:00:06 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/09/30 15:00:06 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/08/12 12:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2010/07/13 08:57:08 | 000,069,736 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\itecir.sys -- (itecir)
DRV:64bit: - [2009/12/30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/10/23 13:27:12 | 000,307,760 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/09/24 22:36:14 | 000,238,848 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\facap.sys -- (FACAP)
DRV - [2013/09/18 11:14:34 | 000,014,112 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2013/07/13 02:26:43 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2011/06/02 10:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: %7BB042753D-F57E-4e8e-A01B-7379A6D4CEFB%7D:1.35
FF - prefs.js..extensions.enabledAddons: donottrackplus%40abine.com:2.2.9.618
FF - prefs.js..extensions.enabledAddons: %7Be5bbc237-c99b-4ced-a061-0be27703295f%7D:1.1
FF - prefs.js..extensions.enabledAddons: %7B4093c4de-454a-4329-8aff-c6b0b123c386%7D:0.8.12
FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.7.3
FF - prefs.js..extensions.enabledAddons: ffpwdman%40bitdefender.com:1.0
FF - prefs.js..extensions.enabledAddons: zigboom%40ymail.com:2.1.1
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: 0
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Bitdefender.com/PasswordManager;version=17.8: C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxnp.dll (Bitdefender)
FF - HKLM\Software\MozillaPlugins\@ieinspector.com/ha_plugin: C:\Program Files (x86)\IEInspector\HTTPAnalyzerFullV7\firefox\Components File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\TxnerT\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\PROGRAM FILES\UPDATER BY SWEETPACKS\FIREFOX
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER\BDTBEXT [2013/10/28 21:41:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ [2013/10/28 21:41:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/11/04 04:41:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/11/04 04:41:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\Bitdefender\Bitdefender\bdtbext [2013/10/28 21:41:08 | 000,000,000 | ---D | M]

[2013/03/19 04:09:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Extensions
[2013/10/25 14:53:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions
[2013/03/19 05:10:33 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2013/07/12 00:24:38 | 000,000,000 | ---D | M] (DoNotTrackMe) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\[email protected]
[2013/10/05 12:10:18 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\[email protected]
[2013/09/26 22:38:08 | 000,000,000 | ---D | M] (LavaFox V2) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\[email protected]
[2013/09/28 20:05:02 | 000,000,000 | ---D | M] (LavaFox V2-Green) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\[email protected]
[2013/10/04 22:37:56 | 000,070,694 | ---- | M] () (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\[email protected]
[2013/06/11 19:45:56 | 000,021,637 | ---- | M] () (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\[email protected]
[2013/08/18 22:03:57 | 000,019,225 | ---- | M] () (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\[email protected]
[2013/10/25 14:53:44 | 000,348,260 | ---- | M] () (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\[email protected]
[2013/10/19 16:49:46 | 000,135,673 | ---- | M] () (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\{4093c4de-454a-4329-8aff-c6b0b123c386}.xpi
[2013/10/09 21:43:44 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/08/18 22:08:53 | 000,013,041 | ---- | M] () (No name found) -- C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\extensions\{e5bbc237-c99b-4ced-a061-0be27703295f}.xpi
[2013/11/04 04:41:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\Extensions
[2013/11/04 04:41:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/11/04 04:41:41 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/10/28 21:41:18 | 000,000,000 | ---D | M] (Bitdefender Wallet) -- C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER\ANTISPAM32\FFPWDMAN
[2012/01/12 04:58:30 | 000,917,816 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: BitCometAgent (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npBitCometAgent.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U25 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\TxnerT\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Bitdefender Wallet = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl\17.19.0_0\
CHR - Extension: Google Search = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: My Downloads = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpofbbgoaeoiiagmlfkkipjmggkedgic\0.1.0.5_0\
CHR - Extension: QCLean: Remove Facebook Ads, Suggested Pages and Posts = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdhhejjkjfjkchkimomgfegnpapndjne\0.3.1_0\
CHR - Extension: Clean the Junk = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaenhjgmhjdjkjjfmbefgllcamnelmef\1.4.6_0\
CHR - Extension: Adblock Pro = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch\2.6_0\
CHR - Extension: Gmail = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Google Docs = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Bitdefender Wallet = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl\17.19.0_0\
CHR - Extension: Google Search = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: My Downloads = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpofbbgoaeoiiagmlfkkipjmggkedgic\0.1.0.5_0\
CHR - Extension: QCLean: Remove Facebook Ads, Suggested Pages and Posts = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdhhejjkjfjkchkimomgfegnpapndjne\0.3.1_0\
CHR - Extension: Clean the Junk = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaenhjgmhjdjkjjfmbefgllcamnelmef\1.4.6_0\
CHR - Extension: Adblock Pro = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch\2.6_0\
CHR - Extension: Gmail = C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/11/04 17:15:39 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Bitdefender Wallet ) - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Bitdefender Wallet) - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender\antispam32\pmbxie.dll (Bitdefender)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (SSOIEAddonBHO Class) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files\Alienware\Command Center\AlienSense\FAIESSO.dll (Sensible Vision )
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AlienFX Controller] C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (Alienware Corporation)
O4:64bit: - HKLM..\Run: [Bdagent] C:\Program Files\Bitdefender\Bitdefender\bdagent.exe (Bitdefender)
O4 - HKLM..\Run: [DBAgent] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe (Seagate Technology LLC)
O4 - HKLM..\Run: [FAStartup] File not found
O4 - HKLM..\Run: [FATrayAlert] C:\Program Files\Alienware\Command Center\AlienSense\FATrayMon.exe (Sensible Vision )
O4 - HKLM..\Run: [OSD] c:\Program Files\OSD\Launch.exe (HH)
O4 - HKU\.DEFAULT..\Run: [Bitdefender Wallet] C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe (Bitdefender)
O4 - HKU\.DEFAULT..\Run: [Bitdefender Wallet Agent] C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe (Bitdefender)
O4 - HKU\.DEFAULT..\Run: [Bitdefender Wallet Application Agent] C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe (Bitdefender)
O4 - HKU\S-1-5-18..\Run: [Bitdefender Wallet] C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe (Bitdefender)
O4 - HKU\S-1-5-18..\Run: [Bitdefender Wallet Agent] C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe (Bitdefender)
O4 - HKU\S-1-5-18..\Run: [Bitdefender Wallet Application Agent] C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe (Bitdefender)
O4 - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000..\Run: [Bitdefender Wallet] C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe (Bitdefender)
O4 - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000..\Run: [Bitdefender Wallet Agent] C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe (Bitdefender)
O4 - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000..\Run: [Bitdefender Wallet Application Agent] C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe (Bitdefender)
O4 - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000..\Run: [Launch_CC] c:\Program Files\OSD\Launch_CC.exe (Alienware Corporation)
O4 - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000..\Run: [LightShot] C:\Users\TxnerT\AppData\Local\Skillbrains\lightshot\LightShot.exe ()
O4 - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000..\Run: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (Seagate Technology LLC)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3984871074-3827112338-3617424434-1000\..Trusted Domains: dell.com ([]* in Trusted sites)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{056F4682-6B78-4BF6-B352-8A6B36D03D65}: NameServer = 209.99.109.53 209.99.109.54
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{62C0D2E2-E787-4D21-8178-27121C96333C}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C7328B24-C3A6-4F70-B5D6-CD1E64EF9317}: DhcpNameServer = 10.0.0.1
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/06 02:58:53 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/06 01:13:31 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Local\ElevatedDiagnostics
[2013/11/05 23:50:59 | 000,000,000 | ---D | C] -- C:\dell
[2013/11/05 21:24:05 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\Desktop\ForumSpamChecker
[2013/11/05 17:31:01 | 000,000,000 | -HSD | C] -- C:\found.000
[2013/11/04 18:36:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/11/04 18:06:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Globalscape
[2013/11/04 18:06:43 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Local\Globalscape
[2013/11/04 18:05:29 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Globalscape
[2013/11/04 18:05:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Globalscape
[2013/11/04 17:19:35 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/11/04 17:15:46 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/11/04 16:32:25 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2013/11/04 16:25:51 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2013/11/04 16:25:51 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2013/11/04 14:38:08 | 000,000,000 | ---D | C] -- C:\ProgramData\WinterSoft
[2013/11/04 04:41:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/11/04 04:24:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender
[2013/11/04 04:23:59 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2013/11/04 04:23:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VyprVPN
[2013/11/04 04:23:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VyprVPN
[2013/11/04 04:23:36 | 000,076,944 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\bdvedisk.sys
[2013/11/04 04:22:58 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\capicom.dll
[2013/11/04 04:22:58 | 000,093,600 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\BdfNdisf6.sys
[2013/11/04 04:22:58 | 000,082,824 | ---- | C] (BitDefender SRL) -- C:\Windows\SysNative\drivers\bdsandbox.sys
[2013/11/04 04:22:56 | 000,727,592 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys
[2013/11/04 04:22:56 | 000,601,360 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys
[2013/11/04 04:22:56 | 000,261,056 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avchv.sys
[2013/11/04 04:02:14 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Bitdefender
[2013/11/04 03:56:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender
[2013/11/04 03:56:58 | 000,150,256 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\gzflt.sys
[2013/11/04 03:56:57 | 000,389,240 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys
[2013/11/04 03:56:57 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2013/11/04 03:56:37 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\QuickScan
[2013/11/04 03:54:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2013/11/04 01:07:26 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/11/04 01:07:26 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/11/04 01:07:26 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/11/04 00:53:46 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/11/03 18:58:27 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Local\CrashDumps
[2013/11/03 17:15:43 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/11/03 17:12:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2
[2013/11/03 16:40:08 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/11/03 16:16:22 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2013/11/03 04:55:03 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/11/03 04:52:20 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe
[2013/11/03 04:43:54 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/11/03 01:37:56 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\Doctor Web
[2013/11/03 01:28:00 | 000,829,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll
[2013/11/03 01:28:00 | 000,773,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr100.dll
[2013/11/03 01:28:00 | 000,608,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp100.dll
[2013/11/03 01:28:00 | 000,421,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp100.dll
[2013/11/03 00:53:01 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Spamihilator
[2013/11/02 17:15:15 | 004,121,952 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\TxnerT\Desktop\tdsskiller.exe
[2013/11/02 16:44:14 | 005,143,677 | R--- | C] (Swearware) -- C:\Users\TxnerT\Desktop\ComboFix.exe
[2013/11/02 04:18:32 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\0x90.org
[2013/11/02 04:18:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\0x90.org
[2013/11/02 03:52:46 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\Documents\BSQL Hacker Logs
[2013/11/02 02:47:34 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BSQL Hacker
[2013/10/30 07:24:43 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\TuneUp Software
[2013/10/30 07:20:34 | 000,040,248 | ---- | C] (AVG) -- C:\Windows\SysNative\TURegOpt.exe
[2013/10/30 07:20:33 | 000,029,496 | ---- | C] (AVG) -- C:\Windows\SysNative\authuitu.dll
[2013/10/30 07:20:33 | 000,025,400 | ---- | C] (AVG) -- C:\Windows\SysWow64\authuitu.dll
[2013/10/30 07:20:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014
[2013/10/30 07:20:16 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\AVG
[2013/10/30 07:19:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2013/10/30 07:18:21 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG
[2013/10/30 07:18:10 | 000,000,000 | -HSD | C] -- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[2013/10/30 06:23:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013/10/28 03:01:18 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2013/10/27 04:22:01 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\Desktop\green icons
[2013/10/27 03:00:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013/10/26 14:47:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/10/26 04:55:02 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\Desktop\DepositfileCracker
[2013/10/26 03:21:22 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\.thumbnails
[2013/10/26 03:20:12 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\.gimp-2.8
[2013/10/26 02:30:58 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\Documents\GomPlayer
[2013/10/26 02:30:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
[2013/10/26 02:30:36 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\GRETECH
[2013/10/26 02:30:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GRETECH
[2013/10/26 02:24:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2013/10/26 02:02:49 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Serif
[2013/10/26 00:08:44 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\Desktop\VBstuff
[2013/10/24 23:32:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC SOFT
[2013/10/22 02:54:05 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\Desktop\Dbox
[2013/10/20 18:53:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acunetix Web Vulnerability Scanner 8
[2013/10/20 02:51:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NT OBJECTives
[2013/10/20 02:26:30 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2013/10/20 02:26:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2013/10/20 02:26:29 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Notepad++
[2013/10/20 02:26:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2013/10/16 18:11:59 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\FileZilla
[2013/10/15 21:32:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/10/15 21:32:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/10/15 21:32:13 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/10/15 21:32:09 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/10/15 21:32:09 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/10/15 21:32:09 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/10/15 21:31:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
[2013/10/15 21:31:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/10/15 21:23:02 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\.ssh
[2013/10/15 21:23:01 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\.sshterm
[2013/10/11 19:21:51 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Roaming\Mavituna Security Ltd
[2013/10/11 03:12:12 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/10/11 03:12:12 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/10/11 03:12:11 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/10/11 03:12:11 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/10/11 03:12:11 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/10/11 03:12:11 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/10/11 03:12:11 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/10/11 03:12:11 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/10/11 03:12:11 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/10/11 03:12:11 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/10/11 03:12:11 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/10/11 03:12:10 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/10/11 03:12:09 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/10/11 03:12:09 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/10/11 03:12:09 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/10/10 05:33:50 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2013/10/10 05:33:49 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013/10/10 05:33:48 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013/10/10 05:33:48 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2013/10/10 05:33:48 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2013/10/10 05:33:48 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013/10/10 05:33:48 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2013/10/10 05:33:48 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013/10/10 05:33:48 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2013/10/10 05:33:46 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2013/10/10 05:33:46 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2013/10/10 05:33:45 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2013/10/10 05:33:40 | 005,549,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/10/10 05:33:38 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2013/10/10 05:33:37 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/10/10 05:33:37 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/10/10 05:33:37 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/10/10 05:33:37 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2013/10/10 05:33:37 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2013/10/10 05:33:36 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/10/10 05:33:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/10/10 05:33:36 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/10/10 05:33:36 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/10/10 05:33:36 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/10/10 05:33:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/10/10 05:33:31 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2013/10/10 05:33:31 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013/10/10 05:33:30 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2013/10/09 16:29:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Citrix
[2013/10/09 16:28:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Citrix
[2013/10/09 16:28:42 | 000,000,000 | ---D | C] -- C:\Users\TxnerT\AppData\Local\Citrix
[2013/04/06 05:59:12 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\TxnerT\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2013/11/06 03:08:41 | 000,024,496 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/06 03:08:41 | 000,024,496 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/06 03:02:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/06 02:48:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/06 02:29:00 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\update-S-1-5-21-3984871074-3827112338-3617424434-1000.job
[2013/11/06 01:59:39 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/11/06 01:59:39 | 000,649,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/11/06 01:59:39 | 000,117,848 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/11/06 00:14:00 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\update-sys.job
[2013/11/04 18:30:44 | 000,041,068 | ---- | M] () -- C:\Users\TxnerT\Desktop\register.php
[2013/11/04 17:15:39 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/11/04 16:41:08 | 000,002,188 | -H-- | M] () -- C:\Users\TxnerT\Documents\Default.rdp
[2013/11/04 16:32:25 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2013/11/04 14:38:02 | 008,775,439 | ---- | M] () -- C:\Users\TxnerT\Desktop\5651FP04112013.7z
[2013/11/04 04:25:02 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
[2013/11/04 04:24:27 | 000,253,404 | -H-- | M] () -- C:\bdr-ld01
[2013/11/04 04:24:27 | 000,009,216 | -H-- | M] () -- C:\bdr-ld01.mbr
[2013/11/04 04:24:27 | 000,000,684 | -H-- | M] () -- C:\bdr-cf01
[2013/11/04 04:24:10 | 000,002,190 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Safepay.lnk
[2013/11/04 04:24:10 | 000,002,071 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Total Security.lnk
[2013/11/04 04:24:10 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2013/11/04 00:58:26 | 000,196,608 | ---- | M] () -- C:\Users\TxnerT\sxstrace.etl
[2013/11/04 00:53:27 | 005,143,677 | R--- | M] (Swearware) -- C:\Users\TxnerT\Desktop\ComboFix.exe
[2013/11/03 19:03:49 | 000,279,110 | ---- | M] () -- C:\MGlogs.zip
[2013/11/03 17:14:55 | 000,288,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/11/03 17:12:52 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/11/03 16:38:14 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-LEGEND-Microsoft-Windows-7-Home-Premium-(64-bit).dat
[2013/11/03 16:22:47 | 000,000,692 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2013/11/03 01:28:00 | 000,829,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll
[2013/11/03 01:28:00 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr100.dll
[2013/11/03 01:28:00 | 000,608,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcp100.dll
[2013/11/03 01:28:00 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp100.dll
[2013/11/03 01:15:30 | 000,317,829 | ---- | M] () -- C:\Thunderbird 24.1.0 (en-US) - 2013-11-03.pcv
[2013/11/02 17:15:31 | 004,121,952 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\TxnerT\Desktop\tdsskiller.exe
[2013/11/01 14:53:32 | 000,115,900 | ---- | M] () -- C:\Users\TxnerT\Desktop\invitacion.png
[2013/10/31 00:06:01 | 000,091,411 | ---- | M] () -- C:\Users\TxnerT\Desktop\1395096_10151928522486480_916997865_n.jpg
[2013/10/30 15:02:44 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/30 15:02:44 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/30 07:20:22 | 000,002,229 | ---- | M] () -- C:\Users\Public\Desktop\AVG 1-Click Maintenance.lnk
[2013/10/30 07:20:22 | 000,002,203 | ---- | M] () -- C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk
[2013/10/30 06:24:39 | 000,002,114 | ---- | M] () -- C:\Users\TxnerT\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2013/10/29 19:39:34 | 144,790,821 | ---- | M] () -- C:\Users\TxnerT\AppData\Local\ACCCx2_2_0_248.zip.aamdownload
[2013/10/29 19:39:34 | 000,001,817 | ---- | M] () -- C:\Users\TxnerT\AppData\Local\ACCCx2_2_0_248.zip.aamdownload.aamd
[2013/10/26 15:22:36 | 000,032,202 | ---- | M] () -- C:\Users\TxnerT\Desktop\Bar.jpg
[2013/10/26 15:04:36 | 000,000,132 | ---- | M] () -- C:\Users\TxnerT\AppData\Roaming\Adobe GIF Format CS6 Prefs
[2013/10/26 03:25:35 | 000,001,548 | ---- | M] () -- C:\Users\TxnerT\AppData\Local\recently-used.xbel
[2013/10/26 02:21:09 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/10/26 02:21:09 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/10/26 02:15:35 | 000,358,142 | ---- | M] () -- C:\Users\TxnerT\Desktop\VIP Table.swf
[2013/10/20 18:53:42 | 000,000,722 | ---- | M] () -- C:\Windows\WVS_InstDBLogFile.csv
[2013/10/16 23:41:00 | 000,000,600 | ---- | M] () -- C:\Users\TxnerT\AppData\Local\PUTTY.RND
[2013/10/11 19:07:15 | 000,001,229 | ---- | M] () -- C:\Users\Public\Desktop\Netsparker.lnk
[2013/10/11 03:09:37 | 000,764,746 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/10/09 16:29:37 | 000,000,017 | ---- | M] () -- C:\Users\TxnerT\AppData\Local\resmon.resmoncfg
[2013/10/09 16:28:41 | 000,103,832 | ---- | M] () -- C:\Users\TxnerT\GoToAssistDownloadHelper.exe
[2013/10/09 02:43:26 | 000,000,443 | ---- | M] () -- C:\Users\TxnerT\AppData\Local\UserProducts.xml
[2013/10/08 07:50:37 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/10/08 07:46:52 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/10/08 07:46:47 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/10/08 07:46:23 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe

========== Files Created - No Company Name ==========

[2013/11/04 16:37:37 | 000,041,068 | ---- | C] () -- C:\Users\TxnerT\Desktop\register.php
[2013/11/04 14:36:43 | 008,775,439 | ---- | C] () -- C:\Users\TxnerT\Desktop\5651FP04112013.7z
[2013/11/04 04:25:02 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
[2013/11/04 04:24:27 | 000,000,684 | -H-- | C] () -- C:\bdr-cf01
[2013/11/04 04:24:10 | 000,002,190 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Safepay.lnk
[2013/11/04 04:24:10 | 000,002,071 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Total Security.lnk
[2013/11/04 04:24:10 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2013/11/04 04:01:59 | 003,271,472 | -H-- | C] () -- C:\bdr-bz01
[2013/11/04 04:01:59 | 000,009,216 | -H-- | C] () -- C:\bdr-ld01.mbr
[2013/11/04 04:01:58 | 046,879,860 | -H-- | C] () -- C:\bdr-im01.gz
[2013/11/04 04:01:58 | 000,253,404 | -H-- | C] () -- C:\bdr-ld01
[2013/11/04 01:07:26 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/11/04 01:07:26 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/11/04 01:07:26 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/11/04 01:07:26 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/11/04 01:07:26 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/11/04 00:58:14 | 000,196,608 | ---- | C] () -- C:\Users\TxnerT\sxstrace.etl
[2013/11/03 16:38:14 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-LEGEND-Microsoft-Windows-7-Home-Premium-(64-bit).dat
[2013/11/03 01:34:23 | 000,000,692 | ---- | C] () -- C:\Windows\SysNative\.crusader
[2013/11/03 01:15:18 | 000,317,829 | ---- | C] () -- C:\Thunderbird 24.1.0 (en-US) - 2013-11-03.pcv
[2013/11/02 17:54:16 | 000,279,110 | ---- | C] () -- C:\MGlogs.zip
[2013/11/01 14:53:32 | 000,115,900 | ---- | C] () -- C:\Users\TxnerT\Desktop\invitacion.png
[2013/10/31 00:06:01 | 000,091,411 | ---- | C] () -- C:\Users\TxnerT\Desktop\1395096_10151928522486480_916997865_n.jpg
[2013/10/30 15:02:12 | 000,288,952 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/10/30 07:20:22 | 000,002,229 | ---- | C] () -- C:\Users\Public\Desktop\AVG 1-Click Maintenance.lnk
[2013/10/30 07:20:22 | 000,002,215 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014.lnk
[2013/10/30 07:20:22 | 000,002,203 | ---- | C] () -- C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk
[2013/10/29 19:39:17 | 144,790,821 | ---- | C] () -- C:\Users\TxnerT\AppData\Local\ACCCx2_2_0_248.zip.aamdownload
[2013/10/29 19:39:17 | 000,001,817 | ---- | C] () -- C:\Users\TxnerT\AppData\Local\ACCCx2_2_0_248.zip.aamdownload.aamd
[2013/10/26 15:22:34 | 000,032,202 | ---- | C] () -- C:\Users\TxnerT\Desktop\Bar.jpg
[2013/10/26 15:04:36 | 000,000,132 | ---- | C] () -- C:\Users\TxnerT\AppData\Roaming\Adobe GIF Format CS6 Prefs
[2013/10/26 03:25:35 | 000,001,548 | ---- | C] () -- C:\Users\TxnerT\AppData\Local\recently-used.xbel
[2013/10/26 02:15:22 | 000,358,142 | ---- | C] () -- C:\Users\TxnerT\Desktop\VIP Table.swf
[2013/10/15 21:38:27 | 000,000,600 | ---- | C] () -- C:\Users\TxnerT\AppData\Local\PUTTY.RND
[2013/10/11 19:07:15 | 000,001,229 | ---- | C] () -- C:\Users\Public\Desktop\Netsparker.lnk
[2013/10/09 16:29:37 | 000,000,017 | ---- | C] () -- C:\Users\TxnerT\AppData\Local\resmon.resmoncfg
[2013/10/09 16:28:41 | 000,103,832 | ---- | C] () -- C:\Users\TxnerT\GoToAssistDownloadHelper.exe
[2013/09/28 00:07:15 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2013/09/28 00:07:15 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2013/08/09 01:38:59 | 000,110,602 | ---- | C] () -- C:\Windows\SysWow64\xcdsfx32.bin
[2013/07/16 01:48:59 | 000,120,664 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2013/05/06 16:40:32 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2013/05/05 17:48:39 | 000,200,697 | ---- | C] () -- C:\Windows\SysWow64\poclbm121016GeForce GTX 280Mv1w256l4.bin
[2013/04/30 18:57:23 | 000,000,039 | ---- | C] () -- C:\Windows\spwdrp.INI
[2013/04/06 06:07:20 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2013/04/06 05:59:12 | 000,007,859 | ---- | C] () -- C:\Users\TxnerT\AppData\Roaming\pcouffin.cat
[2013/04/06 05:59:12 | 000,001,167 | ---- | C] () -- C:\Users\TxnerT\AppData\Roaming\pcouffin.inf
[2013/03/31 17:32:29 | 000,000,109 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2013/03/31 17:29:06 | 000,764,746 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/03/26 17:24:40 | 000,043,008 | ---- | C] () -- C:\Windows\SysWow64\libgcc_s_dw2-1.dll
[2013/03/26 17:24:40 | 000,011,362 | ---- | C] () -- C:\Windows\SysWow64\mingwm10.dll
[2013/03/25 15:03:52 | 000,036,864 | ---- | C] () -- C:\Windows\runSW.exe
[2013/03/22 22:07:18 | 000,000,000 | ---- | C] () -- C:\Users\TxnerT\AppData\Local\license.ini
[2013/03/19 16:43:35 | 000,000,443 | ---- | C] () -- C:\Users\TxnerT\AppData\Local\UserProducts.xml
[2013/03/19 05:25:58 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2013/03/19 04:14:56 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 22:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >


# AdwCleaner v3.011 - Report created 06/11/2013 at 03:00:49
# Updated 03/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : TxnerT - LEGEND
# Running from : C:\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Mozilla Firefox v25.0 (en-US)

[ File : C:\Users\TxnerT\AppData\Roaming\Mozilla\Firefox\Profiles\4rr3eg8j.default\prefs.js ]


-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\TxnerT\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R2].txt - [887 octets] - [06/11/2013 02:59:10]
AdwCleaner[S2].txt - [809 octets] - [06/11/2013 03:00:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [868 octets] ##########


Everything is running smooth.
  • 0

#8
Phel

Phel

    Trusted Helper

  • Malware Removal
  • 1,386 posts
  • Download Farbar Recovery Scan Tool x64 here to your Desktop.
  • When completed, launch the downloaded file.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.

    Posted Image
  • Press Scan button.
  • It will make a log (FRST.txt) on the Desktop. Please copy and paste it to your reply.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP