I will recount my problems and action taken briefly in approx. Reverse chronological order - this is only way I can reliably recall events (I am 73 after all!!).
- today downloaded live mail and it is installed/working normally (hooray!!!)
- last error today was Killbox "is not a valid win32 application"
- installed Outlook and/from Office 2010
- Windows Essential download failed 4 or 5 times (error msge "corrupted installation file" - 5 times!!!?)
- Windows Live Mail locked in off-line mode (caused by IE9?)
- had to repeat a few download attempts of several progs (very unusual event)
- all software is up-to-date (verified by Secunia psi).
I realize a fresh installation of Win7 would probably do the trick, but is such a pain in the butt that I would prefer to avoid doing so.
Thanks for any help you may give (even if it is only "bu***r off and endure some pain in the a***!)
Otl Logfile Created On: 13/09/2013 17:17:21 - Run 1
Otl By Oldtimer - Version 3.2.69.0 Folder = C:\Users\Mike\Downloads
64Bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = Ntworkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000809 | Country: United Kingdom | Language: Eng | Date Format: Dd/Mm/Yyyy
7.94 Gb Total Physical Memory | 5.63 Gb Available Physical Memory | 70.93% Memory Free
15.87 Gb Paging File | 13.25 Gb Available In Paging File | 83.48% Paging File Free
Paging File Location(S): ?:\Pagefile.Sys [Binary Data]
%Systemdrive% = C: | %Systemroot% = C:\Windows | %Programfiles% = C:\Program Files (X86)
Drive C: | 149.00 Gb Total Space | 61.54 Gb Free Space | 41.30% Space Free | Partition Type: Ntfs
Drive D: | 84.52 Gb Total Space | 78.89 Gb Free Space | 93.34% Space Free | Partition Type: Ntfs
Drive E: | 64.49 Gb Total Space | 60.38 Gb Free Space | 93.63% Space Free | Partition Type: Ntfs
Drive G: | 1863.01 Gb Total Space | 1858.18 Gb Free Space | 99.74% Space Free | Partition Type: Ntfs
Computer Name: Mike-Pc | User Name: Mike | Logged In As Administrator.
Boot Mode: Normal | Scan Mode: Current User | Quick Scan | Include 64Bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (Safelist) ==========
Prc - [2013/09/13 12:52:18 | 000,602,112 | ---- | M] (Oldtimer Tools) -- C:\Users\Mike\Downloads\Otl.Exe
Prc - [2013/09/12 13:52:48 | 001,862,024 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\Syswow64\Macromed\Flash\Flashplayerplugin_11_8_800_168.Exe
Prc - [2013/08/28 23:45:10 | 003,873,784 | ---- | M] (Acronis) -- C:\Program Files (X86)\Common Files\Acronis\Cdp\Afcdpsrv.Exe
Prc - [2013/08/22 13:26:20 | 007,780,904 | ---- | M] (Acronis) -- C:\Program Files (X86)\Acronis\Trueimagehome\Trueimagemonitor.Exe
Prc - [2013/08/21 16:35:04 | 009,735,136 | ---- | M] (Acronis) -- C:\Program Files (X86)\Common Files\Acronis\Syncagent\Syncagentsrv.Exe
Prc - [2013/08/19 11:01:26 | 001,435,928 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (X86)\Trusteer\Rapport\Bin\Rapportmgmtservice.Exe
Prc - [2013/08/19 11:01:24 | 002,476,312 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (X86)\Trusteer\Rapport\Bin\Rapportservice.Exe
Prc - [2013/08/18 16:57:30 | 006,572,688 | ---- | M] (Power Soft) -- C:\Program Files (X86)\Power Soft\Power Notes\Notes.Exe
Prc - [2013/08/18 09:56:00 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files (X86)\Mozilla Firefox\Firefox.Exe
Prc - [2013/08/01 12:20:22 | 002,095,808 | ---- | M] () -- C:\Program Files (X86)\Comodo\Dragon\Dragon_Updater.Exe
Prc - [2013/05/09 09:58:30 | 004,858,968 | ---- | M] (Avast Software) -- C:\Program Files\Avast Software\Avast\Avastui.Exe
Prc - [2013/05/09 09:58:30 | 000,046,808 | ---- | M] (Avast Software) -- C:\Program Files\Avast Software\Avast\Avastsvc.Exe
Prc - [2013/04/30 08:50:46 | 000,070,152 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\Syswow64\Nlssrv32.Exe
Prc - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (X86)\Malwarebytes' Anti-Malware\Mbamservice.Exe
Prc - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (X86)\Malwarebytes' Anti-Malware\Mbamgui.Exe
Prc - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (X86)\Malwarebytes' Anti-Malware\Mbamscheduler.Exe
Prc - [2013/02/22 12:32:59 | 002,849,120 | ---- | M] (Teamviewer Gmbh) -- C:\Program Files (X86)\Teamviewer\Version7\Teamviewer_Service.Exe
Prc - [2013/01/18 08:14:20 | 000,383,264 | ---- | M] (Nvidia Corporation) -- C:\Program Files (X86)\Nvidia Corporation\3D Vision\Nvscpapisvr.Exe
Prc - [2013/01/10 14:12:22 | 001,103,440 | ---- | M] (Acronis) -- C:\Program Files (X86)\Common Files\Acronis\Tibmounter\Tibmountermonitor.Exe
Prc - [2012/10/05 14:30:36 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) -- C:\Program Files (X86)\Common Files\Comodo\Launcher_Service.Exe
Prc - [2012/09/28 14:21:26 | 001,815,040 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (X86)\Common Files\Comodo\Geekbuddyrsp.Exe
Prc - [2012/06/27 08:25:06 | 001,326,176 | ---- | M] (Secunia) -- C:\Program Files (X86)\Secunia\Psi\Psia.Exe
Prc - [2012/06/27 08:25:04 | 000,681,056 | ---- | M] (Secunia) -- C:\Program Files (X86)\Secunia\Psi\Sua.Exe
Prc - [2012/06/27 08:25:04 | 000,572,000 | ---- | M] (Secunia) -- C:\Program Files (X86)\Secunia\Psi\Psi_Tray.Exe
Prc - [2012/01/18 06:45:28 | 006,849,248 | ---- | M] (3M) -- C:\Program Files (X86)\3M\Pdnotes\Pdnotes.Exe
========== Modules (No Company Name) ==========
Mod - [2013/09/12 14:26:18 | 001,840,640 | ---- | M] () -- C:\Windows\Assembly\Nativeimages_V2.0.50727_32\System.Web.Services\3D075C3B7D099Aca217Beecac1F66B4B\System.Web.Services.Ni.Dll
Mod - [2013/09/12 13:52:47 | 016,177,544 | ---- | M] () -- C:\Windows\Syswow64\Macromed\Flash\Npswf32_11_8_800_168.Dll
Mod - [2013/09/02 09:26:00 | 000,991,984 | ---- | M] () -- C:\Programdata\Trusteer\Rapport\Store\Exts\Rapportms\Baseline\Rapportms.Dll
Mod - [2013/08/22 13:22:56 | 000,028,992 | ---- | M] () -- C:\Program Files (X86)\Common Files\Acronis\Home\Thread_Pool.Dll
Mod - [2013/08/22 13:22:50 | 000,036,672 | ---- | M] () -- C:\Program Files (X86)\Acronis\Trueimagehome\Qt_Icontray_Ex.Dll
Mod - [2013/08/18 09:55:57 | 003,551,640 | ---- | M] () -- C:\Program Files (X86)\Mozilla Firefox\Mozjs.Dll
Mod - [2013/08/18 03:40:17 | 000,628,224 | ---- | M] () -- C:\Windows\Assembly\Nativeimages_V2.0.50727_32\System.Enterprisese#\5970036570C1E44E8Ae0F6F94C1039Aa\System.Enterpriseservices.Ni.Dll
Mod - [2013/08/18 03:40:16 | 000,627,200 | ---- | M] () -- C:\Windows\Assembly\Nativeimages_V2.0.50727_32\System.Transactions\4Ada2213Cefea889A5Ed6E2Fb6839B93\System.Transactions.Ni.Dll
Mod - [2013/08/18 03:40:16 | 000,280,064 | ---- | M] () -- C:\Windows\Assembly\Nativeimages_V2.0.50727_32\System.Enterprisese#\5970036570C1E44E8Ae0F6F94C1039Aa\System.Enterpriseservices.Wrapper.Dll
Mod - [2013/08/18 03:40:14 | 006,611,456 | ---- | M] () -- C:\Windows\Assembly\Nativeimages_V2.0.50727_32\System.Data\764054Efc88F51B54C8D7E44Df26B671\System.Data.Ni.Dll
Mod - [2013/08/18 03:39:38 | 012,436,480 | ---- | M] () -- C:\Windows\Assembly\Nativeimages_V2.0.50727_32\System.Windows.Forms\28Ea347A952D20959Ac6Ae02D7457D39\System.Windows.Forms.Ni.Dll
Mod - [2013/08/18 03:39:29 | 001,593,344 | ---- | M] () -- C:\Windows\Assembly\Nativeimages_V2.0.50727_32\System.Drawing\5Aa44Bce7933E4De09D935848F868A4B\System.Drawing.Ni.Dll
Mod - [2013/08/18 03:39:27 | 001,806,848 | ---- | M] () -- C:\Windows\Assembly\Nativeimages_V2.0.50727_32\System.Deployment\53404435978580E5Cae29Dffd2129F74\System.Deployment.Ni.Dll
Mod - [2013/08/18 03:39:03 | 005,464,064 | ---- | M] () -- C:\Windows\Assembly\Nativeimages_V2.0.50727_32\System.Xml\09Db78D6068543Df01862A023Aca785A\System.Xml.Ni.Dll
Mod - [2013/08/18 03:38:55 | 000,978,432 | ---- | M] () -- C:\Windows\Assembly\Nativeimages_V2.0.50727_32\System.Configuration\8F7D83126A3Cf283E5Ac97F2D6D99F12\System.Configuration.Ni.Dll
Mod - [2013/08/18 03:38:53 | 007,989,760 | ---- | M] () -- C:\Windows\Assembly\Nativeimages_V2.0.50727_32\System\5D22A30E587E2Cac106B81Fb351E7C08\System.Ni.Dll
Mod - [2013/07/10 05:22:55 | 000,025,600 | ---- | M] () -- C:\Windows\Assembly\Nativeimages_V2.0.50727_32\Accessibility\8C20095Bd7D46Cdfa7933Eb258A07Daa\Accessibility.Ni.Dll
Mod - [2013/07/10 05:22:14 | 011,499,520 | ---- | M] () -- C:\Windows\Assembly\Nativeimages_V2.0.50727_32\Mscorlib\9A6C1B7Af18B4D5A91Dc7F8D6617522F\Mscorlib.Ni.Dll
Mod - [2013/04/04 01:09:40 | 004,300,456 | ---- | M] () -- C:\Program Files (X86)\Common Files\Microsoft Shared\Office14\Cultures\Office.Odf
Mod - [2013/01/10 13:43:34 | 000,014,360 | ---- | M] () -- C:\Program Files (X86)\Common Files\Acronis\Tibmounter\Icudt38.Dll
Mod - [2012/06/27 15:09:06 | 000,557,056 | ---- | M] () -- C:\Program Files (X86)\Trusteer\Rapport\Bin\Js32.Dll
Mod - [2012/01/18 06:45:32 | 000,226,016 | ---- | M] () -- C:\Program Files (X86)\3M\Pdnotes\Psnutil.Dll
Mod - [2012/01/18 06:45:30 | 002,212,576 | ---- | M] () -- C:\Program Files (X86)\3M\Pdnotes\Psndbaccessprevious.Dll
Mod - [2012/01/18 06:45:28 | 004,498,144 | ---- | M] () -- C:\Program Files (X86)\3M\Pdnotes\Psndbaccess.Dll
Mod - [2010/11/21 04:24:08 | 002,927,616 | ---- | M] () -- C:\Windows\Assembly\Gac_32\System.Data\2.0.0.0__B77A5C561934E089\System.Data.Dll
Mod - [2010/11/21 04:24:07 | 000,113,664 | ---- | M] () -- C:\Windows\Assembly\Gac_32\System.Enterpriseservices\2.0.0.0__B03F5F7F11D50A3A\System.Enterpriseservices.Wrapper.Dll
Mod - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (X86)\Microsoft Office\Office14\1033\Grooveintlresource.Dll
Mod - [2009/07/14 02:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\Syswow64\Msjetoledb40.Dll
Mod - [2009/06/10 22:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\Assembly\Gac_32\System.Transactions\2.0.0.0__B77A5C561934E089\System.Transactions.Dll
========== Services (Safelist) ==========
Srv:64Bit: - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\Mpsvc.Dll -- (Windefend)
Srv:64Bit: - [2013/05/23 21:12:02 | 000,143,120 | ---- | M] (Superantispyware.Com) [Auto | Running] -- C:\Program Files\Superantispyware\Sascore64.Exe -- (!Sascore)
Srv:64Bit: - [2013/05/09 09:58:30 | 000,046,808 | ---- | M] (Avast Software) [Auto | Running] -- C:\Program Files\Avast Software\Avast\Avastsvc.Exe -- (Avast! Antivirus)
Srv:64Bit: - [2013/04/30 08:50:36 | 000,230,408 | ---- | M] (Nitro Pdf Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro\Pro\8.0\Nitropdfdriverservice8X64.Exe -- (Nitrodriverreadspool8)
Srv:64Bit: - [2013/04/16 10:18:04 | 000,672,272 | ---- | M] (Genie9) [Auto | Running] -- C:\Program Files\Genie9\Genie Timeline\Genietimelineservice.Exe -- (Genietimelineservice)
Srv:64Bit: - [2012/12/16 12:25:38 | 000,123,664 | ---- | M] (Sandboxie L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\Sbiesvc.Exe -- (Sbiesvc)
Srv:64Bit: - [2012/11/08 00:37:39 | 002,828,408 | ---- | M] (Comodo) [Auto | Running] -- C:\Program Files\Comodo\Comodo Internet Security\Cmdagent.Exe -- (Cmdagent)
Srv:64Bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Sysnative\Appmgmts.Dll -- (Appmgmt)
Srv - [2013/09/12 13:52:48 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\Syswow64\Macromed\Flash\Flashplayerupdateservice.Exe -- (Adobeflashplayerupdatesvc)
Srv - [2013/08/28 23:45:10 | 003,873,784 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (X86)\Common Files\Acronis\Cdp\Afcdpsrv.Exe -- (Afcdpsrv)
Srv - [2013/08/21 16:35:04 | 009,735,136 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (X86)\Common Files\Acronis\Syncagent\Syncagentsrv.Exe -- (Syncagentsrv)
Srv - [2013/08/19 11:01:26 | 001,435,928 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files (X86)\Trusteer\Rapport\Bin\Rapportmgmtservice.Exe -- (Rapportmgmtservice)
Srv - [2013/08/18 09:55:58 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (X86)\Mozilla Maintenance Service\Maintenanceservice.Exe -- (Mozillamaintenance)
Srv - [2013/08/01 12:20:22 | 002,095,808 | ---- | M] () [Auto | Running] -- C:\Program Files (X86)\Comodo\Dragon\Dragon_Updater.Exe -- (Dragonupdater)
Srv - [2013/07/18 11:52:22 | 001,142,616 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (X86)\Common Files\Acronis\Schedule2\Schedul2.Exe -- (Acrsch2Svc)
Srv - [2013/04/30 08:50:46 | 000,070,152 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\Syswow64\Nlssrv32.Exe -- (Nlsx86Cc)
Srv - [2013/04/23 19:25:15 | 000,016,680 | ---- | M] (Citrix Online, A Division Of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (X86)\Citrix\Gotoassist\570\G2Aservice.Exe -- (Gotoassist)
Srv - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (X86)\Malwarebytes' Anti-Malware\Mbamservice.Exe -- (Mbamservice)
Srv - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (X86)\Malwarebytes' Anti-Malware\Mbamscheduler.Exe -- (Mbamscheduler)
Srv - [2013/02/22 12:32:59 | 002,849,120 | ---- | M] (Teamviewer Gmbh) [Auto | Running] -- C:\Program Files (X86)\Teamviewer\Version7\Teamviewer_Service.Exe -- (Teamviewer7)
Srv - [2013/01/18 08:14:20 | 000,383,264 | ---- | M] (Nvidia Corporation) [Auto | Running] -- C:\Program Files (X86)\Nvidia Corporation\3D Vision\Nvscpapisvr.Exe -- (Stereo Service)
Srv - [2012/12/03 16:47:14 | 001,259,880 | ---- | M] (Nvidia Corporation) [Auto | Stopped] -- C:\Program Files (X86)\Nvidia Corporation\Nvidia Update Core\Daemonu.Exe -- (Nvupdatusservice)
Srv - [2012/10/05 14:30:36 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) [Auto | Running] -- C:\Program Files (X86)\Common Files\Comodo\Launcher_Service.Exe -- (Clpslauncher)
Srv - [2012/09/28 14:21:26 | 001,815,040 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (X86)\Common Files\Comodo\Geekbuddyrsp.Exe -- (Geekbuddyrsp)
Srv - [2012/06/27 08:25:06 | 001,326,176 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (X86)\Secunia\Psi\Psia.Exe -- (Secunia Psi Agent)
Srv - [2012/06/27 08:25:04 | 000,681,056 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (X86)\Secunia\Psi\Sua.Exe -- (Secunia Update Agent)
Srv - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.Net\Framework\V4.0.30319\Mscorsvw.Exe -- (Clr_Optimization_V4.0.30319_32)
Srv - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.Net\Framework\V2.0.50727\Mscorsvw.Exe -- (Clr_Optimization_V2.0.50727_32)
Srv - [2007/01/11 04:02:00 | 000,126,464 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Programdata\Epson\Epw!3 Ssrp\E_S40Rpb.Exe -- (Epson_Pm_Rpcv4_01)
========== Driver Services (Safelist) ==========
Drv:64Bit: - [2013/08/28 23:45:16 | 000,367,200 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\Sysnative\Drivers\Afcdp.Sys -- (Afcdp)
Drv:64Bit: - [2013/08/28 23:45:06 | 001,464,096 | ---- | M] (Acronis International Gmbh) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Tdrpman.Sys -- (Tdrpman)
Drv:64Bit: - [2013/08/28 23:45:03 | 000,183,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\Sysnative\Drivers\Tib_Mounter.Sys -- (Tib_Mounter)
Drv:64Bit: - [2013/08/28 23:44:56 | 001,120,032 | ---- | M] (Acronis International Gmbh) [Kernel | Boot | Running] -- C:\Windows\Sysnative\Drivers\Tib.Sys -- (Tib)
Drv:64Bit: - [2013/08/28 23:44:41 | 000,161,568 | ---- | M] (Acronis International Gmbh) [Kernel | Boot | Running] -- C:\Windows\Sysnative\Drivers\Vididr.Sys -- (Vididr)
Drv:64Bit: - [2013/08/28 23:44:36 | 000,117,024 | ---- | M] (Acronis International Gmbh) [Kernel | Boot | Running] -- C:\Windows\Sysnative\Drivers\Vidsflt.Sys -- (Vidsflt)
Drv:64Bit: - [2013/08/28 23:44:29 | 000,269,600 | ---- | M] (Acronis International Gmbh) [Kernel | Boot | Running] -- C:\Windows\Sysnative\Drivers\Snapman.Sys -- (Snapman)
Drv:64Bit: - [2013/08/28 23:44:24 | 000,116,000 | ---- | M] (Acronis International Gmbh) [Kernel | Boot | Running] -- C:\Windows\Sysnative\Drivers\Fltsrv.Sys -- (Fltsrv)
Drv:64Bit: - [2013/06/27 20:53:56 | 001,030,952 | ---- | M] (Avast Software) [File_System | System | Running] -- C:\Windows\Sysnative\Drivers\Aswsnx.Sys -- (Aswsnx)
Drv:64Bit: - [2013/06/27 20:53:56 | 000,378,944 | ---- | M] (Avast Software) [Kernel | System | Running] -- C:\Windows\Sysnative\Drivers\Aswsp.Sys -- (Aswsp)
Drv:64Bit: - [2013/06/27 20:53:56 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\Sysnative\Drivers\Aswvmm.Sys -- (Aswvmm)
Drv:64Bit: - [2013/05/31 15:53:12 | 000,222,200 | ---- | M] (Qfx Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\Sysnative\Drivers\Keyscrambler.Sys -- (Keyscrambler)
Drv:64Bit: - [2013/05/09 09:59:07 | 000,072,016 | ---- | M] (Avast Software) [Kernel | System | Running] -- C:\Windows\Sysnative\Drivers\Aswrdr2.Sys -- (Aswrdr)
Drv:64Bit: - [2013/05/09 09:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\Sysnative\Drivers\Aswrvrt.Sys -- (Aswrvrt)
Drv:64Bit: - [2013/05/09 09:59:07 | 000,064,288 | ---- | M] (Avast Software) [Kernel | System | Running] -- C:\Windows\Sysnative\Drivers\Aswtdi.Sys -- (Aswtdi)
Drv:64Bit: - [2013/05/09 09:59:06 | 000,080,816 | ---- | M] (Avast Software) [File_System | Auto | Running] -- C:\Windows\Sysnative\Drivers\Aswmonflt.Sys -- (Aswmonflt)
Drv:64Bit: - [2013/05/09 09:59:06 | 000,033,400 | ---- | M] (Avast Software) [File_System | Auto | Running] -- C:\Windows\Sysnative\Drivers\Aswfsblk.Sys -- (Aswfsblk)
Drv:64Bit: - [2013/05/09 09:59:06 | 000,022,600 | ---- | M] (Avast Software) [Kernel | Boot | Running] -- C:\Windows\Sysnative\Drivers\Aswkbd.Sys -- (Aswkbd)
Drv:64Bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\Sysnative\Drivers\Mbam.Sys -- (Mbamprotector)
Drv:64Bit: - [2013/03/07 09:49:18 | 000,017,480 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Epmntdrv.Sys -- (Epmntdrv)
Drv:64Bit: - [2013/03/07 09:49:18 | 000,009,800 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Eugdidrv.Sys -- (Eugdidrv)
Drv:64Bit: - [2012/12/16 12:25:34 | 000,202,632 | ---- | M] (Sandboxie L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\Sbiedrv.Sys -- (Sbiedrv)
Drv:64Bit: - [2012/08/23 15:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Terminpt.Sys -- (Terminpt)
Drv:64Bit: - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Rdpvideominiport.Sys -- (Rdpvideominiport)
Drv:64Bit: - [2012/08/23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Tsusbgd.Sys -- (Tsusbgd)
Drv:64Bit: - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Tsusbflt.Sys -- (Tsusbflt)
Drv:64Bit: - [2012/07/03 16:25:16 | 000,189,288 | ---- | M] (Nvidia Corporation) [Kernel | On_Demand | Running] -- C:\Windows\Sysnative\Drivers\Nvhda64V.Sys -- (Nvhda)
Drv:64Bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\Sysnative\Drivers\Fs_Rec.Sys -- (Fs_Rec)
Drv:64Bit: - [2011/12/16 15:20:10 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\Sysnative\Drivers\Psi_Mf.Sys -- (Psi)
Drv:64Bit: - [2011/07/22 17:26:56 | 000,014,928 | ---- | M] (Superadblocker.Com And Superantispyware.Com) [Kernel | System | Running] -- C:\Program Files\Superantispyware\Sasdifsv64.Sys -- (Sasdifsv)
Drv:64Bit: - [2011/07/12 22:55:18 | 000,012,368 | ---- | M] (Superadblocker.Com And Superantispyware.Com) [Kernel | System | Running] -- C:\Program Files\Superantispyware\Saskutil64.Sys -- (Saskutil)
Drv:64Bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Amdsata.Sys -- (Amdsata)
Drv:64Bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\Sysnative\Drivers\Amdxata.Sys -- (Amdxata)
Drv:64Bit: - [2010/11/21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Tsusbhub.Sys -- (Tsusbhub)
Drv:64Bit: - [2010/11/21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Synth3Dvsc.Sys -- (Synth3Dvsc)
Drv:64Bit: - [2010/11/21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Dmvsc.Sys -- (Dmvsc)
Drv:64Bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Hpsamd.Sys -- (Hpsamd)
Drv:64Bit: - [2009/12/30 11:21:26 | 000,031,800 | ---- | M] (Vs Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Revoflt.Sys -- (Revoflt)
Drv:64Bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (Amd Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Amdsbs.Sys -- (Amdsbs)
Drv:64Bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (Lsi Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Lsi_Sas2.Sys -- (Lsi_Sas2)
Drv:64Bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Stexstor.Sys -- (Stexstor)
Drv:64Bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Evbda.Sys -- (Ebdrv)
Drv:64Bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Bxvbda.Sys -- (B06Bdrv)
Drv:64Bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\Sysnative\Drivers\B57Nd60A.Sys -- (B57Nd60A)
Drv:64Bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\Sysnative\Drivers\Hcw85Cir.Sys -- (Hcw85Cir)
Drv - [2013/09/02 09:25:56 | 000,589,872 | ---- | M] () [Kernel | System | Running] -- C:\Programdata\Trusteer\Rapport\Store\Exts\Rapportcerberus\Baseline\Rapportcerberus64_56758.Sys -- (Rapportcerberus_56758)
Drv - [2013/08/19 11:01:38 | 000,265,872 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (X86)\Trusteer\Rapport\Bin\X64\Rapportei64.Sys -- (Rapportei64)
Drv - [2013/08/19 11:01:36 | 000,384,432 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (X86)\Trusteer\Rapport\Bin\X64\Rapportpg64.Sys -- (Rapportpg64)
Drv - [2013/03/07 09:49:20 | 000,013,896 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\Syswow64\Epmntdrv.Sys -- (Epmntdrv)
Drv - [2013/03/07 09:49:20 | 000,009,160 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\Syswow64\Eugdidrv.Sys -- (Eugdidrv)
Drv - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\Syswow64\Drivers\Wimmount.Sys -- (Wimmount)
========== Standard Registry (Safelist) ==========
========== Internet Explorer ==========
Ie:64Bit: - Hklm\..\Searchscopes,Defaultscope = {0633Ee93-D776-472F-A0Ff-E1416B8B2E3A}
Ie:64Bit: - Hklm\..\Searchscopes\{0633Ee93-D776-472F-A0Ff-E1416B8B2E3A}: "Url" = Http://Www.Bing.Com/Search?Q={Searchterms}&Form=Ie8Src
Ie - Hklm\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\Syswow64\Blank.Htm
Ie - Hklm\..\Searchscopes,Defaultscope = {0633Ee93-D776-472F-A0Ff-E1416B8B2E3A}
Ie - Hklm\..\Searchscopes\{0633Ee93-D776-472F-A0Ff-E1416B8B2E3A}: "Url" = Http://Www.Bing.Com/Search?Q={Searchterms}&Form=Ie8Src
Ie - Hkcu\Software\Microsoft\Internet Explorer\Main,Start Page =
Ie - Hkcu\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = Http://Uk.Msn.Com/
Ie - Hkcu\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache Acceptlangs = En-Gb
Ie - Hkcu\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_Timestamp = 35 Fd 48 Ce D3 Ac Ce 01 [Binary Data]
Ie - Hkcu\..\Searchscopes,Defaultscope = {0633Ee93-D776-472F-A0Ff-E1416B8B2E3A}
Ie - Hkcu\..\Searchscopes\{0633Ee93-D776-472F-A0Ff-E1416B8B2E3A}: "Url" = Http://Www.Bing.Com/Search?Q={Searchterms}&Src=Ie-Searchbox&Form=Ie10Sr
Ie - Hkcu\Software\Microsoft\Windows\Currentversion\Internet Settings: "Proxyenable" = 0
========== Firefox ==========
Ff - Prefs.Js..Extensions.Enabledaddons: Wrc%40Avast.Com:8.0.1489
Ff - Prefs.Js..Extensions.Enabledaddons: Pdnfirefox%403M.Com:5.3.0.0002
Ff - Prefs.Js..Extensions.Enabledaddons: Artur.Dubovoy%40Gmail.Com:3.9.6
Ff - Prefs.Js..Extensions.Enabledaddons: %7Bada4B710-8346-4B82-8199-5De2B400A6Ae%7D:2.1.2
Ff - Prefs.Js..Extensions.Enabledaddons: Isreaditlater%40Ideashower.Com:3.0.4
Ff - Prefs.Js..Extensions.Enabledaddons: Casechanger%40Plugin:2.0.0.18
Ff - Prefs.Js..Extensions.Enabledaddons: Webbooster%40Iminent.Com:7.36.1.1
Ff - Prefs.Js..Extensions.Enabledaddons: %7B972Ce4C6-7E08-4474-A285-3208198Ce6Fd%7D:23.0.1
Ff - User.Js - File Not Found
Ff:64Bit: - Hklm\Software\Mozillaplugins\@Adobe.Com/Flashplayer: C:\Windows\System32\Macromed\Flash\Npswf64_11_8_800_168.Dll File Not Found
Ff:64Bit: - Hklm\Software\Mozillaplugins\@Microsoft.Com/Genuine: Disabled File Not Found
Ff:64Bit: - Hklm\Software\Mozillaplugins\@Microsoft.Com/Npctrl,Version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\Npctrl.Dll ( Microsoft Corporation)
Ff:64Bit: - Hklm\Software\Mozillaplugins\@Microsoft.Com/Officeauthz,Version=14.0: C:\Progra~1\Micros~2\Office14\Npauthz.Dll (Microsoft Corporation)
Ff - Hklm\Software\Mozillaplugins\@Adobe.Com/Flashplayer: C:\Windows\Syswow64\Macromed\Flash\Npswf32_11_8_800_168.Dll ()
Ff - Hklm\Software\Mozillaplugins\@Foxitsoftware.Com/Foxit Reader Plugin,Version=1.0,Application/Pdf: C:\Program Files (X86)\Foxit Software\Foxit Reader\Plugins\Npfoxitreaderplugin.Dll (Foxit Corporation)
Ff - Hklm\Software\Mozillaplugins\@Foxitsoftware.Com/Foxit Reader Plugin,Version=1.0,Application/Vnd.Fdf: C:\Program Files (X86)\Foxit Software\Foxit Reader\Plugins\Npfoxitreaderplugin.Dll (Foxit Corporation)
Ff - Hklm\Software\Mozillaplugins\@Microsoft.Com/Genuine: Disabled File Not Found
Ff - Hklm\Software\Mozillaplugins\@Microsoft.Com/Npctrl,Version=1.0: C:\Program Files (X86)\Microsoft Silverlight\5.1.20513.0\Npctrl.Dll ( Microsoft Corporation)
Ff - Hklm\Software\Mozillaplugins\@Microsoft.Com/Officeauthz,Version=14.0: C:\Progra~2\Micros~1\Office14\Npauthz.Dll (Microsoft Corporation)
Ff - Hklm\Software\Mozillaplugins\@Microsoft.Com/Sharepoint,Version=14.0: C:\Progra~2\Micros~1\Office14\Npspwrap.Dll (Microsoft Corporation)
Ff - Hklm\Software\Mozillaplugins\@Microsoft.Com/Wlpg,Version=15.4.3502.0922: C:\Program Files (X86)\Windows Live\Photo Gallery\Npwlpg.Dll File Not Found
Ff - Hklm\Software\Mozillaplugins\@Nitropdf.Com/Nitropdf: C:\Program Files (X86)\Nitro\Pro 8\Npnitromozilla.Dll (Nitro Pdf)
Ff - Hklm\Software\Mozillaplugins\@Nvidia.Com/3Dvision: C:\Program Files (X86)\Nvidia Corporation\3D Vision\Npnv3Dv.Dll (Nvidia Corporation)
Ff - Hklm\Software\Mozillaplugins\@Nvidia.Com/3Dvisionstreaming: C:\Program Files (X86)\Nvidia Corporation\3D Vision\Npnv3Dvstreaming.Dll (Nvidia Corporation)
Ff - Hklm\Software\Mozillaplugins\@Tools.Google.Com/Google Update;Version=3: C:\Program Files (X86)\Google\Update\1.3.21.153\Npgoogleupdate3.Dll (Google Inc.)
Ff - Hklm\Software\Mozillaplugins\@Tools.Google.Com/Google Update;Version=9: C:\Program Files (X86)\Google\Update\1.3.21.153\Npgoogleupdate3.Dll (Google Inc.)
Ff - Hkey_Local_Machine\Software\Mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Avast Software\Avast\Webrep\Ff [2013/06/12 18:18:03 | 000,000,000 | ---D | M]
Ff - Hkey_Local_Machine\Software\Mozilla\Mozilla Firefox 23.0.1\Extensions\\Components: C:\Program Files (X86)\Mozilla Firefox\Components
Ff - Hkey_Local_Machine\Software\Mozilla\Mozilla Firefox 23.0.1\Extensions\\Plugins: C:\Program Files (X86)\Mozilla Firefox\Plugins
[2012/10/19 22:29:29 | 000,000,000 | ---D | M] (No Name Found) -- C:\Users\Mike\Appdata\Roaming\Mozilla\Extensions
[2013/09/12 17:37:34 | 000,000,000 | ---D | M] (No Name Found) -- C:\Users\Mike\Appdata\Roaming\Mozilla\Firefox\Profiles\8Pslopri.Default\Extensions
[2013/09/05 12:21:29 | 000,000,000 | ---D | M] (Reminderfox) -- C:\Users\Mike\Appdata\Roaming\Mozilla\Firefox\Profiles\8Pslopri.Default\Extensions\{Ada4B710-8346-4B82-8199-5De2B400A6Ae}
[2013/09/05 12:21:29 | 000,000,000 | ---D | M] (Pocket) -- C:\Users\Mike\Appdata\Roaming\Mozilla\Firefox\Profiles\8Pslopri.Default\Extensions\[email protected]
[2013/09/04 10:56:38 | 000,332,487 | ---- | M] () (No Name Found) -- C:\Users\Mike\Appdata\Roaming\Mozilla\Firefox\Profiles\8Pslopri.Default\Extensions\[email protected]
[2013/09/05 12:21:29 | 000,027,194 | ---- | M] () (No Name Found) -- C:\Users\Mike\Appdata\Roaming\Mozilla\Firefox\Profiles\8Pslopri.Default\Extensions\[email protected]
[2013/09/04 10:56:38 | 000,355,782 | ---- | M] () (No Name Found) -- C:\Users\Mike\Appdata\Roaming\Mozilla\Firefox\Profiles\8Pslopri.Default\Extensions\[email protected]
[2013/09/02 12:48:27 | 000,000,000 | ---D | M] (No Name Found) -- C:\Program Files (X86)\Mozilla Firefox\Extensions
[2013/08/07 05:22:27 | 000,000,000 | ---D | M] (No Name Found) -- C:\Program Files (X86)\Mozilla Firefox\Browser\Extensions
[2013/08/18 09:56:02 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (X86)\Mozilla Firefox\Browser\Extensions\{972Ce4C6-7E08-4474-A285-3208198Ce6Fd}
[2013/08/17 06:41:33 | 000,000,000 | ---D | M] (No Name Found) -- C:\Program Files (X86)\Mozilla Firefox\Updated\Extensions
[2013/08/17 06:41:30 | 000,000,000 | ---D | M] (No Name Found) -- C:\Program Files (X86)\Mozilla Firefox\Updated\Browser\Extensions
[2013/08/17 06:41:55 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (X86)\Mozilla Firefox\Updated\Browser\Extensions\{972Ce4C6-7E08-4474-A285-3208198Ce6Fd}
[2013/07/31 15:58:32 | 000,000,000 | ---D | M] (Post-It® Digital Notes) -- C:\Program Files (X86)\3M\Pdnotes\Pdnfirefoxbookmarkextension
[2013/06/12 18:18:03 | 000,000,000 | ---D | M] (Avast! Online Security) -- C:\Program Files\Avast Software\Avast\Webrep\Ff
File Not Found (No Name Found) -- C:\Users\Mike\Appdata\Roaming\Mozilla\Firefox\Profiles\8Pslopri.Default\Extensions\[email protected]
========== Chrome ==========
Chr - Homepage:
Chr - Default_Search_Provider: ()
Chr - Default_Search_Provider: Search_Url =
Chr - Default_Search_Provider: Suggest_Url =
Chr - Homepage:
O1 Hosts File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\Sysnative\Drivers\Etc\Hosts
O2:64Bit: - Bho: (Avast! Online Security) - {318A227B-5E9F-45Bd-8999-7F8F10Ca4Cf5} - C:\Program Files\Avast Software\Avast\Aswwebrepie64.Dll (Avast Software)
O2 - Bho: (Avast! Online Security) - {8E5E2654-Ad2D-48Bf-Ac2D-D17F00898D06} - C:\Program Files\Avast Software\Avast\Aswwebrepie.Dll (Avast Software)
O3:64Bit: - Hklm\..\Toolbar: (Avast! Online Security) - {318A227B-5E9F-45Bd-8999-7F8F10Ca4Cf5} - C:\Program Files\Avast Software\Avast\Aswwebrepie64.Dll (Avast Software)
O3 - Hklm\..\Toolbar: (Avast! Online Security) - {8E5E2654-Ad2D-48Bf-Ac2D-D17F00898D06} - C:\Program Files\Avast Software\Avast\Aswwebrepie.Dll (Avast Software)
O4:64Bit: - Hklm..\Run: [Acronis Scheduler2 Service] C:\Program Files (X86)\Common Files\Acronis\Schedule2\Schedhlp.Exe (Acronis)
O4:64Bit: - Hklm..\Run: [Comodo Internet Security] C:\Program Files\Comodo\Comodo Internet Security\Cfp.Exe (Comodo)
O4 - Hklm..\Run: [Acronistibmountermonitor] C:\Program Files (X86)\Common Files\Acronis\Tibmounter\Tibmountermonitor.Exe (Acronis)
O4 - Hklm..\Run: [Avast] C:\Program Files\Avast Software\Avast\Avastui.Exe (Avast Software)
O4 - Hklm..\Run: [Keyscrambler] C:\Program Files (X86)\Keyscrambler\Keyscrambler.Exe (Qfx Software Corporation)
O4 - Hklm..\Run: [Trueimagemonitor.Exe] C:\Program Files (X86)\Acronis\Trueimagehome\Trueimagemonitor.Exe (Acronis)
O4 - Hklm..\Run: [Tvncontrol] C:\Program Files (X86)\Common Files\Comodo\Geekbuddyrsp.Exe (Comodo Security Solutions, Inc.)
O4 - Hkcu..\Run: [Epson Stylus Photo R285 Series (Copy 1)] C:\Windows\System32\Spool\Drivers\X64\3\E_Iaticke.Exe /Fu "C:\Windows\Temp\E_S2B73.Tmp" /Ef "Hkcu" File Not Found
O4 - Hkcu..\Run: [Power Notes] C:\Program Files (X86)\Power Soft\Power Notes\Notes.Exe (Power Soft)
O4 - Hkcu..\Run: [Sandboxiecontrol] C:\Program Files\Sandboxie\Sbiectrl.Exe (Sandboxie L.T.D)
O4 - Hkcu..\Run: [Superantispyware] C:\Program Files\Superantispyware\Superantispyware.Exe (Superantispyware)
O6 - Hklm\Software\Microsoft\Windows\Currentversion\Policies\Explorer: Noactivedesktop = 1
O6 - Hklm\Software\Microsoft\Windows\Currentversion\Policies\Explorer: Noactivedesktopchanges = 1
O6 - Hklm\Software\Microsoft\Windows\Currentversion\Policies\System: Consentpromptbehavioradmin = 0
O6 - Hklm\Software\Microsoft\Windows\Currentversion\Policies\System: Consentpromptbehavioruser = 0
O6 - Hklm\Software\Microsoft\Windows\Currentversion\Policies\System: Enablelua = 0
O6 - Hklm\Software\Microsoft\Windows\Currentversion\Policies\System: Promptonsecuredesktop = 0
O6 - Hklm\Software\Microsoft\Windows\Currentversion\Policies\System: Enablelinkedconnections = 1
O7 - Hkcu\Software\Microsoft\Windows\Currentversion\Policies\Explorer: Nodrivetypeautorun = 145
O8:64Bit: - Extra Context Menu Item: Create A Post-It® Note - C:\Program Files (X86)\3M\Pdnotes\\Psnbookmark.Html ()
O8 - Extra Context Menu Item: Create A Post-It® Note - C:\Program Files (X86)\3M\Pdnotes\\Psnbookmark.Html ()
O1364Bit: - Gopher Prefix: Missing
O13 - Gopher Prefix: Missing
O17 - Hklm\System\Ccs\Services\Tcpip\Parameters: Dhcpnameserver = 192.168.1.254
O17 - Hklm\System\Ccs\Services\Tcpip\Parameters\Interfaces\{A12D1C77-005F-4B80-97Df-5Fcaf46D0B38}: Dhcpnameserver = 192.168.1.254
O18:64Bit: - Protocol\Handler\Ms-Help - No Clsid Value Found
O18:64Bit: - Protocol\Handler\Wlmailhtml - No Clsid Value Found
O20:64Bit: - Appinit_Dlls: (C:\Windows\System32\Guard64.Dll) - C:\Windows\Sysnative\Guard64.Dll (Comodo)
O20 - Appinit_Dlls: (C:\Windows\Syswow64\Guard32.Dll) - C:\Windows\Syswow64\Guard32.Dll (Comodo)
O20:64Bit: - Hklm Winlogon: Shell - (Explorer.Exe) - C:\Windows\Explorer.Exe (Microsoft Corporation)
O20:64Bit: - Hklm Winlogon: Userinit - (C:\Windows\System32\Userinit.Exe) - C:\Windows\Sysnative\Userinit.Exe (Microsoft Corporation)
O20 - Hklm Winlogon: Shell - (Explorer.Exe) - C:\Windows\Syswow64\Explorer.Exe (Microsoft Corporation)
O20 - Hklm Winlogon: Userinit - (Userinit.Exe) - C:\Windows\Syswow64\Userinit.Exe (Microsoft Corporation)
O20:64Bit: - Winlogon\Notify\Gotoassist: Dllname - (C:\Program Files (X86)\Citrix\Gotoassist\570\G2Awinlogon_X64.Dll) - C:\Program Files (X86)\Citrix\Gotoassist\570\G2Awinlogon_X64.Dll (Citrix Online, A Division Of Citrix Systems, Inc.)
O21:64Bit: - Ssodl: Webcheck - {E6Fb5E20-De35-11Cf-9C87-00Aa005127Ed} - No Clsid Value Found.
O21 - Ssodl: Webcheck - {E6Fb5E20-De35-11Cf-9C87-00Aa005127Ed} - No Clsid Value Found.
O22:64Bit: - Sharedtaskscheduler: {1984Dd45-52Cf-49Cd-Ab77-18F378Fea264} - Fencesshellext - C:\Program Files\Stardock\Fences Pro\Fencesmenu64.Dll (Stardock)
O32 - Hklm Cdrom: Autorun - 1
O32 - Autorun File - [2012/02/24 05:02:32 | 000,000,037 | ---- | M] () - G:\Autorun.Inf -- [ Ntfs ]
O34 - Hklm Bootexecute: (Autocheck Autochk *)
O35:64Bit: - Hklm\..Comfile [Open] -- "%1" %*
O35:64Bit: - Hklm\..Exefile [Open] -- "%1" %*
O35 - Hklm\..Comfile [Open] -- "%1" %*
O35 - Hklm\..Exefile [Open] -- "%1" %*
O37:64Bit: - Hklm\...Com [@ = Comfile] -- "%1" %*
O37:64Bit: - Hklm\...Exe [@ = Exefile] -- "%1" %*
O37 - Hklm\...Com [@ = Comfile] -- "%1" %*
O37 - Hklm\...Exe [@ = Exefile] -- "%1" %*
O38 - Subsystems\\Windows: (Serverdll=Winsrv:Userserverdllinitialization,3)
O38 - Subsystems\\Windows: (Serverdll=Winsrv:Conserverdllinitialization,2)
O38 - Subsystems\\Windows: (Serverdll=Sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/09/13 05:55:29 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2013/09/13 00:12:17 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/09/13 00:07:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/09/13 00:07:45 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Microsoft Silverlight
[2013/09/12 19:47:09 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Windows Live
[2013/09/11 04:06:25 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Roaming\Openoffice
[2013/09/10 11:07:56 | 000,000,000 | ---D | C] -- C:\Users\Mike\Desktop\Emoticons_Files
[2013/09/09 15:30:10 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\Restore_Point_Creator
[2013/09/09 14:48:38 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Iminent
[2013/09/09 14:45:42 | 000,000,000 | ---D | C] -- C:\Programdata\Dsearchlink
[2013/09/09 14:42:22 | 000,000,000 | ---D | C] -- C:\Programdata\Babylon
[2013/09/09 13:55:40 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Restore Point Creator
[2013/09/09 13:55:40 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Restore Point Creator
[2013/09/09 12:52:08 | 000,000,000 | ---D | C] -- C:\Programdata\Mindgems
[2013/09/09 12:52:08 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Folder Size
[2013/09/09 12:52:08 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Folder Size
[2013/09/09 12:46:57 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\7-Zip
[2013/09/09 00:14:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Microsoft
[2013/09/09 00:03:41 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Msecache
[2013/09/08 23:41:23 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Sharepoint
[2013/09/08 23:41:21 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/09/08 23:37:24 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Microsoft Synchronization Services
[2013/09/08 23:37:15 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Common Files\Designer
[2013/09/08 23:35:40 | 000,000,000 | ---D | C] -- C:\Windows\Pchealth
[2013/09/08 23:35:40 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Microsoft Sync Framework
[2013/09/08 23:35:40 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Microsoft Sql Server Compact Edition
[2013/09/08 23:30:55 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Microsoft Visual Studio 8
[2013/09/08 23:30:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/09/08 23:29:12 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Microsoft Analysis Services
[2013/09/08 23:29:01 | 000,000,000 | ---D | C] -- C:\Windows\Shellnew
[2013/09/08 23:28:34 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\Microsoft Help
[2013/09/08 23:27:47 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Microsoft Office
[2013/09/08 23:27:41 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft Help
[2013/09/08 23:27:21 | 000,000,000 | Rh-D | C] -- C:\Msocache
[2013/09/08 23:22:27 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013/09/08 23:22:22 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013/09/08 14:35:12 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Teamviewer
[2013/09/07 22:13:49 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\Windows Live
[2013/09/07 10:42:57 | 000,000,000 | ---D | C] -- C:\Users\Mike\Documents\Ps Power Notes
[2013/09/07 10:28:10 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{Acbd3E2C-Fd4B-4D90-B84D-E783E0Ff2009}
[2013/09/07 00:53:44 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Power Soft
[2013/09/06 22:27:59 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{A37D5577-D614-49E4-B9Cd-327670Bcfdf7}
[2013/09/06 10:27:48 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{F8D17050-6399-4E1E-8D5B-9E860493C2A8}
[2013/09/05 22:27:37 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{34A84D9E-F179-4Ffd-8C76-23A2394Af7A5}
[2013/09/05 10:27:15 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{38047Fb9-29A5-4Dcc-B5E1-Fef594De3A74}
[2013/09/04 22:26:52 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{A722486C-4C35-4F66-Ae44-69Fa4Ded2C1D}
[2013/09/04 21:02:41 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Roaming\Epson
[2013/09/04 10:26:30 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{2504575F-F1Fb-4669-9819-4Fca32Dc31Ba}
[2013/09/03 22:26:08 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{F40727B4-69B2-4B1E-A156-Abe04Df5Ff6B}
[2013/09/03 10:25:46 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{4E5Df793-Ab9B-4078-9A0C-916950742C75}
[2013/09/02 22:25:24 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{Ccdfe6F2-3107-4376-9F66-0777425C27A9}
[2013/09/02 14:16:26 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Epson Software
[2013/09/02 14:16:26 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Epson Software
[2013/09/02 14:10:20 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Roaming\Installshield
[2013/09/02 14:09:56 | 000,000,000 | ---D | C] -- C:\Programdata\Epson
[2013/09/02 14:09:35 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Epson
[2013/09/02 10:25:00 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{C8Ad54C6-457A-4E21-B18E-E228713F40F4}
[2013/09/02 09:24:20 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\Trusteer
[2013/09/02 09:24:12 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
[2013/09/02 09:23:49 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Trusteer
[2013/09/02 09:22:12 | 000,000,000 | ---D | C] -- C:\Programdata\Trusteer
[2013/09/01 23:44:17 | 000,000,000 | ---D | C] -- C:\Users\Mike\Documents\Ps Freebie Notes
[2013/09/01 23:37:02 | 000,000,000 | ---D | C] -- C:\Programdata\Power Soft
[2013/09/01 23:36:53 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Power Soft
[2013/09/01 22:24:49 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{A91937B5-8D7D-41C2-9C3E-Bc302B950A0A}
[2013/09/01 10:24:39 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{640E3A2E-85E5-40A9-9A7B-Bed9449Cb21A}
[2013/08/31 22:24:28 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{6Eb1770E-32C6-4Db0-8Fd2-1C052B1A2B76}
[2013/08/31 10:24:17 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{E6D73B56-904D-4Def-9916-0E1C3B61C154}
[2013/08/30 22:24:06 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{Bd1Eff2B-1Ba7-4Fa6-9654-008232682Ab7}
[2013/08/30 10:23:56 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{Dbd6Ebcb-8F04-41Bf-A45E-F3Aed8D5D92F}
[2013/08/29 23:41:28 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Roaming\Donationcoder
[2013/08/29 23:41:26 | 000,000,000 | ---D | C] -- C:\Users\Mike\Documents\Donationcoder
[2013/08/29 22:23:33 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{0B5040A5-F3E1-4576-B836-1742Df5Ff7A3}
[2013/08/29 21:19:07 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[2013/08/29 21:18:50 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Foxit Software
[2013/08/29 19:27:50 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Screenshotcaptor
[2013/08/29 19:27:47 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Screenshotcaptor
[2013/08/29 19:27:47 | 000,000,000 | ---D | C] -- C:\Programdata\Donationcoder
[2013/08/29 10:23:11 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{E360482A-3560-4474-B2F6-7367A0D8C074}
[2013/08/28 23:47:55 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Roaming\Acronis
[2013/08/28 23:45:11 | 000,000,000 | ---D | C] -- C:\Programdata\Acronis
[2013/08/28 23:43:46 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Acronis
[2013/08/28 23:42:45 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Common Files\Acronis
[2013/08/28 23:42:45 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Acronis
[2013/08/28 22:22:48 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{83757A5C-235C-4105-B2Fa-7241Bc1B6B7A}
[2013/08/28 10:22:25 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{5E47Af30-8Fe3-4378-Ad57-144Dab1F15E3}
[2013/08/27 22:22:03 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{B2D28Cbd-5Eef-4B3B-Af10-C48253Ac5Cdd}
[2013/08/27 10:26:32 | 000,000,000 | ---D | C] -- C:\Program Files\Ccleaner
[2013/08/27 10:21:41 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{4F04Fcfe-Df74-45A6-9211-F25C7Bac9B95}
[2013/08/27 09:11:41 | 000,000,000 | ---D | C] -- C:\Programdata\Vs Revo Group
[2013/08/26 22:21:17 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{7C12Ad38-F6Ad-440D-Ad04-07B7Cec60611}
[2013/08/26 10:21:04 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{7323Cd84-392F-4A17-B626-7De5418A4295}
[2013/08/25 22:20:41 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{4505Fa1B-6F01-4372-8643-27C60006E95F}
[2013/08/25 10:20:20 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{36F503Ee-5A66-4Dc2-88Cf-48609115Fbd0}
[2013/08/24 22:19:45 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{45F05Db2-E47B-4581-B719-1A74D4Fd0Feb}
[2013/08/24 21:56:18 | 000,000,000 | ---D | C] -- C:\Program Files\Epson
[2013/08/24 10:19:22 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{8Ea47Bec-8F87-448C-A943-A462F211801E}
[2013/08/23 22:19:00 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{E4C67811-3573-4A0A-A751-0609Da851Db1}
[2013/08/23 10:18:25 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{A6195915-38C9-4C92-B30C-81Fe3Cd5Cc11}
[2013/08/22 22:17:49 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{2290Bb01-5Ad3-41B9-9B53-F00100Dbe756}
[2013/08/22 10:17:14 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{B1662E42-A370-4D52-B1E0-A8C8B8C81C95}
[2013/08/22 04:45:34 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Easeus Partition Master 9.2.2
[2013/08/21 22:16:39 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{4D5Cb68A-6898-4E64-Be24-277B68A0Cf70}
[2013/08/21 16:14:35 | 000,000,000 | ---D | C] -- C:\Program Files (X86)\Easeus
[2013/08/21 14:58:41 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Roaming\Leadertech
[2013/08/21 14:25:21 | 000,000,000 | ---D | C] -- C:\Programdata\Logishrd
[2013/08/21 14:25:19 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Logitech
[2013/08/21 14:24:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd
[2013/08/21 10:16:02 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{Fb704710-43F8-444D-A50C-C32Dd973Eb2D}
[2013/08/20 22:15:41 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{81Cb6196-Bff6-43B4-B571-26827C3D5151}
[2013/08/20 10:15:04 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{03Aabcc5-7Df9-4D9C-Bb8D-9D6Bbf8E9Bb7}
[2013/08/19 22:14:52 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{C46Fd129-E24A-45Bc-B50C-D5B177Ad22D5}
[2013/08/19 10:14:28 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{38701Cef-E714-4540-8838-Fb4A43Ed191D}
[2013/08/18 22:14:05 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{41Ac8C81-F10F-48Dc-B14F-F40Bdfc1Be1B}
[2013/08/18 10:13:42 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{8F671648-0Dfc-4Deb-933E-7Baa5283Fa42}
[2013/08/17 22:13:18 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{C15B5Ec4-A8Bd-4225-8D4F-F0562B26F728}
[2013/08/17 16:38:18 | 000,000,000 | ---D | C] -- C:\Users\Mike\Desktop\Malware Removal Tools
[2013/08/17 10:12:55 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{1878519C-B229-486E-937A-B64496A6F2D6}
[2013/08/17 02:49:17 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{6864D03A-Ab6D-45B2-Bcbd-5Dc326B62E22}
[2013/08/17 00:38:29 | 000,000,000 | ---D | C] -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Speccy
[2013/08/17 00:36:01 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Roaming\Nitro Pdf
[2013/08/16 21:35:53 | 000,000,000 | ---D | C] -- C:\Users\Mike\Desktop\Setting Up A Win7_Win8 Dual-Boot System_Files
[2013/08/16 19:33:17 | 000,000,000 | ---D | C] -- C:\Programdata\Genie9
[2013/08/16 14:48:55 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{073A427D-8871-4D86-8D43-F4Cad8C78Ad1}
[2013/08/16 02:48:31 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{B10D7582-Fb6C-42Ea-A577-4650Afa3D82E}
[2013/08/15 14:48:08 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{2Dbe479C-6642-4107-A7C2-35Aafb66D792}
[2013/08/15 03:06:13 | 000,000,000 | ---D | C] -- C:\Windows\Sysnative\Mrt
[2013/08/15 02:47:32 | 000,000,000 | ---D | C] -- C:\Users\Mike\Appdata\Local\{Fcba86Cb-3C22-4F21-9E95-Bd1Aadbf81Aa}
========== Files - Modified Within 30 Days ==========
[2013/09/13 16:52:02 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.Job
[2013/09/13 16:35:01 | 000,000,894 | ---- | M] () -- C:\Windows\Tasks\Googleupdatetaskmachineua.Job
[2013/09/13 14:35:01 | 000,000,890 | ---- | M] () -- C:\Windows\Tasks\Googleupdatetaskmachinecore.Job
[2013/09/13 12:30:38 | 000,020,496 | -H-- | M] () -- C:\Windows\Sysnative\7B296Fb0-376B-497E-B012-9C450E1B7327-5P-1.C7483456-A289-439D-8115-601632D005A0
[2013/09/13 12:30:38 | 000,020,496 | -H-- | M] () -- C:\Windows\Sysnative\7B296Fb0-376B-497E-B012-9C450E1B7327-5P-0.C7483456-A289-439D-8115-601632D005A0
[2013/09/13 12:22:26 | 000,067,584 | --S- | M] () -- C:\Windows\Bootstat.Dat
[2013/09/13 12:22:17 | 2095,308,799 | -Hs- | M] () -- C:\Hiberfil.Sys
[2013/09/13 10:30:37 | 000,004,727 | ---- | M] () -- C:\Users\Mike\Desktop\Everything.Ini
[2013/09/13 09:36:01 | 000,000,508 | ---- | M] () -- C:\Windows\Tasks\Superantispyware Scheduled Task D70E1027-9250-4D73-Bc0D-64B2D1Fc2341.Job
[2013/09/13 08:51:28 | 000,001,581 | ---- | M] () -- C:\Users\Mike\Desktop\System Ninja.Exe - Shortcut.Lnk
[2013/09/13 08:30:07 | 002,220,841 | ---- | M] () -- C:\Users\Mike\Desktop\Everything.Db
[2013/09/13 08:24:59 | 000,001,721 | ---- | M] () -- C:\Users\Mike\Desktop\Reminder.Exe - Shortcut.Lnk
[2013/09/13 06:17:12 | 000,001,458 | ---- | M] () -- C:\Users\Mike\Desktop\Windows Live Mail.Lnk
[2013/09/13 02:00:01 | 000,000,508 | ---- | M] () -- C:\Windows\Tasks\Superantispyware Scheduled Task 3Be760De-62Ce-40A4-9Dc2-469De9D183Ef.Job
[2013/09/13 00:20:42 | 000,001,674 | ---- | M] () -- C:\Windows\Sandboxie.Ini
[2013/09/12 17:37:51 | 000,000,866 | ---- | M] () -- C:\Windows\Syswow64\Installutil.Installlog
[2013/09/12 13:56:32 | 000,436,432 | ---- | M] () -- C:\Windows\Sysnative\Fntcache.Dat
[2013/09/12 13:08:41 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\Avast! Pro Antivirus.Lnk
[2013/09/12 13:08:32 | 000,000,000 | ---- | M] () -- C:\Windows\Syswow64\Config.Nt
[2013/09/10 23:05:56 | 000,000,000 | -H-- | M] () -- C:\Users\Mike\Documents\Default.Rdp
[2013/09/10 13:44:12 | 000,007,334 | ---- | M] () -- C:\Users\Mike\Desktop\New Opendocument Text.Odt
[2013/09/10 11:07:59 | 000,017,149 | ---- | M] () -- C:\Users\Mike\Desktop\Emoticons.Htm
[2013/09/10 06:56:55 | 000,001,476 | ---- | M] () -- C:\Users\Mike\Desktop\Power-Notes.Lnk
[2013/09/09 13:55:41 | 000,001,167 | ---- | M] () -- C:\Users\Public\Desktop\Restore Point Creator.Lnk
[2013/09/09 12:52:09 | 000,001,042 | ---- | M] () -- C:\Users\Mike\Desktop\Folder Size.Lnk
[2013/09/09 06:53:10 | 000,003,029 | ---- | M] () -- C:\Users\Mike\Desktop\Microsoft Outlook 2010.Lnk
[2013/09/09 00:14:27 | 000,001,135 | ---- | M] () -- C:\Users\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.Lnk
[2013/09/09 00:02:26 | 000,734,810 | ---- | M] () -- C:\Windows\Syswow64\Perfstringbackup.Ini
[2013/09/09 00:02:26 | 000,630,928 | ---- | M] () -- C:\Windows\Sysnative\Perfh009.Dat
[2013/09/09 00:02:26 | 000,111,052 | ---- | M] () -- C:\Windows\Sysnative\Perfc009.Dat
[2013/09/08 15:01:10 | 000,001,166 | ---- | M] () -- C:\Users\Public\Desktop\Teamviewer 7.Lnk
[2013/09/08 10:34:49 | 000,033,193 | ---- | M] () -- C:\Users\Mike\Appdata\Roaming\Usertile.Png
[2013/09/08 10:12:56 | 000,078,915 | ---- | M] () -- C:\Users\Mike\Desktop\X86B4New Win7.Png
[2013/09/07 22:03:10 | 000,000,020 | ---- | M] () -- C:\Windows\Äød
[2013/09/02 14:16:51 | 000,000,858 | ---- | M] () -- C:\Users\Public\Desktop\Print Cd.Lnk
[2013/08/30 07:49:47 | 000,001,002 | ---- | M] () -- C:\Users\Mike\Desktop\Sandboxed Web Browser.Lnk
[2013/08/30 07:49:47 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\Ccleaner Pro.Lnk
[2013/08/30 07:49:47 | 000,000,840 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.Lnk
[2013/08/30 07:49:46 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\Super Antispyware Pro.Lnk
[2013/08/30 07:49:46 | 000,001,458 | ---- | M] () -- C:\Users\Mike\Desktop\Epm_Winpe - Shortcut.Lnk
[2013/08/29 23:41:28 | 000,000,058 | ---- | M] () -- C:\Windows\Syswow64\Donationcoder_Screenshotcaptor_Installinfo.Dat
[2013/08/29 23:41:28 | 000,000,058 | ---- | M] () -- C:\Users\Mike\Appdata\Local\Donationcoder_Screenshotcaptor_Installinfo.Dat
[2013/08/29 21:19:08 | 000,002,054 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.Lnk
[2013/08/29 19:27:50 | 000,001,107 | ---- | M] () -- C:\Users\Mike\Desktop\Screenshot Captor.Lnk
[2013/08/28 23:43:48 | 000,001,205 | ---- | M] () -- C:\Users\Public\Desktop\Acronis True Image 2014.Lnk
[2013/08/27 09:20:17 | 000,001,121 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.Lnk
[2013/08/25 01:18:08 | 000,000,910 | ---- | M] () -- C:\Users\Mike\Desktop\Trusteer - Shortcut.Lnk
[2013/08/25 01:12:30 | 000,000,938 | ---- | M] () -- C:\Users\Mike\Desktop\Keyscrambler - Shortcut.Lnk
[2013/08/22 04:45:34 | 000,001,395 | ---- | M] () -- C:\Users\Public\Desktop\Easeus Partition Master 9.2.2.Lnk
[2013/08/21 14:58:13 | 000,726,316 | ---- | M] () -- C:\Windows\Sysnative\Perfstringbackup.Ini
[2013/08/21 14:23:59 | 000,001,191 | ---- | M] () -- C:\Users\Mike\Desktop\Downloads.Lnk
[2013/08/20 15:54:08 | 000,001,132 | ---- | M] () -- C:\Users\Mike\Documents\Thingstodo.Rtf
[2013/08/19 16:21:43 | 000,003,218 | ---- | M] () -- C:\Users\Mike\Desktop\Avastlicense_16265891.Avastlic
[2013/08/17 16:38:22 | 000,047,977 | ---- | M] () -- C:\Users\Mike\Desktop\Malware Removal Tools .Htm
[2013/08/17 16:36:35 | 000,042,275 | ---- | M] () -- C:\Users\Mike\Desktop\Setting Up A Win7_Win8 Dual-Boot System.Htm
[2013/08/17 10:32:30 | 000,002,019 | ---- | M] () -- C:\Users\Mike\Desktop\Things Todo.Lnk
[2013/08/15 22:47:41 | 000,008,716 | ---- | M] () -- C:\Users\Mike\Documents\Fluid Flow.Rtf
========== Files Created - No Company Name ==========
[2013/09/13 10:30:37 | 000,004,727 | ---- | C] () -- C:\Users\Mike\Desktop\Everything.Ini
[2013/09/13 08:51:28 | 000,001,581 | ---- | C] () -- C:\Users\Mike\Desktop\System Ninja.Exe - Shortcut.Lnk
[2013/09/13 08:30:04 | 002,220,841 | ---- | C] () -- C:\Users\Mike\Desktop\Everything.Db
[2013/09/13 08:24:59 | 000,001,721 | ---- | C] () -- C:\Users\Mike\Desktop\Reminder.Exe - Shortcut.Lnk
[2013/09/13 06:17:12 | 000,001,458 | ---- | C] () -- C:\Users\Mike\Desktop\Windows Live Mail.Lnk
[2013/09/12 19:48:35 | 000,001,458 | ---- | C] () -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.Lnk
[2013/09/10 23:05:56 | 000,000,000 | -H-- | C] () -- C:\Users\Mike\Documents\Default.Rdp
[2013/09/10 13:44:12 | 000,007,334 | ---- | C] () -- C:\Users\Mike\Desktop\New Opendocument Text.Odt
[2013/09/10 11:07:56 | 000,017,149 | ---- | C] () -- C:\Users\Mike\Desktop\Emoticons.Htm
[2013/09/10 06:56:55 | 000,001,476 | ---- | C] () -- C:\Users\Mike\Desktop\Power-Notes.Lnk
[2013/09/09 14:50:10 | 000,000,866 | ---- | C] () -- C:\Windows\Syswow64\Installutil.Installlog
[2013/09/09 13:55:41 | 000,001,167 | ---- | C] () -- C:\Users\Public\Desktop\Restore Point Creator.Lnk
[2013/09/09 12:52:09 | 000,001,042 | ---- | C] () -- C:\Users\Mike\Desktop\Folder Size.Lnk
[2013/09/09 06:53:10 | 000,003,029 | ---- | C] () -- C:\Users\Mike\Desktop\Microsoft Outlook 2010.Lnk
[2013/09/09 00:14:27 | 000,001,135 | ---- | C] () -- C:\Users\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.Lnk
[2013/09/09 00:02:26 | 000,734,810 | ---- | C] () -- C:\Windows\Syswow64\Perfstringbackup.Ini
[2013/09/08 15:01:11 | 000,001,178 | ---- | C] () -- C:\Programdata\Microsoft\Windows\Start Menu\Programs\Teamviewer 7.Lnk
[2013/09/08 15:01:10 | 000,001,166 | ---- | C] () -- C:\Users\Public\Desktop\Teamviewer 7.Lnk
[2013/09/08 10:34:49 | 000,033,193 | ---- | C] () -- C:\Users\Mike\Appdata\Roaming\Usertile.Png
[2013/09/08 10:12:55 | 000,078,915 | ---- | C] () -- C:\Users\Mike\Desktop\X86B4New Win7.Png
[2013/09/07 22:03:09 | 000,000,020 | ---- | C] () -- C:\Windows\Äød
[2013/09/02 14:16:51 | 000,000,858 | ---- | C] () -- C:\Users\Public\Desktop\Print Cd.Lnk
[2013/09/02 14:10:25 | 000,000,097 | ---- | C] () -- C:\Windows\Syswow64\Picsdk.Ini
[2013/09/02 14:10:24 | 000,073,220 | ---- | C] () -- C:\Windows\Syswow64\Eppicprinterdb.Dat
[2013/09/02 14:10:24 | 000,031,053 | ---- | C] () -- C:\Windows\Syswow64\Eppicpattern131.Dat
[2013/09/02 14:10:24 | 000,029,114 | ---- | C] () -- C:\Windows\Syswow64\Eppicpattern1.Dat
[2013/09/02 14:10:24 | 000,027,417 | ---- | C] () -- C:\Windows\Syswow64\Eppicpattern121.Dat
[2013/09/02 14:10:24 | 000,021,021 | ---- | C] () -- C:\Windows\Syswow64\Eppicpattern3.Dat
[2013/09/02 14:10:24 | 000,015,670 | ---- | C] () -- C:\Windows\Syswow64\Eppicpattern5.Dat
[2013/09/02 14:10:24 | 000,013,280 | ---- | C] () -- C:\Windows\Syswow64\Eppicpattern2.Dat
[2013/09/02 14:10:24 | 000,010,673 | ---- | C] () -- C:\Windows\Syswow64\Eppicpattern4.Dat
[2013/09/02 14:10:24 | 000,004,943 | ---- | C] () -- C:\Windows\Syswow64\Eppicpattern6.Dat
[2013/09/02 14:10:24 | 000,001,140 | ---- | C] () -- C:\Windows\Syswow64\Eppicpresetdata_Pt.Dat
[2013/09/02 14:10:24 | 000,001,140 | ---- | C] () -- C:\Windows\Syswow64\Eppicpresetdata_Bp.Dat
[2013/09/02 14:10:24 | 000,001,137 | ---- | C] () -- C:\Windows\Syswow64\Eppicpresetdata_Es.Dat
[2013/09/02 14:10:24 | 000,001,130 | ---- | C] () -- C:\Windows\Syswow64\Eppicpresetdata_Fr.Dat
[2013/09/02 14:10:24 | 000,001,130 | ---- | C] () -- C:\Windows\Syswow64\Eppicpresetdata_Cf.Dat
[2013/09/02 14:10:24 | 000,001,104 | ---- | C] () -- C:\Windows\Syswow64\Eppicpresetdata_En.Dat
[2013/09/02 14:10:23 | 000,012,669 | ---- | C] () -- C:\Windows\Syswow64\Eppiclocal_En.Cfg
[2013/09/02 14:10:23 | 000,006,478 | ---- | C] () -- C:\Windows\Syswow64\Eppiclocal_Pt.Cfg
[2013/09/02 14:10:23 | 000,006,478 | ---- | C] () -- C:\Windows\Syswow64\Eppiclocal_Bp.Cfg
[2013/09/02 14:10:23 | 000,006,366 | ---- | C] () -- C:\Windows\Syswow64\Eppiclocal_Fr.Cfg
[2013/09/02 14:10:23 | 000,006,366 | ---- | C] () -- C:\Windows\Syswow64\Eppiclocal_Cf.Cfg
[2013/09/02 14:10:23 | 000,006,226 | ---- | C] () -- C:\Windows\Syswow64\Eppiclocal_Es.Cfg
[2013/08/30 08:26:58 | 160,223,232 | ---- | C] () -- C:\Users\Mike\Desktop\Easeus_Partition_Master_Image.Iso
[2013/08/29 23:41:28 | 000,000,058 | ---- | C] () -- C:\Windows\Syswow64\Donationcoder_Screenshotcaptor_Installinfo.Dat
[2013/08/29 23:41:28 | 000,000,058 | ---- | C] () -- C:\Users\Mike\Appdata\Local\Donationcoder_Screenshotcaptor_Installinfo.Dat
[2013/08/29 21:19:08 | 000,002,054 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.Lnk
[2013/08/29 21:19:07 | 000,216,064 | ---- | C] () -- C:\Windows\Syswow64\Gcapi_Dll.Dll
[2013/08/29 19:27:50 | 000,001,107 | ---- | C] () -- C:\Users\Mike\Desktop\Screenshot Captor.Lnk
[2013/08/28 23:43:48 | 000,001,205 | ---- | C] () -- C:\Users\Public\Desktop\Acronis True Image 2014.Lnk
[2013/08/25 01:18:08 | 000,000,910 | ---- | C] () -- C:\Users\Mike\Desktop\Trusteer - Shortcut.Lnk
[2013/08/25 01:12:30 | 000,000,938 | ---- | C] () -- C:\Users\Mike\Desktop\Keyscrambler - Shortcut.Lnk
[2013/08/22 04:45:34 | 000,001,395 | ---- | C] () -- C:\Users\Public\Desktop\Easeus Partition Master 9.2.2.Lnk
[2013/08/22 04:45:19 | 000,016,256 | ---- | C] () -- C:\Windows\Sysnative\Euepmgdi.Dll
[2013/08/22 04:45:18 | 003,376,640 | ---- | C] () -- C:\Windows\Sysnative\Bootman.Exe
[2013/08/22 04:45:18 | 002,498,216 | ---- | C] () -- C:\Windows\Syswow64\Bootman.Exe
[2013/08/22 04:45:18 | 000,100,936 | ---- | C] () -- C:\Windows\Sysnative\Setupempdrvx64.Exe
[2013/08/22 04:45:18 | 000,087,112 | ---- | C] () -- C:\Windows\Syswow64\Setupempdrv03.Exe
[2013/08/22 04:45:18 | 000,019,840 | ---- | C] () -- C:\Windows\Syswow64\Euepmgdi.Dll
[2013/08/22 04:45:18 | 000,017,480 | ---- | C] () -- C:\Windows\Sysnative\Epmntdrv.Sys
[2013/08/22 04:45:18 | 000,009,800 | ---- | C] () -- C:\Windows\Sysnative\Eugdidrv.Sys
[2013/08/22 04:45:17 | 000,013,896 | ---- | C] () -- C:\Windows\Syswow64\Epmntdrv.Sys
[2013/08/22 04:45:17 | 000,009,160 | ---- | C] () -- C:\Windows\Syswow64\Eugdidrv.Sys
[2013/08/22 03:47:19 | 000,001,458 | ---- | C] () -- C:\Users\Mike\Desktop\Epm_Winpe - Shortcut.Lnk
[2013/08/19 16:21:42 | 000,003,218 | ---- | C] () -- C:\Users\Mike\Desktop\Avastlicense_16265891.Avastlic
[2013/08/17 16:38:17 | 000,047,977 | ---- | C] () -- C:\Users\Mike\Desktop\Malware Removal Tools .Htm
[2013/08/17 10:32:30 | 000,002,019 | ---- | C] () -- C:\Users\Mike\Desktop\Things Todo.Lnk
[2013/08/16 21:35:52 | 000,042,275 | ---- | C] () -- C:\Users\Mike\Desktop\Setting Up A Win7_Win8 Dual-Boot System.Htm
[2013/05/28 16:29:19 | 000,007,636 | ---- | C] () -- C:\Users\Mike\Appdata\Local\Resmon.Resmoncfg
[2012/12/21 03:11:12 | 000,001,674 | ---- | C] () -- C:\Windows\Sandboxie.Ini
[2012/12/05 21:05:32 | 000,000,162 | ---- | C] () -- C:\Windows\Reimage.Ini
[2012/11/04 07:42:54 | 000,000,193 | ---- | C] () -- C:\Windows\Wordpad.Ini
========== Zeroaccess Check ==========
[2012/07/14 19:11:12 | 000,000,596 | ---- | M] () -- C:\Users\Mike\Appdata\Roaming\Mozilla\Firefox\Profiles\8Pslopri.Default\Extensions\{Ada4B710-8346-4B82-8199-5De2B400A6Ae}\Defaults\Printing\Icons\@.Png
[2009/07/14 05:55:00 | 000,000,227 | Rhs- | M] () -- C:\Windows\Assembly\Desktop.Ini
[Hkey_Current_User\Software\Classes\Clsid\{42Aedc87-2188-41Fd-B9A3-0C966Feabec1}\Inprocserver32] /64
[Hkey_Current_User\Software\Classes\Wow6432Node\Clsid\{42Aedc87-2188-41Fd-B9A3-0C966Feabec1}\Inprocserver32]
[Hkey_Current_User\Software\Classes\Clsid\{Fbeb8A05-Beee-4442-804E-409D6C4515E9}\Inprocserver32] /64
[Hkey_Current_User\Software\Classes\Wow6432Node\Clsid\{Fbeb8A05-Beee-4442-804E-409D6C4515E9}\Inprocserver32]
[Hkey_Local_Machine\Software\Classes\Clsid\{42Aedc87-2188-41Fd-B9A3-0C966Feabec1}\Inprocserver32] /64
"" = C:\Windows\Sysnative\Shell32.Dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"Threadingmodel" = Apartment
[Hkey_Local_Machine\Software\Wow6432Node\Classes\Clsid\{42Aedc87-2188-41Fd-B9A3-0C966Feabec1}\Inprocserver32]
"" = %Systemroot%\System32\Shell32.Dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"Threadingmodel" = Apartment
[Hkey_Local_Machine\Software\Classes\Clsid\{5839Fca9-774D-42A1-Acda-D6A79037F57F}\Inprocserver32] /64
"" = C:\Windows\Sysnative\Wbem\Fastprox.Dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"Threadingmodel" = Free
[Hkey_Local_Machine\Software\Wow6432Node\Classes\Clsid\{5839Fca9-774D-42A1-Acda-D6A79037F57F}\Inprocserver32]
"" = %Systemroot%\System32\Wbem\Fastprox.Dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"Threadingmodel" = Free
[Hkey_Local_Machine\Software\Classes\Clsid\{F3130Cdb-Aa52-4C3A-Ab32-85Ffc23Af9C1}\Inprocserver32] /64
"" = C:\Windows\Sysnative\Wbem\Wbemess.Dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"Threadingmodel" = Both
[Hkey_Local_Machine\Software\Wow6432Node\Classes\Clsid\{F3130Cdb-Aa52-4C3A-Ab32-85Ffc23Af9C1}\Inprocserver32]
========== Lop Check ==========
[2013/09/04 19:33:53 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\3M
[2013/08/28 23:47:55 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Acronis
[2013/05/23 16:02:15 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Avg
[2013/08/29 23:41:28 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Donationcoder
[2013/05/12 00:02:12 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Downloaded Installations
[2013/09/04 21:02:41 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Epson
[2013/05/12 00:05:51 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Fileopen
[2013/04/23 18:30:46 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Foxit Software
[2013/07/26 17:12:44 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Genie9
[2013/08/21 14:58:41 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Leadertech
[2013/05/12 00:24:38 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Nitro
[2013/09/06 11:10:58 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Nitro Pdf
[2013/09/11 04:06:25 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Openoffice
[2013/05/12 11:37:51 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Openoffice.Org
[2013/09/12 13:05:03 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Qfx Software
[2012/10/20 06:47:37 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Stardock
[2013/09/10 14:28:48 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Teamviewer
[2012/10/21 19:38:38 | 000,000,000 | ---D | M] -- C:\Users\Mike\Appdata\Roaming\Windows Live Writer
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 192 Bytes -> C:\Windows:Nlspreferences
@Alternate Data Stream - 137 Bytes -> C:\Programdata\Temp:0B4227B4
< End Of Report >